PRIVACY

We know lots about our clients

We often end up knowing a lot about our clients. It comes with the territory: trusted adviser. And we need to. Law isn’t only about law. It’s about human interaction.

For the very large part, we hold information about clients which is both personal and which may not be personal but which needs to be kept confidential. This is very varied, but includes names and addresses, but also things like birthdays, information about businesses and families and relationships, about intentions, often copies of documents, and even copies of signatures.

We sometimes hold personal information about people who are not clients. Our website doesn’t collect personal information, but if for example we are discussing potentially assisting someone and they don’t end up a client, then we may along the way have gathered some personal information about them.

Rest assured, we are super committed to:

  • client confidentiality, and

  • privacy of client and non client personal information.

Confidentiality

For us as lawyers, the professional duty of confidentiality, set out in the laws that regulate our profession, is often more powerful, broader, in a practical sense than obligations under privacy laws relating to personal information.

As lawyers we have really important confidentiality obligations to clients. They cover much more than personal information.

Conversations, correspondence and documentation between us and a client are confidential and can only be revealed in limited situations. We must also follow strict rules in the maintenance of client files.

We won’t disclose any information which is confidential to a client and acquired by us during the client’s engagement to any person who is not:

  • a solicitor who is a partner, principal, director, or employee of ours, or

  • a barrister or an employee of, or person otherwise engaged by, us or by an associated entity for the purposes of delivering or administering legal services in relation to the client,

But we may disclose information which is confidential to a client if:

  • the client expressly or impliedly authorises disclosure,

  • we are permitted or is compelled by law to disclose,

  • we disclose the information in a confidential setting, for the sole purpose of obtaining advice in connection with our legal or ethical obligations,

  • we disclose the information for the sole purpose of avoiding the probable commission of a serious criminal offence,

  • we disclose the information for the purpose of preventing imminent serious physical harm to the client or to another person, or

  • the information is disclosed to the insurer of the solicitor, law practice or associated entity.

Privacy

But we also aim to handle and use personal information – whether of clients or others - consistently with the Australian Privacy Principles.

What is privacy?

The word ‘privacy’; means different things to different people. The type of privacy covered by Australia’s Privacy Act and its privacy regulator, the Office of the Australian Information Commissioner (OAIC), is the protection of people’s personal information. Personal information is information that identifies a person or could identify them. The protection of personal information privacy is different to other related concepts such as:

  • confidentiality

  • secrecy, or

  • freedom of information.

If you are in doubt, contact us or the OAIC.

Generally

The Australian Privacy Principles (APPs) are the base line privacy standards which many private sector organisations need to comply with in relation to personal information they hold. There are 13 APP that regulate how private sector organisations manage personal information. They cover the collection, use and disclosure, and secure management of personal information. They also allow individuals to access that information and have it corrected if it is wrong.

A copy of the Australian Privacy Principles is available here. There is also a summary of the APPs below.

Why we collect

We may hold personal information about people, principally because they are or are exploring becoming a client or they give us personal information, for example through this website.

Broadly, we collect, hold, use and disclose personal information for purposes related to the provision or potential of services to clients. Again broadly, we use personal information to administer client legal services but also for related purposes, for example to:

  • make the use of our web site easier,

  • contact them regarding services from us or other lawyers where we think that would help,

  • comply with legal obligations, and

  • conduct research.

We also use personal information for other reasons such as:

  • monitoring, evaluating and improving our services,

  • statistical, actuarial, prudential or research, and

  • to provide information about services.

If you do not provide us with contact details and other information we ask for, we (or others) may not be able to have or keep you as a client or provide services to you.

How we collect

There are several ways we collect personal and other information but we aim to ensure they are lawful and fair means:

  • when you become a client,

  • when you otherwise tell us, for example, when you contact us to update or change your details or volunteer your details, and

  • through our website like many websites, ours may collect some limited information from users.

Our clients as well as those who help us, and them, provide products and services to you can also collect personal information and pass it on to us.

People who assist you may collect personal information and pass it onto us.

What we collect

Personal information collected can include the following:

  • name, gender and date of birth,

  • contact details,

  • bank account details,

  • TFNs and ABNs,

  • employment information in relation to investments made via a superannuation fund,

  • details of your investors and beneficiaries,

  • details of the source and use of money you invest,

  • use details for our website,

  • information contemplated by laws and regulator, settlement system or exchange policies and requests, and

  • any other information that we consider necessary or desirable.

Disclosure of personal information

We will seek to ensure that personal information we hold is not used or disclosed for any purpose other than:

  • the primary purpose for which it was collected or a purpose that is related to the primary purpose for which it was collected or a related secondary purpose,

  • where you have consented to the use or disclosure, or

  • in other circumstances where the Australian Privacy Principles authorise the use or disclosure such as when it is required by or authorised under law.

We will not disclose personal information we hold unless:

  • this policy allows,

  • you otherwise agree,

  • we consider someone needs the information typically because they are a regulator or someone else assisting you like a service provider, accountant, financial adviser or another lawyer,

  • laws or regulator, settlement system or exchange policy requires, or a regulator, settlement system or exchange requests, and

  • to administer the provision of services to you including debt recovery.

Those we disclose personal information to include:

  • our own professional advisers,

  • regulators, settlement system or exchanges such as the Office of the Legal Services Commissioner, AUSTRAC, the ASIC, the OAIC, the ATO, APRA and ASX,

  • your financial or other adviser,

  • those we have no reason to doubt are acting on your behalf,

  • companies with our group, and

  • those who help us provide products and services to you for example, the Law Society of NSW, insurance brokers and insurance companies.

What about security?

We are committed to ensuring that personal information is kept secure. We take reasonable steps to ensure that the personal information that we hold is protected from misuse and loss and from unauthorised access, modification and disclosure. We have a number of physical access and technology policies and procedures in place designed to provide a robust security environment.

No personal data is stored on our website.

We will communicate with you by email generally. Email can be insecure.

We may store material in the cloud for you. We will give you a copy of the terms of our providers on request. This involves some risks, and we are not responsible for those providers or data loss by them. Being Internet based, we find that clients often seek to understand key issues about this, including security, use of data, ownership of data and what happens if the provider suffers financial distress. The terms of each service vary.

It is possible however that your personal information will be moved by those who help us provide products and services to you to a place where Australian laws do not apply, and different standards may apply there.

The internet does not however always result in a secure information environment and although we take steps we consider reasonable to protect your information, we cannot absolutely guarantee its security.

We may monitor or record communications – for example Zoom calls - for training, record or security purposes. If we do so, we will tell you at the time unless the website or app does so automatically.

Access to personal information

In most circumstances, you have the right to access any personal information we collect and hold about you, and to have it corrected if it is wrong.

This is subject to exceptions allowed by law such as where giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety or where providing you with access would have an unreasonable impact upon the privacy of others. If we deny your request or access we will provide you with the reasons for this decision.

To request access please contact us and we will respond within a reasonable period after the request is made.

Correcting personal information

We endeavour to take reasonable steps to ensure that the personal information that we collect, use or disclose is accurate, up to date, complete, relevant and not misleading. If you believe that any of the personal information that we hold about you is not accurate, complete, up- to-date or is misleading please contact us. If we agree that the personal information requires correcting we will take reasonable steps to do so.

If we do not correct your personal information we will provide you with the reasons for not doing so. If you request that we associate with the information a statement claiming that the information is not accurate, complete and up-to-date we will take reasonable steps to comply with this request.

Reasonably acting

We may take and may act (or not act as relevant) on any advice, information and documents which we have no reason to doubt as to authenticity, accuracy or genuineness.

Changes to handling and privacy practices

We may make changes to information handling and privacy policies and practices. We will publish important changes on thisr web site .

Questions and complaints

You can obtain further information about the way in which we manage personal information that we hold, or you can raise any privacy issues with us (including any concerns you may have about breaches of the Australian Privacy Principles), by contacting us.