General Privacy Information

This Privacy Policy describes how Zylera Rise collects, uses, stores and shares personal information in connection with our corporate legal services for enterprises. The policy applies to information gathered through our website at iristarise.pro, client onboarding processes, and communications with corporate contacts. We explain categories of data processed, lawful bases for processing, retention practices, transfer mechanisms, and rights available to data subjects. The policy is intended to provide clear, factual information so organizations and their representatives can make informed choices when engaging our services. We maintain administrative, technical and physical safeguards appropriate to the sensitivity of the data we process and regularly review procedures to reflect changes in law and operational practice. For questions about this policy or to exercise your rights, contact our data protection representative using the details provided below.

26-01-2026 Zylera Rise, Business ID S4372199A 110 Sengkang East Way, Singapore, 544886 [email protected]

Definitions

The following definitions explain key terms used in this policy to ensure consistent interpretation: personal data refers to information relating to an identifiable person; processing covers any operation performed on data; controller is the entity determining purposes and means of processing; processor performs processing on behalf of the controller. Additional terms are defined in context where relevant throughout this document.

Personal data means any information that relates to an identified or identifiable individual, such as names, business contact details, identification numbers, and other information associated with a corporate contact or representative of an enterprise client.
Processing refers to any operation performed on personal data, whether automated or manual, including collection, recording, organization, structuring, storage, consultation, use, disclosure, transmission, erasure and destruction.
User refers to any individual who visits iristarise.pro, contacts Zylera Rise, or is a representative of an enterprise client receiving legal services from Zylera Rise.
Service means the corporate legal advisory services, compliance support, contract drafting and review, and related professional services provided by Zylera Rise to enterprise clients.
Cookies are small text files stored on a user's device by the web browser at the request of a website. They are used to enable website functionality, remember preferences, and collect anonymized analytics data.

Data We Collect

We collect personal data necessary to provide legal services, manage client relationships, comply with legal obligations, and operate the website. Collection occurs through client onboarding forms, direct communications, correspondence, and automated tools on iristarise.pro.

Data Provided Directly by Users

When engaging Zylera Rise or using our website, users and corporate representatives may provide the following categories of information:

  • Contact details such as name, business email address, telephone number, and company name.
  • Identification and corporate information including business registration numbers, role or position within the company, and business address.
  • Case-related documentation and contractual materials necessary to provide legal advice and services.
  • Billing and payment information required to process invoices and maintain business records.
  • Communications and preferences about service delivery, meeting schedules, and consent choices for communications.
  • Any additional information volunteered by a user when requesting consultations, submitting forms, or exchanging emails with our team.

Data Collected Automatically

When users access iristarise.pro we automatically collect certain information using standard web technologies to help maintain the site, analyze usage, and improve service delivery.

  • Technical details such as IP address, browser type, and version.
  • Device information including operating system, screen resolution, and device identifiers.
  • Usage data such as pages visited, time spent on pages, navigation paths and error logs.
  • Referrer information indicating how users arrived at the site, such as search engines or other websites.
  • Aggregated analytics data used to monitor performance and identify areas for user experience improvement.
  • Cookie identifiers and similar local storage values subject to user consent where required by law.

Data from Third Parties

In certain circumstances we may receive personal data about a user from third parties, including corporate clients, payment processors, or publicly available sources, where necessary for the provision of services.

  • Information provided by a client's authorized representative during matter intake or engagement.
  • Verification data from third-party identity services when required for compliance checks.
  • Business transaction records and payment confirmations from payment service providers.

Purposes of Processing

We process personal data to fulfill contractual obligations, comply with legal duties, and operate our services in a professional and secure manner. Specific processing purposes include the following:

  • To provide legal advice, draft and review contracts, and manage corporate legal matters for enterprise clients.
  • To perform client onboarding, identity verification and compliance checks required by law or professional standards.
  • To manage billing, invoicing, and business records associated with the provision of services.
  • To communicate with clients about case status, legal developments, and administrative matters.
  • To improve website functionality, maintain security, and analyze usage patterns to enhance service delivery.
  • To respond to legal requests, enforce terms of service, and protect the rights and property of Zylera Rise and its clients.
  • To maintain records required by professional regulators and applicable law in the jurisdictions where we operate.
  • To carry out legitimate business operations such as recordkeeping, audits, and internal reporting.

Legal Bases for Processing

Where applicable law requires identification of a legal basis for processing, Zylera Rise relies on lawful grounds appropriate to the context including contract performance, legitimate interests, compliance with legal obligations, and, where required, consent.

  • Performance of a contract: processing necessary to provide legal services requested by a client.
  • Legal obligation: processing required to comply with statutory and regulatory duties, including anti-funds laundering and tax reporting obligations.
  • Legitimate interests: processing for operational needs such as security, recordkeeping, dispute resolution, and fraud prevention, balanced against individual rights.
  • Consent: where expressly requested and obtained for specific processing activities not otherwise justified by the bases above.

EU Data Protection and GDPR Considerations

Although Zylera Rise is based in Singapore, we recognize that some users and clients may be in jurisdictions covered by the EU General Data Protection Regulation (GDPR). Where GDPR applies, we will comply with its requirements with respect to data subjects in scope.

  • We will process personal data lawfully, fairly and transparently and implement appropriate safeguards for transfers and processing activities.
  • EU data subjects may exercise their GDPR rights such as access, rectification, erasure, restriction, objection and data portability where applicable and subject to legal exceptions.
  • Where transfers outside the EEA occur, we rely on approved transfer mechanisms or alternative safeguards consistent with GDPR requirements.
  • We maintain records of processing activities and provide data protection information to clients and their representatives upon request.
  • Data protection impact assessments will be performed for high-risk processing activities affecting EU data subjects where required by law.
  • For GDPR matters, EU data subjects may contact our data protection representative using the contact details below to submit requests or inquiries.

Cookies and Similar Technologies

We use cookies and similar technologies on iristarise.pro to enable basic site functionality, analyze usage patterns, and support security measures. Some cookies are essential for the site to function, while others are optional and used for analytics or preference storage.

Types of cookies we use include session cookies for navigation, persistent cookies for preferences, and third-party analytics cookies to gather aggregated usage data.

Cookies are categorized as necessary, performance/analytics, and functional. Necessary cookies cannot be disabled without affecting site functionality. Performance and functional cookies may be managed via user consent controls where required by applicable law.

Users can manage cookie preferences through their browser settings and, where provided, via consent tools on the website. Disabling certain cookies may limit access to features on iristarise.pro.

View our Cookie Policy for detailed information about specific cookies and management options.

Data Sharing and Disclosure

Zylera Rise shares personal data only as necessary to provide services, comply with legal obligations, and operate the business. We limit disclosures to categories of recipients relevant to the purpose of processing.

  • Professional service providers engaged to assist with client matters, such as external counsel or experts, under confidentiality obligations.
  • Regulatory authorities, courts, or law enforcement when required by law or to protect legal rights.
  • Payment processors and business institutions for billing and transaction processing.
  • Technology and hosting providers that support website operations and data storage under contractual data protection terms.
  • Authorized representatives of a client or corporate group members where necessary to provide contracted services.
  • Third parties involved in mergers, acquisitions or corporate reorganizations, subject to confidentiality safeguards and legal constraints.

International Transfers of Personal Data

Personal data may be transferred to jurisdictions outside Singapore as needed to deliver services, to external advisors, or to use hosted services. Such transfers will be managed in accordance with applicable law and appropriate safeguards.

Where data is transferred internationally, Zylera Rise relies on contractual clauses, standard contractual terms, and other appropriate measures to ensure recipients provide a comparable level of protection for personal data.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this policy, to meet contractual obligations, to comply with legal and regulatory requirements, and to resolve disputes.

Account and client identity records are retained for periods consistent with professional rules and business recordkeeping obligations, typically several years after the end of the engagement as required by regulation.

Communications such as emails and correspondence related to client matters are retained in case files for the duration needed to support ongoing services, compliance, and potential audits.

System logs and technical records are retained for a limited period to support security contribute, system performance and troubleshooting in accordance with internal retention schedules.

When data is no longer required for legitimate business or legal reasons, Zylera Rise will securely delete or anonymize the information in accordance with applicable law and internal policies.

Security Measures

Zylera Rise implements administrative, physical and technical safeguards designed to protect personal data from unauthorized access, disclosure, alteration or destruction. Security controls are proportionate to the sensitivity of the data and include access controls, encryption where appropriate, and regular reviews of security practices.

  • Role-based access controls and authentication to restrict access to personal data to authorized personnel only.
  • Encryption of data in transit and, where applicable, encryption of stored data in systems used for client matters.
  • Regular security assessments, software updates and incident response procedures to address potential vulnerabilities and breaches.

User and Data Subject Rights

Depending on applicable law and the relationship to Zylera Rise, individuals may have rights to access, correct, restrict or delete personal data, object to processing, and request portability of certain data. Requests are subject to verification and legal exceptions.

  • Right to access: request a copy of personal data held about you and information on how it is processed.
  • Right to rectification: request correction of inaccurate or incomplete personal data.
  • Right to erasure: request deletion of personal data where processing is not required by law or contractual obligations.
  • Right to restriction or objection: request limitation of processing or object to processing based on legitimate interests, subject to legal grounds.
  • Right to data portability: where applicable, request a structured, commonly used and machine-readable copy of certain personal data for transfer to another controller.
  • Right to withdraw consent for processing activities where consent is the legal basis. Withdrawal will not affect processing undertaken prior to the withdrawal.
  • Right to restrict processing of personal data while a dispute about accuracy or lawfulness is being resolved, subject to applicable law.
  • Right to lodge a complaint with the Personal Data Protection Commission (PDPC) of Singapore if you consider that Zylera Rise has not complied with applicable data protection obligations.

How to exercise your privacy rights

Data subjects may submit requests to access, correct, erase or otherwise manage their personal data held by Zylera Rise. Requests should be made in writing to the contact details below and must include sufficient information to enable us to locate the relevant records. We may require proof of identity and clarification to respond effectively.

[email protected]

We aim to acknowledge requests within 14 business days and provide a substantive response within 30 calendar days. Complex requests may require additional time; if so, we will notify you with an expected timeframe.

Marketing communications and choices

Zylera Rise may send informational updates, service notices, and occasional marketing communications about corporate legal matters relevant to enterprise clients. Marketing content will be based on your communication preferences and lawful basis for processing. Marketing messages will be limited to topics aligned with our corporate legal services.

You may opt out of marketing communications at any time by using the unsubscribe link in the message or by contacting [email protected]. Opting out of marketing does not affect service-related communications necessary for the performance of the services you receive.

Children's data

Zylera Rise does not target services to children and does not knowingly collect personal data of individuals under 18 for our corporate legal services. If we become aware that personal data of a minor has been collected without appropriate authorization, we will take reasonable steps to delete such data.

Links to third-party services

Our website may include links to third-party sites, partners, or regulatory resources. These external sites have their own privacy practices. Zylera Rise is not responsible for the content or data practices of third parties and recommends that users review third-party privacy notices before providing personal data.

Changes to this privacy policy

We periodically review and update our privacy policy to reflect changes in legal requirements or our processing activities. Material changes will be posted on our website at iristarise.pro and will include an updated effective date. Continued use of our services after the update indicates acceptance of the revised terms.