Clifton Legal Group values your privacy. We are committed to protecting your personal data. This Privacy Statement states how we collect and use your information, what your rights are, and the legal basis on which we deal with your information.
Personal data includes any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
Clifton Legal Group is a Western Australian Law Firm. Our contact details are available on the contacts page of this website. The data controller for the use of your information is Clifton Legal Group Pty Ltd.
We can collect and deal with your personal data with your consent. That consent is given by providing your data to us. If we rely on your consent as our legal basis for processing your personal data, you have the right to withdraw that consent at any time. In some circumstances, that may prevent us from being able to provide legal services to you, or to continue providing legal services to you.
Primarily, we need your personal data to identify you for the purpose of entering into a solicitor – client engagement. It is also needed to comply with the law such as legislation around anti-money laundering. We only collect your personal data where reasonably necessary for us to enter into an engagement and provide legal services.
We collect personal data from you in the course of our business, including when you engage us, through your use of our website, contacts over the telephone, by email or fax or in person.
The personal information that we process includes, but is not limited to:
- Your name, employer’s name, your position, relationships to others, address, email and phone numbers.;
- Identification and background information provided by you or collected as part of our business acceptance processes, this may include your full name, photographic identification and gender;
- Financial information, such as bank account details;
- Personal information provided to us by or on behalf of our clients or generated by us in the course or providing services to them.
We are committed to ensuring that your information is secure. Your information is kept in a cloud server operated by Microsoft and backed up locally. We use offshore administration staff who have access to your personal data on a need-to-know basis and are subject to confidentiality agreements. We never transmit your data offshore without your consent.
We will normally keep your data for 6 years – the same period of time that we must retain a client file. Then your data will be deleted.
We may share your personal data with third parties for the sole purpose of delivering legal services to you or marketing other legal services to you (but only legal services supplied by us – we will never sell your personal data). Those third parties include but are not limited to:
- Insurers;
- IT service providers;
- Barristers;
- Translators;
- Various professional experts, including accountants and tax advisers;
- Regulators or tax authorities.
You have a number of rights in relation to the personal data that we hold about you.
Subject to any applicable exceptions, we will provide you with a copy of your personal data within the timescales set out in relevant legislation.
If the information we hold about you is inaccurate, you have the right to have this information rectified. An application setting out the specific information to be rectified and the corrections to be made shall be sent.
In certain circumstances:
- You can ask us to delete or remove your information;
- you a have a right to request the restriction of the processing of your information.
- you may have the right to obtain your personal data in a structured, commonly used and machine-readable format, or ask us to transfer it to a third party.
Where personal data is being processed for direct marketing purposes, you have a right to object at any time.
If you have any concerns or questions about this statement, please contact us through our website or by telephone. You have a right to make a complaint to the relevant data protection authority (“DPA”) at any time at Office of the Australian Information Commissioner (OAIC), GPO Box 5218, Sydney, NSW 2001