Before you provide us with personal information about an individual that is sensitive information, you must ensure that you are authorised by the relevant individual to disclose that information to us.
‘Personal information’ is defined in the Privacy Act 1988 (Cth) to mean any information or opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not.
The kinds of personal information we collect and hold
We collect and hold a range of personal information in carrying out our business and functions as a legal services provider. The kinds of personal information that we collect and hold about you will depend upon the nature of our relationship with you.
We typically collect and hold the following kinds of personal information about our clients:
- Name, job title, and contact details
- Communications between you and us
- Financial information
- Information about your areas of sectoral or business services interest, and
- Other personal information that you provide to us (such as when you respond to an invitation to attend a seminar or function) or that we collect in the course of our relationship with you.
To the extent that it is relevant to the work we are undertaking for a client or our general relationship with a client, we may also collect and hold personal information about clients that is sensitive information under the Privacy Act.
For example, we may collect health information about an individual, membership of a professional or trade association, membership of a trade union, religious beliefs or affiliations or criminal records.
Our job applicants, contractors, service providers and suppliers
We typically collect and hold the following kinds of personal information about job applicants, contractors, service providers and suppliers:
- Name and contact details
- Information contained in resumes
- Educational details, academic and other transcripts, employment history, skills and background checks
- References from past employers and referees
- Information collected during the interview or assessment process
- Details of your performance under any contract, and
- Personal information required to make payments, such as bank account details.
Website users, online contacts and attendees at seminars and other functions
The only personal information which we collect about you when you use our website or contact us online is what you tell us about yourself.
The kind of personal information that we may collect through our website, online or when you register or attend a function includes:
- Your name, contact details, employer and job title, and
- Your areas of sectoral or business service interest.
We may also collect and hold the following sensitive information about you:
- Any dietary requirements such as food allergies
- Membership of a political, professional or trade association or trade union.
We will also collect personal information about you if you provide us with your business card at a function or otherwise provide your personal information to us in person or contact us through social media (such as LinkedIn).
How we collect personal information
In most instances we will collect personal information directly from the person to whom the information relates, or the organisation of which that personal is an employee, director or principal. However, we may also collect personal information about individuals from the following third parties:
- our clients
- government agencies
- law enforcement bodies
- publicly available records
- ratings agencies
- service providers
- parties to whom you refer us, including previous employers and referees
- recruitment agencies
- online searches, and
- social media (such as LinkedIn).
When we obtain personal information from third parties to whom you refer us, we will assume and you must ensure that you have made that third party aware that you have referred us to them and of the purposes involved in the collection, use and disclosure of the relevant personal information.
How we hold personal information
We store electronic records within our own secure network and through third party data storage providers. Personal information within our network is password protected and access is appropriately limited.
Our third party data storage providers are required to protect personal information in accordance with applicable laws and take appropriate technical and organisation measures against unauthorised or unlawful use of personal information or its accidental loss, destruction or damage.
The purposes for which we collect, hold, use and disclose personal information
We collect, hold, use and disclose personal information for the purposes for which it was collected, related purposes, and other purposes including:
- providing the services that our clients have requested
- maintaining, managing and developing our relationship with clients and potential clients
- carrying out research, planning, market sounding, security and risk management
- marketing our services, administering and operating our online subscriptions and providing you with information about commercial, financial and small business developments and other services that you have requested or that may be of interest to you
- the organisation of events
- assessing and considering applications from prospective employees
- developing and managing relationships with our employees, contractors and service providers
- managing insurance
- complying with our legal and regulatory obligations, and
- to otherwise carry out our functions as professional service providers.
If you are a client or have otherwise expressed interest and provided us with your contact details, we may send emails to you with information about financial, commercial or small business developments (such as publications, alerts and newsletters) and marketing our services (such as seminar invitations).
We may use an “email management system” to automate the management and dispatch of these emails. The system operates by inserting tracking codes in the emails that we send to you. The tracking code allows us to collect personal information about you, such as whether you received and opened an email, and whether you clicked through to any links to our website.
The personal information that the email management system collects and holds about you is used by us to:
- ensure that you only receive correspondence that you have informed us that you wish to receive
- determine whether the information that we send to you is suitable for your interests, information needs and profile
- ensure that the email address that you have provided us is still operational
- determine whether emails that we send to you are received by you
- update a request that you make to us to unsubscribe from a publication that we send to you
- review the effectiveness and relevance of our emails to you by collecting other statistical information.
If you do not wish for us to send you such emails, please let us know by contacting our Privacy Officer at the details below. You can also unsubscribe from our email notifications by clicking on the ‘Unsubscribe’ button at the bottom of our email notifications and following the prompts or by emailing us.
If you would like to complain about a breach of the Australian Privacy Principles, you may contact our Privacy Officer at the details below.
We will respond to complaints within a reasonable period of time (usually 30 days).
If you disagree with our decision, you may refer your complaint to the Office of the Australian Information Commissioner by visiting www.oaic.gov.au, calling 1300 363 992 or by emailing [email protected]
If you would like more information about the way we manage personal information, would like to request access to or correction of personal information that we hold about you, or wish to make a complaint, please contact our Privacy Officer by either:
Email – [email protected]
Post – Attention: “Privacy Officer”, Level 15, 56 Pitt Street, Sydney 2000 NSW, or
Telephone – + 61 2 8379 6144.