Privacy Policy

On this page

01

Our commitment to your privacy

KSC Legal and Advisory Pty Ltd (ACN 689 590 109), trading as KSC Law (KSC, we, us, our), takes the privacy of your personal information seriously. We are committed to handling it responsibly and in accordance with the Australian Privacy Principles (APPs) in the Privacy Act 1988 (Cth).

This Privacy Policy explains what personal information we collect, how we use and disclose it, how we keep it secure, and how you can access or correct it. Where applicable, it also explains your rights if you are located in the European Union or United Kingdom.

02

What is personal information?

‘Personal information’ is information or an opinion about an identified individual, or an individual who is reasonably identifiable.

‘Sensitive information’ is a subset of personal information and includes information or an opinion about an individual’s racial or ethnic origin, political opinions, religious beliefs, sexual orientation, criminal record, health information, or professional or trade association memberships.

We do not collect, use or disclose sensitive information about you unless it is permitted by law, is required in the course of providing legal services to you, or you consent. If you are under 16 years of age, the consent of a parent or guardian is required. Sensitive information is only used and disclosed for the purpose for which it was provided, or a directly related secondary purpose.

03

What kinds of personal information we collect

Depending on your dealings with us, the personal information we collect may include:

• your name and contact details, such as your address, email and phone number;
• information relevant to your matter or claim, including, where you consent, health and other sensitive information needed to provide legal services;
• employment, financial and identification details where relevant to your matter;
• information about your use of this website, as described in the sections below.

04

Whose personal information we collect

We may collect and hold personal information about our clients and prospective clients, business contacts and their employees, suppliers and contractors.

05

How we collect personal information

We usually collect personal information directly from you — through forms, meetings, interviews, business cards, telephone calls and emails. In some cases we collect it from third parties, for example a medical report from a treating doctor or a reference provided on your behalf.

06

Information we collect from this website

We may collect information about you when you use this website, including when you:

• register or update an online profile, which may include personal information such as your name or address;
• submit electronic forms requesting our services or asking us to take action;
• submit messages or comments, or participate in online surveys;
• apply for a job.

We take reasonable steps to protect personal information transmitted through this website. However, no transmission of data over the internet is completely secure, and we cannot guarantee the security of information you send to, or receive from, us online — particularly by email. Once we receive your information, we take reasonable steps to keep it secure.

07

Cookies and tracking technologies

Like most websites, we use cookies and similar technologies. Cookies are small text files stored on your device by your browser that help our systems recognise your browser and remember certain information.

We use the following categories of cookies and tracking technologies:

Analytics and advertising cookies are only set after you consent through our cookie banner. You can change or withdraw your consent at any time using the “Cookie settings” option. We will not use cookies or anonymous website information to personally identify you unless required by law.

For more information about how these providers handle data, see Google’s Privacy Policy at policies.google.com/privacy and Meta’s Privacy Policy at facebook.com/privacy/policy.

08

How we use and disclose your personal information

We may use and disclose your personal information to conduct our business, to provide and market our services, to communicate with you, to comply with our legal and professional obligations, and to manage and improve our services.

We may disclose personal information for the purpose for which it was collected, and also:

• subject to our professional obligations, to any person where necessary or desirable in connection with providing legal services — such as the client, regulators, advisers, or other principals or advisers (whether in Australia or overseas);
• within KSC;
• on a confidential basis to external service providers who provide financial, administrative, technology, data-processing, security or archiving services in connection with our business;
• as required or authorised by law, and as permitted under the APPs;
• with your consent (if you are under 16, the consent of a parent or guardian is required).

09

To whom we may disclose your personal information

We may share your personal information with third parties who help us provide our services, such as barristers, medical practitioners, experts, courts and government agencies. We may also collect personal information from these parties and handle it in accordance with this policy.

We take reasonable steps to require third parties with whom we share personal information to handle it in accordance with the APPs.

10

Overseas disclosure of personal information

We may need to disclose your personal information to recipients located overseas. We cannot always ensure that overseas recipients will comply with the Privacy Act 1988 (Cth), and they may not be subject to the same protections that apply in Australia.

Where we receive requests for information from foreign governments, regulators or law enforcement, we will act in accordance with the APPs, including in relation to cross-border disclosure. Where we are required by Australian law or a court or tribunal order to disclose personal information to an overseas recipient, we may do so without taking the steps in APP 8.1, to the extent permitted.

Examples of circumstances where a law or order may require overseas disclosure include:

• disclosure to a foreign government under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth);
• disclosure to an overseas recipient under the Australian Federal Police Act 1979 (Cth) or the Mutual Assistance in Criminal Matters Act 1987 (Cth).

By using our services, you consent to your personal information being disclosed to overseas recipients in these circumstances, and you acknowledge that we are not accountable for those recipients and that you may not be able to seek redress against them under the Privacy Act.

11

Visitors in the EU and UK (GDPR)

If you access this website from the European Union or United Kingdom, the following additional information applies. KSC is the controller of your personal information for the purposes of the EU General Data Protection Regulation (GDPR) and the UK GDPR.

Lawful bases. We rely on the following lawful bases to process your personal information:

• consent — for analytics and advertising cookies, and for direct marketing (you can withdraw consent at any time);
• performance of a contract — to provide the services you request;
• legitimate interests — to operate, secure and improve our website and services, where not overridden by your rights;
• legal obligation — to meet our legal and professional obligations.

International transfers. Our analytics and advertising providers (Google and Meta) may transfer your data to the United States. These providers rely on safeguards such as the European Commission’s Standard Contractual Clauses.

Your EU/UK rights. In addition to the rights set out below, you have the right to withdraw consent at any time and to lodge a complaint with your local data protection supervisory authority.

12

How we keep your personal information secure

We take reasonable steps to protect your personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure. This includes restricted access to electronic records and physical security measures.

We respect everyone’s privacy and keep personal information confidential. All our employees receive training on their responsibilities under the APPs and the Privacy Act 1988 (Cth).

We will not use identifiers assigned to you by a Commonwealth Government agency, such as your tax file number, to identify you.

If we no longer need your personal information for a purpose permitted under the APPs, we will take reasonable steps to securely destroy or de-identify it.

This policy forms part of our internal procedures, and our Privacy Officer is responsible for ensuring ongoing compliance with the APPs.

13

Notifiable Data Breaches scheme

KSC is committed to keeping your personal information safe. We maintain a Data Breach Response Plan consistent with the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988 (Cth). It sets out how we identify, contain, assess and respond to data breaches, including how our response team acts and how affected individuals and the Office of the Australian Information Commissioner (OAIC) are notified where required.

If an eligible data breach occurs, we will notify affected individuals as soon as practicable. We aim to assess any suspected breach within 30 days and will keep affected individuals informed so they can take appropriate steps to protect themselves. Once our assessment is complete, we will provide a summary of our findings and make any notifications required by law.

14

Your rights

Depending on your circumstances and the laws that apply to you, you may have the right to:

• access the personal information we hold about you;
• request that we update or correct your personal information;
• request that your personal information be erased (the “right to be forgotten”);
• request that we restrict the processing of your personal information;
• request data portability;
• withdraw your consent at any time, where we rely on consent.

15

How to access your personal information

If you would like to access the personal information we hold about you, please contact our Privacy Officer (see “How to contact us” below). We will respond within 30 days. We will need to verify your identity and ask you to specify the information you are seeking. Depending on the time required to locate and compile the information, a reasonable fee may apply — we will advise you of any cost before proceeding. In some cases we may be unable to provide access or make a correction for legal reasons; if so, we will explain why.

16

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the law, technology or our business practices. The current version will always be available on our website at ksclaw.com.au.

17

Complaints

If you are not satisfied with how a member of our firm has handled your personal information, please make a written request for the matter to be reviewed by the KSC Internal Disputes Resolution Committee.

If you remain dissatisfied after receiving a written response from that Committee, you may refer the matter to the Queensland Law Society, and KSC will treat its decision as final. You can contact the Queensland Law Society at:

Queensland Law Society, Law Society House, 179 Ann Street, Brisbane QLD 4000, Australia — telephone (07) 3842 5888.

Nothing in this policy limits your right to complain about an interference with your privacy directly to the Office of the Australian Information Commissioner (OAIC) under the Privacy Act 1988 (Cth).

18

How to contact us

If you have any questions about privacy, or wish to access or correct your personal information, please contact our Privacy Officer:

Phone: 07 2112 4752
Email: privacy@ksclaw.com.au

Questions about your privacy?

Our Privacy Officer is happy to help with any privacy enquiry.