Our approach to privacy and your consent

We, IRDI Legal, IRDI Securities and IRDI Settlements, are committed to respecting the privacy of information about individuals that we hold.  We are bound by the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) and other laws which protect privacy.  This Privacy Policy sets out how we generally manage your personal information.

By providing any personal information to us, continuing to instruct us or using our website, you consent to the collection, use and disclosure in the manner set out in this Policy.

Collecting information

We do not collect personal information unless it is reasonably necessary for any of our functions or activities.  We collect personal information necessary for us to operate as a law firm, to develop and promote our services and to assist us with complying with our legal and regulatory obligations.  The type of personal information we collect and hold will depend upon the services requested from us.  However, it may include:

  • information you give us when you instruct us to act for you, complete an online form or request or request another service from us, including your name, address and contact details;
  • information about individuals we collect in the course of acting for clients;
  • information in communications between us and you;
  • information in an application for employment or anything of a similar nature that you submit to us online; and
  • information we collect when you use our website (refer to the ‘Using our website’ section below).

If appropriate, we will tell you why we are collecting personal information and how we plan to use it, or these things will be obvious when we collect the information.

Generally, we will collect personal information directly from you.  However sometimes we may collect or receive personal information from your advisors or agents (for example, your accountant or real estate agent), publicly available records, information brokers or third parties such as those identified in the ‘How we use and disclose personal information’ section below.
If we obtain personal and other information from third parties to whom we are referred by you, we will assume that you have made that third party aware that you have referred us to them and of the purposes involved in the collection, use and disclosure of the relevant personal or other information.

In certain circumstances we may collect sensitive information or health information about you.  We will only collect this information if you provide it voluntarily, consent to us collecting it or we are otherwise authorised or required by law to do so.

If you do not provide us with your personal information, or you do not consent to us using your personal information as outlined in this Policy, we may not be able to provide you with the services you request or otherwise fulfil the purpose for which we requested the information.

Under the APPs, in certain circumstances you have the right not to identify yourself or to use a pseudonym when providing information to us.  However, generally this right will not apply as it will be impractical for us to deal with you if you do not identify yourself and/or we may be legally obliged to deal with individuals who have identified themselves.

Information you give us about other people

If you provide us with personal information about someone else (for example, one of your clients, relatives, directors or employees or someone with whom you have business dealings) you must ensure that you are entitled to do so and that we may collect, use and disclose that information in the manner set out in this Policy without further action by us.  In particular, you agree to inform that person who we are, that we will use and disclose their personal information as outlined in this Policy from time to time, that they may gain access to that information as outlined in this Policy and the consequences if the information is not provided (such as our inability to provide services to you or them).

How we use and disclose personal information

If you are our client or you are employed by, contracted to or an agent of one of our clients, any personal information which we collect about you will be used and disclosed by us so that we can:

  • provide you or our client with the legal or other services that have been requested;
  • carry out our functions as professional legal service providers;
  • comply with our legal and regulatory obligations;
  • assess the nature and scope of matters upon which we are being asked to act;
  • engage or deal with barristers, experts or other professional advisors in relation to your or our client’s matter;
  • where applicable, engage or deal with foreign law firms or professional advisors in relation to your or our client’s matter;
  • carry out administrative tasks (including planning and risk management);
  • recruit staff;
  • manage our clients’ rights and obligations in relation to external obligations and statutory obligations;
  • refer our clients to suppliers;
  • conduct market or client satisfaction research;
  • provide newsletters and updates, and/or for any related purpose.

We may use your information to provide and market our services to you (including by direct marketing), and to enhance and develop our relationship with you.  We may also use your personal information to keep you informed of our services, events, developments in the law and other matters, including by email or other electronic means.  If you do not wish to be contacted for those purposes, please let us know by using the ‘Contact us’ details below or by unsubscribing to any email or electronic service you receive from us.  You can do this at any time.

We may disclose your personal information if we are required to do so by law or to organisations involved in providing credit or other services to you.  We may disclose your information to service providers, agents and contractors from time to time to help us to provide and market our services to you (but only so that they can provide the services that we have contracted out to them).

Generally, we will not disclose your personal information outside Australia.  If we are required to do so for any purpose set out in this Policy, we will seek your consent to that disclosure.  However in those circumstances, although we will take reasonable steps to ensure the privacy of your personal information is protected:

  • the recipient of the personal information may not be bound by a law or scheme that protects your information in substantially the same way as the APPs and this Policy;
  • we may not be able to ensure that the recipient does not breach the APPs or this Policy in relation to your personal information; and
  • you may instruct us not to disclose your personal information to that recipient but if you do so, we may not be able to provide you with the services you have requested from us.

How we hold personal information

Your personal information is generally held in client files or other hard copy files and records we create and/or in our computer database and information systems on‑site and externally (within Western Australia).

We may be required to hold personal information for a minimum period of 8 years to comply with legislative and professional requirements, even if you are not our client or have ceased to be our client.  This information may be held electronically, at our office and/or at on off-site, secure storage facility.  When that period expires, your information will be reviewed for destruction or de‑identification.

IRDI is bound by professional obligations of confidentiality and legal professional privilege.  We will continue to treat and protect information we receive and hold (including any personal information) in accordance with these obligations.

Security

Irrespective of whether personal information is stored electronically or in hard copy form, we take reasonable steps to protect the personal information we hold from misuse, interference and loss and from unauthorised access, modification or disclosure.

The internet is not a secure environment.  If you use the internet to send us any information, including your email address, it is sent at your own risk.

Accessing your personal information

In most cases, you can gain access to personal information that we hold about you upon request.  Please contact our Privacy Officer (see the ‘Contact us’ section below) to request access to your information.

We will deal with all requests for access to personal information in accordance with the APPs and as quickly as reasonably possible.  Requests for a large amount of information or information which is not currently in use may require further time before we can respond.  In some cases, we may refuse to give you access to personal information we hold about you where we are entitled to do so under the APPs.  If we do this, we will advise you why.

Accuracy

We take reasonable steps to make sure that the personal information we collect, use or disclose is accurate, up to date, complete relevant to the purpose for which it is held and not misleading.  If you wish us to correct any information we hold about you, please contact our Privacy Officer (see the ‘Contact us’ section below).

Using our website

As a website operator, we need to obtain and retain information about those who are using our website and this Policy applies to personal information collected from website users.  Your use of the facilities and services available through our website will determine the amount and type of information which we collect about you.  Some of this information will not be personal information (within the meaning of the APPs) because you will not be reasonably identifiable from that information.

We collect personal information about you that you tell us when you use our website, for example, by completing an online form or information you provide to us when you send us an email.  We will record your email address if you send us an email.

Our website does not use cookies.  However, when you visit it, information may be recorded for statistical purposes regarding your server address, domain name, date and time of visit, previous site visited and browser type.

Although we have implemented substantial security measures in relation to the information, we cannot guarantee security of that information as the website is linked to the internet and the internet is inherently insecure.  We are not liable in any way in relation to any breach of security or unintended loss or disclosure of information due to the website being linked to the internet.

Please also refer to our website Terms of Use.

Changes to our Privacy Policy

From time to time we may review and revise our Privacy Policy and we reserve the right to amend it at any time.  If we do so, we will publish the most recent version on our website.  Any information collected after an amended Privacy Policy has been published on our website will be subject to that amended Privacy Policy.  We recommend that you review this page regularly to ensure you are aware of any changes.

Making a privacy complaint

If you wish to make a complaint about a breach or potential breach of this Policy or the APPs by us, you should direct your complaint to our Privacy Officer (see the ‘Contact us’ section below).  We will respond to your complaint as soon as reasonably possible.  Our aim is to resolve your complaint quickly and to your satisfaction.  However, if you are not satisfied with our response, you can contact the Office of the Australian Information Commissioner who may investigate your complaint further.

Contact Us

If you would like more information, wish to update your personal information or have a concern about how we handle your information or our approach to privacy, please contact our General Manager, Lisa McCarthy:

Address: IRDI
248 Oxford Street
Leederville WA 6007

Ph: (08) 9443 2544
Fax: (08) 9444 3808
Email: lisa.mccarthy@irdi.com.au

Policy last updated: November 2016

 

^Top