Privacy Policy

Protection of Your Data is Our Objective

At NDM Law Firm & Associates, we recognize the importance of maintaining the privacy and sensitivity of the information we hold in our database, particularly personal information about people we deal with, whether they are clients, users, collaborators, candidates, suppliers, or others.

As attorneys in practice and legal service providers, we have a professional and ethical obligation to keep confidential all information we receive as part of our attorney-client relationship. In addition, we are committed to safeguarding the information we store and/or process of all individuals, whether natural or legal.

In this Data Protection Policy («Policy»), we set forth the practices we have implemented in our companies in relation to the handling of your data, from its collection, use and with whom we share such information.

This Policy supplements all prior agreements, whether oral or written, between You and us with regarding the collection, use and disclosure of your personal, commercial, or financial information.

To whom this Policy applies

This policy applies to us, as the custodian of the database and as the party responsible for the processing of your personal data, and to you, as the natural or legal person, as the data holder.

When we talk about «Us,» we mean » NDM Law Firm & Associates «.

When we talk about «You,» we refer to you as client, user, visitor, employees, candidate, supplier, or person who for any other reason shares your data with us.

Legal basis of this Policy

This Policy is based on Law 81 of March 26, 2019 (Panama) on Personal Data Protection, which seeks the protection of the rights of natural persons as holders of their personal data, regarding the use of such data.

Law 81 applies to all databases located in the territory of the Republic of Panama, when personal data of nationals or foreigners is stored, or when the responsible of handling the data is domiciled in the Republic of Panama. Databases of subjects regulated by special laws are exempt, provided that these laws establish minimum technical standards necessary for equal or greater protection than those established by Law 81.


As a forensic firm and legal service provider, we collect personal data as part of our professional activities in order to serve our clients.

We never collect personal data without your knowledge and consent. We do not use your personal data for purposes other than those stated.

It is important to note that we do not disclose or sell your personal information or business contact information to third parties to enable them to market their products and services.

If you are a client or potential client

When you request a service or quote for a service, we may collect your information and data as part of the introductory process, to understand, access and assist you with your legal needs, to comply with obligations under special laws or to ensure that the information is correct and up to date, among others. We only collect your data through legal and consented means.

Some of the information we typically collect is:

Basic information and personal data to unequivocally identify you: full name, date of birth, nationality, passport, or identification number. If you are a legal entity, your role within the organization.

Contact details to be able to communicate with you and for invoicing: physical address, email address, and telephone numbers. if you are a legal entity, domicile, and tax identification number.

Necessary information to comply with the “Know Your Client” policy and Due Diligence requirements: in addition to the data mentioned in the above points, a copy of your identification document and proof of address. If you are a legal entity, certificate of existence or equivalent, among others.

Generally, you provide information and data during our relationship. However, as it becomes necessary to provide the requested services and/or comply with legal obligations, we may validate or collect information about you with the different databases, such as those of other companies in our economic group, or through third parties such as accessible sources, other authorities and/or state entities and service providers.

We use your personal data only in our regular professional activities and to comply with our contractual obligations or agreements entered into to provide you with our services, to conduct verifications for possible conflicts or anti money laundering searches, to comply with our legal obligations in the jurisdictions where we operate and to defend your legal rights, as well as to comply with court and/or administrative orders if necessary.

If you visit us on our websites or service portals.

When you browse our websites or use our online services, we may collect technical information, such as your IP address to optimize the operation and security of our technology platforms. Upon entering one of our customer service portals, such as payment portals, we also collect the information that you provide to us at the time and that it is strictly necessary for it to fulfill the purpose for which it was designed, for example to transfer payment for an invoice. In all cases we always seek your convenience and security of your data.


During our business relationship, we provide information to our staff for reasonable business purposes and to provide services to you. Our staff is trained to keep the confidentiality and security of your data.

As part of an economic group, we may share some information between our companies for the sole purpose of providing the service to you or developing the relevant business relationship. We ensure that at all times they guarantee the same level of data protection that we demand.

To provide some of our services, we may sometimes use external service providers or professionals who work with us, such as experts, translators, IT service providers, banks, and others, who may have access to your personal data. In these cases, we require these providers to comply with practices and policies that ensure the security and confidentiality of your personal information and they are not processed for purposes other than those specified above.

Some of our companies, headquarters or service providers may be located in different jurisdictions. Where it is necessary to transfer or transmit your personal information for the stated purpose, we always ensure that the protection and confidentiality of your data is kept as if it were in national territory.

Please always keep in mind that we must and will provide your data and basic information to government authorities if requested and required to do so by law.

Safeguarding Information

The information we collect is strictly used for the purposes indicated. Our collaborators’ access to your information is restricted and limited only to those who have authorization and training in the proper handling of client information.

We have adopted and implemented physical, electronic, procedural and security safeguards to ensure that your information is kept confidential and secure as required by law and our internal procedures and practice.

Retention of Information

You agree that we may store and use information about You in our records for the purposes described in this Policy, even if you cease to be a client, subject to applicable laws.

Accuracy of Personal Information

As long as there is a business relationship with Us, you must at all times provide and keep all personal information up-to-date, and you must notify us as soon as there are changes to it so that we can update our databases and ensure that there are no mishaps in our contractual relationship.

Term of this Policy

This Privacy Statement was updated as of March 25, 2021. We may revise and change our Privacy Statement at any time to update our privacy commitment to you based on current privacy laws and best practices.