Simmonds Stewart Limited (we, us, our) complies with the Singapore Personal Data Protection Act 2012 (PDPA) and the New Zealand Privacy Act 1993 (the NZ Privacy Act) when handling personal information.
Personal information is information about an identifiable individual (a natural person), and includes personal data, personally identifiable information and equivalent information under applicable privacy and data protection laws.
We collect and hold two categories of personal information:
- personal information that we collect from or about our clients in the course of providing legal services to our clients (Client Information)
- personal information we collect from or about visitors to our website, people who download our templates, and people who subscribe to our newsletter.
We collect, use, disclose and protect Client Information in accordance with our terms of engagement, our duties under the New Zealand Law Society’s Rules of Conduct and Client Care for Lawyers, and any other specific arrangements we have agreed with our client.
The remainder of this policy sets out how we collect, use, disclose and protect personal information that is not Client Information.
This policy does not limit or exclude any of your rights under applicable law.
changes to this policy
We may change this policy by uploading a revised policy onto our website. The change will apply from the date that we upload the revised policy.
This policy was last updated on 17 July 2019.
who we collect your personal information from
We collect personal information about you from:
- you, when you provide that personal information to us, including via our website, through any registration or subscription process, through any contact with us (e.g. phone call or email), or when you buy or use our templates
- if you provide us with your LinkedIn (or other social media) details, from your LinkedIn (or other social media) account profile page, in accordance with any privacy settings you have set for that account
- third parties where you have authorised this or the information is publicly available.
If possible, we will collect personal information from you directly.
how we use your personal information
We use your personal information:
- to verify your identity
- to provide to you, and improve, our website, templates and newsletters
- to market our services and products to you, including electronically (e.g. by text or email)
- to bill you and process payments from you, including authorising and processing credit card transactions
- to protect and/or enforce our legal rights and interests, including defending any claim and verifying your compliance with any terms under which we have provided our website or templates to you
- for any other purpose authorised by you or applicable law.
how we disclose your personal information
Generally, we do not disclose personal information to third parties for them to use for their own purposes. However, we may disclose personal information to:
- any business that supports our website, templates and newsletters (including any person that hosts or maintains any underlying IT system or data centre that we use to provide our website, templates and newsletters) where necessary for that business to provide those services to us
- a person who can require us to supply your personal information (e.g. a regulatory authority)
- any other person authorised by applicable law (e.g. a law enforcement agency)
- any other person authorised by you.
international transfers of personal information
A business that supports our website, templates and newsletters may be located outside of New Zealand (the country where we are incorporated) or Singapore (where we have a branch office). This means that the personal information we collect may be transferred to, and stored in, a country outside of New Zealand or Singapore. If you are located in a country other than New Zealand or Singapore personal information we collect may also be transferred to, and stored in, and a country other than the country where you are located.
If you are located in Singapore and we transfer your personal information out of Singapore, we will comply with the PDPA in doing so. This includes obtaining your consent (unless an exception under the PDPA applies) and taking appropriate steps to ascertain that the foreign recipient organisation of the personal information is bound by legally enforceable obligations to provide to the personal information that we transfer a standard of protection at least comparable to the protection under the PDPA.
protecting your personal information
We will take reasonable steps as required by applicable law to prevent your personal information being subject to unauthorised access, collection, use disclosure, copying, modification, disposal or similar risks.
accessing and correcting your personal information
Subject to certain grounds for refusal set out in the PDPA and/or NZ Privacy Act (as applicable), where we hold readily retrievable personal information about you, you have the right:
- to obtain confirmation of whether or not we hold that information
- to access that information
- to request a correction to that information.
If you would like to exercise any of the above rights, email us at [email protected] Before you exercise these rights, we will need evidence to confirm that you are the individual to whom the personal information relates. Your email should provide that evidence and set out the details of your request (e.g. the personal information, or the correction, that you are requesting).
In relation to a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction. If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction.
We may charge you our reasonable costs of providing to you copies of your personal information or correcting that information.
While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.
data retention policy
The personal information that we collect and use will not be kept longer than necessary for the purposes for which it is collected, or for the duration required for compliance with applicable law, whichever is longer.
This policy sets out how we collect, use, disclose and protect your personal information.
Simmonds Stewart complies with the New Zealand Privacy Act 1993 when dealing with personal information