Privacy Policy

Introduction

We are committed to protecting your privacy and the security of your personal information.

We are required under the Privacy Act1988 (Cth) (Privacy Act) to have a clearly expressed and up-to-date privacy policy with information about how we collect, use and manage your personal information, including personal information collected via our website. This policy (Privacy Policy) describes how we will comply with our obligations under the Privacy Act and manage the personal information we collect. 

You should note that:

1. our website may contains links and references to other websites (which are for convenience only and may not be current or maintained);
2. we may use social networking services (for example, Linked In) to communicate with current and potential clients; and
3. we may use third party service providers to manage contact lists, manage event registrations or collect feedback about our services.

Our Privacy Policy does not apply to these third parties.  You should review the relevant third party’s privacy policy (which could differ substantially from our Privacy Policy) and assess whether it is acceptable to you before you provide them with your personal information.

What is personal information?

“Personal information” is any information that can identify you or that can reasonably enable your identity to be determined. This information could include your name, postal or email address, date of birth or financial details.

Personal information includes “sensitive information”. Sensitive information is any information, or an opinion concerning about your racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices or criminal record. It also includes health or genetic information, biometric information and biometric templates.Sensitive information is generally afforded a higher level of privacy protection.

What personal information do we collect?

The type of personal information that we collect about you depends on the type of dealings you have with us. For example, if you:

1. are a client of our firm, we will generally collect your name, job title, address, contact details, information about our dealings with you and the legal matters we conduct on your behalf and the legal areas that are of potential interest to you;
2. are involved in a matter that we are working on, we may collect your name, contact details and information about the relevant matter;
3. are involved in a matter with one or more of our clients, we may collect your name, address, contact details, verification of identity details and relevant file numbers held by our client;
4. ask to be placed on one of our contact lists, we will collect your name, address and contact details;
5. supply goods or services to us, we will collect your name, address, contact details and financial details for payment purposes;
6. send us an enquiry or provide us with feedback, we will collect your name, contact details and details of your enquiry or feedback;
7. apply for a job with us, we will collect the information you include in your job application, such as your resume, contact details and contact details of referees.

We will only collect sensitive information where it is reasonably necessary for our functions or activities and either:

1. you have consented to us doing so; or
2. we are required or authorised by law (including applicable privacy legislation) to do so.

From time to time we may obtain personal information about you from third parties (for example, identity verification service providers, publicly or commercially available sources or third parties you have authorised us to contact) for the purpose of complying with legislative obligations, such as anti-money laundering laws.

When you use our website, we may also indirectly collect your internet protocol (IP) address, device identifiers, browser type, operating system, internet service provider, location, mobile network information, pages accessed, time stamps and your online transaction history.

Why do we collect personal information?

We may hold personal information about people, principally because they are or are exploring becoming a client or they give us personal information, for example through our website.

Broadly, we collect, hold, use and disclose personal information for purposes related to the provision or potential of services to clients. Again broadly, we use personal information to administer client legal services but also for related purposes, for example to:

1. make the use of our website easier;
2. contact clients regarding our services or services of other lawyers where we think that would help;
3. comply with legal obligations; and
4. conduct research.

We also use personal information for other reasons such as:

1. monitoring, evaluating and improving our services;
2. statistical analysis;
3. to provide information about our services;
4. recruiting staff;
5. maintaining cyber security;
6. to send you information if you are on one of our contact lists.

We may use your personal information to send you information about our services, including legal updates and relevant products and services of third parties either where we have your express or implied consent, or where we are otherwise permitted by law to do so. We may contact you for these purposes in a variety of ways, including by mail, email, SMS, telephone or social media campaigns. Where you have consented to receiving these communications from us, that consent will remain current until you advise us otherwise. However, you can opt out at any time, by:

1. contacting our Privacy Officer (details below); or
2. (if applicable) using the unsubscribe facility that we include in our commercial electronic messages (such as emails and SMSs) to opt out of receiving those messages.

If you do not provide us with contact details and other information we ask for, we (or others) may not be able to have or keep you as a client or provide services to you.

We will only retain personal information for as long as we consider, in our reasonable opinion, to be necessary to comply with applicable law or for the relevant purpose (as set out in this policy).

When we no longer need your personal information, we will seek to delete, destroy or de-identify it in accordance with our record retention policy and/or any applicable laws.

How we collect personal information

In the course of providing legal services, we collect personal information in a number of ways, including:

1. in person (for example, at a meeting or function);
2. through our website;
3. over the telephone (including through voice mail messages left on our telephone system);
4. through written correspondence (such as emails and letters);
5. on hard copy forms (for example, feedback forms);
6. from third parties;
7. from regulatory authorities; and/or
8. from public registers (for example, by conducting searches of the Australian Securities and Investments Commission (ASIC) database or from other publicly available sources).

Who we may share your personal information with

We may share your personal information with third parties where appropriate for the purposes set out above, including:

1. financial institutions for payment processing;
2. barristers, experts or other relevant third parties in relation to your matter;
3. overseas law firms (where advice on foreign laws is sought);
4. external lawyers who we contract to assist us in providing legal services to you;
5. government regulators (for example to update ASIC records or where required under anti-money laundering and counter-terrorism laws);
6. investigators;
7. referees whose details are provided to us by job applicants;
8. our contracted service providers, including:

1. business service providers;
2. information and communication technology providers;
3. data storage and archive service providers;
4. printers and mail houses;
5. marketing and communications agencies;
6. research and statistical analysis providers;
7. delivery and shipping providers; and/or
8. business advisers (such as recruitment advisors, accountants, auditors and lawyers).

In each case, we may disclose personal information to the service provider and the service provider may in turn provide us with personal information collected from you in the course of providing the relevant products or services.

We may also share your personal information with a third party where we have obtained your consent.

We may require your consent to use and/or disclose your personal information if we need to use your information for a purpose that is not related to the purpose for which it was collected.

If you do not consent to us collecting, using and/or disclosing your personal information for such other purposes, this may affect our ability to deliver and improve our services, or to engage or do business with you.

Cross border disclosure of personal information

We may disclose personal information to third parties located overseas in the following situations:

1. to third party providers of business support services, which are based in other countries;
2. where we engage an overseas law firm to provide advice on foreign laws or where we are required or authorised to disclose personal information to a third party located overseas in the context of a particular matter (in which case the country will depend on the particular matter); and
3. to external lawyers in other countries who are contracted to assist us.

In each case, we will comply with the requirements of the Privacy Act that apply to cross border disclosures of personal information. Circumstances in which we will do this include where:

1. you have asked us to or we have your consent to do so;
2. we have outsourced a business activity or function to an overseas service provider;
3. we reasonably believe that the overseas recipient is subject to a law or binding scheme that protects the information in a way that is substantially similar to the way the information is protected under the Privacy Act and the Australian Privacy Principles (APPs), and there are mechanisms you can access to take action to enforce that protection; or
4. the disclosure is required or authorised by or under an Australian law or a court/tribunal order.

Please note that the laws on processing personal information in other countries may be less stringent than those which apply in Australia. When we disclose your personal information overseas, we will take reasonable measures to ensure that your information is held, managed and accessed in accordance with the standards that apply in Australia, including the APPs.

Data quality and security

We hold personal information in a number of ways, including in hard copy documents, electronic databases, email contact lists, and in paper records held in drawers and cabinets. We take reasonable steps to:

1. make sure that the personal information that we collect, use and disclose is accurate, up to date and complete and (in the case of use and disclosure) relevant;
2. protect the personal information that we hold from misuse, interference and loss and from unauthorised access, modification or disclosure; and
3. destroy or permanently de-identify personal information that is no longer needed for any purpose that is permitted by the APPs in the Privacy Act.

You can help us keep your information up to date, by letting us know about any changes to your details, such as your address, email address or phone number.  See section 9 below for further information.

We are committed to ensuring that personal information is kept secure. We have a number of physical access and technology policies and procedures in place designed to provide a robust security environment.

No personal data is stored on our website. Our staff members who handle your personal information are only those who have the need to access it and they have the training and skills to protect your personal information from unauthorised access or misuse.

We will communicate with you by email generally. Email can be insecure.

We may store material in the cloud for you. We will give you a copy of the terms of our service providers on request. This storage method involves some risks, and we are not responsible for those service providers or data loss by them. We find that clients often seek to understand key issues about this, including security, use of data, ownership of data and what happens if the provider suffers financial distress. The terms of each service vary.

It is possible however that your personal information will be moved by those who help us provide services to you to a place where Australian laws do not apply, and different standards may apply there.

The internet does not however always result in a secure information environment and although we take steps we consider reasonable to protect your information, we cannot absolutely guarantee its security.

We may monitor or record communications – for example virtual meetings - for training, record retention or security purposes. If we do so, we will tell you at the time unless the relevant website or app does so automatically.

Access and Correction

In most circumstances, you have the right to access any personal information we collect and hold about you, and to have it corrected if it is wrong.

This is subject to exceptions allowed by law such as where giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety or where providing you with access would have an unreasonable impact upon the privacy of others. If we deny your request for access we will provide you with the reasons for this decision. If you are not satisfied with any refusal to grant you access to your personal information, you may make a complaint (see section 10 below).

To request access, please contact us and we will respond within a reasonable period after the request is made.

We may however charge a fee to cover our reasonable costs of locating the information and providing it to you.

If you ask us to correct personal information that we hold about you, or if we are satisfied that the personal information we hold is inaccurate, out of date, incomplete, irrelevant or misleading, we will take reasonable steps to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up-to-date, complete, relevant and not misleading.

To ensure that personal information we hold is properly protected, we may take steps to verify your identity before we process any correction or access request.

We may also ask you to check and (if necessary) correct personal information we hold about you from time to time.  We may do this as part of our regular communications with you, when you contact us, or through other means.

Complaints

If you have a complaint about how we have collected or handled your personal information, please contact our Privacy Officer (details below), who will endeavour in the first instance to deal with your complaint and take any steps necessary to resolve the matter quickly and fairly.

If your complaint can’t be resolved at the first instance, we may ask you to further explain the circumstances of the matter that you are complaining about, how you believe your privacy has been interfered with and how you believe your complaint should be resolved.

If you are not satisfied with our response, you can refer your complaint to the Office of the Australian InformationCommissioner (OAIC) (see here for further information).

Our contact details

If you have any queries about the personal information that we hold about you or the way we handle that personal information, please contact our Legal Director, Paula McCabe, who is the firm’s Privacy Officer.

Mail: 11 Cairo Street,South Coogee, NSW, 2034, Australia
Email: pmccabe@pmclegal-australia.com
Telephone: 02 8556 7560

Further general information about privacy is available on the OAIC website at www.oaic.gov.au or by calling the OAIC’s enquiry line at 1300 363 992.

Changes to this Privacy Policy

We may amend this Privacy Policy from time to time. A current version will be posted on our website and a copy may also obtained by contacting our Privacy Officer (details above). This Privacy Policy was last updated on 31 March 2023.