Privacy Policy

1. Introduction

Ravencourt ("we", "us", "our") is committed to handling personal data responsibly and in accordance with the Personal Data Protection Act 2010 (PDPA) of Malaysia. This Privacy Policy explains how we collect, use, store, and protect the personal data of individuals who interact with our firm — whether as clients, prospective clients, or visitors to our website.

If you have any questions about this policy or how your data is handled, please contact us at privacy@ravencourt.

2. Data We Collect

We may collect the following categories of personal data:

• Identity data: name, nationality, date of birth (where relevant to the matter)
• Contact data: email address, telephone number, postal address
• Matter-related data: information you share in connection with a legal enquiry or engagement
• Website usage data: IP address, browser type, pages visited, session duration (collected via analytics cookies where consent is given)
• Communication records: records of correspondence and enquiries submitted through our website or by email

We collect this information when you submit an enquiry through our website, communicate with the firm directly, or enter into an engagement with us.

3. Legal Basis and Purpose of Processing

We process personal data on the following legal bases:

• Contractual necessity: to deliver legal services under an engagement letter
• Legitimate interests: to manage enquiries, communicate with prospective clients, and operate the firm professionally
• Consent: for analytics cookies and optional marketing communications, where you have provided explicit agreement
• Legal obligation: to comply with applicable Malaysian law and professional obligations

Data collected through our website contact form is used solely to respond to your enquiry and, if an engagement follows, to facilitate legal services.

4. Data Retention

Personal data collected in connection with a legal engagement is retained for a minimum of seven years following the conclusion of the matter, in accordance with professional obligations under the Legal Profession Act 1976. Contact data submitted through our website enquiry form but not followed by an engagement is retained for 12 months and then deleted. Analytics data is retained in accordance with the terms of the relevant analytics platform, subject to applicable consent.

5. Data Sharing

We do not sell personal data. We may share data in the following circumstances:

• With legal counterparts in other jurisdictions where cross-border coordination is required for your matter (typically estate planning matters)
• With regulatory authorities where we are required by law or professional obligation to disclose information
• With IT service providers operating our secure systems, under appropriate data processing agreements

Any third parties who receive personal data are required to handle it securely and in accordance with applicable data protection law.

6. Data Protection Measures

Client files and communications are stored on encrypted systems with access controlled on a need-to-know basis. External communications are handled through secure channels. We conduct regular reviews of our data handling processes and update procedures where necessary. In the event of a data breach that poses a risk to affected individuals, we will notify the relevant supervisory authority and affected individuals in accordance with applicable requirements.

7. Cookies

Our website uses cookies. Essential cookies are required for the site to function and cannot be disabled. Optional analytics and preference cookies are only set where you have provided consent. You can manage your cookie preferences at any time through our Cookie Policy page.

8. Your Rights

Under the PDPA and applicable data protection principles, you have the right to:

• Request access to the personal data we hold about you
• Request correction of inaccurate personal data
• Request deletion of your data (subject to legal retention requirements)
• Withdraw consent for any processing based on consent
• Object to processing based on legitimate interests
• Lodge a complaint with the Department of Personal Data Protection Malaysia

To exercise any of these rights, contact us at privacy@ravencourt. We will respond within 21 days.

9. Third-Party Links

Our website may contain links to external websites. We are not responsible for the privacy practices of those sites. We encourage you to review the privacy policies of any external site you visit.

10. Children's Privacy

Our services are directed at individuals aged 18 and above. We do not knowingly collect personal data from persons under 18. If you believe we have inadvertently collected such data, please contact us so that we can delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via a notice on our website. The date at the top of this document indicates when it was last revised. Continued use of our website after an update constitutes acceptance of the revised policy.

12. Contact

Data Controller: Ravencourt
Address: 35 Jalan Dang Wangi, 50100 Kuala Lumpur, Malaysia
Email: privacy@ravencourt
Phone: +60 3-2648 3091