Foxlaw Pty Ltd and its related entities (collectively ‘Foxlaw’, ‘we’, ‘us’, ‘our’) respect your privacy and aim to avoid interference with your privacy in your dealings with us. We will collect, handle and process your personal data with the utmost care and in accordance with the law.
As a small business we are not subject to the Privacy Act 1988 (Cth) or the National Privacy Principles. Nevertheless, we endeavour to comply with those laws in good faith. This policy describes the way we collect, use, hold and disclose information about individuals.
What is Personal Information?
‘Personal data’ or ‘personal information’ is information or an opinion about an identified natural person or reasonably identifiable natural person, whether true or not and whether it is recorded in a material form or not. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
What Personal Information do we collect and hold?
We collect information about you and your interactions with us, for example, when you purchase or use any of our products or services, call us or visit our website (Site). The information we collect from you may include your identity and contact details, your history of purchases and use of our products and services and details of enquiries or complaints you make.
We may collect information about how you access, use and interact with the Site. This information may include:
- the location from which you have come to the site and the pages you have visited; and
- technical data, which may include IP address, the types of devices you are using to access the Site, device attributes, browser type, language and operating system.
Why do we collect and process information about you?
We collect, receive, use, disclose and otherwise process the kinds of personal information set out above only where it is reasonably necessary for us to do so. The general purposes for processing your personal information are set out below:
If you are a client or prospective client, it is for the primary purpose of providing legal services.
We also process information about you for the following related purposes:
- determining if we are able to assist you with your legal matter;
- assessing and processing inquiries and requests for legal services;
- market research and analysis;
- recovering moneys that you may owe us; and
- to inform you about any relevant legal or other services provided by us.
We may also use or process your personal information to comply with legal requirements, such as taxation or financial reporting requirements.
If you apply for a job or work placement with us, you may need to provide information to Foxlaw about your education, employment, salary expectations, and other relevant information required to assess your application. In Australia, your application will constitute your consent for our use of this information to assess your application and to allow us to carry out any monitoring requirements under law as an employer. In addition, we may also carry out various screening checks (including reference, eligibility to work, police checks and skills/experience suitability) and consider you for other positions.
How do we store and hold Personal Information?
We store most information about you in computer systems and databases operated by either us or our external service providers. Some information about you may be recorded in paper (hard copy) files that we store securely.
We implement and maintain processes and security measures to protect personal information from misuse, interference, loss, unauthorised access/modification/disclosure.
These processes and systems include:
- the use of identity and access management technologies to control access to systems on which information is processed and stored;
- requiring all employees to comply with internal information security policies and keep information secure;
- requiring all employees to complete training about information security; and
- monitoring and regularly reviewing our practices against our own policies and
against industry best practice.
We will also take reasonable steps to destroy or de-identify personal information once we no longer retain it for the purposes for which it was collected.
What kind of information do we hold?
During the course of carrying on our business, we may collect personal information including (without limitation) your:
- name, address, industry, occupation and contact information;
- identification such as drivers’ licence or passport details;
- referral details and relationships with others in our database;
- financial information and billing details; and
- interests in various services, events or publications.
If you do not give us the personal information we ask you for we may not be able to provide the services you require.
Use and disclosure of your personal information
We use your personal information for the purposes for which it was collected and related (normally obvious) purposes, including to:
- provide our services to you or our clients, to manage and account for the services and to improve the services;
- manage our relationships with you or our clients;
- provide you or our clients with information about developments, events, other products or services or opportunities that may interest you or them; and
- facilitate our internal business operations.
We may disclose personal information for the purposes for which it was collected and also:
- subject to our professional duties of confidentiality, to any person where necessary or desirable in connection with the provision of our services;
- within our business;
- as required by law subject to our professional obligations; and
- with your consent.
You have the right to access and/or request corrections of information about you held by us in accordance with the APP. You may request access at any time to personal information we hold about you for the purpose of correcting that information. We may charge you a reasonable fee where access is provided. We will respond to your requests to access or correct personal information in a reasonable time and will take all reasonable steps to ensure that the personal information we hold about you remains accurate, up to date and complete.
Destruction, de-identification and putting beyond use
Once we are no longer legally obligated or contractually obliged to retain information about you for any lawful purpose we will either destroy or de-identify it. If you are a client, we are required by law to retain information collected to progress your legal matter for seven (7) years once your case is closed. In some cases we may be required to retain documents for a longer period of time (for example, a Will preparation file).
Where information about you is held electronically and it is not possible to irretrievably destroy or de-identify without compromising other information that we are entitled or obliged at law to retain we will restrict access or put the information about you beyond use.
- Where you voluntarily supply information – such as when you buy our services or subscribe to our publications online; and
- Our internet server automatically records the details about any computer used to access our Sites, such as the IP address, domain name and browser type, date and time of access and details of the information downloaded. This information is used for internal statistical purposes and to improve our Sites.
- Any other information supplied to us (for example, if you send us an email) is treated in accordance with this policy.
Direct marketing material
We may send you direct marketing material from time to time. We will give you the opportunity to opt-out of receiving this material. If you elect to opt-out we will not contact you again for this purpose.
Cloud computing services
We use a range of internet-based services hosted by third parties (cloud computing service providers) in delivering services and in the management and marketing of our business. Examples include email, document and file sharing services, back-up and disaster-recovery services. We undertake reasonable due diligence prior to using any cloud computing service provider. By interacting with us you consent to us disclosing confidential information to our cloud computing service providers.
We take reasonable steps to protect your personal information securely in electronic or physical form. We store information in access-controlled premises or in electronic databases requiring logins and passwords.
By submitting a form, using the reCAPTCHA service, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
Enquiries or Complaints
If you have a complaint or enquiry about the way in which we have handled any privacy issue, including your request for access to or correction of your personal information, please contact us via the contact details provided on our Site.
From time to time, we may change our policy on how we handle personal information or the types of personal information which we hold. Any changes to our policy will be published on our Site.