Your Privacy Matters to Us

AdAstra Legal’s Privacy Policy

Introduction

1.    This APP Privacy Policy of AdAstra Legal Pty Ltd ABN 41 664 599 393 (hereinafter ‘AdAstra Legal’) is AdAstra Legal’s official privacy policy as required by the Privacy Act 1988 (the “Act”) and the Australian Privacy Principles (the “APPs”) and it applies to all personal information about individuals collected by AdAstra Legal.

In this policy we explain how and why we collect personal information about individuals, how we use it, and what controls individuals have over our use of it.

2.    AdAstra Legal is committed to complying with Commonwealth legislation (the Act and the APPs) that deals with how businesses may collect, hold and use personal information about individuals and to protecting and safeguarding individual’s privacy when they deal with us.

Furthermore, as a legal firm, AdAstra Legal is bound by legal and professional obligations of solicitor client confidentiality in respect of information provided to us by our clients and the advice we give to clients.

Collection of information

3.    Some information provided to us by clients and other parties might be considered private or personal. However, without such information we would not be able to carry on our business activities and provide our legal services. We will only collect such personal information if it is necessary for one of our functions or activities.

4.    Sensitive information is a subset of personal information and is defined as information or an opinion (which is also personal information) about an individual’s:

a)    racial or ethnic origin;

b)    political opinions;

c)    membership of a political association;

d)    religious beliefs or affiliations;

e)    philosophical beliefs;

f)     membership of a professional or trade association;

g)    membership of a trade union;

h)    sexual preferences or practices; criminal record; or

i)      health information.

5.    As a law firm whose business activities include providing legal services, AdAstra Legal, in the course of providing such legal services, will need to collect sensitive information about individuals.

6.    Prior to the collection of sensitive information about individual clients, AdAstra Legal will ensure that the individual is adequately informed as to the reason for the collection of the sensitive information and that the individual has the capacity to understand and communicate their consent and that the consent is voluntarily given by the individual (or the individual’s Legal Guardian as the case may be).

7.    The kinds of personal and/or sensitive information that Adastra Legal may collect and hold in respect of individuals includes:

a)    Names;

b)    contact details, such as residential address, postal address, telephone number, facsimile number, mobile telephone number, email address;

c)    age;

d)    gender;

e)    ethnicity;

f)     nationality;

g)    academic history;

h)    employment history;

i)      health information including: details of any mental conditions or disabilities; prescribed medications; medical conditions; prescribed therapies; assistance required; medical procedures; etc.

j)      Medicare information;

k)    financial information, including information about transactions and trading history with AdAstra Legal;

l)      information about credit history;

m)   criminal history;

n)    emergency contact details for a person not residing with the individual;

o)    identification information, such as driver’s licence numbers;

p)    hobbies or interests or memberships in trade or professional associations;

q)    personal and/or sensitive information relevant to any legal matter concerning

r)     the individual.

8.    In particular, personal information is collected in the following situations by AdAstra Legal:

a)    if an individual contacts AdAstra Legal, we may keep a record of that communication or correspondence;

b)    from forms filled out by people;

c)    in face-to-face meetings/interviews;

d)    from business cards provided to us by the individual;

e)    telephone conversations and from third parties i.e. a report provided by a medical professional or a reference from another person;

f)     website visits;

g)    when conducting certain types of transactions such as cheque or credit card purchases or refunds;

h)    when an individual submits their contact details to be included on our mailing lists;

i)      in the course of acting on behalf of clients in providing legal services and in legal proceedings.

9.    At or before the time the personal information about an individual is collected by us, we will take reasonable steps to ensure that the individual is made aware of who we are, the fact that the individual is able to gain access to the information held about the individual, the purpose of the collection, the type(s) of organisations to which we may usually disclose the information collected about the individual, any laws requiring the collection of the information and the main consequences if all or part of the information is not collected.

10.  We usually collect personal information about individuals directly from the individual. However, sometimes we may need to collect personal information about individuals from third parties for the purposes described below in this policy. The circumstances in which we may need to do this include, for example:

a.    where personal information is contained in an expert report for the purposes of conducting litigation (such as a medical report);

b.    a reference in respect of a prospective job-seeker;

c.     where we take statements from witnesses in a proceeding; or

d.    to assist us to locate or communicate with the individual.

11.  Generally speaking, collection of personal information about individuals from third parties will occur because it is necessary for us to do so in order to provide proper and appropriate legal services to our clients. In such circumstances where the information AdAstra Legal may need to collect about an individual client is sensitive information, AdAstra Legal will only collect such information with the express consent of the individual.

Use of information collected and disclosure of personal information to

others

12.  We may use or disclose personal information held about an individual as permitted by law and for the business purposes for which it is collected (e.g. provision of our legal services, including administration of our services, notifications about changes to our services, record-keeping following termination of our services and technical maintenance) - that is, to carry on our business and provide services to our clients.

13.  We may also use such information about individuals for a purpose related to the primary purpose of collection (in the case of sensitive information, the related purpose must be directly related to the primary purpose) and where the individual would reasonably expect that we would use the information in such a way. This information is only disclosed to persons outside our business in the circumstances set out in this policy or as otherwise notified at the time of collection of the information.

14.  AdAstra Legal’s business purposes for which personal information is collected, used and disclosed may include:

a.    to provide legal services to our clients such as giving legal advice and acting in litigation on behalf of our clients;

b.    managing our products and services or other relationships and arrangements, including processing receipts, payments and invoices;

c.     assessing and monitoring the legal services we provide to our clients;

d.    detecting and preventing fraud and other risks to us and our clients;

e.    responding to inquiries about the services we offer;

f.      understanding our clients' needs and developing and offering products and services to meet those needs;

g.    researching and developing our products and services and maintaining and developing our systems and infrastructure (including undertaking testing);

h.    dealing with complaints;

i.      meeting legal and regulatory requirements including storage, backup and archiving electronically and physically. Various Australian laws may expressly require us to collect/and or disclose personal information about individuals, or we may need to do so in order to be able to comply with other obligations under those laws;

j.      enforcing our rights, including undertaking debt collection activities.

15.  In addition we are permitted to use or disclose personal information held about individuals:

a.    where the individual has consented to and/or authorised the use or disclosure;

b.    where we reasonably believe that the use or disclosure is necessary to lessen or prevent a serious, immediate threat to someone's health or safety or the public's health or safety;

c.     where we reasonably suspect that unlawful activity has been, is being or may be engaged in and the use or disclosure is a necessary part of our investigation or in reporting the matter to the relevant authorities;

d.    where such use or disclosure is required under or authorised by law (for example, to comply with a subpoena, a warrant or other order of a court or legal process);

e.    where we reasonably believe that the use or disclosure is necessary for prevention, investigation, prosecution and punishment of crimes or wrongdoings or the preparation for, or conduct of, proceedings before any court or tribunal or the implementation of the orders of a court or tribunal by or on behalf of an enforcement body;

f.      where a client (being the individual or related to the individual) has requested a service to be provided by us and we are required to disclose the information to a third party in order to facilitate the provision of the service. In most, if not all cases, any such disclosure will be with the consent of the individual.

16.  Third parties to whom we may disclose personal information about individuals in accordance with AdAstra Legal’s business purposes set out above may include:

a.    Other AdAstra Legal Lawyers/employees for the purposes of providing legal

b.    Services (including any individuals completing work experience or other unpaid work with our firm);

c.     Barristers and experts in matters where it is necessary for us as part of our services to the clients to obtain an opinion from a barrister or an expert or to engage a barrister to act in litigation;

d.    AdAstra Legal’s IT service providers;

e.    Courts, tribunals and other regulatory bodies in Australia;

f.      financial advisors;

g.    participants in financial and payment systems, such as other banks, credit providers, and credit card associations.

17.  Again, most disclosures to third parties will be with the consent and authority of the individual.

Anonymity and Pseudonymity

18.  Individuals have the option of dealing with AdAstra Legal anonymously. However, this only applies where is not impracticable for AdAstra Legal to deal with individuals acting anonymously or under a pseudonym. For example, individuals making general enquiries of AdAstra Legal may do so anonymously or under a pseudonym. However, if the dealing with AdAstra Legal is for AdAstra Legal to provide legal services and/or to enter into contractual relations then it is impractical for individuals to deal with AdAstra Legal on an anonymous basis or under a pseudonym.

19.  AdAstra Legal has a policy which requires new clients to provide proof of identity. This policy is to avoid identity fraud and to confirm identity and authority to a person to provide us with instructions, particularly where a client is not an individual.

Direct Marketing

20.  As part of AdAstra Legal’s functions and business activities and to promote the services we can provide to our clients and other parties, AdAstra Legal may use personal information that individuals have provided to AdAstra Legal for the purposes of direct marketing. Direct marketing includes, but is not limited to, sending to our clients and other parties (including individuals) and/or contacting our clients (including individuals) in relation to promotions and information about AdAstra Legal. Recipients of direct marketing are always able to opt out of receiving direct marketing communications by sending an email to our office at robert@adastralegal.com.au. In any direct marketing communication we remind recipients of their right to opt out of receiving direct marketing communications.

Links to External Websites

21.  Our web site may contain links to other web sites and those third-party web sites may collect personal information about individuals. We are not responsible for the privacy practices of other businesses or the content of web sites that are linked to our web site. AdAstra Legal encourages users to be aware when they leave our site to read the privacy statements of each and every web site irrespective of whether those websites collect personally identifiable information.

Security and storage

22.  AdAstra Legal places a great importance on the security of all information associated with our clients and others who deal with us. All AdAstra Legal employees are contractually required to respect the confidentiality of personal information and the privacy of individuals. We have security measures in place to protect against the loss, misuse and alteration of personal information under our control. AdAstra Legal takes all reasonable steps to protect personal information that is under AdAstra Legal’s control from misuse, interference, loss and/or unauthorised access, modification or disclosure. All personal information held is kept securely.

23.  Personal information is de-identified or destroyed securely when no longer required by us and no longer required to be kept by us.

24.  AdAstra Legal retains information provided to us including individuals’ contact and financial and transactional information to enable us to verify transactions and client details and to retain adequate records for legal and accounting purposes. Such information is held securely.

25.  No data transmission over the Internet can be guaranteed to be absolutely secure. As a result, while we strive to protect clients' and other parties’ personal information, AdAstra Legal cannot ensure or warrant the security of any information transmitted to it or from our online products or services, and users do so at their own risk. Once AdAstra Legal receives a transmission, we make every effort to ensure the security of such transmission on our systems.

Access to and collection of personal information

26.  AdAstra Legal is committed to and takes all reasonable steps in respect of maintaining accurate, timely, relevant, complete and appropriate information about our clients, other parties and web-site users.

27.  Any individual may request access to personal information about them held by AdAstra Legal. Such a request for access to personal information is to be made to AdAstra Legal’s Privacy Officer:

AdAstra Legal Privacy Officer

Reception Ph No: 1300 278 721

Email: robert@adastralegal.com.au

28.  Please note AdAstra Legal does require that, as part of any request by an individual for access to personal information, the individual verify their identity so that AdAstra Legal may be satisfied that the request for access is being made by the individual concerned.

29.  Please note that AdAstra Legal is not required to give an individual access to personal information in circumstances where:

a.    we reasonably believe that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety; or

b.    giving access would have an unreasonable impact on the privacy of other individuals; or

c.     the request for access is frivolous or vexatious; or

d.    the information relates to existing or anticipated legal proceedings between AdAstra Legal and the individual, and would not be accessible by the process of discovery in those proceedings; or

e.    giving access would reveal the intentions of AdAstra Legal in relation to negotiations with the individual in such a way as to prejudice those negotiations; or

f.      giving access would be unlawful; or

g.    denying access is required or authorised by or under an Australian law or a court/ tribunal order; or

h.    both of the following apply:

i.      AdAstra Legal has reason to suspect that unlawful activity, or

j.      misconduct of a serious nature, that relates to AdAstra Legal’s functions or activities has been, is being or may be engaged in;

k.     giving access would be likely to prejudice the taking of appropriate action in relation to the matter; or

l.      giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or

m.   giving access would reveal evaluative information generated within AdAstra Legal in connection with a commercially sensitive decision-making process.

30.  Inaccurate information will be corrected by AdAstra Legal on receiving advice to this effect. To ensure confidentiality, details of an individual’s personal information will only be passed on to the individual if we are satisfied that the information relates to the individual. From time to time, and having regard to the purpose of the collection and use of personal information about individuals, we may contact individuals to seek confirmation that the personal information provided to us by the individual is accurate, up-to-date and complete.

31.  If we refuse to provide an individual with access to or correct the personal information held by us about the individual, then we will provide reasons for such refusal. Such reasons will set out the grounds for refusal, the mechanisms available to complain about the refusal and any other matters that are required by the Act.

32.  AdAstra Legal will respond to any requests for access or correction within a reasonable time of receipt of the request, but by no later than 30 days of the request being received.

Complaints

33.  If an individual has a complaint about our APP Privacy Policy or AdAstra Legal’s collection, use or safe disposal or destruction of personal information about the individual, any complaint should be directed in the first instance to AdAstra Legal’s Privacy Officer at the contact details set out above.

34.  We will investigate any complaint within 30 calendar days and attempt to resolve any breach that might have occurred in relation to the collection, use or destruction of personal information held by us about the complainant in accordance with the Act and the APPs. If a complainant is not satisfied with the outcome of this procedure then the complainant may contact the Office of the Australian Information Commissioner (“OAIC”). The web site of the OAIC is www.oaic.gov.au.

Transfer of information overseas

35.  AdAstra Legal will generally be unlikely to disclose personal information about individuals to overseas recipients. Personal information will only be disclosed by AdAstra Legal to overseas recipients in accordance with Australian Privacy Principle 8, such as in circumstances where the individual consents to the disclosure of the information to an overseas recipient or if the disclosure is required by Australian law.

Cookies

36.  When a user visits our website, our internet service provider may record:

a.    the user’s internet address;

b.    the user’s domain name;

c.     the user’s internet service provider;

d.    the date and time of the visit to the website;

e.    length of session;

f.      pages accessed;

g.    website which referred the user to our website;

h.    type and version of the browser the user is using;

i.      the operating system which the user’s computer uses.

37.  Individuals cannot be identified from this information and such information is only used for statistical and website development purposes to assist us in providing an effective service on our web sites.

Changes to APP Privacy Policy

38.  If AdAstra Legal decides to or is required to change its APP Privacy Policy, we will notify of such amendments on our web site and post changes on this APP Privacy Policy page so that users are always aware of what information is collected by us, how it is used and the way in which information may be disclosed. As a result, please refer back to this APP Privacy Policy regularly to review any amendments.

Further Information

39.  For further information regarding our APP Privacy Policy, please contact us at the following address:

E-mail: robert@adastralegal.com.au

40.  For more information on privacy legislation or the APPs please visit the website of the Office of the Australian Information Commissioner at www.oaic.gov.au.