The Law Society of New South Wales (Law Society or we, us or our) deals with information privacy in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) set out in the Privacy Act. We also comply with the Spam Act 2003 (Cth) which imposes restrictions on sending emails and other types of commercial electronic messages.
What kinds of personal information do we collect and hold?
We collect and hold:
- your contact details, such as office address, home address, telephone numbers and email address;
- your personal details, such as date and place of birth, gender, qualifications, titles, whether or not you are Aboriginal or a Torres Strait Islander, the languages you speak;
- your practice details, such as your practising history, information relating to any complaints received and any disciplinary investigations or other action;
- your membership information, such as your membership history and activities including details of service on committees and/or Council;
- your browsing history on the Law Society website and Law Society Apps;
- any criminal record or medical information to the extent that it is relevant to our functions and responsibilities under, and authorised by, the Legal Profession Act; and
- records of your communications and other interactions with us.
How do we collect and hold your personal information?
We generally collect your personal information directly from you or when you use the Law Society Website or a Law Society App. However, in some cases, we may receive your personal information from a third party (for instance if we receive a complaint relating to a legal practitioner) or when it is relevant to our statutory responsibilities (for instance other regulators or government entities who have dealt with you).
What would happen if we did not collect your personal information?
Without your personal information we may not be able to process your application or request, perform our statutory functions or provide you with some or all of our services.
What are the purposes for which we collect and hold your personal information?
We collect and hold your personal information to:
- fulfil our functions and responsibilities under, and facilitate compliance with, the Legal Profession Act 2004 (NSW) and the legal profession legislation (as defined in the Legal Profession Uniform Law Application Act 2014 (NSW), Professional Standards Legislation, the Corporations Act 2001 (Cth) and associated regulations (which require and authorise us to collect certain information) including:
- maintaining regulatory and corporate records;
- undertaking investigations and implementing disciplinary procedures associated with professional responsibility; and
- providing information to Australian regulators and government entities (such as the Office of the Legal Services Commissioner) and to overseas regulators.
- fulfil our role as a professional association including:
- maintaining membership records;
- providing contact and general practising information to the public regarding legal practitioners including those with specialist accreditation;
- providing legal practitioners with information relevant to the legal profession;
- providing information on programs, services and benefits available to members, legal practitioners and the public;
- communicating regarding an enquiry, request for information or use of our services;
- conducting research and providing public representation relevant to members, legal practitioners or the provision of legal services;
- providing information to subsidiaries of the Law Society, the College of Law, our professional advisors and contractors, LawCover and other professional indemnity insurers and practising certificate funders;
- allowing use of personal information in a controlled manner by entities distributing information relevant to members or legal practitioners; and
- providing information to organisations that represent the legal profession such as the Law Council of Australia and Regional Law Societies;
- analyse your interaction with our personal and electronic services. The information collected from you may be analysed individually and/or aggregated with the information relating to other members to produce statistical information. Insights from this process is used to select and optimise the information, services and advertising we provide to you; and
- provide information to third parties as authorised or required by law.
Use and Disclosure of your personal information
We do not use your personal information or disclose it to another organisation unless:
- it is reasonably necessary for one of the purposes described above;
- having regard to the nature of the information or the circumstances of collection we believe you would expect us to use the information or make the disclosure;
- required or authorised by law or court or tribunal;
- it is necessary to protect the rights, property, health or personal safety of a legal practitioner or member, the public or our interests, and it is unreasonable or impracticable to obtain your consent;
- the disclosure is necessary to assist any entity, body or person to locate a person who has been reported missing;
- we have reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to our functions or activities has been, is being or may be engaged in, and we believe that the collection, use or disclosure is necessary in order for us to take appropriate action;
- the assets and operations of our business are transferred to another party as a going concern;
- it is obtain third party services, for example to carry out data analysis or provide information processing services. The use of your information by third parties is strictly controlled; or
- you have provided your consent.
We may publish a list of legal practitioners to whom we have issued current Practising Certificates including limited personal information such as name, address and contact information. Whether a legal practitioner is a Member of the Law Society is a matter of public record and is disclosed on our website, as well as to the public upon request or if we believe it is necessary or appropriate to do so. Specialist Accreditation and other relevant qualifications may also be disclosed.
If you practise in a foreign country (or apply to do so) we may send your personal information overseas in response to an inquiry from the relevant authority in that place. The Law Society uses the services of certain third party service providers which may have offices or other operations outside of Australia. As a result, your personal information may be disclosed to overseas recipients located in India and China. All service providers that have access to personal information held by the Law Society are required to keep the information confidential and not to make use of it for any purpose other than to provide services in accordance with their engagement.
If you do not want your personal information to be disclosed
If you do not want your personal information to be disclosed (for instance, you want to have your name excluded from commercial mailing lists) you should manage your subscriptions via the Law Society website or advise the Law Society Registry in writing. We will accommodate your request provided that the disclosure is not required by law.
Storage and security of personal information
We take reasonable precautions to protect the personal information we hold from misuse, loss, unauthorised access, modification or disclosure.
Where practicable we implement measures to require organisations to whom disclosure is made to comply with the Privacy Act. If a third party is given access to personal information we take reasonable steps to ensure that the information is held securely and used only for the purpose of providing the relevant service or activity.
We collect personal information through software such as cookies. A cookie is a text-only string of information that a website transfers to the cookie file of the browser on the hard disk of a user's computer so that the website can remember that user. Without cookies, websites and their servers have no memory. This means that every time a user opens a new webpage on a website, the server where that webpage is stored will treat the user as new and require logon and password. In short, a cookie facilitates a user's passage through a website.
Rights to access and correction of your personal information
You have the right to access your personal information unless we are permitted by law to withhold that information. Any requests for access to your personal information should be made to the Law Society Privacy Officer (see below) in writing. You also have the right to request the correction of any of your personal information which is inaccurate. Any corrections should be advised to the Law Society Registry in writing.
In some circumstances it may be appropriate and lawful for us to deny access, including if:
- we reasonably believe that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety;
- providing access would have an unreasonable impact on the privacy of another individual;
- the request is frivolous or vexatious;
- the information relates to existing or anticipated legal proceedings between you and us and the information would not be accessible by the process of legal discovery in those proceedings;
- giving access would reveal our intentions in relation to negotiations with you and prejudice those negotiations;
- we have reason to suspect that unlawful activity, or misconduct of a serious nature, relating to our functions or activities has been, is being or may be engaged in; and giving access would be likely to prejudice the taking of appropriate action in relation to the matter;
- providing access would be unlawful or if denying access is required or authorised under Australian law or a court/tribunal order;
- giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
- giving access would reveal evaluative information generated within the Law Society in connection with a commercially sensitive decision-making process.
Further information and complaints
If you require any further information about our management of personal information or have a complaint about our handling of your personal information, you should initially write to the Law Society Privacy Officer, who will respond to you within a reasonable time, usually 30 days.
If you are not satisfied with the outcome of your complaint you may contact us further to advise of your concerns and, if we are unable to reach a satisfactory resolution you may write to the Office of the Australian Information Commissioner using the form available at this link http://www.oaic.gov.au/privacy/making-a-privacy-complaint for further review of your complaint.
- Privacy Officer
- Corporate Legal Services
- The Law Society of NSW
- 170 Phillip Street
- Sydney NSW 2000
- T: (02) 9926 0333
- F: (02) 9231 5809
- E: CorpLegal@lawsociety.com.au