Privacy Policy

We take the handling of your personal information and privacy very seriously and do so in accordance with the Australian Privacy Principles (“APPs”), contained within the Privacy Act 1988 (Cth) (“Privacy Act”). This privacy policy sets out the manner in which we collect, store, manage, use and disclose personal information. This includes any documents and/or services we make available to you through the forms on our website (“Online Services’).

The Privacy Act defines ‘personal information’ to mean information or an opinion about an identified individual, or an individual who is reasonably identifiable.

We regularly review this Privacy Policy and may make changes to it from time to time on our Website without notice to you.

TYPES OF PERSONAL INFORMATION WE COLLECT

We commonly collect the following kinds of personal information about you:

• Individual name, business name, company name, ACN and ABN.
• Personal address, business address, postal address and email address.
• Telephone number and social media information.
• Job title, information about your business or company, information on other employees and professional membership.
• Information provided by you to us in connection with our Online Services and Forms (as defined in our Terms and Conditions).
• Age, date of birth and dealings with other persons;
• Payment information;
• Information about your personal, your business or your company’s legal matters and requirements;
• Your IP address, device type, website visitor analytics, Google Analytics, advertising data and ‘cookies’.

COLLECTION OF PERSONAL INFORMATION

The above information is only collected, used and disclosed by us where reasonably necessary for us to do so to perform our services and/or where you provide it to us directly (including through the use of the Online Services and Forms).

USE AND DISCLOSURE OF YOUR PERSONAL INFORMATION

We collect and use personal information for the following purposes:

• To provide our legal services;
• To provide our Online Services;
• To provide you with our communications and engage with you;
• To provide you with marketing material and promotional messages relevant to you;
• To obtain the services of third party service providers as part of providing our services to you;
• To manage and improve our legal services, Online Services and client experience;
• Where we are otherwise required or authorised to do so by law; and
• Otherwise, for the general operation of our business and Online Services.

SECURITY 

Your personal information may be stored either as hard copies or electronically, and we take reasonable steps to protected that information from misuse or unauthorised access. Our electronic databases, Forms and information technology systems hold SSL encryption and are password protected.

Once your personal information is no longer needed by us to perform our services it is destroyed by us within the requisite period (currently seven years from completion of the services).

FORMS

The Forms on our website are secured using TLS 1.2 SSL through your browser and to the servers of the third-party form provider. The third-party provider states that they use a SSL (Secure Sockets Layer) which is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.

They further state that Forms and submissions are stored in a database which is encrypted at rest and they regularly update the technology and systems used to stay on top of the latest vulnerabilities.

PAYMENTS

All payments on our website through the Forms are handled by third party payment facilitator, Stripe. Stripe state that they utilise the most stringent level of certification available in the payments industry. All card numbers are encrypted at rest with AES-256. Decryption keys are stored on separate machines. None of Stripe’s internal servers and daemons can obtain plain text card numbers but can request that cards are sent to a service provider on a static allow list. Stripe’s infrastructure for storing, decrypting, and transmitting card numbers runs in a separate hosting environment, and doesn’t share any credentials with Stripe’s primary services including their API and website.

For further information see https://stripe.com/docs/security.

EXTERNAL LINKS

Any external links found on our Website are to websites which are not under our control. We recommend you review the privacy policies of those websites before using them.

REQUESTING ACCESS TO OR CORRECTING YOUR PERSONAL INFORMATION

You may request access to the personal information we hold about you or your business at any time by using the contact details set out below. Please note we will need to verify your identity before providing you with the requested information.

If for whatever reason we cannot provide you with access to the requested information (for example if the information requested is subject to legal privilege), we will provide you with written correspondence setting out (unless we are legally prevented from doing so) with the reasons for our refusal and the complaint options available to you.

All requests for personal information will be responded to as soon as possible and within a reasonable timeframe unless there are extenuating circumstances. If that is the case we will advise of the reasons in writing as soon as possible.

We seek to ensure that the personal information we hold is accurate, up-to-date and complete. If you believe that any personal information we have hold including any you have provided to us directly is incorrect, out of date, misleading or provided unlawfully, you may request that the information be corrected by using the below contact details. Where appropriate, we will ensure that all reasonable steps are taken to correct it within a reasonable timeframe.

ENQUIRIES AND COMPLAINTS

If you wish to complain about how we handle your personal information or simply have a question relating any matter raised in this privacy policy, please contact us using the details set out below, including your name, contact details and as much information regarding your enquiry or complaint as possible.

We will ensure that all reasonable steps are taken to investigate your complaint promptly and respond to you within a reasonable timeframe, in accordance with our legal obligations.

You may also wish to contact the Office of the Australian Information Commissioner on 1300 363 992 or via email at enquiries@oaic.gov.au.