“Personal Information” is any information or opinion, in any form, which identifies an individual or from which the identity of an individual can be reasonably ascertained or is apparent.
The National Privacy Principles
From 21st December 2001, most private sector businesses and organisations in Australia, are required to legally comply with the Australian Privacy Principles subject to the Privacy Act 1988 (Cth) (“APP”). O’Donnell Legal, Lawyers are bound by the APPs.
*Collecting Personal Information About Individuals *
Kinds of personal information.
O’Donnell Legal only collects personal information that is necessary to perform and undertake the business and carry out the functions of O’Donnell Legal, including the development and promotion of our services and to assist with compliance with all legal and regulatory obligations.
The kinds of personal information that are collected and held will depend upon the services that are requested from us. It may include however:
• Information given to us when we are instructed to act on a matter or another service is requested from us (such as accepting an invitation to attend a seminar or function). This information will include the name, address and contact details of an individual;
• Information about various individuals we collect in the course of acting for clients;
• Communications between a client and O’Donnell Legal
Information is also collected when an individual uses our website. The nature and extent of the use of the facilities and services through our website will determine the amount and type of information which we collect about an individual. Some of this information will not be personal information because it will not reveal the identity of the individual.
The only personal information which we collect about an individual when they use our website is what is given to us about that individual, such as, completing an online form, accepting an invitation to attend a function or seminar, or information provided when an email id sent. We usually record an email address if an email is sent to us.
Each time an individual visits our website, our computer server attaches a small data file called a “cookie” to the computer memory of the individual. These cookies are pieces of information that may be transferred to the computer memory when an individual visits a website for record keeping purposes. Most Web browsers are generally set by the manufacturer to accept cookies.
Collection of Anonymous Information.
Like most websites, O’Donnell Legal tracks usage patterns on our website on an anonymous aggregate basis. The identity of an individual cannot reasonably be ascertained from this information. Each time an individual visits our website our web server makes a record of the visit.
Specifically, it records a visitor’s:
• Internet Provider;
• Date and time of visit;
• Pages accessed and the documents downloaded;
• Search items entered;
• Referring URLs (universal locators).
The Way Personal Information Is Collected:
In most cases we collect information directly from the individual to whom the information relates, we may require information about third parties. Accordingly, we may also collect information about the individual from a third party.
When personal and other information is obtained from third parties who are referred by the individual, we will at all times assume and that the third party has been made aware that they have been referred to us by the individual and of the purposes involved in the collection, use and disclosure of the relevant personal or other information.
Use And Disclosure of Personal Information
The purposes of collection and use of personal information.
Any personal information which we collect about an individual will be used and disclosed so that we can provide the services that have requested, or otherwise to enable us to carry out our functions as professional legal providers and complying with our legal and regulatory obligations.
It may be necessary for us to conduct further searches and enquiries regarding the information that has been provided or more generally concerning the individual or their associates for our regulatory or prudential purposes. This may require using some or all of the collected information to collect additional information concerning the individual or associates (including personal information in the respect of individuals) from various other entities including, but not limited to, government agencies, law enforcement bodies, publicly available records, public registries, court or tribunal records, ratings agencies, search and credit reporting agencies, and regulatory and licensing bodies.
We can also use personal information to provide an individual with information about other services offered by O’Donnell Legal (such as functions and seminars). If any individual does not wish to receive this information, please advise us and we will comply with that request.
Contracting Out Services and Disclosures.
An individual’s personal information may be disclosed to our service entities and contract out some of our functions (such as mailing) to external service providers. In those circumstances, personal information may be disclosed to these external service providers but only so that they can provide the services that they have been contracted to perform.
Emails Received From O’Donnell Legal
How Personal information is Collected
If an individual has provided their email address to us, we may then send emails to the individual containing O’Donnell Legal publications, newsletters, function invitations, Blogs, twitter updates or seminar invitations. If an individual does not wish to receive such emails etc , please advise us.
O’Donnell Legal can use an “email management system” to automate the management and dispatch of these emails. The system operates by inserting tracking codes in the emails that we send.
*The Kind of Personal Information Collected *
The tracking code allows the collection of personal information about an individual, such as whether an email was received and/ or opened, and whether links to our website were clicked through. This information so collected will be stored by our email management system.
*The Purpose for Which Information is Collected. *
The personal information that the email management system collects is used to:
• ensure that an individual receives correspondence that they have informed us that they wish to receive;
• determine whether the information that we send is suitable for that individuals interests, information needs and profile;
• ensure that the email address that has been provided us is still operational;
• determine whether emails that we send are received by the recipient;
• update a request made to unsubscribe from a publication that we send out;
• review the effectiveness and relevance of our emails by collecting other statistical information;
Personal Information Transferred Overseas
Personal information will only be transferred overseas if:
• we reasonably believe that the recipient of the information is subject to a law or a contract which effectively upholds privacy principles similar to the NPPs;
• the individual has consented to the transfer;
• the transfer is necessary for us to provide the requested services;
• it is not practical to obtain the consent of an individual, the transfer is for their benefit and their consent would likely be given; or
‘Sensitive information’ is a specific type of personal information that includes health information and information about a persons’ race, ethnic origin, political opinions, membership of political, professional or trade associations, religious or philosophical beliefs, sexual preferences and criminal history.
The NPPs impose greater obligations regarding any collection, use or disclosure made of any sensitive information of an individual. We only collect your sensitive information if:
• express consent to us so doing has been obtained from an individual;
• we are required to so do by law; or
• the collection is necessary to establish, exercise or defend a legal claim.
Personal Information Access
In most cases, an individual can gain access to personal information that we hold about them. Any request for access to personal information will be handled in accordance with the NPPs.
We encourage all requests for access to your personal information to be directed to the Privacy Officer by email to firstname.lastname@example.org or by writing to the address below.
We will deal with all requests for access to personal information promptly. Requests for a large amount of information, or information which is not currently in use, may require further time before a response can be given. In some cases, consistently with the NPPs, we may refuse to give you access to personal information we hold. This includes situations where giving such access:
• Would be unlawful (for example, where a record which contains personal information is subject to a claim for legal professional privilege by one of our clients);
• Would have an unreasonable impact on other people’s privacy;
• Would prejudice negotiations we are having with the individual;
• Would prejudice an investigation of unlawful activity;
• Would prejudice activities carried out by, or for, a law enforcement agency.
If access to personal information is refused we will provide reasons for our refusal.
Generally, if requested to so do we will amend any personal information about you held by us which is inaccurate, incomplete or out of date. If we disagree with your view about the accuracy, completeness or currency of a record of any personal information held by us, and you request that a statement that you have a contrary view be recorded, we will take reasonable steps to so do.
If you require more information about the way personal information we hold is managed, or are concerned that O’Donnell Legal may have breached the privacy of an individual and desire to make a complaint, please contact us by either:
• Email – email@example.com
• Attention “Privacy Officer” O’Donnell Legal, PO Box 570, Fortitude Valley QLD 4006; or
• Fax (07) 3257 1122