Leximed recognises the importance of your privacy and understands your concerns about the security of your personal information. We are committed to protecting any personal information that we hold. This Privacy Policy details how we generally collect, hold, use and disclose personal information and your rights in relation to the personal information that we hold about you.
When we deal with organisations (such as a corporation or a Government Department or agency) we may collect personal information about individuals who are employees, directors or principals of those organisations or their associates. If you are an organisation and you provide us with personal information about such individuals, or are otherwise aware that we have collected personal information about such individuals, we ask you to assist us by referring the relevant individuals to this Privacy Policy. Before you provide us with personal information about an individual that is sensitive information, you must ensure that you are authorised by the relevant individual to disclose that information to us.
Where this Privacy Policy refers to a party that may be either an individual or an organisation (such as our clients or service providers), the reference includes individuals who are employees, directors, or principals of an organisation or its associates.
Personal information
‘Personal information’ is defined in the Privacy Act 1988 (Cth) to mean any information or opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not.
The kinds of personal information we collect and hold
We collect and hold a range of personal information in carrying out our business and functions as a legal services provider. The kinds of personal information that we collect and hold about you will depend upon the nature of our relationship with you.
Our clients
We typically collect and hold the following kinds of personal information about our clients:
- name, job title, and contact details;
- communications between you and us;
- financial information;
- Health & medical information pertinent to a client’s case (if a patient); and
- other personal information that you provide to us (such as when you respond to an invitation to attend a seminar or function) or that we collect in the course of our relationship with you.
To the extent that it is relevant to the work we are undertaking for a client or our general relationship with a client, we may also collect and hold personal information about clients that is sensitive information under the Privacy Act. For example, we may collect health information about an individual, membership of a professional or trade association, membership of a trade union, religious beliefs or affiliations or criminal records.
Our contractors, service providers, suppliers and job applicants
We typically collect and hold the following kinds of personal information about contractors, service providers, suppliers and job applicants:
- name and contact details;
- information contained in resumes;
- educational details, academic and other transcripts, employment history, skills and background checks;
- references from past employers and referees;
- information collected during the interview or assessment process;
- details of your performance under any contract; and
- personal information required to make payments, such as bank account details.
We may also collect sensitive information contained within the sources set out above, such as membership of a political, professional or trade association or trade union, criminal records and health information.
Website users, online contacts and attendees at seminars and other functions
The amount and type of information we collect from you when you use of our website or contact us online will depend upon your use of the facilities and services available through our website or otherwise available online. However, the only personal information which we collect about you when you use our website or contact us online is what you tell us about yourself, such as when you complete an online subscription form to our publications, alerts and newsletters, when you accept an invitation to attend a seminar or function, or complete one of our online forms, including through our marketing campaigns, or information you provide to us when you send us an email.
The kinds of personal information that we may collect through our website, online or when you register to, or attend a function include:
- your name, contact details, employer and job title; and
- your areas of legal interest or specialisation.
We may also collect and hold the following sensitive information about you:
- health information (i.e. conditions affecting dietary requirements such as diabetes or food allergies);
- information on your religious beliefs or affiliations (i.e. for the purposes of assessing dietary requirements such as Halal or Kosher); and
- membership of a political, professional or trade association or trade union.
We will also collect personal information about you if you provide us with your business card at a function or otherwise provide your personal information to us in person or contact us through social media (such as LinkedIn and Facebook).
Other individuals
In the course of providing our clients with the services they have requested, and carrying out their instructions, we may be required to collect personal information about other individuals including other parties to our clients’ matters, their legal representatives and other service providers or contractors retained by them. The nature of information collected will depend upon the individual circumstances of the matter, but is likely to include name, contact details, job title, and communications with these other individuals. Depending upon the circumstances of the matter, it may also include sensitive information.
If you approach us for information (such as government departments, regulatory authorities or media) we may record your name and contact details and collect additional personal information about you to verify your identity and consider whether to provide you with the information that you have requested.
How we collect personal information
In most instances we will collect personal information directly from the person to whom the information relates, or the organisation of which that personal is an employee, director or principal. However, we may also collect personal information about individuals from the following third parties:
- our clients;
- government agencies;
- law enforcement bodies;
- publicly available records;
- public registries;
- court or tribunal records;
- ratings agencies;
- search agencies;
- regulatory and licensing bodies;
- service providers;
- parties to whom you refer us, including previous employers and referees;
- recruitment agencies;
- online searches; and
- social media (such as LinkedIn and Facebook).
When we obtain personal information from third parties to whom you refer us, we will assume and you must ensure that you have made that third party aware that you have referred us to them and of the purposes involved in the collection, use and disclosure of the relevant personal information.
If you supply us with personal information about another individual, we ask you to assist us by referring that person to this Privacy Policy.
How we hold personal information
We hold personal information in hardcopy files and in electronic form, and take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access, modification or disclosure.
We store hardcopy files in offices, cupboards and compactuses within an access controlled premises. Under our records managements system, access to files is appropriately limited. We may apply additional security measures limiting access to information about files or store files in locked cupboards or access restricted rooms as necessary or desirable based on our clients’ needs. We also store hardcopy files with an offsite storage provider whose premises is monitored by CCTV and access is strictly controlled.
We store electronic records within our own secure network and through third party data storage providers. Personal information within our network is password protected and access is appropriately limited.
Our third party data storage providers are required to protect personal information in accordance with applicable laws and take appropriate technical and organisation measures against unauthorised or unlawful use of personal information or its accidental loss, destruction or damage.
The purposes for which we collect, hold, use and disclose personal information
We collect, hold, use and disclose personal information for the purposes for which it was collected, related purposes, and other purposes including:
- providing the services that our clients have requested;
- contracting out some of our functions to external service providers and suppliers (such as barristers, title and court searches, surveyors, forensic witnesses, accountants, mediators, valuers, printers, carriers, mailing, photocopying, IT, advertising, marketing and campaign managers, market research and recruitment);
- maintaining, managing and developing our relationship with clients and potential clients;
- carrying out research, planning, service development, security and risk management;
- marketing our services, administering and operating our online subscriptions and providing you with information about legal developments and other services that you have requested or that may be of interest to you;
- the organisation of events;
- assessing and considering applications from prospective employees, contractors and service providers;
- developing and managing relationships with our employees, contractors and service providers;
- managing insurance;
- conducting further searches and enquiries regarding the information you have provided to us or more generally to collect additional personal information about you or your associates for our regulatory or prudential purposes;
- complying with our legal and regulatory obligations; and
- to otherwise carry out our functions as professional legal service providers.
Direct marketing
If you are a client or have otherwise expressed interest and provided us with your contact details, we may send emails to you with information about medicolegal developments (such as publications, alerts and newsletters) and marketing our services (such as seminar invitations).
We may use an “email management system” to automate the management and dispatch of these emails. The system operates by inserting tracking codes in the emails that we send to you. The tracking code allows us to collect personal information about you, such as whether you received and opened an email, and whether you clicked through to any links to our website. The personal information that the email management system collects and holds about you is used by us to:
- ensure that you only receive correspondence that you have informed us that you wish to receive;
- insert your personal information into our communications with you;
- determine whether the information that we send to you is suitable for your interests, information needs and profile;
- ensure that the email address that you have provided us is still operational;
- determine whether emails that we send to you are received by you;
- update a request that you make to us to unsubscribe from a publication that we send to you;
- review the effectiveness and relevance of our emails to you by collecting other statistical information.
If you do not wish for us to send you such emails, please let us know by contacting our Privacy Officer at the details below. You can also unsubscribe from our email notifications by clicking on the ‘Unsubscribe’ button at the bottom of our email notifications and following the prompts or by emailing us by clicking the ‘Contact Us’ button.
Overseas disclosures of personal information
We may disclose personal information to external service providers located overseas (including England) so that they can provide us with services in connection with the operation of our business, such as marketing services and data storage.
If you apply to us for employment, and have lived or worked overseas, we may disclose your personal information to overseas recipients for the purposes of gathering information to assess your application. If you have previously worked for us, and provide our details to a prospective employer or recruitment agency located overseas, we may disclose your personal information to that entity to assist them to assess your application.
Aside from the purposes set out above, we are generally not likely to disclose personal information to overseas recipients. However, in the course of acting for some clients it may become necessary or desirable to disclose personal information to overseas recipients. The countries in which these overseas recipients may be located will depend upon the individual circumstances of our client’s matter, and it is not practicable to specify them in this Privacy Policy.
Access to your personal information
You have a right to request access to personal information that we hold about you and request its correction if it is inaccurate, out of date, incomplete, irrelevant or misleading. You may do so by contacting our Privacy Officer at the details below. We will respond to all requests for access to or correction of personal information within a reasonable period.
In some cases, in accordance with the Privacy Act, we may charge you a fee for access to personal information we hold about you or refuse to give you access to personal information we hold about you.
Complaints
If you would like to complain about a breach of the Australian Privacy Principles, you may contact our Privacy Officer at the details below.
We will respond to complaints within a reasonable period of time (usually 30 days).
If you disagree with our decision, you may refer your complaint to the Office of the Australian Information Commissioner by visiting www.oaic.gov.au, calling 1300 363 992 or by emailing enquiries@oaic.gov.au.
Privacy Officer
If you would like more information about the way we manage personal information, would like to request access to or correction of personal information that we hold about you, or wish to make a complaint, please contact our Privacy Officer by either:
Email – clientservices@leximed.com.au;
Post – Attention “Privacy Officer” Suite 30, Level 2 Silverton Place, 101 Wickham Tce, Spring Hill QLD 4000; or
Telephone – (07) 3831 5681 (within Australia).
Changes to our privacy policy
From time to time it may be necessary for us to review and revise our Privacy Policy. We may notify you about changes to this Privacy Policy by posting an updated version on our website. We encourage you to check our website from time to time to ensure you are familiar with our latest Privacy Policy.
Our Privacy Policy was last updated on 22 April 2016.