Slater & Gordon's Privacy & Confidentiality Policy
Slater & Gordon Lawyers takes privacy and confidentiality very seriously. We are also bound by and comply with the Australian Privacy Principles derived from the Privacy Act 1988 (Commonwealth).
This privacy and confidentiality policy is dated March 2014 and governs the Slater & Gordon Group: Slater & Gordon Ltd, Conveyancing Works Pty Ltd (Queensland) and Trilby Misso Lawyers Ltd (Queensland) (“The Group”). This policy explains how we collect and use information that is provided to us in the usual course of investigating potential legal claims, acting for those who later retain us and conducting our legal services. This policy applies to all information that we collect.
The Type of Information Collected
The type of information that we collect includes personal information concerning clients, potential clients who contact us as well as suppliers, consultants, employees and applicants for employment.
Personal information is information that allows us to identify individuals, such as names, contact details and dates of birth. Personal information also includes any fact or opinion provided that is connected to an enquiry.
We may also need to collect sensitive information. Sensitive information is a subset of personal information, such as information or opinion concerning racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a profession or trade association, membership of a trade union, sexual orientation and practice, criminal record or health information.
Purpose of Collection
We will not collect personal or sensitive information unless such information is reasonably necessary for the primary purposes of:
- Assessing whether we are able to act for an individual or group of individuals;
- Providing legal services and advice;
- Conducting the effective management of our business; and
- Marketing our legal services.
We collect personal information from individuals at the pre-client stage when a legal enquiry is made so that we can identify and assess whether we are able to act on that individual’s behalf. We will not consider acting for any individual who does not properly identify themselves as this could lead to a conflict of interest developing between our clients in the future.
In some instances, we may also need to collect sensitive information at the initial stage of an enquiry if it is directly relevant to the advice being sought. For our internal business purposes, we retain and safely store the personal and sensitive information that is provided to us at the pre-client stage as this enables us to respond more efficiently and to inform such persons of our other legal services or developments that may be of interest to them at a later stage.
We also collect the personal and sensitive information (“Information”) provided to us by our clients who have commenced instructing us to act in their matter. We collect all Information that is necessary to effectively conduct legal matters. Such Information is stored on our computer systems and within paper based files as appropriate.
At the conclusion of legal matters, we are required to keep legal files for a minimum period of 7 years from the closure of a legal file unless we are instructed to the contrary. In some cases, we may be required to retain documents for a longer period of time (e.g. documents that inform the making of a Will).
Method of Collection
In most circumstances, we will collect Information through completed questionnaires and forms that have been provided to us, interviews and telephone conversations.
Often, in the context of providing legal services, we collect Information from external professional sources (ie. health professionals, financial advisors, accountants, other legal parties and their legal advisors). With the exception of Information obtained from opposing legal parties, this Information will, in the usual course, be obtained under our clients’ express authority and will be securely stored on their file.
Use of Cloud Computing Services
We utilise international cloud computing services for e-mail storage and to store Information that we collect through our New Client Services group. In every case, data is encrypted (where access can only be obtained through a secure username and password system) to protect confidential Information from unauthorised access and inadvertent disclosure. Countries in which such data may be stored includes (but is not limited to): The United Kingdom, Japan, Netherlands and the United States. Because the security of our clients’ (and pre-clients’) Information is of a paramount concern to us, we undertake appropriate due diligence on proposed cloud computing service providers prior to retaining them. As part of this due diligence, we seek confirmation that we will possess effective control over the Information and that such service providers comply with the Australian Privacy Principles or are subject to a binding law or scheme that offers substantially similar protection.
The Information that is provided to us is stored on computer and paper based files as appropriate. We endeavour to keep all Information safe by taking all reasonable precautions to protect Information from misuse, loss and unauthorised access, modification or disclosure. Our security measures include: educating all of our personnel about the vital importance of client confidentiality and privacy protection, username and password protected access to all of our IT and telephone systems, anti-virus protection to all of our IT systems, effective document destruction (when legally appropriate), security access to and surveillance over all of our office premises and the secure physical storage of archived Information.
How we handle Client Information
We believe that it is essential that all Information is kept confidential. We will not disclose Information to third parties, without consent, unless it becomes necessary to lessen or prevent a serious and imminent threat to life, health or safety or unless otherwise compelled by law.
Compulsory Disclosure by Law
We may be compelled to disclose Information by law, for example, under court orders or statutory notices to produce documents under laws relating to social security, taxation, bankruptcy, anti-money laundering, counterterrorism and the management of incorporated entities.
Information accessed within the Group and to other Third Party Service Providers
Information may be accessed by personnel within our Group. All personnel within our Group are bound by the same confidentiality laws and standards that govern the legal profession within Australia and comply with the Australian Privacy Principles.
Third party service providers may also come into contact with Information when we outsource certain functions, such as: bulk mailing, client experience research, company audits and information technology support. We maintain effective control over such Information at all times and we have contractual arrangements in place with all of our third party service providers to protect Information from unauthorised use or disclosure.
Disclosure to Slater & Gordon (UK) and to Third Party Service Providers
Very occasionally, personnel within our United Kingdom (UK) subsidiary companies may access Information. All Slater & Gordon personnel within our UK practices are bound by equivalent confidentiality laws and standards that govern the legal profession within Australia and are subject to privacy laws that provide substantially similar protection to the Australian Privacy Principles.
In the course of providing legal services and conducting the effective management of our business, disclosure to third party professionals and service providers may occur (e.g. barristers, document reproduction service providers and debt recovery agents). We have contractual arrangements in place with all of our service providers to protect personal and sensitive Information up to the same standards as if we stored the Information ourselves and to prevent them from using the Information for any purposes other than our own. We also conduct due diligence on any third party service provider to ensure that they comply with the Australian Privacy Principles (or equivalent privacy laws) and most importantly that they take the protection of our clients’ Information as seriously as we do.
As part of what we hope to be an on-going professional relationship with our pre-client and existing client base, we may from time to time send out information related to the other legal services that we offer. We do however respect the wishes of individuals who do not wish to receive such material from us in the future and have implemented simple ‘opt-out’ procedures that can be activated within the promotional e-mails that we may send from time to time. We have also appointed a Privacy Officer to address any questions or concerns at firstname.lastname@example.org or on: +61 3 9602 6918.
Improving Client Services
In order for us to better understand our clients’ needs, Information may also be shared within the client service members of the Slater & Gordon Group. Because we are continually looking for ways to improve the quality of our legal services, we may in the future ask our clients to participate in a client feedback survey conducted by external consultants who are experts in their field. We obtain client consent prior to disclosing Information to external consultants engaged for this purpose and we will respect the wishes of those who do not wish to participate.
Information Quality, Access and Correction Processes
From time to time, we may take steps to update or verify personal information by collecting personal information from publicly available resources, for example, telephone directories or electoral rolls to improve the integrity of the personal information that we hold.
We provide a transparent system of allowing individuals to access their personal Information and seek corrections to any inaccuracies. Requests for access and correction to personal Information for pre-clients (ie, people who have made an enquiry but did not instruct us to act on their behalf) should be made by contacting our Privacy Officer at email@example.com or on 9602 6918 (AEST) 8.30am- 5.30pm Monday to Friday. We recommend that our clients contact their legal team directly. If they are dissatisfied with the response that they receive they should direct their enquiry to our Privacy Officer.
In certain circumstances, we are permitted to deny the request for access, or limit the access that we provide. For example, we will give an explanation of a decision not to offer an individual a client retainer, rather than direct access to the evaluative information connected to the final decision. We are also entitled to withhold a legal file unless and until a satisfactory arrangement has been agreed concerning the payment of outstanding legal costs.
Contact us about Privacy
Slater & Gordon operates a transparent Privacy Complaints Handling Policy that sets out our approach to resolving any privacy complaints in a fair and expeditious manner. For existing clients, we recommend that privacy related complaints are made directly to your lawyer - often a telephone call is all that is needed to resolve concerns. For all other complaints, please click here to access our Privacy Complaints Handling Policy.