HWL Ebsworth privacy policy

Good information privacy practices are an everyday part of the way HWL Ebsworth runs its practice. We have developed a privacy culture within the firm by promoting sound privacy practices, procedures and systems for the management of personal information in accordance with the Privacy Act 1988 (Cth) (the Act).

In addition to our obligations under the Act, we are legal practitioners with strict professional obligations to our clients and the courts, including obligations of confidentiality. Also, our clients will often have legal professional privilege over records and communications in connection with our services.

This privacy policy explains how we manage personal information about individuals other than employees. Paragraph 12 explains the position of employees, and includes some information for partners and our contractors.

1. What is personal information?

‘Personal information’ is information or opinion (in recorded form or otherwise) about an identified, or reasonably identifiable, individual. This includes your name, your date of birth and your contact details, and may also include information about your dealings with us.

‘Sensitive information’ is a sub-set of personal information and includes information or opinions about your racial or ethnic origin, political opinions, memberships, religious beliefs, sexual orientation, health or criminal record.

2. Collection and storage of personal information

Where possible, we collect your personal information directly from you during the course of our business relationship. Where it is not practicable or reasonable to collect your information directly from you, we may collect it from other sources. Information is often collected from our clients but may also be collected from sources such as your employer or colleagues, government registers, and online publications.

We usually collect and hold the following kinds of personal information:

  • Information about people’s dealings with us or our clients;
  • Name, address, job title, professional membership and contact information;
  • If you are a client or potential client, information about your organisation and your role, information on other employees and management in your organisation, payment information and information about your legal matters;
  • Interests in areas of legal practice or events; and
  • Information provided by or on behalf of applicants for a role with us.

We only collect, use or disclose sensitive information about you if it is reasonably necessary for us to do so in order to perform our functions and if you have consented to us doing so, or if the law allows us to do so without that consent.

3. Our purposes for handling your personal information

We collect, hold, use or disclose personal information:

  • To provide our legal services;
  • To provide you with our communications;
  • To provide you with events or seminars;
  • To obtain the services of third party service providers as part of providing our services;
  • To manage and improve our legal services and client relationships;
  • Where we are otherwise required or authorised to do so by law; and
  • Otherwise, to run our business.

Without collecting personal information we would not be able to provide you with some of our services.

4. Disclosures

Subject to our professional obligations to our clients, we may disclose personal information:

  • To other entities (such as barristers, experts and/or valuers we have engaged, and other parties involved in dispute resolution) as part of providing our services to our clients;
  • To third party service providers, agents and contractors such as imaging firms, marketing firms and couriers;
  • To our professional advisers and insurers;
  • To regulators, government agencies, and law enforcement agencies or as otherwise required or authorised by law; and
  • To others where you have provided your consent for us to do so.

We do not routinely disclose personal information overseas. We do disclose personal information overseas when it is specifically appropriate to providing our legal services for a particular client.

If we do disclose your information we ensure that the recipient is bound by an obligation of confidentiality, where it is lawful and appropriate to do so. (If information is disclosed to a court or a government body, it will usually not be possible to require that it be kept confidential.)

5. Marketing

Where we have a business relationship with you, or you have consented, we may send legal updates or other communications to you. You may opt out at any time if you no longer wish to receive our marketing information. You can make this request by using the contact details provided below, or by ‘unsubscribing’ from our email marketing messages.

We do not disclose your personal information (including your email address) to any third party for the purpose of allowing them to market their products or services to you.

6. Data quality

The accuracy of your personal information is important to us and is fundamental to providing you with proper legal services. We seek to ensure that the personal information we collect, use and disclose is accurate, complete and up-to-date and, in the case of use or disclosure, relevant.

7. Data security

We hold your personal information in paper-based and electronic files and we take stringent measures to protect that information from misuse, interference and loss and from unauthorised access, modification or disclosure.

We have a broad range of security safeguards in place to protect your personal information, including that:

  • All electronic databases incorporate strict password access and virus and firewall protection procedures;
  • Sensitive personal information is only accessible by designated staff bound by duties of confidentiality; and
  • Physical and logical security measures are employed to deal with external threats and the possibility of internal ones.

When we no longer require your personal information, it is securely destroyed and/or deleted from our systems. For matter related information, this usually occurs seven years after the completion of your matter.

8. Access

You may request access to the personal information we hold about you at any time, by using our contact details below. We will promptly acknowledge your request for access and let you know when we will provide you with the requested information. If we refuse access, we will provide you with a written notice which sets out (unless the law allows us not to specify a reason) the reasons for the refusal and how you can complain about our refusal. We may recover our reasonable costs for giving access to your personal information. Please be aware that due to our professional obligations, we may not be able to confirm that we act for a particular client or whether we hold any information about any person at a particular time or at all.

9. Correction

We seek to ensure that the personal information we hold is accurate, up-to-date, complete and, in the case of use and disclosure, relevant.

Where we believe that the information we hold is inaccurate, out-of-date, incomplete, irrelevant or misleading, we will take reasonable steps to correct that information and (if you ask and it is reasonable and practicable for us to do so) to notify that correction to third parties that may have received the incorrect information from us. If you believe that information we hold about you should be corrected, you may also request that we do so, by using our contact details below.

If we do not agree with the corrections you have requested, we are not obliged to alter your personal information. Instead, we will give you a written notice which sets out (unless the law allows us not to specify a reason) the reasons for our refusal and how you can complain about our refusal. You can also ask us to associate a statement with the relevant information that puts your view that it is inaccurate, out-of-date, incomplete, irrelevant or misleading. We will not charge you for making a correction request, for correcting your information or for associating a statement with your information.

10. Enquiries and complaints

If you have any enquiries, concerns or complaints about this privacy policy, our handling of your personal information or our compliance with the Act or any related codes, please contact our Privacy Officer through (03) 8644 3531 or at privacy@hwle.com.au.

We usually respond in writing within 30 days, unless we need further information to respond to your enquiry, concern or complaint.

If you would like to make an inquiry or complaint about how we handle your personal information, you can contact the Office of the Australian Information Commissioner on 1300 363 992 or via email at enquiries@oaic.gov.au.

11. Changes to this privacy policy

We regularly review this Privacy Policy and may make changes to it from time to time, without notice to you. An up-to-date copy of our Privacy Policy is available on our website. This privacy policy was last amended on 23 August 2023.

12. Personal information about our people

We collect information in relation to employees (and also our partners and contractors) as part of their application and onboarding processes and during the course of their relationship with us, either from them or in some cases from third parties such as recruitment agencies. This may include information about the person’s health, their right to work in Australia, or other sensitive information. For some roles, our people may need to undergo vetting, such as background checking, security clearance or a criminal history search.

We may disclose personal information of our people to third parties in connection with vetting, and otherwise in connection with their relationship with us and their work. These third parties are usually in Australia but may be based overseas. When disclosing our people’s information we ensure that the recipient is bound by an obligation of confidentiality, where it is lawful and appropriate to do so.

Under the Privacy Act, personal information about a current or former employee may be held, used or disclosed in any way that is directly connected to the employment relationship. We handle employee information in accordance with legal requirements and our applicable policies in force from time to time.

Contact us