Privacy Policy
Quick Navigation
1. Introduction & Scope
Precedent ("we," "our," or "us") operates a legal research and case analysis platform that helps individuals and businesses understand how Singapore courts have historically ruled in cases similar to their situations. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you access or use our website, mobile applications, and related services (collectively, the "Services").
We are committed to protecting your privacy and complying with the Personal Data Protection Act 2012 (PDPA) of Singapore, as well as incorporating principles from international data protection frameworks including the European Union's General Data Protection Regulation ("GDPR") where applicable to our users.
By using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our Services. This policy applies to all users of our platform.
2. Data Controller Information
For the purposes of data protection legislation, the data controller responsible for your personal data is:
3. Information We Collect
3.1 Information You Provide Directly
We collect personal data that you voluntarily provide when using our Services:
| Category | Data Types | Purpose |
|---|---|---|
| Account Information | Name, email address, password (hashed), profile picture | Account creation and authentication |
| Consultation Data | Questionnaire responses, situation descriptions, legal issue details, uploaded documents | Providing case analysis and matching similar cases |
| Payment Information | Billing address, payment card details (processed by Stripe) | Processing payments for purchased products |
| Communication Data | Support inquiries, feedback, correspondence | Customer support and service improvement |
3.2 Information Collected Automatically
When you use our Services, we automatically collect certain technical and usage information:
| Category | Data Types | Retention |
|---|---|---|
| Device Information | Device type, operating system, browser type and version, screen resolution | 90 days |
| Log Data | IP address, access times, pages viewed, referring URL, click patterns | 90 days |
| Session Analytics | Time spent on questions, navigation patterns, completion rates, friction points | 1 year (aggregated) |
| Location Data | Country and city (derived from IP address, not precise GPS) | 90 days |
3.3 Information from Third Parties
We may receive personal data from third-party sources, including: (a) authentication providers when you sign in using OAuth services; (b) payment processors (Stripe) regarding transaction status; and (c) publicly available legal databases for case information.
4. Legal Basis for Processing
Under the PDPA and applicable data protection laws, we process your personal data based on the following legal grounds:
| Legal Basis | Processing Activities |
|---|---|
| Consent | Marketing communications, optional analytics, processing sensitive legal situation details |
| Contractual Necessity | Providing the Services, processing payments, managing your account, delivering case analysis results |
| Legitimate Interests | Improving our Services, fraud prevention, security monitoring, aggregated analytics for service enhancement |
| Legal Obligation | Complying with court orders, regulatory requirements, tax obligations, responding to lawful data requests |
5. How We Use Your Information
We use your personal data for the following purposes:
5.1 Service Delivery
We process your consultation data to analyze your legal situation, match it against our database of over 4,000 Singapore court cases, generate case analysis reports, calculate confidence scores, and identify relevant legal precedents. This includes using your questionnaire responses to understand the specific facts of your situation and provide tailored historical case comparisons.
5.2 Account Management
We use your account information to create and maintain your user account, authenticate your identity, manage your purchase history, and deliver your purchased products (such as Case Kits and add-ons).
5.3 Service Improvement
We analyze aggregated and anonymized usage data to improve our AI algorithms, enhance the accuracy of case matching, identify user experience friction points, optimize our questionnaire flow, and develop new features. This analysis helps us understand which questions are most effective and where users may need additional guidance.
5.4 Communications
We use your contact information to send service-related notifications (such as consultation completion alerts and account updates), respond to your inquiries, provide customer support, and, with your consent, send marketing communications about new features or services.
5.5 Legal and Safety
We may process your data to comply with legal obligations, enforce our Terms of Service, protect against fraudulent or unauthorized use of our Services, and ensure the security and integrity of our platform.
6. AI and Automated Processing
Important Notice About AI Processing
Our Services use artificial intelligence and large language models (LLMs) to analyze your legal situation and match it with historical cases. Please read this section carefully to understand how your data is processed by AI systems.
6.1 How AI Processes Your Data
When you use our consultation service, your questionnaire responses and situation description are processed by AI systems to: (a) classify your legal issue into appropriate categories (employment, contract, or commercial); (b) extract relevant legal keywords and concepts; (c) calculate similarity scores against our case database; (d) generate analysis summaries and identify key legal issues; and (e) produce confidence scores based on multiple factors including case match quality, data completeness, and precedent consistency.
6.2 Third-Party AI Services
We use third-party AI services to power certain features of our platform. When your data is processed by these services: (a) data is transmitted securely using encryption; (b) we have data processing agreements in place that prohibit the use of your data for training their models; (c) your data is not retained by these services beyond the processing session; and (d) we do not share your personal identifiers with AI service providers—only the content necessary for analysis.
6.3 Automated Decision-Making
Our AI systems make automated assessments including case category classification, similarity scoring, confidence level determination, and question prioritization. However, these automated processes do not make legally binding decisions about you. The outputs are informational only and are designed to help you understand historical court patterns, not to provide legal advice or determine legal outcomes.
6.4 Your Rights Regarding AI Processing
You have the right to: (a) request information about the logic involved in AI processing of your data; (b) request human review of AI-generated outputs; (c) object to certain automated processing; and (d) request that your data not be used for AI model improvement (though we do not use individual user data for model training). To exercise these rights, contact us at [email protected].
7. Data Sharing & Disclosure
We do not sell your personal data. We may share your information in the following circumstances:
7.1 Service Providers
We engage trusted third-party service providers who process data on our behalf, including: cloud hosting providers (for data storage and computing), payment processors (Stripe for payment handling), email service providers (for transactional communications), analytics providers (for aggregated usage analysis), and AI service providers (for natural language processing). All service providers are bound by data processing agreements that require them to protect your data and use it only for the specified purposes.
7.2 Professional Referrals (With Consent)
If you choose to share your Case Kit or consultation data with a legal professional (for example, by downloading and forwarding your PDF report), you do so at your own discretion. We do not automatically share your data with any third-party law firms or legal professionals without your explicit action.
7.3 Business Transfers
In the event of a merger, acquisition, reorganization, or sale of assets, your personal data may be transferred as part of the transaction. We will notify you of any such change and any choices you may have regarding your data.
7.4 Legal Requirements
We may disclose your personal data if required by law, court order, or government regulation, or if we believe disclosure is necessary to: (a) comply with legal process; (b) protect our rights, property, or safety; (c) prevent fraud or illegal activity; or (d) protect the rights of third parties.
7.5 Aggregated Data
We may share aggregated, anonymized data that cannot reasonably be used to identify you for research, analysis, or business purposes. For example, we may publish statistics about case outcome patterns or user demographics.
8. Additional Data Sharing Details
8.1 Your Case Kit and Reports
Your purchased Case Kits, evidence checklists, timelines, and other generated reports are stored securely and accessible only to you through your account. We do not share the contents of your reports with other users or third parties. If you choose to download and share your PDF report with a lawyer or other party, that sharing is under your control.
8.2 Guest Purchases
If you make a purchase as a guest (without creating an account), we will create an account using the email address you provide at checkout. You will receive an email with a link to claim your account and set a password. Your consultation data and purchased products will be associated with this account.
8.3 Important Note on Legal Privilege
Information you share with Precedent is not subject to attorney-client privilege, as Precedent is a technology platform and not a law firm. If you subsequently share your Case Kit with a lawyer and establish an attorney-client relationship, privilege may attach to communications with that lawyer, but not retroactively to information processed by our platform.
9. International Data Transfers
Your personal data may be transferred to and processed in countries other than Singapore, including countries where our service providers operate. When we transfer data internationally, we ensure appropriate safeguards are in place, including: (a) transfers to countries with adequate data protection laws as recognized by Singapore's data protection authority; (b) standard contractual clauses approved for international transfers; (c) binding corporate rules for transfers within corporate groups; and (d) your explicit consent where required.
Our primary data processing occurs in Singapore and secure cloud infrastructure regions. AI processing may occur in data centers located in the United States, European Union, or Asia-Pacific region, depending on service availability and performance optimization.
10. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:
| Data Type | Retention Period | Reason |
|---|---|---|
| Account Information | Duration of account + 2 years | Account management and reactivation |
| Consultation Data | 7 years from completion | Legal limitation periods and user access |
| Payment Records | 7 years | Tax and accounting requirements |
| Usage Analytics | 90 days (raw), 3 years (aggregated) | Service improvement |
| Support Communications | 3 years | Quality assurance and dispute resolution |
| Consent Records | Duration of consent + 7 years | Compliance documentation |
Upon account deletion request, we will delete or anonymize your personal data within 30 days, except for data we are required to retain for legal, tax, or regulatory purposes. Anonymized data that cannot be used to identify you may be retained indefinitely for research and analytics.
11. Data Security
We implement comprehensive technical and organizational security measures to protect your personal data:
11.1 Technical Measures
Our security infrastructure includes: encryption of data in transit using TLS 1.3, encryption of data at rest using AES-256, secure password hashing using bcrypt with appropriate work factors, regular security assessments and penetration testing, intrusion detection and prevention systems, automated vulnerability scanning, and secure development practices following OWASP guidelines.
11.2 Organizational Measures
We maintain strict access controls including: role-based access to personal data on a need-to-know basis, employee training on data protection and security, confidentiality agreements with all staff and contractors, regular access reviews and audit logging, incident response procedures and breach notification protocols, and vendor security assessments for third-party providers.
11.3 Your Security Responsibilities
You are responsible for: maintaining the confidentiality of your account credentials, using strong and unique passwords, logging out of shared devices, notifying us immediately of any unauthorized access, and keeping your contact information current for security notifications.
12. Your Rights Under PDPA
Under Singapore's Personal Data Protection Act 2012 (PDPA) and applicable international laws, you have the following rights:
| Right | Description | How to Exercise |
|---|---|---|
| Access | Request a copy of your personal data we hold | Dashboard → Settings → Export Data, or email [email protected] |
| Correction | Request correction of inaccurate or incomplete data | Dashboard → Profile, or email [email protected] |
| Withdrawal of Consent | Withdraw consent for specific processing activities | Dashboard → Privacy Settings, or email [email protected] |
| Deletion | Request deletion of your personal data | Dashboard → Settings → Delete Account, or email [email protected] |
| Data Portability | Receive your data in a structured, machine-readable format | Dashboard → Settings → Export Data (JSON format) |
| Objection | Object to processing based on legitimate interests | Email [email protected] with details |
We will respond to your request within 30 days. In complex cases, we may extend this period by an additional 30 days with notice. We may charge a reasonable fee for manifestly unfounded or excessive requests. We may require identity verification before processing your request.
12.1 Complaints
If you believe we have not handled your personal data properly, you have the right to lodge a complaint with Singapore's data protection authority. We encourage you to contact us first so we can address your concerns directly.
14. Children's Privacy
Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at [email protected], and we will take steps to delete such information.
15. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will: (a) update the "Last Updated" date at the top of this policy; (b) notify you by email if you have an account; (c) display a prominent notice on our website; and (d) where required by law, obtain your consent to the changes. We encourage you to review this policy periodically.
16. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Precedent Pte. Ltd.
Data Protection Officer
Email: [email protected]
Address: Singapore
For urgent data protection matters, please include "URGENT: Data Protection" in your email subject line.