CRH Law is firmly committed to protecting your privacy as you interact with us from time to time. We aim to maintain a safe and secure system of handling your personal information, while still providing access to your personal information when required. For this reason, we ensure that your personal information is handled in strict compliance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Further information on Australian privacy law is available on the Office of the Australian Information Commissioner’s website.
This policy sets out the principles we adopt in order to protect your personal information. These principles deal generally with our collection, use and disclosure of, and your access to information we may have recorded about you.
Any amendments to this policy will be contained on our website.
1. What is personal information?
“Personal information” means any information or opinion about an identified individual, or an individual who is reasonably identifiable (regardless of whether the information or opinion is true or not).
For example, personal information can include your name, gender, contact details, date of birth, employment details and any commentary or opinion about a reasonably identifiable individual.
2. What kinds of personal information do we collect?
We may collect and hold personal information about you during the course of conducting our business, such as:
· Date of birth;
· Address and contact details;
· Partner details;
· Details of any third-parties to your matter;
· Occupation and employment details;
· Financial and health information;
The type of personal information we collect and hold about you will vary depending on the nature of our dealings with you and the services to be provided.
3. Why do we collect, hold, use and disclose personal information?
We only collect personal information that is necessary for us to carry out our business functions as a provider of legal services, and we will use your personal information for the purposes for which it was collected.
We may also use or disclose your personal information for secondary purposes that are related to the purpose for which we collected your personal information, for which you would reasonably expect us to use or disclose your personal information.
If you have provided us with your contact details and have expressed interest in an area of law, we may send marketing emails to you with links to relevant blog posts, alerts or brochures. If you do not wish to receive these emails you can unsubscribe by clicking the ‘Unsubscribe’ button at the bottom of the email and following the prompts. Alternatively, you can contact our Privacy Officer and we will ensure this is corrected.
4. How do we collect and hold personal information?
We will normally collect personal information directly from you or from or a duly authorised representative on your behalf. Occasionally, we may receive personal information about you from third parties. If we are to use personal information collected from a third-party for any reason, we will let you know shortly after we receive it.
We hold personal information in both hardcopy files and in electronic form. We store hardcopy files in offices, cupboards and secure shelving. Hardcopy archived files are stored with a third-party storage provider in a secure facility.
We store electronic records within our own secure network. We will take all reasonable steps to:
(a) protect the information from misuse, loss or unauthorised access, modification or disclosure both physically and through computer security methods; and
(b) destroy or permanently de-identify the information if it is no longer needed for any purpose.
5. Who do we disclose your personal information to?
We will only disclose your personal information for the purposes for which it was collected, or for secondary purposes that are related to the purpose for which we collected your personal information, for which you would reasonably expect us to disclose your personal information.
Unless we have first obtained your consent, the parties to whom we might disclose your personal information and the reasons for that disclosure will be reasonably apparent to you when your information is collected.
Any other use or disclosure of your personal information will only be as required by law or permitted by the Privacy Act 1988 (Cth).
6. Are we likely to disclose your personal information overseas?
We will not ordinarily transfer your personal information to recipients located outside Australia without your consent.
If overseas disclosure of your personal information is necessary as part of our dealings with you or for the provision of our services, we will let you know before your personal information is disclosed to an overseas recipient.
7. How can you access and correct your personal information?
We endeavour to ensure that any personal information we collect, use or disclose is accurate, complete and up to date.
You are entitled to request access to, and a copy of, any personal information we hold about you. You may also request that any personal information we hold be corrected if it is not accurate, complete or up to date. Any requests can be made verbally or in writing to our Privacy Officer:
PO Box 13067
George Street Post Shop QLD 4003
Ph: +61 7 3236 2900
We will respond with requests concerning access to your personal information within 30 days after the request is made. We may require evidence of your identity or authority before we can provide access to your personal information.
We may refuse your request to access your personal information on certain grounds set out in the Privacy Act 1988 (Cth). If we refuse to give access to your personal information in full or in part, we will provide you with a written notice that sets out the reasons for refusing your request.
If you have any concerns or complaints about the way we have handled your personal information you may make a complaint verbally or in writing by detailing your complaint to our Privacy Officer.
The complaint will be investigated by us in accordance with our internal procedures and processes, and we will respond within 30 days of receiving the complaint.
If you are not satisfied with our response to your complaint, you can refer your complaint to the Office of the Australian Information Commissioner. Further information in relation to privacy complaints can be found online here or by calling 1300 363 992.