This Policy is about how Karras Partners Lawyers (and our associated entities) manage personal information and comply with the Australian Privacy Principles (the APP).
We collect and hold personal information about individuals in the course of our business as a law practice. Those individuals include clients, prospective clients, employees, prospective employees, suppliers of services to us or on behalf of our clients and individuals connected with the conduct of legal matters on behalf of our clients.
Due to the nature of the legal work we do for clients, we also collect and hold sensitive information about individuals including racial or ethnic origin, political opinions, sexual orientation or practices, criminal records, health and genetic information, religious beliefs or affiliations and membership of political, professional, trade and union associations.
Collection, use and disclosure
We collect, use and disclose personal information from and to:
- clients or prospective clients directly about themselves and other individuals in the course of the conduct or proposed conduct of their law matter;
- third parties such as courts, tribunals, child support agency, accountants, financial advisors, legal practitioners, valuers, investigators, experts, medical professionals, mental health professionals and other individuals connected with the conduct of law matters on behalf of our clients; and
- employees and suppliers of services during the course of the conduct of our law practice.
If we hold personal information, we will only use that information for the purpose for which it was collected unless; the individual consents; we are required to by law; we are required to maintain or defend a legal claim; or to participate in an alternative dispute resolution process.
If we have received unsolicited personal information we will determine whether we could have validly collected the information ourselves under the APP. If we could not have done so under the APP we will destroy the information unless compelled otherwise by law.
We hold the information we collect variously in electronic and hard copy forms. Both are held in secure environments. All our employees and contractors that deal with personal information are subject to this Policy, a contractual confidentiality obligation to us or are otherwise subject to legal obligations similar to the APP.
We are not likely to disclose information to an overseas recipient without your consent. Even with your consent, the most common exception will be communications we make on your behalf with lawyers, experts and courts who are overseas all likely to be subject to laws or schemes substantially similar to the APP.
When you visit our website, a record is made of your visit. We do this by using “cookies” on our website. A cookie is a small amount of information which is transferred to the hard drive or the memory of your computer and which can identify your web browser, but not you as an individual. Information collected can include your IP address, the date and time of your visit to the site, the pages you accessed and documents downloaded and the type of browser you are using. Cookies can also record information about your visit to the site, allowing it to remember you next time you visit and provide any relevant information to you.
There are 2 types of cookies. Those that can be stored in your hard drive, known as persistent cookies, and those that are stored in your computer’s memory, known as session cookies. Persistent cookies will enable a continuous record to be kept of your visits to the website. Session cookies are transient cookies and track your visits for your website session only. We use session cookies to identify which pages of our website are being used for a website session only. Upon closing your browser, the session cookie is destroyed and no personal information is maintained. We do not attempt to identify users or their browsing activities.
Access, correction and complaints
If you wish to access your personal information held by us you should make a request in writing to the Principal of the law firm. We will endeavour to provide a response to the request in writing within 30 days. To the extent we are required to provide access pursuant to the APP we will. There are situations that are set out in the APP in which we will not be required to provide access.
If we hold personal information that we believe is incorrect we will take such steps as are reasonable in the circumstances to correct that information. In doing so we will have regard to the purpose for which the information is held and make attempts to ensure the information is accurate, up to date, complete, relevant and not misleading.
If you are aware of any personal information that is held by us which is incorrect you may make a request for a correction in writing to the Principal. We will endeavour to provide a response to the request in writing within 30 days in compliance with the APP. If we agree with your request and we have previously provided the information to be corrected to other third parties we will, at your request, inform those third parties about the correction. If we do not agree to make the correction you seek, our written response to you will give reasons, set out a mechanism to complain about our decision and provide you with the option, if reasonable in the circumstances, to have us attach a statement of your assertion with our record.
If you believe we have breached the APP you may make a complaint in writing to the Principal. We will endeavour to provide a response to the complaint in writing within 30 days. If you are not satisfied with our response, you may make a complaint to the Office of the Australian Information Commissioner.