Legal

Privacy Policy

Last Updated: 12 May 2025 · Effective Date: 12 May 2025

1. Introduction

Harmoni ("we", "us", "our") is committed to handling personal information with care and discretion. This policy explains what information we collect, how we use it, how we protect it, and what rights you have in relation to it.

This policy applies to all individuals who visit our website at harmonimy.sbs, contact us by phone or email, or engage us for legal services. It should be read alongside our Terms & Conditions and Cookie Policy.

For questions about this policy, please contact us at [email protected].

2. Data We Collect

We may collect and process the following categories of personal data:

Identity data: name, preferred form of address
Contact data: email address, telephone number, postal address
Matter data: information you share with us in connection with your legal matter, which may include sensitive personal information about family relationships, finances, or children
Technical data: IP address, browser type, pages visited, visit duration — collected via analytics cookies if consented to
Communication data: records of correspondence, enquiries submitted through the website contact form

3. How We Collect Your Data

We collect data through the following means:

Enquiries submitted via the website contact form
Direct correspondence by email or telephone
In-person or remote consultations you book with us
Cookies and analytics tools on our website, where you have consented

4. Legal Basis for Processing

We process your personal data on one or more of the following bases under the Personal Data Protection Act 2010 (PDPA) of Malaysia:

Consent: where you have given clear consent for a specific purpose (e.g. analytics cookies)
Contract: where processing is necessary for the provision of legal services you have engaged us for
Legitimate interests: where we have a genuine business reason that is not overridden by your interests (e.g. maintaining records of correspondence)
Legal obligation: where we are required to retain or share data by applicable law

5. How We Use Your Data

To respond to your enquiries and provide the services you request
To manage your legal matter and prepare documentation on your behalf
To communicate with you about your case, appointments, and billing
To comply with our obligations under Malaysian law and Bar Council regulations
To improve our website and understand how it is used (analytics, if consented)

We do not use your personal data for unsolicited marketing. We will not sell, rent, or otherwise transfer your data to third parties for their own purposes.

6. Data Sharing

We share personal data only in the following limited circumstances:

Courts and tribunals: where required as part of conducting your legal matter
Opposing parties and their representatives: to the extent necessary and permitted in connection with your matter
Third-party service providers: such as secure cloud storage or communication platforms, bound by confidentiality agreements
Regulatory authorities: where required by law or Bar Council regulations

7. Data Retention

We retain client matter files for a minimum of seven years following the conclusion of a matter, in accordance with Malaysian Bar Council guidelines. Enquiries that do not result in an engagement are retained for twelve months. Analytics data, if collected, is retained for up to twenty-four months.

After the relevant retention period, data is securely deleted or anonymised.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. These include:

Encrypted storage of client files
Access controls limiting who can view matter data within the practice
Secure email communication for sensitive correspondence
Regular review of our data handling practices

In the event of a data breach that is likely to result in risk to your rights and freedoms, we will notify you and the relevant authorities in accordance with applicable law.

9. Cookies

We use cookies on our website. Essential cookies are required for the site to function. We use optional analytics cookies only with your consent. For full details, please see our Cookie Policy.

10. Your Rights Under PDPA

Under the Personal Data Protection Act 2010, you have the right to:

Access the personal data we hold about you
Request correction of inaccurate or incomplete data
Withdraw consent where processing is based on consent
Limit the processing of your data in certain circumstances
Lodge a complaint with the Department of Personal Data Protection (JPDP) Malaysia if you believe we have not handled your data appropriately

To exercise any of these rights, please contact us at [email protected].

11. External Links

Our website may contain links to external sites. We are not responsible for the privacy practices of those sites and encourage you to review their respective policies.

12. Children

Our website is not directed at children under the age of 18. We do not knowingly collect personal data from minors. If you believe a child has submitted data to us without appropriate consent, please contact us and we will remove it promptly.

13. Changes to This Policy

We may update this policy from time to time. Material changes will be noted on this page with an updated effective date. Continued use of our website following a change constitutes your acknowledgment of the revised policy.

14. Contact Us

For any questions or concerns about this policy or your personal data:

Harmoni
Suite 10-2, Wisma UOA II, Jalan Pinang, 50450 Kuala Lumpur
Email: [email protected]
Phone: +60 3-7426 8195