Defining specific terms
Purpose of this policy
In all cases Russell Kennedy collects privacy information by lawful and fair means. In most circumstances, Russell Kennedy collects your privacy information directly from you. As an example, we may collect privacy information about you when you correspond with us via telephone, facsimile, email or letter, subscribe (electronically or otherwise) to any of our publications or when you contact us in person. Typically, the privacy information we collect about you includes your name, mailing address, telephone number and e-mail address.
Russell Kennedy may also collect sensitive information, such as your membership of a professional or trade association, or health information, where it is reasonably necessary for us to provide legal services or sustain our business operations. However, we will only collect sensitive information where:
Our general policy is to collect privacy information from you directly and not from third parties, but we may do so if a circumstance arises in which it is unreasonable or impracticable to collect information from you directly. As an example, Russell Kennedy may collect personal information from a company for whom you are employed or to which you provide services, such as a credit reporting or rating agency, or an information service provider.
When we collect your privacy information from you directly or from a third person we must, if reasonably necessary in the circumstance, ensure you are aware of particular matters associated with our collection of your privacy information.
Russell Kennedy collects personal information only where reasonably necessary for one or more of the functions and activities connected to the operations of our law firm. We collect personal information for the primary purposes of:
While individuals generally have a right to remain anonymous, in most circumstances this right does not apply when you seek legal advice or representation, as it is usually impracticable for us to provide legal advice to you without knowing your true identity. If you choose to not give your privacy information to us we may not be able to provide you with legal advice.
Generally, Russell Kennedy uses and discloses privacy information only for the primary purpose for which we collect it. As an example, if you provide us with privacy information in the course of instructing us to give legal advice or run litigation, we may disclose this information to:
If we send your privacy information to an overseas recipient, Russell Kennedy will take reasonable precautions to ensure the overseas recipient does not breach the APPs. An example of a precautionary measure is incorporating a confidentiality clause into a contractual agreement to legally protect your privacy information.
We may also use privacy information for a secondary purpose related to the primary purpose for which you would reasonably expect us to use the collected information, unless an exception applies. An example of an exception is where Russell Kennedy reasonably believes that the use or disclosure is reasonably necessary for the establishment, exercise or defence of a legal or equitable claim.
We will not disclose privacy information collected by us to third parties for the purpose of allowing them to direct market any products and services to you.
We may use your personal information to provide you with updates on areas of law and information about our services, unless you request not to receive such communications from us. You may also subscribe to our newsletters or specific industry alerts. Russell Kennedy makes clear that each subscriber is consenting and expects to receive such information from us.
All of our direct marketing communications contain a facility whereby you can opt out of receiving future communications. You may also at any time separately request not to receive direct marketing communications from us. We will comply with all such requests as soon as reasonably possible.
When you visit our website – www.rk.com.au, our server attaches a small data file called a "cookie" to your computer's memory.
As most website owners and operators do, Russell Kennedy tracks usage patterns on our website on an anonymous aggregate basis. Each time you visit our website – www.rk.com.au, a web server makes a record of your visit.
Specifically, it records your:
If you or your organisation is subject to privacy laws and you provide information to Russell Kennedy about someone else (such as directors or employees of your organisation), you must ensure that you are entitled to disclose that information under the APPs, without Russell Kennedy taking further steps to make sure your disclosure is compliant.
As an example, you may be covered by a permitted general situation - an exception to the general obligation to not disclose personal information for a secondary purpose. You should familiarise yourself with these circumstances to know when you do not need consent to disclose, such as the exception that allows a disclosure that is reasonably necessary for the establishment of a legal claim. In other cases, you must gain consent of the individual whose information is being disclosed.
Russell Kennedy commits to ensuring that all reasonable procedures are followed to ensure your privacy information is accurate, complete, and up to date whenever we collect or use it. If we believe the information we hold is inaccurate, out-of-date, irrelevant, incomplete or misleading, we will take steps to correct the information.
If you suspect that any of your privacy information held by Russell Kennedy is inaccurate, out-of-date, irrelevant, incomplete or misleading, please contact us immediately and we will take all reasonable steps to correct any such information. If we cannot resolve the issue in a reasonable time, we will either give you an explanation as to why or discuss alternative courses of action.
Your privacy information may be stored by us either in hard copy documents or as electronic data in our information technology systems. Russell Kennedy maintains a high level of physical security over our hard copy and electronic data stores and premises, such as locks, alarms and barrier systems
In respect of our electronic data, we maintain a high level of computer and network security. Our information systems log all details in relation to the creation, location, access and destruction of electronic documents, allowing tracing of access and activity. We have developed specific policies governing information security in respect of local and remote systems access, including passwords and authentication devices for corporate and personal email, internet browsing, use of laptops and mobile and tablet devices. All Network transactions are secured by SSL certificates, Firewalls and Enterprise Antivirus software (provided by Symantec). Access to USB, CD & DVD devices is controlled and audited.
You are entitled at any time, upon request, to access your privacy information held by us. We will respond within a reasonable time after the request is made and give access to the information in the manner requested by you, unless it is impracticable to do so. We are entitled to charge you a reasonable administrative fee for giving you access to the information requested.
Should access to any privacy information be refused, Russell Kennedy will explain the reasons for refusal, and inform you of any exceptions under the Privacy Act relied upon as the basis for such a refusal.
The Privacy Officer will make good faith efforts to rectify the issue and respond within a reasonable period after the complaint is made.
Chief Operating Officer
Russell Kennedy Pty Ltd
Level 12, 469 La Trobe Street, Melbourne
Tel: 03 9609 1555