Your privacy is front of mind.

CounselCulture cares about its privacy obligations. Here's how we handle your personal information in accordance with the Australian Privacy Act.

Updated 21 March 2024.
 

Privacy Policy


introduction

We’re CounselCulture, a legal practice located in Australia, and we’re committed to keeping your personal information safe, secure and private. Our privacy policy sets out how we collect, store, use and disclose personal information. By visiting our website, using our services or apps, or otherwise providing your personal information to us, you consent to our collection, storage, use and disclosure of your personal information in line with this privacy policy, the Australian Privacy Act and Spam Act, and any other arrangements in place between us. We may update this privacy policy by publishing changes to it through this website.

How, what and why?

how we collect

We collect your personal information either directly from you when you provide your details to us or indirectly from you through emails, forms, face-to-face meetings, interviews, seminars, business cards, online queries, telephone conversations and social media. We may also collect your personal information from third parties if it's not practical or lawful for us to collect the information directly from you. This may include information collected in the ordinary course of providing legal services, from publicly available sources, from a third party fulfilling a criminal, bankruptcy, or other check, or from recruitment agencies, former employers and government departments.

what we collect

The specific kinds of personal information we collect depend on the nature of our interaction with you. Generally, we may collect your name, date of birth, contact details, address, occupation, job title, company name, personal preferences, payment details, e-signatory details, IP address, location data, opinions about your suitability for employment or other engagement, testimonials and feedback. Sometimes we may collect sensitive information such as your membership of a professional association, criminal record or health information. If we collect your sensitive information, we'll ask for your prior consent unless we're otherwise permitted to collect it by the Privacy Act.

why we collect, use and disclose

We only collect personal information we reasonably require for us to conduct our business. This includes providing or marketing our services, communicating with you to promote our products or services, operating, developing or enhancing our website or apps, considering the suitability of potential employees, contractors or suppliers, or otherwise complying with our legal obligations. We may also use or disclose personal information for reasonably related secondary purposes or as otherwise permitted by the Privacy Act.

direct marketing

We don’t sell or trade your personal information. Sometimes we may send you articles about current legal trends. We may also send you other direct marketing communications and information about our services. These communications are usually sent by email but may be sent through other forms of communication. We only do this if you have expressly opted-in to receive our marketing communications or we can reasonably infer your consent in accordance with the Privacy Act and Spam Act. You can opt-out of receiving our marketing communications by contacting us or using an opt-out facility (eg an unsubscribe link where available).

Who to and where?

who we disclose to

We only disclose personal information to our employees, professional advisers and our (future) related bodies corporate on a need-to-know basis. We may also share personal information with third parties who assist us in providing services (eg barristers, tax specialists, external lawyers and debt collectors), third parties we outsource services to (eg reputable payments processing platforms, both physical and cyber security providers, data storage providers and e-signatory platforms). Otherwise we will only disclose your personal information to third parties as authorised by you, to entities acquiring our business (or a substantial part of our assets) or as required or permitted by law.

offshore disclosure

Your personal information may be transferred to entities located outside of Australia. In particular, we use cloud delivered enterprise security solutions hosted by Microsoft in the US. Metadata and in some cases whole files are temporarily sent to Microsoft’s servers in the US for security analysis. We may also occasionally transfer your personal information to the US or EU servers of our other reputable service providers such as e-signatory platforms (eg Adobe Inc. or DocuSign, Inc.). We otherwise only ordinarily transfer personal information overseas in the course of acting in an international matter. If we transfer your personal information overseas, we'll take reasonable steps to ensure that your information is only processed for the purposes it was collected (or reasonably related secondary purposes) and is adequately protected using appropriate technical, organisational, contractual or other lawful means.

storage and security

We take the security of your personal information seriously. We primarily hold your personal information in secure cloud servers hosted by Microsoft in Sydney and Melbourne, Australia. We backup all of our data and the backups are hosted by Amazon Web Services in Sydney, Australia. In some cases, personal information can be temporarily held outside of Australia as explained in the offshore disclosure section of this privacy policy. We take reasonable steps to protect personal information from misuse, interference or loss as well as unauthorised access, modification or disclosure. We only allow individuals access to their personal information if they satisfy our identification requirements. If we no longer require personal information, we take reasonable steps to securely destroy or de-identify it.

Although we take these reasonable steps to secure your personal information, we exclude all liability (including in negligence) in connection with any unauthorised access to your personal information, except to the extent a contractual arrangement between us provides otherwise or liability cannot be excluded due to the operation of an Australian statute.

Complaints and contacting us.

making a complaint

If you think we've breached the Privacy Act, or if you would like to make a complaint about the way we handle your personal information, you can contact us using the details below. Please include your contact details and describe your complaint. We'll acknowledge and respond to your complaint within a reasonable period of time. If you think we've failed to resolve your complaint, we'll provide you with information about what further steps you can take.

our contact details

For further information about our privacy policy or practices, to access or correct your personal information, or to make a complaint, please send us an email or call our reception on +61 (02) 7910 9350.