At the outset, we wish to make clear that protecting confidential information is fundamental to our relationship with our clients and to our business. All information received in respect of a client matter is subject to strict duties of confidentiality. We will not disclose such information except in accordance with instructions.
We care about your privacy.
We will never rent, trade or sell your email address to anyone.
We will never publicly display your email address or other personal details that identify you.
The Australian Privacy Principles
We will treat all personal information in accordance with any and all obligations that are binding upon us under the Privacy Act 1988 (Cth) (Privacy Act). The Privacy Act lays down 13 key principles in relation to the collection and treatment of personal information, which are called the Australian Privacy Principles (APPs).
What is personal information?
Personal information held by the Company may include your:
- name and date of birth;
- residential and business postal addresses, telephone/mobile/fax numbers and email addresses;
- your computer and connection information; and
- any information that you otherwise share with us.
How we may collect your personal information
At our Firm’s website, we only collect personal information that is necessary for us to conduct our business as an innovative Australian law firm.
From our Website
We may collect personal information that you provide to us about yourself when you use our Firm’s website, including (without limitation) when you:
- add comments in any elements of our Firm’s website that permit user-generated content;
- register for access to legal content or request to be kept up to date to changes in the law; or
- complete an online contact form to contact us;
When you visit our Firm’s website or download information from it, our web host makes a record of your visit that shows:
- the pages you visited of our website;
- the date and time that you visited our website; and
- the kind of browser that you used.
If you provide information to us by corresponding with our staff via electronic mail or through marketing or enquiry forms, our mail server makes a record of:
- your full e-mail address and the full recipient address; and
- the time and size of your e-mail.
From our clients
We only collect personal information that is necessary for us to perform our functions. The kinds of personal information we collect and hold will depend upon the services you request from us. However it may include, without limitation:
- information from public records and third party sources;
- information you give us when you instruct us to act for you, which may be necessary for us to:
- perform our services to you;
- administer, further and complete your matter, which you have engaged us on and
- comply with any legal obligation.
- information about individuals and organisations which we collect in the course of acting for you; and
- communications between us and you.
We only collect sensitive information if you consent to the collection of that information or it is reasonably necessary for one or more of our functions or activities or collection of the sensitive information is required or authorised by law.
How we may use and disclose your personal information
Any personal information which we collect about you will be used and disclosed by us so that we can provide you with the services that you have requested, or otherwise to enable us to carry out our functions as professional legal service providers. It may also be used and disclosed for the further purposes for which it was collected, including those listed below or for secondary purposes related to those purposes, to the extent lawful.
The purposes for which we collect your information may include, to:
- provide you with legal services or legal information;
- verify your identity;
- respond to any queries or feedback that you may have;
- conduct appropriate checks for credit-worthiness and for fraud;
- prevent and detect any misuse of, or fraudulent activities involving, our website;
- prepare general statistics on the usage of our website;
- contact you (including via electronic messaging such as SMS and email, by mail, by facsimile, by phone or in any other lawful manner);
- undertake conflict searches for our own purposes and the purpose of determining if we can represent a client or potential client;
- act for a client in a matter against an individual or organisation; and
- develop and improve our services and obtain feedback.
We may also provide you with information from time to time about our services, marketing information and updates on areas of law, unless you ask us not to do so in writing.
We will not pass on the personal information you have given us to anyone without first asking your permission, unless we are required or permitted to do so by law.
Other circumstances in which we may use and disclose your personal information include:
- to our advisers and insurers on a confidential basis;
- where you have consented, expressly or impliedly, to the disclosure or use;
- in confidence, to third parties to improve our services and seek feedback; and
- where the use or disclosure is authorised or required by or under an Australian law or order of a court or tribunal.
- to conduct research and development in respect of our services;
- to gain an understanding of your information and communication needs or obtain your feedback or views about our services in order for us to improve them; and/or
- to maintain and develop our business systems and infrastructure, including testing and upgrading of these systems,
and for any other purpose reasonably considered necessary or desirable by the Firm in relation to the operation of our business.
From time to time we may email our clients with news, information and offers relating to our own services or those of selected partners. Your personal information may also be collected so that the Firm can promote and market these services to you. This is to keep you informed of services we believe you will find valuable and may continue after you cease to engage our services. If you would prefer not to receive marketing, legal or other material from us, please let us know and we will respect your request. You can unsubscribe from such communications at any time if you choose.
Providing your personal information to overseas recipients
We may provide personal information we have collected about you (as described above) to third party overseas service providers or other recipients. You agree that we will not be required to take steps to ensure the overseas recipients do not breach the APPs or the Privacy Act 1988 (Cth).
The Firm’s website may also collect Internet Protocol (IP) addresses. IP addresses are assigned to computers on the internet to uniquely identify them within the global network. The Firm collects and manages IP addresses as part of the service of providing internet session management and for security purposes. The Firm may also collect and use web log, computer and connection information for security purposes and to help prevent and detect any misuse of, or fraudulent activities involving, our website.
Our Firm website uses "cookies" to help personalise your online experience. A cookie is a text file or a packet of information that is placed on your hard disk by a web page server to identify and interact more effectively with your computer. There are two types of cookies that may be used at our website: a persistent cookie and a session cookie. A persistent cookie is entered by your web browser into the "Cookies" folder on your computer and remains in that folder after you close your browser, and may be used by your browser on subsequent visits to our website. A session cookie is held temporarily in your computer’s memory and disappears after you close your browser or shut down your computer. Cookies cannot be used to run programs. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you. In some cases, cookies may collect and store personal information about you. The Firm extends the same privacy protection to your personal information, whether gathered via cookies or from other sources.
You can configure your internet browser to accept all cookies, reject all cookies or notify you when a cookie is sent. Please refer to your internet browser’s instructions to learn more about these functions. Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of our website.
- remember your preferences for using our website;
- show relevant notifications to you (eg, notifications that are relevant only to users who have, or have not, subscribed to newsletters or email or other subscription services); and
- remember details of data that you choose to submit to us (eg, through online contact forms or by way of comments, forum posts, chat room messages, reviews, ratings, etc).
Many of these cookies are removed or cleared when you log out but some may remain so that your preferences are remembered for future sessions.
Third party cookies
In some cases, third parties may place cookies through our website. For example:
Contacting us about privacy
If you would like more information about the way we manage personal information that we hold about you, or are concerned that we may have breached your privacy, please contact us by email to firstname.lastname@example.org or by post.
Access to your personal information
You have the right to request access to and correction of the personal information we hold about you. We will handle requests for access to your personal information in accordance with the APPs. We encourage all requests for access to your personal information to be directed to our Office Manager by e-mail: email@example.com or by writing to the address below:
GPO Box 2799
PERTH WA 6001
We will deal with all requests for access to personal information as quickly as possible. In some cases, consistent with the APPs, we may refuse to give you access to personal information we hold about you. This includes, without limitation, circumstances where giving you access:
- would be unlawful (for example, where a record which contains personal information about you is subject to a claim for legal professional privilege by one of our clients);
- would have an unreasonable impact on another person’s privacy;
- would prejudice negotiations we are having with you;
- would be likely to prejudice the taking of appropriate action in relation to suspected unlawful activity or misconduct of a serious nature, that relates to our functions or activities; or
- would be likely to prejudice enforcement related activities carried out by, or for, an enforcement body.
If we refuse to give you access to personal information, we will provide you with reasons for our refusal. Generally, on your request we will amend any personal information we hold about you which is inaccurate, incomplete or out of date.
Correcting your personal information
We will take all reasonable steps to ensure that the personal information you provide us is accurate and up to date. You may ask us to correct or remove information which you think is inaccurate. If you would like to amend any of your details or the information you have provided to us, you can contact us using our contact details provided in this policy.
Storage and security of the information
We are committed to maintaining the confidentiality of the information that you provide us and we will take all reasonable precautions to protect your personal information from unauthorised use or alteration. In our business, personal information may be stored both electronically (on our computer systems and with our website hosting provider) and in hard-copy form. Firewalls, anti-virus software and email filters, as well as passwords, protect all of our electronic information. Likewise, we take all reasonable measures to ensure the security of hard-copy information.
We use a number of mechanisms to protect the security and integrity of your personal information. Unfortunately, no data transmission over the Internet (or otherwise) can be guaranteed as completely secure. This means that we cannot guarantee that someone else will not read the information you choose to give us when you transmit or send it. Therefore, any information you send to us over the Internet or otherwise is transmitted or sent at your own risk.
Once any personal information comes into our possession, we will take reasonable steps to protect that information from misuse and loss and from unauthorised access, modification or disclosure.
We exclude all liability (including, without limitation, in negligence) for the consequences of any unauthorised access to your personal information, except to the extent liability cannot be excluded due to the operation of statute.
Third party websites
You can set preferences for how Google advertises to you using the Google Ads Settings page (https://www.google.com/settings/ads). Facebook has enabled an AdChoices link that enables you to opt out of targeted advertising.
Making a privacy complaint
Complaints regarding a breach of privacy should be addressed to the Steinepreis Paganin Office Manager (using the contact details provided above) who will contact you with a view to resolving the complaint. If you are still not satisfied you can contact the Office of the Australian Information Commissioner who may investigate your complaint further.
Office of the Australian Information Commissioner
Complaints must be made in writing.
|Phone||1300 363 992|
|Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
General Data Protection Regulation (GDPR)
Our Firm welcomes the GDPR of the European Union (EU) as an important step forward in streamlining data protection globally. Although we do not operate an establishment within the EU and do not target any offering of services towards clients in the EU specifically, we intend to comply with the data handling regime laid out in the GDPR in respect of any personal information of data subjects in the EU that we may obtain.
The requirements of the GDRP are broadly similar to those set out in the Privacy Act and include the following rights:
- you are entitled to request details of the information that we hold about you and how we process it. For EU residents, we will provide this information for no fee;
- you may also have a right to:
- have that information rectified or deleted;
- restrict our processing of that information;
- stop unauthorised transfers of your personal information to a third party;
- in some circumstances, have that information transferred to another organisation; and
- lodge a complaint in relation to our processing of your personal information with a local supervisory authority; and
- where we rely upon your consent as our legal basis for collecting and processing your data, you may withdraw that consent at any time.
If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations. However, please be aware that:
- such objection or withdrawal of consent could mean that we are unable to provide our services to you, and could unduly prevent us from legitimately providing our services to other clients subject to appropriate confidentiality protections; and
- even after you have chosen to withdraw your consent, we may be able to continue to keep and process your personal information to the extent required or otherwise permitted by law, in particular:
- to pursue our legitimate interests in a way that might reasonably be expected as part of running our business and which does not materially impact on your rights, freedoms or interests; and
- in exercising and defending our legal rights and meeting our legal and regulatory obligations.
Storage and processing by third parties
Data that we collect about you may be stored or otherwise processed by third party services with data centres based outside the EU, such as Google Analytics, Microsoft Azure, Amazon Web Services, Apple, etc and online relationship management tools. We consider that the collection and such processing of this information is necessary to pursue our legitimate interests in a way that might reasonably be expected (eg to analyse how our clients use our services, develop our services and grow our business) and which does not materially impact your rights, freedom or interests.
We require all third parties that act as “data processors” for us provide sufficient guarantees and implement appropriate technical and organisational measures to secure your data, only process personal data for specified purposes and have committed themselves to confidentiality.
Duration of retention of your data
We will only keep your data for as long as is necessary for the purpose for which it was collected, subject to satisfying any legal, accounting or reporting requirements. At the end of any retention period, your data will either be deleted completely or anonymised (for example, by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning). In some circumstances, you can ask us to delete your data.
Keeping your information up-to-date
To ensure that your personal information is accurate and up to date, please promptly advise us of any changes to your information by contacting our data protection officer at firstname.lastname@example.org or by post.
* * * *
If you require any further information about the Privacy Act and the Australian Privacy Principles, you can visit the Australian Information Commissioner’s website (see https://www.oaic.gov.au/).