Privacy policy

CCK Lawyers Pty Limited ACN 698 177 883 (‘we’ or ‘us’) is respectful of your privacy, and committed to keeping your personal information private and confidential.  This purpose of this Privacy Policy is to outline how we manage your personal information.

1.             What is Personal Information and why do we collect it?

1.1           ‘Personal Information’ is information that can be used to identify you or can reasonably be used to identify you.  Examples of personal information we may hold about you include your name, address, and contact details.  In addition, if we have been instructed to act for you, we may hold personal information about you which relates to the matter in which we received those instructions.

1.2           If it is reasonable and practicable to do so, we will collect Personal Information about you only from you.  We may also obtain Personal Information in a number of different ways, including our discussions and correspondence with you, email and telephone communications and through our website, ccklawyers.com ('Website') (including through the use of cookies). 

1.3           Where we provide, or propose to provide, 'designated services' under the Anti-Money Laundering and Counter-Terrorism Financing regime we may also obtain Personal Information through InfoTrack or other third-party service providers we use (‘AML Service Provider’) to comply with our legal obligations.  

1.4           Further, we may obtain Personal Information about you from third parties, including government and regulatory agencies, courts and tribunals, other lawyers, other parties involved in your matter and other publicly available third-party resources (including, but not limited to, traditional and social media).

1.5           We collect and use your Personal Information for the primary purpose of providing legal services and providing information to you.  We only solicit and collect Personal Information via our AML Service Providers as is reasonably necessary to comply with our legal obligations.  

1.6           We handle your Personal Information in accordance with this Privacy Policy and in compliance with the Australian Privacy Principles ('APPs') in the Privacy Act 1988 (Cth) ('Privacy Act').

1.7           We never provide Personal Information obtained in the course of acting for you (including the fact that we act for you) to any other person without first obtaining your consent to do so, except where to do so is clearly within the scope of our instructions, the law compels us to do so or the information is public knowledge.  We never provide Personal Information we obtain in the course of acting for you to other persons for the purpose of marketing.

1.8           When we collect Personal Information, we will, where it is practicable to do so, explain to you why we are collecting the Personal Information and how we plan to use it. 

1.9           If you do not provide us with your Personal Information, we may not be able to verify your identity and provide you (or the person you are acting on behalf of) with our services. 

1.10           Wherever it is lawful and practicable, we provide you with the option of not identifying yourself, however, when we provide our services to you, it is usually not practicable for us to do so if you deal with us anonymously or by using a pseudonym.

 

2.             Sensitive Information

2.1           ‘Sensitive Information’ is defined in the Privacy Act to include information about your racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information (including biometric information).

2.2           We do not generally collective Sensitive Information, but when we do, we will comply with this Privacy Policy and the Privacy Act in relation to such collection.

2.3           Before collecting your Sensitive Information, we will obtain your consent.  However, we may collect your Sensitive Information without your consent if the collection is required or authorised by law.

2.4           Sensitive Information will be used by us only:

2.4.1          for the primary purpose for which it was obtained;

2.4.2          with your consent or where to do so is clearly within the scope of our instructions; or

2.4.3          where required or authorised by law.

3.             Third Parties

In some circumstances we may solicit, collect or be provided with Personal Information about you by third parties.  If so, unless otherwise prohibited by law, we will take reasonable steps to ensure that you are made aware of the Personal Information which has been provided to us by the third party and the purpose for which the Personal Information has been collected.

4.             Disclosure of Personal Information

4.1           Your Personal Information may be disclosed for the primary purpose for which is has been collected. 

4.2           We may disclose your Personal Information to third parties in Australia (including courts, tribunals, regulatory bodies, barristers and other sub-contractors, and other parties involved in your matter, AUSTRAC and other parties where disclosure is required or authorised) where we are compelled to do so under law, to respond to a lawful request for information or you consent (expressly or impliedly) to the use or disclosure.

5.             Security of Personal Information

5.1           Your Personal Information is stored securely, in a manner that protects it from misuse and loss and from unauthorised access, modification or disclosure.  Specifically, we store Personal Information:

5.1.1          at our offices;

5.1.2          at the premises of certain contractors (such as off-site archiving providers);

5.1.3          digitally, including through the use of local servers and cloud-based online  file management software (which may be located overseas); and

5.1.4          digitally, via an AML Service Provider in its encrypted cloud-based online database.

5.2           We maintain appropriate physical, procedural, and technical security for our offices and information storage facilities and take all reasonable steps so as to protect any loss, misuse, unauthorised access, modification or disclosure of Personal Information.

5.3           We further protect your Personal Information by restricting access to Personal Information to only those authorised personnel or contractors who need to access your Personal Information to do their job.  Procedures are employed to safeguard the security and integrity of your Personal Information.

5.4           When your Personal Information is no longer needed for the purpose for which it was obtained or we are not required to retain the Personal Information under a law or court or tribunal order, we will take reasonable steps to destroy the Personal Information or ensure that the Personal Information is de-identified.  However, most Personal Information we keep is stored in client files which are kept by us for a minimum of seven years.  Our dealings with your Personal Information are always subject to our legal obligations to retain certain records which may contain Personal Information for defined periods or indefinitely.

5.5           Where your Personal Information has been provided to a third-party sub-contractor (such as a barrister), we only provide that Personal Information where:

5.5.1          that third-party contractor is also under an obligation to keep that Personal Information confidential; and

5.5.2          that third-party contractor will return any copies of documents containing that Personal Information to us, destroy the Personal Information or ensure that the Personal Information is de-identified, after their engagement concludes.

5.6           Sometimes, in the course of acting for you, it is necessary to disclose your Personal Information to third-parties (including Courts, government agencies and other parties involved in your matter) in circumstances where we are not able to ensure its security.  In these circumstances, our practice is:

5.6.1          to seek, as far as it reasonably practicable, to negotiate appropriate terms relating to confidentiality with that third-party; and

5.6.2          in circumstances where law allows us to do so, to make sure you are aware of, and consent to, such disclosure.

5.7           In the course of our practice, we make use of cloud-based software which may be hosted outside Australia.  Except by making use of this software, we will not send any of your Personal Information overseas without first informing you and we will take all reasonable steps to ensure that any parties located outside of Australia handle your Personal Information in accordance with the APPs.

6.             Integrity of Personal Information

Without limitation, we comply with the requirements of Part IIIC of the Privacy Act.  That part sets out our obligations in relation to 'eligible data breaches', which include situations where Personal Information has been lost, compromised or inadvertently or inappropriately disclosed.

7.             Access to your Personal Information

You may obtain access to the Personal Information we hold about you (unless we are prohibited by law from disclosing such Personal Information) and may update and/or correct it.  If you wish to access your Personal Information, please contact us in writing.

8.             Marketing

8.1           We may use your Personal Information to provide and market our services to you.

8.2           You may unsubscribe from any mailing or marketing lists at any time by contacting us in writing.

9.             Maintaining your Personal Information

It is a legal requirement that Personal Information we hold is accurate, complete and up to date.  If you are aware that the Personal Information we hold about you is not up to date, is incomplete or is inaccurate, please advise us as soon as you can.

10.           Policy Updates

This Privacy Policy may change from time to time and is available on our Website.

11.           Questions and Complaints

11.1           If you have any questions about this Privacy Policy, please contact any of our directors.

11.2           If you wish to access the Personal Information we hold about you, correct any Personal Information we hold about you, make a complaint about the way we have dealt with any Personal Information, or any other matters in relation to your privacy, please contact our Managing Director on (08) 8211 7955 or at cc@ccklawyers.com.

11.3           If you are dissatisfied with the handling of your complaint or the way in which we have dealt with your Personal Information, you may contact the Office of the Australian Information Commissioner as follows:

Website: www.oaic.gov.au
Phone: 1300 363 992
Email: enquiries@oaic.gov.au