At HDY, we recognise the importance of individuals' privacy. Our policy for the management of personal information is set out on this page. It is our intention to always comply with the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs).
What kinds of personal information do we collect and hold?
We collect information about individuals such as their name, contact details, occupation, photographs, employment history, title, expertise and interests, and information concerning the matters on which a client seeks our services. We also collect sensitive information as set out below.
Failure to collect this information will prevent us from providing our clients with legal services or from achieving the purpose for which the information was given to us.
How we collect personal information
We usually collect personal information directly from an individual when an individual communicates with us, such as when he or she:
- provides us with personal information (including identification information such as passport details) in connection with the provision or potential provision of legal services by us
- makes inquiries about our services or contacts us for any other reason so that we can process, deal with and respond to such queries or any other issues, including complaints
- provides us with business cards or other contact information
- registers for or attends at HDY events or third party events arranged in conjunction with HDY
- subscribes to our mailing lists
- uses our website, www.hdy.com.au
- contacts, registers with, posts to, likes or follows any of our social media websites, pages, forums or blogs; or
- applies for prospective employment and contracting opportunities at HDY.
We may also collect personal information about an individual when a client (eg an employer, colleague or associate of the individual) uses our services.
We may also collect personal information about individuals from third parties, such as:
- from agents or advisors on behalf of an individual
- from identity verification agents
- from third party referrals
- when we obtain references
- through reports from professionals, such as medical professionals, or otherwise in connection with the provision of our legal services; or
- from publicly available sources.
We may collect sensitive information about individuals, but only where:
- the individual has provided consent to such collection and the information is reasonably necessary for our functions or activities; or
- as otherwise permitted by the APPs.
Cookies and other web tracking systems
We track traffic patterns throughout our website.
We use "cookies" on our website. A "cookie" is a small amount of information which is transferred to the hard drive of your computer and which can identify your web browser but not you. A cookie can collect and store information, but cannot interfere with your computer.
Our internet service provider will record and advise us of your service address, domain name, the date and time of your visit to our site, the pages viewed and the information downloaded.
If you want, you can disable your web browser from accepting cookies. If you do so, you can still access our website, but not all services may be available.
Use and disclosure of information
We collect and use personal information for our business purposes. The main purposes for which we collect and use information are:
- to provide our clients with legal services
- where the information was given to us for another specific purpose (such as a job application), for that purpose
- in respect of our website, to respond to any requests made and for statistical, web development and internal purposes
- to carry out identity verification
- for our own internal, relationship and marketing purposes (however, we always provide a choice to "opt out" of receiving direct marketing or related communications from us); and
- for a related purpose, where the individual concerned would reasonably expect us to use it for that related purpose.
We may disclose personal information for the above purposes to third parties such as:
- a service company or trust company affiliated with the HDY partnership
- service providers, agents or contractors of HDY, such as archive service providers or printers; or
- barristers, our interstate agents or other advisors we or our clients engage to assist in providing services.
We only disclose personal information:
- with the consent of the individual concerned
- as otherwise permitted by the APPs; or
- as required or permitted by law or court or tribunal order.
HDY is also bound by professional obligations in respect of confidentiality.
Overseas disclosure of personal information
We may disclose personal information to third parties outside Australia such as overseas agents or other advisors engaged to assist in providing services to clients.
However, we will not disclose individuals' personal information to overseas recipients other than in accordance with the APPs and this policy.
Some personal information is stored in the cloud, on servers in the United Kingdom on our behalf by third party data service providers. However, we maintain effective control over such information under contractual arrangements.
Dealing with us anonymously or using a pseudonym
Generally, we will require personal information from individuals in order to provide our services and to comply with legal obligations.
However, you may be able to deal with us on an anonymous basis when you access our website, social media pages, forums or blogs.
You also may use a pseudonym if posting any information to our social media pages.
Integrity of personal information
We store personal information securely through computer or cloud storage and paper-based files.
We will take all reasonable steps to ensure that all information we collect or use is accurate, complete, up-to-date, protected from misuse, interference, loss, unauthorised access, modification and disclosure, and accessed only by authorised personnel for permitted purposes.
If you need to update your personal information held by us, please contact our Privacy Officer.
We take steps as are reasonable in the circumstances to de-identify or destroy personal information that is no longer required by us for the purpose for which was collected, held or used.
Government related identifiers
We do not use any government related identifiers, such as Medicare numbers, driver licence numbers or TFNs as our own identifiers.
Third party links
Your choices - access and correction of personal information
If you wish to:
- seek access or correction of any personal information which we hold about you
- request removal of your name from our marketing distribution lists; or
- get more information about the way we manage the personal information we hold,
please contact our Privacy Officer - see the Contact Us section below.
If we do not agree to provide access to you to your personal information or to amend or annotate the information we hold about you, you may seek a review of our decision. Please see the Complaints section below.
If we do not agree to make the requested changes to your personal information, you may make a statement about the requested changes and we will attach the statement to your record.
If you have a complaint about a breach of the APPs by HDY in relation to your personal information, please contact us in writing, either by email or mail - see the relevant details in the Contact Us section below.
Complaints will be reviewed by our Privacy Officer and a response will usually be provided within 30 days of receipt of the complaint by us.
If you believe that your complaint has not been satisfactorily addressed by us, after following the procedure set out above, you can make a complaint to the Office of the Information Commissioner.
For more information about making a complaint, contact our Privacy Officer.
61 2 9947 6000
Privacy Officer, Henry Davis York, 44 Martin Place, SYDNEY NSW 2000