Privacy Policy

1. Introduction

Pendara is committed to handling personal data responsibly and in compliance with the Singapore Personal Data Protection Act 2012 (PDPA). This policy explains what data we collect, how it is used, and your rights regarding that data.

We collect only the information necessary to deliver our legal services and to respond to enquiries. If you have questions, contact us at [email protected].

2. Data We Collect

We may collect the following categories of personal data:

• Contact information: name, email address, phone number
• Business information: company name, role, industry context relevant to your matter
• Matter information: details of your legal question or engagement shared with us
• Website interaction data: cookies and analytics data (see Section 5)
• Correspondence records: emails and written communications with our team

How data is collected: through our website contact form, direct email, telephone conversations, and documents shared in connection with an engagement.

Legal basis for processing: your consent (for enquiries and marketing), performance of a legal services contract, and our legitimate interests in operating a professional practice. We retain personal data for seven years following the close of an engagement, or as required by applicable legal professional obligations.

3. How We Use Your Data

• To respond to enquiries and assess whether we can assist
• To deliver the legal services you have engaged us for
• To fulfil statutory obligations (e.g. AML/KYC compliance)
• To manage billing and correspondence
• To improve our website and services using aggregated, anonymised analytics
• To send service-related communications (not marketing, unless separately consented to)

We do not sell personal data to third parties. We do not use personal data for automated profiling or AI-driven decision-making.

4. Data Sharing

We share personal data only where necessary:

• With legal counsel in other jurisdictions when coordinating cross-border engagements (under confidentiality obligations)
• With ACRA, MAS, or other Singapore regulatory bodies when required by law
• With our email and document management service providers, under data processing agreements
• With professional insurers and auditors for regulatory compliance purposes

Any third party receiving data from us is required to handle it in compliance with applicable data protection requirements.

5. Cookies

Our website uses cookies for essential functionality and optional analytics. Essential cookies are required for the site to operate. Analytics cookies help us understand how visitors use the site — they are optional and can be declined.

For full details and to manage your preferences, see our Cookie Policy.

6. Data Protection Measures

• Access to personal data is restricted to team members who require it for their work
• Electronic records are stored in password-protected, encrypted systems
• Physical documents containing personal data are stored securely and disposed of appropriately
• We conduct periodic reviews of our data handling practices
• In the event of a data breach, we will notify affected individuals and the Personal Data Protection Commission (PDPC) as required under the PDPA

7. Your Rights

Under the Singapore PDPA, you have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate or incomplete data
• Withdraw consent to the use of your data (where processing is based on consent)
• Request that we cease using your data for direct marketing purposes
• Lodge a complaint with the Personal Data Protection Commission (PDPC)

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days of receiving a written request.

8. Third-Party Links

Our website may contain links to external websites. We are not responsible for the privacy practices of those sites and encourage you to review their policies independently.

9. Children's Privacy

Our services are directed at businesses and individuals aged 18 or above. We do not knowingly collect data from persons under 18. If we become aware that such data has been submitted, it will be deleted promptly.

10. Policy Updates

We may update this policy from time to time. Material changes will be communicated by posting a revised version on this page with an updated date. Continued use of our services after a revision constitutes acceptance of the updated policy.

11. Contact for Data Enquiries