Privacy and Credit Information Policy
This Privacy and Credit Information Policy (Policy) sets out the policy of MST Lawyers with respect to the way we collect, use and disclose information about you including through our website at www.mst.com.au. We adopt and are bound by the Australian Privacy Principles contained in Privacy Act 1988 (Cth) (Act).
We understand and appreciate that you are concerned about privacy, particularly in relation to the use and disclosure of Personal Information and Credit Information. We are committed to providing a high level of privacy in relation to all Personal Information and Credit Information that is collected by us.
As lawyers, we have certain obligations to clients to maintain the confidentiality of information disclosed to us. This Policy is intended to complement those obligations and not limit them in any way.
This Policy applies to MST Lawyers but not to other companies or organisations or websites to which our website is linked. For the sake of clarity, this Policy covers Personal Information and Credit Information (but only where the Credit Information relates to a natural person) collected and used by us in relation to any of the following:
- our clients or prospective clients and any guarantors;
- other parties that we come into contact with in the course of acting for our clients;
- our suppliers or prospective suppliers; and
- our employees and independent contractors or any person who applies to become an employee or independent contractor.
An act done or practice engaged in by us as an employer that is directly related to an ’employee record’ is exempt from the Act. An ’employee record’ means a record of personal information relating to our employees. It includes health information and personal information relating to:
- the engagement, training, disciplining,
- resignation or termination of employment of an employee;
- the terms and conditions of employment of an employee;
- the employee’s performance or conduct;
- hours of employment, salary or wages;
- personal and emergency contact details;
- the employee’s membership of a professional or trade association or trade union membership;
- the employee’s recreation, long service, sick, maternity, paternity or other leave; and the employee’s taxation, banking or superannuation affairs.
Having said that, we treat the Personal Information of our employees with absolute confidentiality and strict controls are exercised over who has access to such records. We will not disclose your employee records to any third party other than as permitted by law or this Policy, without your prior consent.
You consent to your Personal Information and Credit Information being used in accordance with this Policy by any one or more of the following:
- engaging us or continuing to engage us to provide services or making enquiries including via phone, email or internet;
- attending our offices;
- providing us with your contact details;
- by way of written agreement with us;
- by visiting any website or social media site established by us, including but not limited to Facebook, Twitter, Instagram, Youtube and Linked in (“Social Media Sites”) and
- participating in any activity on a Social Media Site including but not limited to entering competitions, subscribing to our blog, posting, pinning, or uploading any material on any Social Media Site, following, liking and/or commenting on us or anything on any Social Media Site (“Social Media Activity”).
What Personal Information do we collect?
For the purposes of this Policy, “Personal Information” is information or an opinion about you as an identified individual or an individual who is reasonably identifiable, whether or not the information or opinion is true and whether or not it is recorded in a material form.
The type of Personal Information collected by us may differ, depending on whether you are or would like to become a client, supplier or employee or independent contractor. Generally, the type of Personal Information collected by us includes your name, address, mobile and telephone numbers, facsimile number and email address.
We may also require details of your company’s ABN and/or ACN, financial information including bank account and credit card details, your employer and occupation details.
Via Social media Sites, we may be able to obtain other information about you which may itself constitute Personal Information or which, when combined with other information, is capable of identifying you, including photos, videos and other information that you include on our Social Media Sites or sites linked to our Social Media Sites (“Other Sites”). The level of information to which we have access may depend on your privacy settings on such Other Sites.
In some circumstances, you may deal with us anonymously or using a pseudonym. However, in most circumstances it is impracticable to do so because if you do not provide us with the Personal Information that we require or if you provide it in a way that does not identify you, we are likely to be unable to carry out the services requested by you.
What Credit Information do we collect?
We collect, hold and disclose the following credit related information (Credit Information):
- identity particulars – your name, sex, address (and the previous two addresses) date of birth, name of employer, and drivers licence number;
- your application for credit or commercial credit – the fact that you have applied for credit and the amount;
- the fact that we or another credit provider are a current credit provider to you, certain terms of our credit contract with you (including the amount of credit available and payment terms), the date the credit contract begins, ceases or was otherwise terminated;
- any overdue payments of $150 or more that are overdue by more than 60 days, and for which debt collection action has started;
- the fact that your overdue repayments have been paid and are no longer overdue;
- whether you have been in default in repayments, the amount overdue and whether we have varied your credit arrangements;
- certain publicly available information about you that relates to your activities in Australia and your credit worthiness;
- information that, in our opinion, show you have committed a serious credit infringement (that is, acted fraudulently or where you have shown an intention not to comply with your credit obligations);
- that credit provided to you by us has been paid or otherwise discharged;
- repayment history (including payment and default history) about you;
- information about your insolvency or court proceedings against you;
- in relation to any monthly payments you owe to us in relation to credit provided by us, the dates those payments are due and made and any overdue payments; and
- information relating to your credit worthiness that we or a credit reporting body derive from the above information.
We may collect Credit Information in a number of ways, including:
- when provided directly to us by you in relation to our retainer agreement and credit terms provided by us;
- if the information is in the public domain;
- where the Credit Information is provided to us by a credit reporting body; and
- where we derive the Credit Information from your usage and repayment of any credit accounts with us.
Purpose of collecting Credit Information
We collect, hold, use and disclose Credit Information as is reasonably necessary for the following purposes:
- to obtain a consumer or commercial credit report about you;
- to allow the credit reporting body to create or maintain a credit information file containing information about you;
- to assess your credit worthiness;
- to assess an application by you for credit;
- to assess your suitability to be a guarantor for credit provided to a client;
- for the ongoing review and management of your credit account with us;
- to notify other credit providers of a default by you;
- to deal with serious credit infringements;
- to participate in the credit reporting system in Part IIIA of the Privacy Act; and/or
- to exchange information with other credit providers as to the status of a loan from us where you are in default with other credit providers.
How do we collect your Personal Information and Credit Information?
We collect Personal Information and Credit Information in a number of ways, including:
- when you provide us with such information including via telephone, email, business cards, application forms, customer satisfaction surveys, contracts or any other document provided by you to us;
- when you enquire about our services;
- from third parties and from credit reporting agencies;
- from our clients;
- from publicly available sources of information;
- through analysis of the Social Media sites conducted by us or by third parties on our behalf;
- any other collection of or incidental or directly or indirectly related to the goods or services we may be able to provide to you, on behalf of ourselves or others; and
- from our own records.
Through our website we can obtain Personal Information if you send such information in an email or when you complete an online enquiry. When you look at our websites, we may make a record of your visit. The following information may be logged for statistical purposes and for the purposes of marketing and advertising to you:
- your internet protocol address;
- the date and time of your visit to our site;
- the pages that you have accessed and the documents downloaded; and
- the type of browser you were using.
Any such statistical analysis does not identify you.
Tracking technologies such as cookies may be used on our website to recognise a user’s browser each time that user visits our site and to track which pages the user visits whilst on our site and also to send advertisements to your internet protocol address which are relevant to the pages you have visited. Cookies are pieces of information that a website transfers to a computer’s hard drive for record keeping purposes. Most web browsers are set to accept tracking technologies such as cookies. These tracking technologies do not personally identify the user. If you do not wish to receive any cookies you may set your browser to refuse them. However, your use of our website may be affected.
How do we use your Personal Information?
Any Personal Information we collect will be used by us to enable us to provide the services that you have requested or for related purposes of or incidental to our business.
These purposes generally include:
- communications to clients or third parties of or incidental to providing services to our clients or prospective clients;
- responding to your enquiries and feedback regarding our business and our services;
- monitoring the performance of our business;
- marketing including email marketing, promotional and educative activities;
- enforcing the terms and conditions of our engagement with you;
- ensuring compliance with statutory obligations.
Your Personal Information may be added to our database. From time to time, your details may be used by us to promote our services, including to advise you about upcoming seminars and other events, and to keep you informed about legal issues. On each communication, we will advise how you may unsubscribe or opt out of receiving such communications. You may, at any time, request not to receive direct marketing communications from us and we will comply with that request. There is no fee for such deletion from the mailing list.
How is your Personal Information disclosed by MST Lawyers?
We do not and will not rent, sell or otherwise disclose your Personal Information to any other company or organisation, without your prior consent (either express or implied), where such consent is required by law.
You do, however, consent to our use and disclosure of your Personal Information in the following ways and for the following purposes:
- of or incidental to providing our services to you;
- to promoting and marketing our services to you, including but not limited to providing you with information and updates about legal issues that we believe may be of interest to you;
- to third parties to whom we outsource any of our functions from time to time, including payroll, database management and client satisfaction surveys;
- of or incidental to a sale of all or part of our business to a third party; and
- as required by law.
Disclosure of your Personal Information via Social Media Sites
By engaging in any Social Media Activity on our Social Media Sites, you agree to and are subject to the terms and conditions of such Social Media Sites. Any Personal Information pinned, posted or uploaded by you onto Social Media Sites can be disclosed in accordance with the terms and conditions and privacy policies of such Social Media Sites.
Generally, photos and other material pinned or posted to Social Media Sites will be able to be viewed by the general public, in Australia and internationally. Such photos and other material may be shared by others indefinitely and will be visible by anyone visiting the locations to which the photos or other material have been shared. You may be able to remove the photos or other material that you have pinned or posted from the location at which you pinned or posted it. However, any material that has been shared will be out of our control and neither you nor we will be able to remove it from any shared location. We are not responsible for any material that has been shared.
We reserve the right to remove any photos, comments or other material that is in any way inappropriate or offensive (in our opinion) from our Social Media Sites.
Disclosure of Credit Information
We may disclose the Credit Information to a credit reporting body in order to obtain information from the credit reporting body to establish your eligibility for credit.
The credit reporting bodies we may share information with are:
| Veda Advantage
Attn: Veda – Customer Resolutions
PO Box 964
|Experian Australia Credit Services Pty. Ltd.
Attn: Credit Report
PO Box 1969
|Dun and Bradstreet
Attn: Public Access Centre
PO Box 7405
You may obtain a copy of the credit reporting body’s credit reporting policies by visiting their respective websites.
We may derive the following information in relation to you from the Credit Information we receive from a credit reporting body:
- credit worthiness;
- credit standing;
- credit history; or
- credit capacity.
We may share Credit Information for the purposes described in this Policy where permitted to by law. For example, we may disclose Credit Information about you to a credit reporting body if you fail to meet your payment obligations.
We may share Credit Information with other third parties, including:
- other credit providers;
- companies related to us;
- organisations that perform credit assessment, management and debt collection activities on our behalf; and
- current or prospective guarantors or security providers in relation to credit we are providing to you.
Cross Border Disclosure
We may, in order to provide our services to you, disclose your details overseas to our employees or contractors who may be located in the Philippines, but we are otherwise unlikely to actively disclose your Personal Information overseas unless required in connection with the provision of our services specifically requested by you. Where the outsourced service requires the disclosure of personal information to an overseas recipient, MST Lawyers will take reasonable steps to ensure compliance with the Australian Privacy Principles.
Some programs, software, online tools, or Social Media Sites used by us, are based in and/or based overseas. The use of such programs by us may involve disclosure of your Personal Information to such organisations overseas. Use and disclosure of your Personal Information by such organisations is in accordance with the terms and conditions and privacy policies of such organisations.
If you consent to disclosure of some of your Personal Information in this manner, we are not required to take steps as are reasonable in the circumstances to ensure that such organisations do not breach the APPs in relation to the disclosed information. Having been informed of the possibility that such disclosure may occur, you consent to that disclosure by undertaking or continuing to undertake the type of activities indicating your consent, as specified above.
We may be provided with credit related information from a credit provider in the course of us acting as a legal adviser to a client. We may receive such information when advising our client in the process of, or in connection with, their consideration as to whether they will:
- accept an assignment of a debt owed to another credit provider;
- accept a debt owed to another credit provider as security for credit it gives to that provider; or
- purchase an interest in a credit provider or a related body corporate of that provider.
(such information being Regulated Information).
Regulated Information is likely to be similar kinds of information to Credit Information, except it is in relation to credit that has been provided by the credit provider that gave us the information and the people it gave credit to.
We will only use Regulated Information in our capacity as legal advisers and in connection with advising the client. We will not disclose Regulated Information unless required or permitted to do so by law or court order.
For the purposes of Regulated Information, you may also mean an individual that is the subject of any Regulated Information.
We are committed to ensuring the security of your Personal Information and Credit Information and we will take all reasonable steps to protect this Information from misuse, interference, loss, unauthorised access, modification or disclosure, including:
- ensuring the physical security of our premises and databases/records;
- restricting access to personnel who need that information in order for us to be able to provide our products and services; and
- technological measures, such as computer passwords, data back-up, anti-virus software and firewalls.
Please note that our website does not provide systems for secure transmission of Personal Information and Credit Information across the internet, except where otherwise indicated. You should be aware that there are inherent risks in transmitting Personal Information via the internet.
Our website contains links to other websites. We have no control over the privacy practices employed at other websites and we accept no responsibility for Personal Information and Credit Information provided via unsecured websites.
We cannot provide any guarantee with respect to the security of your Personal Information and Credit Information and we will not be liable for any breach of security or unintended loss or disclosure of information due to the website being linked to the Internet.
How to check or change your details
Our Privacy Officer will ensure that your Personal Information and Credit Information is accurate, complete and up to date and relevant to the purposes for which we are able to use your Personal Information and Credit Information.
If you wish to view the Personal Information or Credit Information we hold about you, please send your request to the Privacy Officer by email, mail or fax using the contact details at the end of this Policy. A fee may apply for such access. If we deny your request for access, we will let you know why.
If you wish to amend your Personal Information or Credit Information because it is inaccurate, out of date, incomplete, irrelevant or misleading, or if you wish your Personal Information or Credit Information to be deleted, please contact our Privacy Officer.
If you believe that we have not complied with our obligations pursuant to the Act or a credit reporting code that binds us, or have a complaint about the use or disclosure of your Personal Information or Credit Information by us, please contact our Privacy Officer.
Our Privacy Officer is responsible for liaising with you to ensure that the issues you have raised are fully examined and that your complaint is handled in accordance with this process. We will treat the process, and all the details of your complaint, in strict confidence. If we need to discuss any issues arising from your complaint with a third party we will obtain your consent first. We may need to discuss the complaint with another credit provider or credit reporting body if we consider it necessary in order to deal with the complaint.
We will always try to give you a fair opportunity to explain your case. You should make your initial complaint as clear as possible. We may want to meet you in person to discuss your concerns and try to find a satisfactory solution.
What action will we take in response to your complaint?
We will endeavour to resolve your complaint as soon as possible, but the length of time will depend on the nature and complexity of the issues you have raised. You will receive acknowledgement of receipt of the complaint from us within five business days. We will give you an estimate of how long it may take us to deal with the matter but we will endeavour to finalise the matter within 30 days.
After assessing your complaint, we will decide what action (if any) we should take in response.
Some of the things that we may decide to do include:
- take steps to rectify the problem or issue you have raised;
- provide you with additional information or advice so you can understand what happened and how we have dealt with it; and/or
- Take steps to change our policies or procedures if your complaint identifies a problem in the way we are doing things.
If we have not resolved a complaint to your satisfaction, you may wish to escalate the matter to the Privacy Commissioner via an online privacy complaint form which can be found at: http://www.oaic.gov.au/privacy/making-a-privacy-complaint.
Notification of Changes
You must notify us as soon as reasonably practicable of any changes to the information provided to us by you or if you are aware of any inaccurate, out of date, misleading or false Personal Information or Credit Information.
Changes to our Policy
From time to time we may decide to amend or update this Policy. When this occurs, we will post the new version of the Policy on our website. We encourage you to review this Policy from time to time so that you remain informed as to how we are protecting your Personal Information and Credit Information.
Privacy Officer Details
315 Ferntree Gully Road, Mount Waverley, Victoria, 3149
Privacy Officer: Tony Kakkos
Telephone: +61 3 8540 0200
Facsimile: +61 3 8540 0202