top of page
our-team.png

Privacy Policy

Home

Privacy Policy

​our Commitment To You

Nair, Jen & Tan LLC (“NJT”, “we” “our” or “us”) respects your privacy and takes its data protection responsibilities seriously. We recognise the importance of the personal data which has been entrusted to us, and are committed to managing, protecting and processing your personal data in accordance with the Personal Data Protection Act 2012 ("PDPA") and other applicable laws.

 

This Data Protection and Privacy Policy (“Privacy Policy”) explains how we collect, use, disclose, store and safeguard personal data in the course of providing our legal and related services. It also sets out how you may exercise your rights under the PDPA.

 

This Privacy Policy operates alongside any other privacy or data protection notices, policies, or terms we provide or make available to you, including our Standard Terms and Conditions where relevant.

 

Please be aware that NJT may update this Privacy Policy periodically to comply with legal requirements, regulatory guidance and industry standards. Subject to your legal rights, you agree to be governed by the then-current terms of this Privacy Policy.

Types Of Personal Data

In this Privacy Policy, “personal data” refers to any data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time. 

 

The personal data we collect depends on your relationship with us and the matter at hand. It may include:

 

  • Identity Data: Name, NRIC/FIN/Passport number (collected only where required by law or necessary to accurately establish identity), nationality, gender and date of birth.

  • Contact Data: Residential address, email address, and telephone numbers.

  • Professional Data: Employment history, job title, directorships, and professional memberships.

  • Financial Data: Banking details, payment records and information necessary for invoicing, fund transfers or disbursements.

  • Matter Data: Information specifically provided to us for the purpose of legal representation (which may include sensitive details regarding family, health, or criminal proceedings), and may include records of interactions (e.g., meeting notes, call recordings and transcripts, and emails).

  • Technical Data: IP addresses, cookies, and device information when you visit our website.

 

We may obtain personal data directly from you, your authorised representatives, public resources, counterparties, advisors, referrers, or third-party service providers (e.g., due diligence vendors), or in the course of our legal work.

 

If you provide us with personal data of another individual, you confirm that you have the authority to do so and that the individual has been informed of our use of their data.

How And Why We Collect Personal Data 

Retention

We retain personal data for as long as is necessary to fulfil the purposes for which it was collected and to satisfy legal, regulatory, professional, operational, or archiving requirements. Retention periods vary depending on the matter type, limitation periods, our professional obligations and business needs. When personal data is no longer needed, we will take reasonable steps to securely delete, anonymise or de-identify it.

Our website uses essential and functional cookies to operate efficiently. We may also use analytics cookies to understand usage patterns and improve site performance.

 

You may disable cookies through your browser settings, although certain site features may not function optimally.

 

Our site may contain links to third-party websites with different privacy practices. We are not responsible for those sites and encourage you to review their privacy policies.

Protection And Security

Your Rights And How To Exercise Them

Purposes For Collection, Use And Disclosure Of Personal Data

Disclosure Of Personal Data

Contact Us

We implement reasonable technical and organisational measures to protect personal data against unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, and to prevent loss of storage media/devices. Measures typically include access controls and need-to-know restrictions, encryption in transit and at rest where appropriate, network security and monitoring, secure configuration and patching, vendor and change management, staff confidentiality and training, secure disposal, and incident response procedures. The level of safeguards is risk-based and proportionate to the sensitivity and volume of data.

This Privacy Policy shall be governed in all respects by the laws of the Republic of Singapore

We may collect personal data when you:

 

  • engage us to provide legal or related services;

  • communicate with us by phone, email, messaging platforms or in person;

  • submit documents, forms or instructions;

  • access our website or digital services;

  • attend meetings, webinars, seminars or events organised by us; and/or

  • apply for a role with the Firm.

 

We may also collect data from third-party sources such as other law firms, financial institutions, regulatory bodies, counterparties, or publicly accessible registries where required for your matter.

To provide effective legal representation, we may need to disclose your data to the following third parties:

 

  • professional advisers, consultants or experts engaged for your matters;

  • service partners such as IT service providers, cloud storage providers, document management vendors, courier services and administrative support providers;

  • counterparties, law firms, financial institutions or regulatory bodies involved in your matter;

  • insurers, auditors and external legal counsel;

  • courts, tribunals, government agencies or law enforcement authorities where required by law;

  • any person to whom disclosure is necessary to protect our legal rights, property or safety, or that of our clients or others; and/or

  • any other party to whom we are authorised to disclose your personal data to.

 

In the digital age, data may be processed outside Singapore (e.g., via cloud servers or when dealing with foreign counsel). If we transfer your data overseas, we ensure (before transferring your personal data overseas) that the recipient is legally bound to provide a standard of protection comparable to the PDPA, typically through contractual safeguards. 

Our Use Of Cookies, Analytics And Online Technologies

Governing Law

We process personal data for purposes that a reasonable person would consider appropriate in the circumstances. These include:

 

  • Providing legal and related services (advisory, transactional, dispute resolution, filings, know-your-client and conflicts checks, matter management). 

  • Managing our relationship with you (engagement, onboarding, invoicing, collections, communications, feedback). 

  • Complying with laws, regulations, professional rules and lawful requests (including anti money laundering, sanctions, tax, audit, court or regulator directions). 

  • Ensuring security (premises security, CCTV, IT/network security, access controls, incident response). 

  • Operating and improving our business (quality assurance, training, service improvement, practice management, analytics that do not require consent under PDPA exemptions). 

  • Organising events and sending legal updates or invitations, where permitted by law and the Do Not Call rules. 

  • Managing vendors and service providers. 

  • Recruitment, employment administration and human resources (where applicable).

  • any other lawful purposes, or purpose permitted or required by law.

 

In relation to particular services or in your interactions with us, we may also have specifically notified you of other purposes for which we collect, use or disclose your personal data. If so, we will collect, use and disclose your personal data for these additional purposes as well, unless we have specifically notified you otherwise.

You may exercise the following rights under the PDPA

 

  • Access: You may request access to your personal data and information on how it has been used or disclosed in the past year, subject to PDPA exceptions (e.g., legal privilege, confidential commercial information, evaluative data, ongoing investigations). We may charge a reasonable fee and will provide a written fee estimate before processing. 

 

  • Correction: You may request correction of errors or omissions. We generally do not charge a fee for corrections and will send corrected data to organisations to whom it was disclosed in the past year where relevant.

 

  • Withdrawal of Consent: You may withdraw consent (including deemed consent) at any time. We will inform you of any likely consequences. If you withdraw consent for purposes that we require to provide services, we may be unable to continue the engagement. 

 

  • Data Portability: A statutory data portability obligation under the PDPA will take effect at a future date. We will comply once in force, subject to applicable conditions and exceptions.

 

We aim to respond as soon as reasonably possible and, where practicable, within 30 days. Requests can be made to our DPO using the contact details below. We will need sufficient information to verify your identity and understand your request.

If you have any questions, requests or complaints about your personal data or this Privacy Policy, please contact:

 

Data Protection Officer 

Nair, Jen & Tan LLC

Email: suresh.nair@mayerbrown.com

Telephone: +65 6827 5553

Please provide your full name, contact details and a brief description of your request so we can assist you promptly. We aim to respond to all requests within 30 days. If we require more time, we will notify you of the estimated timeline.

bottom of page