Perth:+61 8 9481 2040
Geraldton:+61 8 9921 2344
The Privacy Act 1988 (Cth) (Privacy Act), the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth) and the Privacy (Credit Reporting) Code 2014 (Privacy Code) regulate how personal information is handled. The Australian Privacy Principles (APPs) contained in the Privacy Act govern the way in which we collect, use, disclose, store, secure and dispose of your personal information.
What is personal information, sensitive information and credit related information
We collect and hold personal information in carrying out our business and functions as a legal services provider. We collect personal information in many ways, including during our business dealings with you, interviews (including job interviews), correspondence, by telephone and facsimile, by email, via our website [http://www.whlaw.com.au/], from your website, from media and publications, from other publicly available sources, from cookies and from third parties.
The term “personal information” is defined by the Privacy Act. Personal information is information or an opinion that can be used to identify you. This might include personal details like your name, address, date of birth, other contact information like your email address and phone number and financial information like your credit card number or bank details.
“Sensitive information” is a type of personal information. Sensitive information can include information like your racial or ethnic origin, health information, political opinions, membership of a political association, professional or trade association or trade union and criminal record.
The kinds of personal information we collect and hold
We collect and hold a range of personal information in carrying out our business and functions as a legal services provider. The personal information we collect about you will depend on the way we interact with you.
Some of the situations where we collect personal information include when:
Generally, the different kinds of personal information we collect and hold include:
Specifically, the kinds of personal information that we collect and hold about you will depend upon the nature of our relationship with you.
The kind of personal information we collect and hold in any given circumstance is determined by the legal services we are providing.
We typically collect and hold the following kinds of personal information about our clients:
Our contractors, service providers, suppliers and job applicants
We typically collect and hold the following kinds of personal information about contractors, service providers, suppliers and job applicants:
Website users, online contacts and attendees at seminars and other functions
The only personal information which we collect about you when you use our website or contact us online is what you tell us about yourself, such as when you complete an online subscription form to our publications, alerts and newsletters, when you accept an invitation to attend a seminar or function, or complete one of our online forms, including through our marketing campaigns, or information you provide to us when you send us an email.
The kinds of personal information that we may collect through our website include:
In the course of providing our clients with the services they have requested, and carrying out their instructions, we may be required to collect personal information about other individuals including other parties to our clients' matters, their legal representatives and other service providers or contractors retained by them.
The nature of information collected will depend upon the individual circumstances of the matter, but is likely to include:
Depending upon the circumstances of the matter, it may also include sensitive information.
To the extent that it is relevant to the work we are undertaking for a client or our general relationship with a client, we may also collect and hold personal information about clients that is sensitive information under the Privacy Act. For example, we may collect health information about an individual, membership of a professional or trade association, membership of a trade union, ethnicity, religious beliefs or affiliations or criminal records.
We will only collect sensitive information if the sensitive information is reasonably necessary for us to carry out our functions or activities, or if the APPs otherwise permit such collection.
Purposes for which we collect personal information
We collect, hold and use personal information for the purposes for which it was collected, related purposes and other purposes including:
How do we collect information about you?
If we do collect personal information about you we will take reasonable steps to let you know that we have collected your personal information.
Directly from you
In most instances we will collect personal information directly from the person to whom the information relates, or the organisation of which that person is an employee, director or principal.
We usually collect your personal information from you directly when we speak to you on the telephone, when we correspond with you over email, when we meet with you in person, if you provide us with documents that contain your personal information or you provide information to us through our website.
We will only collect personal information from third parties if it is unreasonable or impracticable to collect the information from you directly or if we are required or authorised by an Australian law or court/tribunal order to do so.
We may also collect personal information about individuals from the following third parties:
Information you give us about someone else
If you supply us with the personal information of a third party, such as a spouse, colleague or friend, we accept that information on the condition that you have all the rights required from that third party to provide that personal information to us to use for our functions and activities.
Cookies may also be used to track how you use the site to target ads to you on other websites. To opt out of this you can visit the DAA opt-out site www.aboutads.info or the Network Advertising Initiative opt-out site at networkadvertising.org/choices, or for those in Europe, the EDAA opt out site at youronlinechoices.eu
How we store personal information
We hold personal information in hardcopy files and in electronic form, and take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access, modification or disclosure.
We store hardcopy files in secure facilities. We also store hardcopy files with an offsite storage provider whose premises and access is strictly controlled.
Under our document management system, access to files is appropriately limited. Personal information within our network is password protected and access is appropriately limited.
We store electronic records within our own secure network and through third party data storage providers. Our third party data storage providers are required to protect personal information in accordance with applicable laws and take appropriate technical and organisation measures against unauthorised or unlawful use of personal information or its accidental loss, destruction or damage.
How we disclose personal information
We may disclose personal information to third parties including:
In some circumstances we are permitted or authorised by or under an Australian law or a court/tribunal order to use or disclose your personal and sensitive information. For example, if our disclosure of your information will reduce or prevent a serious threat to life, health or safety or our disclosure is in response to any unlawful activity.
Overseas disclosure of personal information
We may disclose personal information to external service providers located overseas so that they can provide us with services in connection with the operation of our business, such as marketing services and data storage.
We are generally not likely to disclose personal information to overseas recipients. However, in the course of acting for some clients it may become necessary or desirable to disclose personal information to overseas recipients.
We may use your personal information to send marketing materials to you if the marketing material is related to the purpose for which we collected that information.
We will ask for your consent before we use your personal information for marketing purposes if we have not collected that personal information directly from you or where sensitive information is involved.
If you do not wish for us to send you such emails, please let us know by contacting our Privacy Officer.
You can also unsubscribe from our email notificatons using the contact form at the bottom of this page.
Destroying personal information
We will generally destroy, or take steps to de-identify, personal information when this is no longer required by us. We otherwise destroy information after 7 years.
Applying for and employment with us
If you submit an application or register interest for employment with us, we will collect personal information from you. If your application for employment with us is unsuccessful, we may retain this personal information to assess your suitability for another role with us. If you do not want us to retain personal information about you, please contact our Privacy Officer.
Access and correction of personal information
We will take reasonable steps to ensure that the personal information we collect, use and disclose is accurate, up-to-date and complete. We will also take reasonable steps to protect personal information that we hold from misuse, interference, loss, unauthorised access, modification or disclosure.
You have the right to request access to personal information that is held by us about you. You also have the right to request correction of any of your personal information that we hold. We will take reasonable steps to make appropriate corrections to your personal information so that it is accurate, complete and up to date.
If you would like to access, or correct, your personal information please write to our Privacy Officer using the contact details set out below. Please make sure you clearly identify the information or correction requested. In order to protect your personal information we will require identification from you before releasing the requested information.
In some cases, we may refuse to provide you with access to your personal information. We will only do this if an exception in the Privacy Act applies. If access is refused, we will write to you and explain why.
In some cases, we may charge you a fee for access to personal information.
If you have any questions or complaints about the way we have handled your personal information you can contact our Privacy Officer on the details below.
The Privacy Officer will review your complaint, consider our conduct in relation to the complaint and the requirements of the APPs, and will consider appropriate action. We will respond to complaints within a reasonable period of time (usually 30 days).
If you are dissatisfied with our response to your complaint, you can make a complaint to the Office of the Australian Information Commissioner (OAIC). You can find more details about making a complaint to the OAIC here
You can contact our Privacy Officer via the contact form at at the bottom of this page.
For more information about privacy issues, and to obtain copy a of the National Privacy Principles you can visit the OAIC website at http://www.oaic.gov.au
Policy last updated February 2019