This document sets out the way in which Chapmans Limited (we, us) collects, uses, stores and discloses personal information in accordance with its obligations under the Privacy Act, including those contained in the Australian Privacy Principles.
In this policy:
- Personal Information has the meaning given under the Privacy Act but, in short, means information or an opinion relating to an individual that can be used to identify that individual.
- Privacy Act means the Privacy Act 1988 (Cth) including the Australian Privacy Principles (as amended from time to time).
- Sensitive Information has the same meaning as under the Privacy Act.
- Services means the services of a legal and commercial nature that we provide.
- Website means www.chapmansltd.com and other websites and forms of social media where you post comments or we interact with you.
The meaning of any general language is not restricted by any accompanying example and the words 'includes', 'including', 'such as', 'for example' or similar words are not words of limitation.
What Personal Information do we collect and why do we need it?
To provide you with our Services, we need to collect Personal Information. If any of the Personal Information you provide is incomplete or inaccurate, we may be unable to provide Services to you or the quality of those Services and the accuracy of the advice we provide may be compromised.
The nature of the relationship we have with you, the Services you require and the particulars of any matter in which we act will determine the personal and other information we collect. The personal information may include:
- your name, email address, telephone numbers and address;
- Personal Information (including Sensitive Information) which is provided to us in the course of a matter by you or a third party;
- bank details, credit card details and expiry dates;
- information contained in a CV if you apply for a position with us; and
- information relating to the matter in which we are acting for you.
How do we collect Personal Information?
We aim to collect Personal Information directly from you, for example, when you send us information, during interviews and meetings with you, from business cards and during telephone calls.
We may also collect Personal Information:
- from parties to whom we refer you, e.g. a medical professional or other expert;
- from credit reporting and fraud checking agencies;
- from debt collection agencies if you default in a payment to us;
- through our Website and by other electronic communication channels (e.g. when you send us an email or post a comment on one of our blogs);
- from third parties, for example in the course of a matter in which we are acting;
- from publicly available sources of information; and
- when we are required to do so by law.
How do we use your Personal Information?
We use the Personal Information we collect for the purpose of providing our Services.
We may also use the Personal Information:
- to comply with our contractual and other legal obligations;
- for insurance purposes; and
- subject to clause 5(c), to advise you of additional services or information which may be of interest to you.
If you default in a payment to us, we may use your Personal Information to recover that debt.
We do not provide your personal information to any other person for marketing purposes.
From time to time we may use your personal information to provide you with information on legal issues or to invite you to briefings or events we are holding. We do not, however, use Sensitive Information for this purpose.
If at any time you no do not wish to receive any additional material from us, contact our Privacy Officer and we will remove your details from our marketing database.
Disclosing personal information
Legal Professional Privilege
When you provide personal information to us in the context of our providing legal advice to you, that information may be protected by Legal Professional Privilege.
In addition, if your relationship with us is one of lawyer/client, we are bound by obligations of confidentiality.
If Legal Professional Privilege applies, your personal information is protected from disclosure, other than where we are specifically required as a result of a law or an order of the court to disclose it.
Disclosure to third parties
We may disclose your Personal Information to third parties in certain circumstances including:
- if you agree to the disclosure;
- when we use it for the purpose for which it was collected, e.g. to provide you with Services;
- in circumstances where you would reasonably be expected to consent to information of that kind being passed to a third party (e.g. as a result of disclosure in a court action, during court proceedings, briefing and instructing counsel or disclosure to an expert);
- where disclosure is required or permitted by law, by court order, or is required to investigate suspected fraud or other unlawful activity; or
- if disclosure will prevent or lessen a serious or imminent threat to someone's life or health.
Disclosing personal information off-shore
We do not store personal information on off-shore servers or by way of cloud services.
In some matters we may be required to disclose personal information off-shore, for example, where the matter involves proceedings in a foreign jurisdiction, you are involved in a transaction which involves another country or specialist advice is required from an overseas lawyer or expert. In these circumstances you will be advised as part of the matter when and to whom personal information will be disclosed.
If information has to be disclosed overseas, the overseas recipient may not be subject to privacy obligations or to any principles similar to the rules of legal professional privilege or the Australian Privacy Principles.
An overseas recipient may also be subject to a foreign law which could compel disclosure of personal information to a third party, for example, an overseas government or regulatory authority.
If you consent to the disclosure and the overseas recipient handles the information in breach of the Australian Privacy Principles, you will not be able to seek redress under the Privacy Act, may not be able to seek redress in the overseas jurisdiction and we will not be accountable under the Privacy Act.
Considerations when you send information to us electronically
While we do all we reasonably can to protect your Personal Information from misuse, loss, unauthorised access, modification or disclosure, including investing in security software, no data transfer over the Internet is 100% secure.
If you access another website from our website, you do so and provide personal information in accordance with the terms and conditions under which the provider of that website operates.
The open nature of the Internet is such that information exchanged via the internet may be accessed and used by people other than those for whom the data is intended. If you send us any information, including (without limitation) Personal Information, is sent through the Internet or other electronic means at your own risk.
While we are not in a position to give you advice on internet security, if you provide Personal Information to us electronically, there are some things you can do which may help maintain the privacy of your information, including:
- ALWAYS closing your browser when you have finished your session; and
- NEVER providing Personal Information when using a public computer.
- You should contact us immediately if you believe:
- someone has gained access to Personal Information you have provided to us;
- we have breached our privacy obligations or your privacy rights in any way; or
How we act to protect and retain your personal information
We endeavour to keep our information systems and files secured from unauthorised access. Those who work with us are aware of the legal obligations in respect to confidentiality and the importance we place on protecting your privacy.
Our procedures to securely store Personal Information include electronic and physical security measures, staff training and use of password protection software.
We retain our matter files for at least seven years after the matter has been completed and the file is closed. However, information filed in our electronic files may be retained indefinitely.
Personal Information may also be retained if we consider it necessary to do so or to comply with any applicable law or our insurance, governance obligations in our IT back-up records, for the collection of any monies owed and to resolve disputes.
How you can update or correct your Personal Information
You may request access to your Personal Information or correct any inaccurate or out of date information by contacting our Privacy Officer using the details in clause 12. For security purposes, before we provide you with personal information, we will ask you to provide evidence of your identity.
You may request the source of any information we collect from a third party. We will provide this at no cost, unless under the Privacy Act or other law there is a reason for this information being withheld.
If there is a reason under the Privacy Act or other law for us not to provide you with information, we will give you a written notice of refusal setting out the reasons for the refusal except to the extent it would be unreasonable to do so and the mechanisms available to you to complain about the refusal.
More information about your rights and our obligations in respect to privacy and information on making a privacy complaint are available from the Office of the Australian Information Commissioner at:
Post: GPO Box 5218 Sydney NSW 2001