Luminos Law Contact Us

Privacy Policy

Last Updated: 10 February 2026

1. Introduction

Luminos Law ("we", "us", "our") is committed to protecting the privacy of individuals who interact with our practice. This Privacy Policy explains how we collect, use, store, and share personal data in connection with our legal services and this website.

This policy applies to all personal data we receive, whether through our website, email correspondence, phone calls, or in-person meetings. It is designed to comply with Malaysia's Personal Data Protection Act 2010 (PDPA).

If you have questions about this policy, you may contact us at [email protected].

2. Data We Collect

We collect personal data only when it is necessary to provide our services or operate our website. The types of data we may collect include your name and contact details (email address, phone number, mailing address), information you provide when submitting an enquiry through our website, details relevant to the legal matter you engage us for, billing and payment information, and technical data such as IP addresses and browser type collected through website cookies.

We collect this data directly from you when you fill in our contact form, email us, call us, or provide documents as part of an engagement.

3. How We Use Your Data

We use personal data for the following purposes: to respond to your enquiries and communicate with you about potential or existing engagements, to provide the legal services you have engaged us for, to process payments and maintain financial records, to comply with legal and regulatory obligations, to improve our website and services, and to send you information about our services where you have consented to receive such communications.

We process your data on the basis of your consent, the performance of a contract between us, our legitimate interests in operating our practice, or compliance with legal obligations — depending on the specific context.

4. Data Sharing

We do not sell, rent, or trade your personal data. We may share your information with third parties only in limited circumstances: with service providers who help us operate our practice (such as IT support and cloud storage providers), with regulatory bodies or courts where required by law, with your explicit consent, or where necessary to protect our legitimate interests or the interests of others.

Any third-party service providers we work with are required to handle your data in accordance with applicable data protection laws.

5. Data Security

We take reasonable steps to protect your personal data from unauthorised access, loss, misuse, or alteration. Our security measures include encrypted communications for sensitive data, access controls limiting who within our team can view client files, secure storage of physical documents, regular review of our data handling practices, and use of reputable cloud service providers with strong security standards.

While we take care to protect your data, no method of transmission or storage is completely secure. In the event of a data breach that poses a risk to your rights, we will notify the relevant authorities and affected individuals as required by law.

6. Cookies

Our website uses cookies to improve your browsing experience. For detailed information about the types of cookies we use and how you can manage them, please see our Cookie Policy.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected or as required by law. For client engagement files, we typically retain records for a period of seven years after the conclusion of the matter, in line with professional obligations and limitation periods under Malaysian law. Website enquiry data is retained for up to twelve months unless it leads to a formal engagement.

8. Your Rights

Under Malaysia's PDPA, you have certain rights regarding your personal data. You may request access to the personal data we hold about you, request correction of inaccurate or incomplete data, withdraw your consent to data processing (where consent was the basis), request that we limit or cease processing your data in certain circumstances, and lodge a complaint with the Department of Personal Data Protection (JPDP) if you believe your rights have been violated.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within a reasonable time, and no later than 21 days as required under the PDPA.

9. Third-Party Links

Our website may contain links to external websites. We are not responsible for the privacy practices of those websites and encourage you to read their privacy policies before sharing any personal data with them.

10. Children's Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that we have inadvertently collected such data, we will take steps to delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the "Last Updated" date at the top of this page. We encourage you to review this page periodically. Continued use of our website or services after changes are posted constitutes your acceptance of the revised policy.

12. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:

Luminos Law
5 Jalan Semantan, Level 7,
Damansara City Centre,
50490 Kuala Lumpur, Malaysia

Email: [email protected]
Phone: +60 3-8472 1956

Supervisory Authority: Department of Personal Data Protection (JPDP), Malaysia