BGM Legal Pty Ltd (ACN 615 871 406) (referred to as “us”, “we”, “our”) takes your privacy seriously.
This Privacy Policy explains how we manage personal information. It also describes your rights to access and correct personal information we hold about you, and how you can make a complaint about our management of your personal information.
What is personal information?
In this Privacy Policy, ‘personal information’ is as defined by the Privacy Act 1988 (Cth) (Privacy Act). It is, in summary, information about an individual who is identified or reasonably identifiable from that information, or other information together with that information.
What types of personal information do we collect?
We may collect the following types of personal information:
- identity information including name, date of birth, gender, signature, photographic identification;
- contact information including residential and postal addresses, email addresses, telephone numbers;
- professional and business information including occupation, employer, job title, professional qualifications, business holdings and structures, offices or directorships held;
- financial information including bank account details, billing information, payment card details;
- matter-related information relevant to your legal matter or the legal matter of our client;
- sensitive information including information about sexual orientation, racial and ethnic origin, religious affiliation, criminal record, and health information;
- transaction information: details of services provided to you or your organisation;
- communication records: records of correspondence and communications with you;
- for prospective employees or contractors, recruitment information including employment history, qualifications, references.
We may be required to verify your identity and collect certain information under the AML/CTF Act when we provide designated legal services, including collecting identification documents and information about the source of funds and/or beneficial ownership of entities and/or real property transactions.
We may also collect technical data including your internet address, web browser type and preferences, internet service provider, your domain name (if applicable), time zone and geolocation data and the date and time you visited the website, noting that some of that data is collected automatically when you visit this website or download information from it.
We are bound by professional obligations of confidentiality and legal professional privilege. BGM Family Lawyers treats and protects information received (including any personal information) in accordance with these professional obligations.
How do we collect personal information?
We collect personal information directly from you, including when you:
- engage us to provide legal services;
- respond to communication with us or engage a solicitor or agent to do so;
- contact us by telephone, email, post or in person;
- complete forms or provide documents to us;
- pay your invoice for our services through our payment portal;
- visit our website or use our online services; or
- apply for employment with us.
We may also collect personal information about you from third parties, including:
- our client(s), where we collect information in the course of providing legal services;
- other parties to legal proceedings or transactions and their lawyers;
- witnesses, expert witnesses, health care providers and hospitals;
- courts, tribunals, law enforcement and government agencies;
- publicly available sources, including public registers, websites and social media;
- referrers who introduce you to us or lead agencies and advertising sites;
- recruitment agencies and previous employers (for job applicants); and
- identity verification and background check service providers.
Why do we collect personal information and how do we use it?
We collect, hold, use and disclose personal information for the primary purpose of providing legal services to our clients, complying with regulatory and insurance obligations and operating our legal practice, including:
- providing legal advice and representation to you or to our client(s);
- managing client matters and files;
- conducting legal research and investigations;
- preparing and reviewing legal documents;
- communicating with you and other parties;
- billing and collecting fees;
- complying with our legal, professional and insurance obligations;
- considering you for employment; and
- administering and managing our firm.
We may also use and disclose personal information for secondary purposes that are related to our primary purposes, including:
- maintaining and developing our relationship with you;
- training and professional development;
- ongoing Client Due Diligence as required by the AML/CTF Act;
- enforcement of our right to payment of fees;
- internal reporting and analysis; and
- risk management and insurance purposes.
Disclosure of personal information
We may disclose personal information to third parties to facilitate the purposes of collection noted above. These purposes include disclosure to parties to proceedings or transactions and their representatives, to courts, government and regulatory agencies as may be necessary or appropriate to establish legal rights and to progress transactions in which we are instructed. We also disclose information to third parties (such as data storage or archiving companies, our regulators or our insurers) who hold or process information for us.
Personal information and confidential data is held by us subject to our duty of confidentiality under the Australian Solicitor’s Conduct Rules (“ASCR”) and any applicable undertakings or court rules. We may disclose personal information to third parties subject to those obligations and for the purposes described in this Privacy Policy, including:
- to discharge our professional obligations to you or to our clients or in the reasonable execution of our instructions;
- to comply with our legal obligations or in answer to a compulsory notice such as a subpoena or warrant, or to disclose information under the AML/CTF Act, Legal Profession Act or other relevant legislation;
- to barristers, mediators, expert witnesses, investigators and consultants and other legal practitioners engaged to act for you (and/or our client) or in relation to the matter;
- other parties to legal proceedings or transactions as instructed, reasonably necessary or required by law;
- courts, tribunals, government agencies and regulators;
- our professional indemnity insurers;
- a costs assessor in the event that an assessment is ordered or reasonably necessary;
- service providers who assist us to operate our business (including information technology providers, document management providers, and marketing service providers);
- as permitted under the ASCR confidentiality exceptions; and
- any person you expressly or impliedly authorise us to disclose information to.
Is personal information disclosed overseas?
We may disclose personal information to recipients located outside Australia where reasonably necessary or convenient to facilitate the purposes of collection, holding, use and disclosure of information as outlined above, including:
- where your matter involves overseas parties or overseas proceedings;
- to overseas law firms or legal practitioners engaged in a matter;
- to overseas witnesses or expert witnesses required or engaged in a matter;
- to our staff or contractors if working or travelling overseas;
- to parties such as regulators and auditors who may use overseas processors or offices;
- to service providers whose systems or servers are located overseas (including cloud storage, and service providers if we consider that the confidentiality arrangements that will apply to such information is sufficient); and
- where you instruct or authorise us to do so.
How is personal information protected?
We implement reasonable security measures to ensure your personal information is securely stored and protected from misuse, loss, unauthorised access, modification or disclosure.
We maintain physical security such as through locks and security systems at our premises, maintain computer and network security and other security systems such as user access control settings, multi-factor authentication and password protection to control access to our security system.
However, the internet is not secure and we cannot guarantee the security of transmission of personal information disclosed to us online, including via the internet. Accordingly, you transmit your personal information to us online at your own risk and you are encouraged to exercise care in sending personal information via the internet. Please notify us immediately if you know or reasonably suspect that your personal information has been subject to any data breach, breach of security or other unauthorised activity.
Please note that our website may contain links to third party websites, such as payment processors. We are not responsible for the privacy practices of those websites, and we encourage you to read their privacy policies.
How long do we keep your personal information?
We retain personal information for as long as necessary to fulfil the purposes for which it was collected, to comply with our legal and professional obligations and to ensure that pertinent evidence remains available if reasonably required.
How can personal information be accessed and corrected?
You may request access to any personal information we hold about you at any time by contacting us at [email protected]. We will provide access to that information in accordance with the Privacy Act, subject to any exemptions that may apply. We may charge an administration fee but we will tell you if that is the case.
We take reasonable steps to ensure that the personal information we hold during the currency of your matter is accurate, up-to-date, complete and relevant, however, records held subsequent to the completion of our work for you will not be monitored or updated unless further instructions are issued.
If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it by contacting us at [email protected]. We will respond to correction requests within a reasonable period. If we correct information that we have previously disclosed to a third party, we will notify that third party of the correction if you request us to do so.
Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The current version will be available on our website at https://www.bgm.legal/. You are responsible for reviewing this Privacy Policy periodically and informing yourself of any changes.
Privacy Policy Complaints and Questions
If you have any questions or concerns about our Privacy Policy, please contact us at:
Privacy Officer
BGM Family Lawyers
PO Box 8
Upper Coomera QLD 4209
Email: [email protected]
Phone: 1300 246 529
