Privacy policy

Introduction

In the course of our business in Australia, there may be circumstances where we collect personal information. Our privacy policy has been developed to ensure that such information is handled appropriately.

We are committed to complying with the Privacy Act 1988 (Cth) (Privacy Act) in relation to all personal information we collect. This commitment is demonstrated in this policy. The Privacy Act incorporates the Australian Privacy Principles (APPs). The APPs set out the way in which personal information must be treated.

Whom does this privacy policy apply to?

This policy applies to any person for whom we currently hold, or may in the future collect, personal information.
This policy does not apply to acts and practices that relate directly to the employee records of our current and former employees.

What information does this privacy policy apply to?

In broad terms, ‘personal information’ is information or opinions relating to a particular identifiable individual.
Information or opinions are not personal information where they cannot be linked to a particular individual.

How we do manage the personal information we collect?

We manage the personal information we collect by:

(a)        undertaking training on privacy issues;

(b)        implementing procedures such as providing privacy statements when dealing with a client’s personal information;

(c)        implementing security measures to keep the personal information we collect safe, including using unique usernames and passwords on systems that can access personal information and security cards to access on-site information; 

(d)        monitoring privacy compliance and providing methods for parties to submit privacy complaints and requests for access or correction

(e)         for mediation services, destroying all information collected within 60 days after the finalisation of a mediation.

In limited circumstances, it may be possible for an individual to use a pseudonym or remain anonymous when dealing with us. If an individual wishes to use a pseudonym or remain anonymous they should notify us when making first enquiries or providing initial instructions. We will use our best endeavours to deal with the individual as requested, subject to our professional obligations and ability to perform the services without using the individual’s name. In most cases, our professional obligations will require the individual to deal with us using their real name.

We must comply with our professional obligations (including confidentiality obligations) in dealing with an individual’s personal information at all times.

What kind of personal information do we collect and hold?

We hold different information depending on the services provided to clients. Generally, the types of information that we may collect and hold include:

(a)        contact information (such as name, address and phone number);

(b)        financial information;

(c)        business circumstances;

(d)        family circumstances;

(e)        information about assets and investments;

(f)         employment history;

(g)        gender;

(h)        date and place of birth;

(i)         insurance information;

(j)         banking information;

(k)        credit information;

(l)         credit card details;

(m)       tax file numbers;

(n)        driver’s licence and other photographic information;

(o)        video or photographic footage given by clients to us for legal advice;

(p)        information otherwise required by law; and

(q)         any other personal information required to perform the service.

Where possible, we will only collect the personal information required to provide the services, or as required by our professional obligations.

What sensitive information do we collect and hold?

‘Sensitive information’ is a subset of personal information and includes personal information that could have serious ramifications for the individual concerned if used inappropriately.

We do not actively collect sensitive information but may become privy to sensitive information in the course of providing our services to the individual. This may include:

(a)        health information;

(b)        racial or ethnic origins;

(c)        political opinions and membership of political associations;

(d)        religious beliefs or affiliations;

(e)        philosophical beliefs;

(f)         membership of professional or trade associations or unions;

(g)        sexual preferences or practices;

(h)        criminal records;

(i)         genetic information;

(j)         any sensitive information required to be disclosed by law; and

(k)        any other sensitive information required to perform the services required.

We will not collect sensitive information without the individual’s consent to which the information relates unless permitted under the Privacy Act.

How and when do we collect personal information?

Where reasonable and practicable, we will collect personal information directly from the individual to whom the personal information relates.

However, we do collect personal information from numerous other sources. It is not possible to provide an exhaustive list of these sources, but they may include:

(a)        professional advisors or agents for individuals who we act for;

(b)        friends, family members and associates of the individual;

(c)        banks and financial institutions;

(d)        government bodies;

(e)        insurance companies;

(f)         businesses about their employees, contractors, customers or suppliers;

(g)        barristers and other solicitors;

(h)        feedback surveys; and

(i)         from paid search providers.

How do we hold personal information?

We hold personal information:

(a)        physically on our premises

(b)        electronically,

(i)         through internal servers and websites and a private cloud;

(ii)        on electronic storage devices, including USB;

(iii)       by third party providers for software, email and website hosting, and data storage in Australia.

We will take all reasonable steps to ensure that all personal information we hold is secure from any unauthorised access, misuse or disclosure. However, we do not guarantee that personal information cannot be accessed by an unauthorised person (e.g. a hacker) or that unauthorised disclosures will not occur.

Some of the methods we use to store and secure information include:

(a)       using security cards to access areas that contain personal information;

(b)       having designated areas to meet with clients and other parties that do not contain personal information;

(c)       using security cards to access printers;

(d)       using unique usernames, passwords and other protections on systems that can access personal information;

(e)       using lockable compactuses for storing more sensitive information, other important documents or financial records.

Why do we collect, hold, use or disclose personal information?

We take reasonable steps to use and disclose personal information for the primary purpose for which it is collected. The primary purpose for which information is collected varies, depending on the particular service being provided, but is generally to provide our services to an individual or their business.

Personal information may also be used or disclosed by us for secondary purposes that are within the individual’s reasonable expectations and related to the primary purpose of collection.

For example, we may use personal information for the following secondary purposes:

(a)       to add an individual’s details to our mailing list, to inform the individual of updates that may affect them and to invite them to presentations relevant to their industry (which can be unsubscribed from at any time);

(b)        to comply with our professional obligations; or

(c)        to provide a referral.

We may disclose personal information:

(a)        to other service providers or referral partners, in order to provide the services to the individual (for example, other solicitors, barristers, experts, accountants, insurers etc. as the context of the service requires);

(b)        to government bodies (such as ASIC or the ATO);

(c)        with the consent of the individual to whom the information relates;

(d)        to third party contractors where we contract out any financial, administrative, information technology or other services, including independent market research that enables us to improve our service to our clients.

Otherwise, we will only disclose personal information to third parties with the relevant individual’s consent or if the disclosure is permitted by the Privacy Act.

Do we disclose information overseas?

We generally do not disclose your personal information to overseas recipients otherwise than in accordance with your instructions. In some cases we may indirectly disclose personal information overseas through our technology service providers, some of whom have data centres located in the United States.

Where we disclose your personal information to parties located overseas (or which have data centres located in other countries), we take reasonable steps to ensure that those parties will handle the personal information in accordance with the Australian Privacy Principles. We are not required to take such steps if we believe that the overseas recipient is already subject to a law that has the effect of protecting personal information in a substantially similar way to the relevant law in Australia, or with your consent.

How can you access and correct your personal information?

It is important the information we hold about individuals is up to date. Individuals should contact us if their personal information changes.

Access to information and correcting personal information

Individuals may request access to the personal information we hold or ask for their personal information to be corrected.

We will grant an individual access to their personal information as soon as possible, subject to the request circumstances.

In keeping with our commitment to protect the privacy of personal information, we will not disclose personal information to an individual without proof of identity.

We may deny access to personal information if:

(a)        the request is impractical or unreasonable;

(b)        providing access would have an unreasonable impact on the privacy of another person;

(c)        providing access would pose a serious and imminent threat to the life or health of any person;

(d)        providing access would compromise our professional obligations; or

(e)        there are other legal grounds to deny the request.

We may charge a fee for reasonable costs incurred in responding to an access request. The fee (if any) will be disclosed prior to it being levied.

If the personal information we hold is not accurate, complete and up-to-date, we will take reasonable steps to correct it so that it is accurate, complete and up-to-date, where it is appropriate to do so.

Complaints

If a person wishes to complain about an alleged privacy breach, they must follow the following process:

(a)        The complaint must be firstly made to us in writing, using the contact details in this section. We will have a reasonable time to respond to the complaint.

(b)        In the unlikely event the privacy issue cannot be resolved, they may take their complaint to the Office of the Australian Information Commissioner.

Whom to contact

A person may make a complaint or request to access or correct personal information about the person held by us.

Such a request must be made in writing by submitting a contact form on this website or sending correspondence to Chris Ward Mediations, GPO Box 834, Brisbane QLD 4001.

Changes to the policy

We may update, modify or remove this policy at any time without prior notice. Any changes to the privacy policy will be published on our website.

If you have any comments on the policy, please contact us.