Privacy policy.

We at Oon & Bazul LLP recognise and respect your privacy, and strive to properly manage, protect and process the personal data you have entrusted to us.

Our policy explains how we collect, use, disclose and/or process your personal data. This policy is provided in accordance with the Personal Data Protection Act 2012 (the “PDPA”) and may be updated from time to time.

Collection, Use, Disclosure and Processing of Personal Data

“Personal data” refers to all data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time. Such data includes but is not limited to contact information (e.g. name, address, telephone number and email address) and billing information (e.g. bank account details, NRIC, passport or other equivalent identification number).

How we collect your personal data

We collect your personal data in several ways, including but not limited to the following:

  •   From the information provided to us when you meet us;
  •   Through forms of electronic communication such as telephone, fax or email. In this respect, we may monitor, record and store any such communication;
  •   When you complete (or we complete on your behalf) client on-boarding or application or other forms;
  •   From publicly available sources, search engines, databases, or from third parties. This occurs most frequently when we are required to conduct background checks on you.

The categories of personal data that we collect

We collect the following categories of personal data about you:

  •   Contact information such as your name, your home or business address, email address and phone number,
  •   Information relating to your identity such as your birth date, nationality, and/or your passport number or identity card details;
  •   Financial information such as your bank account details, income, expenditure, assets and liabilities and/or your sources of wealth;
  •   Your goals and objectives in procuring our services;
  •   Background information about your education, employment, interests, family or personal circumstances, where relevant; and
  •   Information necessary to determine whether you represent a politically exposed person or money laundering risk.

The basis for processing your personal data (other than with your consent) and how we may employ and share that personal data

(a) Performance of a contract with you

We may process your personal data to perform our side of a contract with you, or in order to take steps prior to entering into a contract with you.

Several instances of such processing include:

  •   To prepare a letter of engagement for you setting out the services that we offer;
  •   To provide you with the services as set out in our letter of engagement with you or as may be otherwise agreed with you;
  •   To prepare legal documents relating to our contract with you;
  •   To address any feedback or complaints that you may have;
  •   For other necessary purposes such as procuring payment or negotiating the scope of work required of us.

We may disclose or share your personal data with or transfer it to the following:

  •   Third parties that may assist us in providing our services to you, including our associate firm T S Oon & Partners and other affiliates, service providers and agents, or professional advisers such as auditors, accountants, data storage providers or IT personnel;
  •   Your agents, advisers, intermediaries, and custodians of your assets who you tell us about.

(b) Legitimate interests

We may also process your personal data where necessary for our legitimate business interests.

Several instances of such processing include:

  •   The internal administration of our business, including but not limited to training and monitoring the performance of our staff and consolidating information and/or data;
  •   Accounting, audit, compliance, documentation, IT security and risk management purposes;
  •   Enforcing obligations owed to us;
  •   The prevention of fraud, and in particular anti-money laundering and Know-Your-Customer checks;
  •   Obtaining external advice on our obligations and rights,
  •   Sending out electronic publications such as alerts, announcements, legal updates, invitations and newsletters to you where you have previously indicated an interest;
  •   Organising seminars, events or other marketing activities; or
  •   Responding to your requests or enquiries.

We may disclose or share your personal data to third-party service providers, including but not limited to the following:

  •   Providers of hosting and maintenance services, commercial investigative work, analysis services, e-mail messaging services, delivery and courier services, payment processors, and data processors who assist to conduct due diligence checks etc;
  •   Our consultants and professional advisors such as accountants and auditors.

Where we provide your personal data to the persons mentioned above, we will do so only to the extent necessary for the performance of such services. Where your personal data is to be transferred out of Singapore, we will do so in accordance with the requirements prescribed under the PDA.

(c) Legal obligations

We may also process your personal data to ensure our compliance with legal obligations that we are subject to.

Several instances of the above include:

  •   Our regulatory, statutory and compliance obligations (such as compliance with anti-money laundering laws and the conduct of conflict searches / checks);
  •   Our obligations owed to the tax authorities;
  •   Our obligations to the courts and to any other legal authorities

We may disclose or share your personal data with the following:

  •   The select advisers whom we are obtaining assistance from;
  •   Our auditors in the discharge of their auditing function:

 We may disclose or share your personal data with the following:

  •   The select advisers whom we are obtaining assistance from;
  •   Our auditors in the discharge of their auditing function;
  •   The select third parties who we engage to conduct / perform background checks;
  •   Any relevant regulators or law enforcement agencies as the need arises.

There may be certain purposes / bases for collecting your data that are not specified above. If necessary, we will notify you of such other bases or purposes at the time of obtaining your consent, unless the processing of your personal data without your consent is permitted under the PDPA or any other written law.

If you are acting as an intermediary or otherwise on behalf of a third party or supply us with information regarding a third party (such as a friend, a colleague, an employee etc.), you undertake that you are an authorised representative or agent of such third party and that you have obtained all necessary consents from such third party to the collection, use, disclosure and processing by us of their personal data. As we are collecting the third party’s data from you, you undertake to make the third party aware of all matters listed in this policy.

Management and Handling of Personal Data

We will take it that all personal data provided by you is accurate and complete and that none of it is misleading or out of date. You should promptly update us when there are any changes to the personal data which you have initially provided, so as to ensure that we have the most current, accurate and complete information. We will not be responsible for relying on inaccurate or incomplete personal data arising from your failure to update us of any changes to the personal data which you have initially provided

We will protect your personal data that is in our possession or under our control by making reasonable security arrangements to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or any other similar risks.

We will cease to retain documents containing your personal data or remove the means by which your personal data can be associated with you, as soon as it is reasonable to assume that the purpose for which your personal data was collected is no longer being served by the retention of your personal data and retention is no longer necessary for legal or business purposes.

Changes to our Privacy Policy

We may amend this Policy from time to time and the amended Policy will be published on http://oonbazul.com/#/privacy-policy. Your continued interaction with us and our site / services indicates your acceptance of our amended Policy, which will apply to all personal data previously collected by us.

Contact Us

If you do not wish to accept the amended Policy. or wish to withdraw any consent that you have previously extended to us or to access, correct or update your personal data, or have any enquiries or suggestions about our collection and use of your personal data or this Policy, please contact our Data Protection Officer via email at [email protected].

Please note that we may be prevented by law from complying with any request that you may make. We may also decline any request that you may make if the law permits us to do so. Where we need to use your personal data to provide our services and/or fulfil our scope of work to you, and you opt not to accept the amended Policy or opt to withdraw your consent to our collection and processing of your personal data for these purposes, we may not be able to fulfil our scope of work to you and may have to terminate the engagement accordingly.