(07) 4646 2621
Email Us
Level 1, 11 Annand St, Toowoomba QLD 4350
Enterprise Legal
Enterprise Legal Enterprise Legal

Privacy Policy

Our Philosophy

Enterprise Legal (Qld) Trading Pty Ltd ACN 621 481 507 trading as ‘Enterprise Legal’ (we or us) is committed to protecting and respecting your privacy by handling all personal information securely and with care, in accordance with the Australian Privacy Principles (the APPs) as set out in the Privacy Act 1988 (Cth) (the Act). The APPs regulate the manner in which personal information is collected, used, disclosed, stored, accessed, corrected and disposed of.

We have adopted this Privacy Policy to ensure that we comply with the APPs. The Policy provides an overview of:

  1. the types of Information collected and held by us;
  2. how the Information is collected and held;
  3. the purposes for which Information is collected, held, used and disclosed;
  4. whether we are likely to disclose Information to overseas recipients;
  5. how an individual may access their Information and seek its correction; and
  6. how any individual may complain if we breach the APPs the Act, and how the complaint will be handled.

Please read this Privacy Policy carefully to ensure that you understand our practices regarding the management of any information you disclose to us. We reserve the right to change the Privacy Policy at any time, so please check back regularly to keep informed of updates to this Privacy Policy.

 

What is ‘Personal Information’ and ‘Sensitive Information’?

Personal Information’ is any information or an opinion about you or another individual that identifies you or that could reasonably identify you. This could include information such as your name, contact detail, date of birth or employment details. 

Sensitive Information’ is any information or opinion about you or an individual which is health information or which relates to your racial or ethnic origin, political opinion, religious beliefs, sexual orientation or criminal record. The APPs place more stringent obligations on us when we handle your sensitive information.

We may not necessarily hold both Personal Information and Sensitive Information, however the purpose of this Privacy Policy is to provide assurance and confirmation that any Personal Information and/or Sensitive Information that we receive about you will be held and dealt with in accordance with this Privacy Policy.

 

What information DO we collect?

We collect, hold, use and disclose the Information that you disclose to us (or which we obtain from third parties) to provide legal advice to you. We will only collect and retain information that is reasonably necessary for the performance of our activities and functions so that we are able to provide you with these products and services you require or which we recommend to you.

The type of Information we collect and hold depends on what you disclose to us, which will be guided by the specific products and services provided to you. It is likely that, at a minimum, the Information we will require you to provide to us will include basic personal contact information, as well as other information that is deemed relevant.

The Information will include, but will not be limited to:

  1. your identification and contact details (e.g name, postal and/or residential address, email address, telephone number(s), age and gender);
  2. your personal details (date of birth, gender, cultural identity, socio-economic status, etc.);
  3. financial information, such as bank account or credit card details;
  4. contact history with us, including emails, telephone logs and the like;
  5. your health information and medical history;
  6. information on personal issues, experiences and relationships; and
  7. your family background and community supports (which can include Personal Information and Sensitive Information of third parties).

You may elect not to provide us with the above Information, however if you elect not to do so this might impact or limit our ability to provide any products and services to you

 

How we collect and hold Information

During the course of providing our products and services to you, we will collect Information from you at various stages by asking you verbally or in writing for that information. We might also ask you to complete forms or documents that are necessary for us to assist you.

We may also collect Information from third parties and other sources, including (by way of example) from:

  1. public sources (for example, in public registers or social media);
  2. Government Agencies (for example Centrelink, Medicare and the like);
  3. information service providers (for example, we may ask a credit reporting body for your credit report);
  4. third parties you authorise us to request Information from (for example former service providers); and
  5. anyone authorised to act on your behalf.

We may also generate new Information from time to time, such as reports or analysis based on other information we hold about you.

We will take reasonable steps to store Information that we hold in a secure manner, to protect the security of it. We implement a range of measures, including people, process and technology controls to protect the security of your Information. Specific details of those measures can be provided upon request, however some examples of these measures include the following (which are a combination of physical and technical measures):

  1. Information that we store in hard copy, is stored securely within a locked filing cabinet;
  2. Information that we store electronically, is stored in a local server/secure cloud-based facility and/or on our computers, which are password protected and are kept in secure locations at all times;
  3. Information accessed by staff is protected by way of internal confidentiality parameters and information security policies;
  4. maintaining an ongoing security program where we invest continually in cyber security including training all staff in those measures as required; and
  5. regular reviews and updates of our policies and protections, which also includes training to our staff regarding those matters including as they are updated.

When we no longer require your Information (which may be a point in time governed by legislation, regulation or professional industry standards) it will be destroyed or permanently de-identified. However, we will retain Information for as long as the law requires.

 

What happens if there is a data breach?

A data breach is when Information held by us is lost or subjected to unauthorised access, modification, disclosure, or other misuse or interference. Examples of a data breach are when a device containing personal information of clients is lost or stolen, an entity’s database containing personal information is hacked or an entity mistakenly provides personal information to the wrong person. A ‘data breach’ may also constitute a breach of the Privacy Act or the APPs, however this will depend on the circumstances.

We have a data breach response plan. Our actions in the first 24 hours after discovering a data breach are crucial to the success of our response. A quick response can substantially decrease the impact on the affected individuals.

You can help by notifying us immediately if you think you have spotted a data breach (for example if you receive an unusual link or email from an email address or ours or someone purporting to be us). We ask you notify us by phone using a phone number that you know to be correct. You can also locate our main contact number on our official website, which is www.enterpriselegal.com.au.

However, despite our reasonable efforts, we cannot guarantee that the security of your Information will not be breached. Therefore, to the fullest extent permitted by law, we disclaim all liability and responsibility for any damage you may suffer due to a data breach, except to the extent that our liability cannot be excluded by applicable laws and regulations which we are subject to.

 

Third Party Personal and Sensitive Information

We may ask you for Information about other individuals, for example, your family members. If you provide us with this Information, we will assume you have their consent in doing so and rely on you to tell those individuals that you are giving their Information to us, and to make them aware of this Policy.

 

How we use your Personal and Sensitive Information

We may use the Information for a variety of reasons, however it will generally be used for following purposes:

  1. to confirm your identity;
  2. to provide you with legal services and contact your directly about them;
  3. to share it with our related entities, subsidiaries or other specialist providers as required to perform functions on our behalf;
  4. to share with supplier and third parties that carry out specific function on our behalf, so that we can provide you with the products and services;
  5. for other purposes communicated to you when your information is collected;
  6. for disclosures required by law, regulation or court order; and
  7. to provide data to Government department and agencies who provide funding to us;
  8. to comply with our legal, professional and insurance obligations;
  9. for administering and managing our business;
  10. training Artificial Intelligence (AI) tools or systems including AI development by our vendors with appropriate confidentiality safeguards in place;
  11. quality assurance and improvement of our services, including training our AI models or those of our AI providers (subject to our obligations of confidentiality to you);
  12. to comply with our obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF Act);
  13. ongoing customer due diligence as required by the AML/CTF Act;
  14. enforcement of our right to payment of fees;
  15. internal reporting and analysis;
  16. risk management and insurance purposes; and
  17. to conduct internal client research and assessment.

This includes us using this information to communicate with you about our products and services, for internal administration, planning and direct marketing (for which we will offer you an ‘opt out’ functionality if you do not wish to receive this material). We will also use your Information for purposes related to those described above which would be reasonably expected by you or are reasonably connected to them.

We will not use your Information for purposes other than those described above, unless we have your consent, or there are specified law enforcement or public health and safety reasons (as permitted under the Act or any other governing legislation or regulation).

 

Use of Artificial Intelligence (AI ) Tools

We may use approved AI tools to support internal administrative, operational, productivity and drafting support functions.

We do not input, upload or otherwise use Information, confidential documents or any specific identifying information in public or non-approved AI tools. We may, however, use Information in connection with approved AI tools, which are those that are operated by our secured software provided which is where Information is securely housed (and in which the relevant provider gives appropriate warranties and assurances they do not use that Information beyond what is already protected by that platform).

AI tools are used in accordance with our internal policies, procedures and staff training requirements. AI-generated outputs are reviewed by appropriately qualified staff and are not relied upon as a substitute for the products and services we provide.

Any suspected unauthorised disclosure of Information through an AI tool is managed under our privacy, cybersecurity and incident response procedures.

 

Transfer of Personal and Sensitive Information

We may outsource business functions to other organisations and as such, it is possible that your Information will, as required from time to time, be disclosed or transferred to other organisations to allow them to assist us to provide you with products and services.

It is very unlikely that we will disclose Information to overseas recipients. If we transfer your Information outside Australia, we will endeavour to comply with the requirements of the Act that relate to transborder data flows, but we cannot guarantee compliance and you specifically agree that you understand this. Therefore, to the fullest extent permitted by law, we disclaim all liability and responsibility for any damage you may suffer due to our non-compliance with APP 8.1, except to the extent that our liability cannot be excluded by applicable laws and regulations which we are subject to.

You should also be aware that:

  1. any overseas recipient may not be subject to any privacy obligations or to any principles similar to the APPs;
  2. you may not be able to seek redress in the overseas jurisdiction; and
  3. any overseas recipient may be subject to a foreign law that could compel the disclosure of Information to a third party, such as an overseas authority.

While we will not directly disclose your Personal Information and Sensitive Information to overseas recipients without your consent, the entities to which we may disclose your Personal Information and Sensitive Information may do so. We are unable to say what countries, if any, those recipients are likely to be located in.

 

Changes to this Privacy Policy 

This Privacy Policy discloses our current privacy practices. From time to time and in line with client expectations and legislative changes, this Privacy Policy will be reviewed, and, if appropriate, updated at any time without notice. We will endeavour to provide you with notice of the changes as soon as reasonably practicable to do so.

 

How to change or access the information we hold about you

You can access the Personal Information and Sensitive Information we hold about you.

We will take reasonable steps to ensure that any Personal Information or Sensitive Information that we collect, use, store or disclose, is relevant, accurate, complete and up-to-date. If you believe the information we hold is inaccurate, incorrect, or incomplete, you may request that your information be corrected and we can then take reasonable steps to correct this information.

Please contact our Privacy Officer (details below) to access or request updates to any Personal Information and/or Sensitive Information which we hold.

 

Cookies, web beacons and other websites

If you are accessing this Privacy Policy via our website (the Site), we may use cookies on the Site from time to time. Cookies are small text files created by a website and stored in your computer, which recognise and track your preferences. Cookies, on their own, will not provide us with your email address or other personally identifiable information. However, cookies allow third parties, such as Google, Facebook and Instagram, to cause our advertisements to appear on your social media and online media feeds as part of our online marketing campaigns.

If and when you choose to provide the Site with Information, it may be linked to the data stored in the cookie. If you do not wish to have cookies placed on your computer, please set your browser preferences to reject all cookies before accessing our website.

If you are accessing this Privacy Policy via the Site, we may use web beacons on the Site from time to time. Web beacons (also known as Clear GIFs) are often a transparent graphic image that is placed on a website or in an email that is used to monitor your behaviour. For example, web beacons can be used to count the number of users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page.

If you are accessing this Privacy Policy via the Site, the Site may contain links to other third party websites. We have no control over those websites and we are in no way responsible for the protection and privacy of any Information you provide whilst visiting those third party websites. Those websites will not be governed by this Privacy Policy and we recommend that you seek out their privacy policy when redirected to a third party website to ensure that you are aware of how they may use your Information.

 

Complaints

If you have a complaint about the way we have dealt with your Information, or about this Privacy Policy itself, we invite you to provide written details of your complaint to our Privacy Officer (contact details below).

Our Privacy Officer will contact you within 14 days of the date we receive the written details of your complaint to acknowledge that we have received it. Our Privacy Officer will then:

  1. review the way we dealt with your Information;
  2. conduct an internal investigation (if necessary) into how your Information came to be handled in the way that it was; and
  3. provide a report to you within 1 month of the date we acknowledged receipt of your complaint.

If you believe we have breached the APPs, you may also lodge a complaint with the Office of the Australian Information Commissioner.

 

Contact Us

Should you have any queries, complaints or comments about this Privacy Policy, please contact our Privacy Officer in writing by post or email at: 

POST:             
Attention: The Privacy Officer
Enterprise Legal (Qld) Trading Pty Ltd ACN 621 481 507 trading as ‘Enterprise Legal’
PO BOX 817
TOOWOOMBA QLD 4350

EMAIL:    
ua.moc.lagelesirpretne@nimda