Page Title

​Our Commitment to Privacy

​

Greenstone Legal Pty Ltd ACN 600 366 809 (Greenstone Legal) recognises that it is important for you to know how we deal with your personal information and for that reason this statement outlines our current Privacy Policy.

 

Our privacy policy is intended to represent industry best practice. Greenstone Legal abides by the Australian Privacy Principles (APPs) established under the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth).

​

Please note: If you are a resident of an EU member state, then in accordance with the General Data Protection Regulation 2016/679,  there are further provisions of this Privacy Policy that are applicable to you. Those provisions are set out later in this document.

​

We know that providing personal information is an act of trust. We value and take your trust very seriously. Unless you give us explicit consent to act otherwise, the following policy will govern how Greenstone Legal handles your personal information and safeguards your privacy.

 

Greenstone Legal is committed to ensuring the protection of your personal information and giving you options regarding who can use your personal information and how it can be used.

​

Collection of Information

​

Our ability to provide you with comprehensive and quality services is reliant on us obtaining certain information about you. The team at Greenstone Legal may request personal and sensitive information (as those terms are defined in the Privacy Act 1988 (Cth)) from you, which will generally comprise, but not be limited to, the following type of information depending on the service you engage us to provide:

​

• Personal details e.g. name, address, contact details (phone, email), birth date, employment details and history, financial position, family members, identification information and copies of identity documentation; tax file number;

• Credit and debit card information for payment processing purposes;

• Relationship information e.g names of parties to a relationship, length of relationship, behaviour of parties to a relationship, criminal records, sexual orientation, religious beliefs, financial information;

• Medical information including illnesses, treatments, alcohol and drug test results, psychological and other professional reports;

• Business details including ABNs, ACNs, directorships, financial accounts, constituting documents, business agreements;

• Financial information including details of assets and liabilities;

• Documentation including current and former wills and other estate planning documents, correspondence with others, previous case notes.  

 

If you do not provide us with the information required, we may elect to terminate our relationship with you, if we believe it will jeopardise our ability to provide you with a complete, accurate and comprehensive service or will undermine your or our obligation to the Courts and other Authorities.

​

Information About You Provided to Us By Others

​

If you are referred to us by a third party, such as an accountant, financial planner, mortgage broker or settlement agent then we may ask them to provide, or they may otherwise provide to us, personal and sensitive information about you.

​

Information Which We May Collect From Your Use of Our Website or Mobile App

​

When you visit our website, we may collect certain information, which may include information that you voluntarily disclose and information that is automatically collected such as:

​

• Information collected when you register or update your details on a website form, for example including identifying information such as your name, mobile phone number, email address, physical address and nature of enquiry;

• information submitted to online facilities such as search tools, and;

• tracking information we collect as you use the Website including which areas of the site you visit, including your IP address, or browser, and information about your computer’s operating system, application version, language settings, and pages that have been shown to you.

• If you are using a mobile device, we might also collect data that identifies your mobile device, device-specific settings and characteristics and latitude/longitude details. We might also calculate and process data related to the type of apps installed on a mobile device, such as the name of the app, an app description and the category it belongs to.

 

It is unlikely that any one piece of this information alone will be able to tell us who you are, but it can still considered to be “personal” information and in conjunction with other information we hold about you may identify you.

​

Please refer to our website terms and conditions for further information on your use of our website and mobile apps. 

​​​

​

​

Use and Disclosure of Information

​

Any personal information about you collected by Greenstone Legal will be used for the following purposes:

​

• Provision of services you have engaged Greenstone Legal us to provide to you;

• Completion of associated documentation and forms;

• To market goods and services which may be supplied by Greenstone Legal, unless you inform us not to do so. We note that your information may be automatically uploaded to our email marketing applications.

• To market services of third party providers which may be of interest to you, unless you inform us not to do so.

 

From time to time we are required to disclose information to other organisations as part of our service to you or to comply with the laws and regulations governing our provision of services. The organisations we may be required to disclose information include, but are not limited to:

​

• Financial institutions;

• Courts and Tribunals;

• Mediators and Arbitrators;

• Your accountants, financial advisers or other professional service providers;

• Examiners and testers;

• Medical professionals;

• The Office of the Australian Information Commissioner.

• Other government departments such as the Australian Taxation Office (ATO), ASIC and Centrelink as required by law.

• External service providers to our business and other compliance inspectors such as for audit purposes.

• External parties for business acquisitions or in the event of the sale of the business.

• Any other external party which we are compelled at law to make disclosures to.

• Any other external party as authorised by you from time to time.

 

We will not use or disclose information collected about you other than for a purpose made known to you unless the disclosure is:

​

• The person or company (being a professional service provider) that referred you to us has requested to be updated or provided with progress reports and documents completed;

• Required by law (e.g.  Courts, Tribunals, ATO, Australian Prudential Regulation Authority and ASIC have the power to order us to disclose information about your situation);

• Is authorised by law (e.g. to protect our interests or where we have a duty to the public to disclose);

• To protect a life;

• You have consented to our disclosing the information, or;

• The assets and operations of the business are transferred to another party.

 

Greenstone Legal undertakes not to sell, rent or trade your personal information with the exception that we may provide your contact details to third party suppliers who we have recommended that you engage. In such case, we will provide them with only the information necessary to enable them to determine if they are able to assist you (for example your name, location, email address and a brief outline of the issues requiring their expertise).

 

We may use the personal information collected from you for the purpose of providing you with direct marketing material such as articles that may be of interest to you, however you may request not to receive such information by contacting our offices at admin@greenstonelegal.com.au

 

Other than as set out in this document, we will not otherwise disclose your information to other parties without your explicit consent.

 

Storage and Security

​

We use a number of mechanisms to protect the security and integrity of your information. Unfortunately, no data transmission over the Internet can be guaranteed as completely secure. So while we strive to protect such information, we cannot ensure or warrant the security of any information you transmit to us and you do so at your own risk.

​

Greenstone Legal recognises how important the privacy of your personal information is to you. We will therefore, at all times, seek to ensure that the personal information collected and held by us is protected from misuse, loss, unauthorised access, modification or disclosure. Information may also be held in a computer database. All paper files are stored in secure areas. Computer-based information is protected through the use of access passwords. In the event you cease to be a Greenstone Legal customer, any personal information which we hold about you will be maintained in a secure on/ off-site storage facility for a period of at least 7 years (or at least 40 years for Wills and Deceased Estate matters) in order to comply with legislative and professional requirements, following which time the information will be destroyed or de-identified (in our discretion). You can request a copy of our File Storage and Destruction Policy by emailing us at admin@greenstonelegal.com.au

 

Transfer of Information Overseas

​

Please note also that Greenstone Legal may use overseas facilities to process or back up its information including cloud based applications and servers located outside of Australia. As a result, we may transfer your  information to our overseas facilities for storage. However, this does not change any of our commitments to safeguard your privacy. We strive to ensure that any transmission of information cross border relies on secure servers in nations that have privacy and data protection laws substantially similar to those in Australia in accordance with our commitments to safeguard your privacy. However there is an inherent risk in the use of the Internet and cloud based applications and accordingly we cannot guarantee that your information will not be transmitted to, or intercepted by, parties located in nations that do not enforce such systems.

​

Transmission of information overseas may also be required either when information is sent directly to you (and you are overseas), or to obtain further information from international organisations to aid services provided. Again, to the extent possible, the information will only be transferred to another country where Greenstone Legal reasonably believes the other country has privacy laws substantially similar those in Australia.

If you are located in a country that does not have privacy and data protection laws substantially similar to Australia, then we cannot make any warranty or guarantee in relation to the protection of any information transmitted to or from you.

​

Your Email Service

​

If you provide your email address to us, then you authorise us to use that email address for correspondence with you and to transmit to you information, products and services. You are solely responsible for ensuring the security of your email service. We will not be liable to you should your email security be compromised for any reason whatsoever and howsoever arising.

​

Requests for Money

​

Depending on your matter, we may request that you place funds in our trust account in anticipation of legal work to be undertaken and/or pay our invoices on issue. Whilst we take all reasonable measures to ensure the security of our email network, you should never make any financial transaction to an account details of which are provided to you via email, without first ringing our offices on 08 9481 6946 to confirm the account details are in fact correct and have not been intercepted or interfered with during their transmission to you.

Accordingly, if you provide us account details to which you have asked us to make a payment we will also telephone you to confirm the validity of those details in an attempt to prevent interception or interference. If you are unable to verify those details by phone, then we will withhold payment until we are otherwise satisfied that the details have been verified.  

​

Notifiable Data Breach Scheme

​

We may be required to make mandatory disclosures of any data breach we experience in accordance with the Notifiable Data Breach Scheme (Australia) established by the Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth). If we are required to make a mandatory disclosure under the data breach act and that data breach relates to your information, we will notify you of same as soon as practicable in the manner required by the Scheme.

​

Access Your Information

​

You may at any time, request access to your personal information and we will provide you with access to that information either by providing you with copies of the information requested, allowing you to inspect the information requested or providing you with an accurate summary of the information held. We may, prior to providing access in accordance with this policy, require you to provide evidence of your identity to our satisfaction. To the extent reasonably possible, we will provide that information in a form that is able to be accessed and understood by you.

​

In the event we refuse you access to your personal information, we will provide you with an explanation for that refusal. We will endeavour to respond to any request for access within 7 days depending on the complexity of the information and/or the request and may charge fees for the request of a significant amount of information to be copied or accessed. If you make a general request for a large amount of information, we may ask you to narrow your request to the specific information you are requiring access to if it is reasonable for us to do so. We are not required to provide you with any information that you already have access  to or a copy of.

​

You may also ask us in writing to erase any information that we hold about you. On receipt of such request, provided that same is not required to be retained by us:-

​

1. to deliver services to you;

2. to comply with any laws or other regulations applicable to our business operations including file retention requirements and professional standards;  or

3. to exercise or defend legal claims,

 

then we will use reasonable endeavours to comply with your request and confirm compliance to you as soon as practicable.  Prior to making any such deletions, we may require you to identify yourself to our satisfaction. If we are unable to delete any information or otherwise refuse to do so, we will provide you with a written explanation as to our reasons.

​

Quality of Your Information

​

Greenstone Legal is committed to ensuring that your personal information that we hold is accurate, complete and up to date. To assist us with this, please contact us if any of the details you have provided change.

 

Furthermore, if you believe that the information we have about you is not accurate, complete or up to date, please contact us by emailing us and we will take all reasonable steps to correct the information. If you wish to have your personal information deleted, please let us know in the same manner as referred to above and we will take all reasonable steps to delete it unless we need to keep it for legal reasons.

​

General Data Protection Regulation 2016/679 (“GDPR”)

​

If you are an individual resident of an EU member state, then the GDPR applies to our collection, storage and use of your information. In addition to the general provisions set out in this document, the provisions in this section will apply to you and to the extent of any conflict with the general provisions, the provisions in this section will prevail.

​

1. As we are incorporated in Australia, you acknowledge and expressly agree that all of your information will be transmitted outside of the EU and in particular to Australia for processing purposes.

2. We may be required to disclose your information to any governmental body, supervisory authority or regulator in the EU as required by the GDPR from time to time. We may also be required to make mandatory disclosures of any data breaches relating to your information in accordance with the GDPR.

3. If you request a copy of any information held about you, then to the extent reasonably possible (and provided the general provisions of this document relating to such a request are met) then in accordance with the GDPR we will endeavour to provide such information in a structured, commonly used, machine-readable and interoperable format that enables data portability.

4. Any right you have to access, erasure and portability of your information  under the GDPR is restricted in the manner set out in Article 23 of the GDPR.

5. In relation to any direct marketing activities undertaken by us or third party providers in accordance with this document, you are entitled to object to such direct marketing activities.

6. You are entitled to object to any profiling of you that is undertaken by us, or automatically by machines, as a result of the collection and processing of your information.

7. We will, where reasonably practicable, encrypt your information. However,  you acknowledge and agree that it is unreasonable and inappropriate for us to use pseudonyms for data processing in our ordinary course of business and in the delivery of services to you.

 

What to do if you have a problem or question

​

If you have any further queries relating to our Privacy Policy, or you have a problem or complaint, please contact us by telephone or email.

​

Privacy Complaints

​

If you wish to complain about any breach or potential breach of this privacy policy, the APPs or the GDPR, you should contact us, and request that your complaint be directed to the Managing Director.

​

Your complaint will be responded to within 14 days. It is our intention to use our best endeavours to resolve any complaint to your satisfaction, however, if you are unhappy with our response, you are entitled to contact the Office of the Privacy Commissioner who may investigate your complaint further.

​

Future changes

​

Our business will continue to evolve as we introduce new goods and services. Because of this, from time to time, our policies will be reviewed and may be revised. Greenstone Legal reserves the right to change its Privacy Policy at any time and notify you by posting an updated version of the policy on its website.

​

The amended Privacy Policy will apply between us whether or not we have given you specific notice of any change.