S Sinar Legal

Legal Documents

Privacy Policy

This policy describes how Sinar Legal collects, uses, and safeguards personal data provided to us through our website and professional engagement process.

Last Updated: 3 February 2026  ·  Effective Date: 3 February 2026

1. Introduction

Sinar Legal ("we", "us", "our") is committed to protecting the privacy and personal data of every individual who interacts with our firm. This Privacy Policy governs the collection and handling of personal data through our website at https://sinarleg.pro and through our professional intake and advisory processes.

We operate in compliance with the Personal Data Protection Act 2010 (PDPA) of Malaysia and adhere to professional confidentiality obligations under the Legal Profession Act 1976. Questions regarding this policy may be directed to [email protected].

2. Data Controller

The data controller responsible for your personal data is:

Sinar Legal

Level 6, Wisma Sinar, Jalan Raja Chulan, 50200 Kuala Lumpur, Wilayah Persekutuan, Malaysia

Email: [email protected]

Phone: +60 3-2348 6912

3. Personal Data We Collect

We collect personal data only to the extent necessary for a clear and lawful purpose. The categories of data we may collect include:

  • Identity data: Full name, as provided in enquiry forms or engagement correspondence.
  • Contact data: Email address, telephone number, and postal or business address.
  • Matter data: Background information relating to a potential or actual dispute, provided voluntarily by the enquirer.
  • Technical data: IP address, browser type, pages visited, and session duration, collected automatically via analytics tools.
  • Preference data: Cookie consent choices stored locally in your browser.

We do not solicit or intentionally collect sensitive personal data (as defined under the PDPA) through our website contact forms.

4. Legal Basis and Purposes of Processing

Purpose Data Used Legal Basis (PDPA)
Responding to an enquiry or consultation request Identity, Contact, Matter Consent / Pre-contractual steps
Performing legal services under a retainer Identity, Contact, Matter Performance of contract
Website analytics and performance improvement Technical Legitimate interest / Consent
Legal compliance and record-keeping Identity, Contact Legal obligation

5. Retention Periods

We retain personal data only for as long as necessary for the purpose for which it was collected:

  • Enquiry data where no retainer is formed: up to 12 months from the date of enquiry.
  • Matter and client data under a concluded retainer: 7 years following closure of the matter, in compliance with professional and statutory requirements.
  • Analytics data: aggregated and anonymised within 26 months.

6. Data Sharing and Third Parties

We do not sell or trade personal data. We may share data only in the following circumstances:

  • Service providers: Hosting, email infrastructure, and analytics partners (including Google Analytics) operating under data processing agreements.
  • Regulatory authorities: Where disclosure is required by Malaysian law, court order, or Bar Council Malaysia rules.
  • Instructed counsel or co-counsel: Only with your explicit consent and within the scope of your matter.

All third parties are required to handle personal data with an equivalent standard of care.

7. Data Security

We have implemented appropriate organisational and technical measures to protect personal data against unauthorised access, loss, or misuse:

TLS/SSL encryption for all data in transit on our website
Encrypted storage and access-controlled servers
Restricted internal access on a need-to-know basis
Breach notification procedures in place for timely response

8. Cookies

Our website uses cookies to support basic functionality and to understand how visitors engage with our content. Cookie categories include essential, analytics, marketing, and preference cookies. You can manage or withdraw cookie consent at any time. For full details, please review our Cookie Policy.

9. Your Rights Under the PDPA

As a data subject under Malaysian law, you are entitled to:

Access

Request confirmation of whether we hold data about you and obtain a copy.

Correction

Request correction of inaccurate or incomplete personal data.

Withdrawal of Consent

Withdraw consent to processing at any time, without affecting prior lawful processing.

Limit Processing

Request that we cease or restrict use of your personal data for direct marketing purposes.

To exercise any of these rights, contact us at [email protected]. We will respond within 21 days. Where a request is complex or numerous, we may extend this by a further 30 days with notice.

10. Children's Data

Our services are directed at businesses and individuals aged 18 and above. We do not knowingly collect personal data from minors. If we become aware that data relating to a minor has been submitted without appropriate parental authority, we will delete it promptly.

11. Third-Party Links

Our website may contain links to external websites. Sinar Legal is not responsible for the privacy practices or content of those sites. We encourage you to read the privacy policies of any third-party site you visit.

12. Supervisory Authority

If you believe we have not handled your personal data in accordance with the PDPA, you may lodge a complaint with the Department of Personal Data Protection Malaysia (JPDP):

Jabatan Perlindungan Data Peribadi (JPDP)

Aras 17, Menara Cyber Axis, Jalan Impact, 63000 Cyberjaya, Selangor, Malaysia

Website: www.pdp.gov.my

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with a revised "Last Updated" date. Where required by law, we will notify affected individuals directly. Continued use of our website following any update constitutes acceptance of the revised policy.

Privacy Enquiries

For any questions about this policy or to exercise your data rights, please contact our privacy team.

[email protected] Contact Form