Elringtons is bound by the Privacy Act 1988 (Cth) (the Act), and Australian Privacy Principles (APPs) contained in Schedule 1 of the Act. The APPs govern how we can handle and manage “personal information”, including “sensitive information”, about our clients, or other persons who have business with the firm and employees.
The Act defines “personal information” as information or an opinion about an identified individual or an individual who is reasonably identifiable, whether true or not, and whether recorded in material form or not.
Some personal information is also “sensitive information” and is afforded a greater level of protection under the Act. “Sensitive Information” is personal information that relates to certain specified characteristics of an individual, including information about racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices or criminal record. Sensitive information also includes health, genetic and biometric information about an individual.
We collect information about you that is reasonably necessary for us to carry out our functions or activities, such as your name, contact details, date of birth, Medicare, tax file or pension numbers and details of your personal circumstances. This may include sensitive information such as information about your criminal record or health and medical information. We may collect this information from you directly, or from other third parties where it is unreasonable or impracticable to collect the information from you.
In general, we collect your personal information in order to deliver our legal services and manage your matters with us, including:
- conducting our business;
- providing and marketing our services;
- communicating with you;
- purchasing goods or services from you;
- complying with our legal obligations; and
- evaluating, managing and enhancing our services.
Using and disclosing information
In order to deliver our services and manage your matters with us, we may need to disclose your personal information to third parties including:
- other companies or individuals who assist us in providing services or who perform functions on our behalf (such as mailing houses, medical practitioners, specialist consultants , other lawyers and barristers);
- courts, tribunals and regulatory authorities; and
- anyone else to whom you authorise us to disclose it.
We may use or disclose your personal information for the primary purpose for which it is collected or for reasonably expected secondary purposes which are related to the primary purpose. We may also use or disclose your information where you have agreed and in other circumstances authorised by the Act, such as where it is required or authorised by or under an Australian law or a court or tribunal order.
Accessing and correcting your information held by us
Subject to exceptions set out in the Act, you may gain access to or request amendment of personal information which Elringtons holds about you by contacting us.
We will require you to verify your identity and to specify what information you require or wish to amend. A fee may be charged for providing access. We will advise you of the likely cost in advance.
In accordance with the APPs, Elringtons takes reasonable steps to protect personal information held from loss, misuse, interference and unauthorised access, modification or disclosure. This includes using physical and information security measures and restricted access to electronic records to protect the information we hold. Elringtons staff are required to respect the confidentiality of personal information and the privacy of individuals.
Where we no longer require your personal information for any permitted purpose under the APPs, we will take reasonable steps to destroy it.