top of page

Privacy Policy

1.    Introduction

Steindls Lawyers and Notary ABN 82 547 604 727 are referred to in this Privacy Policy as we, us or our. 


This Privacy Policy explains how we manage personal information. It also describes your rights to access and correct personal information we hold about you, and how you can make a complaint about our management of your personal information. This is in addition to our obligations of confidentiality to clients and other parties arising from sources other than the Privacy Act.

Application of this Policy


This Privacy Policy only applies to some of the personal information we manage. It only applies to personal information we manage for the purposes of or in connection with our obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (the AML/CTF Act).


Other personal information we manage remains excluded by applicable exemptions in the Privacy Act.


2.    Personal information: what we collect


Types of personal information


We collect your contact and identity details, financial information and case related information about you and any relevant entity or person. This may include sensitive information. 


The types of personal information we may collect includes:


1.    Identity information: name, date of birth, gender, signature, photographic identification, offices or directorships held;
2.    Contact information: residential and postal addresses, email addresses, telephone numbers;
3.    Professional and business information: occupation, employer, job title, professional qualifications, business holdings and structures;
4.    Financial information: bank account details, billing information, payment card details, tax file numbers;
5.    Matter-related information: information relevant to your legal matter or the legal matter of our client;
6.    Transaction information: details of services provided to you or your organisation; and
7.    Communication records: records of correspondence and communications with you.

 

Identity Verification and the AML/CTF Act


We may be required to verify your identity and collect certain information under the AML/CTF Act when we provide designated services. Identity documents might also be required for other services such as court matters, real property transactions and asset dealings.


This includes collecting identification documents and information about the source of funds and beneficial ownership of entities.


3.    How we collect personal information

 

Sources of information


We collect information directly from our clients, from other lawyers, government sources or public sources such as registers or the internet. 


Anonymity and Pseudonymity


If you are a client, you have the option of requesting to deal with us anonymously or by using a pseudonym. However, in most cases this is not lawful nor practical for legal services. If you do not provide us with the personal information we request, we may not be able to provide you with legal services or respond to your enquiry. 


4.    Why we collect personal information and how we use it


Primary Purposes 


This includes:


1.    providing legal advice and representation to you or to our client(s);
2.    managing client matters and files;
3.    conducting legal research and investigations;
4.    preparing and reviewing legal documents;
5.    communicating with you and other parties;
6.    billing and collecting fees, including pursuit of our rights under a Costs Agreement or retainer;
7.    complying with our legal, professional and insurance obligations; and
8.    administering and managing our firm.

 

Secondary Purposes 


We may also use and disclose personal information for secondary purposes that are related to our primary purposes, including:


1.    maintaining and developing our relationship with you;
2.    quality assurance and improvement of our services, including training our AI models or those of our AI providers (subject to our obligations of confidentiality to you);
3.    training and professional development;
4.    ongoing Customer Due Diligence as required by the AML/CTF Act;
5.    enforcement of our right to payment of fees;
6.    internal reporting and analysis; and
7.    risk management and insurance purposes.
5.    Disclosure of Personal Information


Your personal information and confidential data is held by us subject to our duty of confidentiality under the Australian Solicitor’s Conduct Rules (“ASCR”) and any applicable undertakings or court rules. We may disclose personal information to third parties subject to those obligations and for the purposes described in this Privacy Policy, including:


1.    to discharge our professional obligations to you or to our clients or in the reasonable execution of our instructions;
2.    to comply with our legal obligations or in answer to a compulsory notice such as a subpoena or warrant, or to disclose information under the AML/CTF Act, Criminal Code(s), Legal Profession Act or other relevant legislation;
3.    to barristers, mediators, expert witnesses, investigators and consultants and other legal practitioners engaged to act for you (and/or our client) or in relation to the matter;
4.    other parties to legal proceedings or transactions as instructed, reasonably necessary or required by law;
5.    courts, tribunals, government agencies and regulators;
6.    our professional indemnity insurers;
7.    a Costs Assessor in the event that an assessment is ordered or reasonably necessary.
8.    service providers who assist us to operate our business (including IT providers, AI providers, document management providers, and marketing service providers);
9.    related entities;
10.    as permitted under the ASCR confidentiality exceptions; and
11.    any person you expressly or impliedly authorise us to disclose information to. 

 

6.    Security of Personal Information


Security Measures


We hold your personal information using a system designed to protect against data breaches, however like all data security systems, risks may only be mitigated but not eliminated. It is our practice to require our storage service providers to be reputable.


Retention and Destruction


We retain personal information for as long as necessary to fulfil the purposes for which it was collected, to comply with our legal and professional obligations and to ensure that pertinent evidence remains available if reasonably required.


7.    Third party websites


Our website may contain links to third party websites, such as payment processors. We are not responsible for the privacy practices of those websites, and we encourage you to read their privacy policies.


8.    Access and Correction


Access to and correction of your Personal Information


You have the right to request access to or correction of the personal information we hold about you. To make an access request, please contact one of the partners of the firm. 


If we refuse to correct your personal information, we will provide written reasons for the refusal and information about how you may complain.


The Privacy Act permits us to refuse access in some circumstances. If we refuse your access request, we will provide you with written reasons for the refusal (unless unreasonable to do so or we are prohibited from doing so by law) and information about how you may complain.


9.    Complaints and questions


If you have a question about this policy or complaint about how we have handled your personal information, please contact one of the partners of the firm. We ask that you provide details of your complaint in writing. We will investigate complaint promptly. We aim to resolve complaints within 30 days. If we need more time, we will keep you informed of our process.


You may also contact the relevant legal services regulator in your State or Territory.
 

bottom of page