This document sets out the framework for managing the personal information and sensitive information collected, held or used by Natalie Plumstead Legal Consulting Pty Ltd (“we” or “our” or “the Company”).
Personal information refers to any information or opinion about an individual whose identity is apparent or can be reasonably ascertained from that information or opinion.
Sensitive information is personal information about an individual’s racial or ethnic origins, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, health information, genetic information, biometric information or biometric templates.
What personal information do we collect or hold?
The kinds of personal information that we collect and hold include:
- Contact information
- Information required to verify the identity of individuals
- Information for the primary purpose of providing advice and advocacy services for mental health law matters, proceedings and orders
- Information about carers, supporters and other family members for the primary purpose of providing advice and advocacy services for mental health law matters
- Information for the primary purpose of providing legislative drafting services.
When and why do we collect and hold sensitive information?
Most mental health legal services where we are engaged, will directly relate to sensitive information about individuals.
We understand the importance to use or disclose sensitive information with an individual’s consent and in ways that they would reasonably expect. We will keep you informed where laws impose specific obligations in the use and handling of sensitive information.
The kinds of sensitive information that we collect and hold can include:
- Information about beliefs or affiliations
- Information about sexual orientation or practices
- Criminal records
- Health information about an individual.
How do we collect information directly or from third parties?
We collect information that is necessary for our primary purpose of providing legal services.
We collect the information by lawful and fair means. We will not collect the information in a way that is unreasonably intrusive.
We will advise you if we collect personal information about you from a third party. We will only collect sensitive information with your consent or if required to do so by law.
We will also collect sensitive information about an individual, if it is necessary to do so to lessen or prevent a serious threat to the life or health or safety of any individual.
What is the purpose of collecting, holding, using and disclosing information?
We collect and hold personal information or sensitive information for the purpose of the legal services that we are engaged to provide to our clients.
At times we are required to disclose personal information or sensitive information to another individual or organisation for the purpose of the legal services in which we are engaged.
We understand that it is your right that your information is handled in ways that you would reasonably expect.
We only use or disclose information for the primary purpose for which the information was collected, or for a directly related secondary purpose where you would reasonably expect us to use the information for that purpose, or if you have given consent, or if there are legal requirements that apply.
Legal requirements can include that the use or disclosure of the information is required to prevent serious and imminent threat to life, health or safety.
For any other use of the information we will obtain consent of the individual.
How do we hold information?
We take reasonable steps to keep all personal information secure and to protect that personal information from misuse, interference and loss and from unauthorised access, modification or disclosure.
If we determine that personal information is no longer needed for any purpose, we will take reasonable steps to destroy or permanently de-identify that personal information, unless the information is contained in a Commonwealth record or we are required by law or an order of a Court or Tribunal to retain the information.
When using our website, you should be aware that no data transmission over the internet can be guaranteed as totally secure. Although we seek to protect this kind of information, we do not warrant the security of any information transmitted to the Company over the internet. Any information transmitted to the Company over the internet is done so at the risk of the individual or organisation transmitting the information.
How can an individual access and correct their information?
We seek to keep information accurate, complete and up to date. If any individual or organisation requires information about the way that the Company manages their personal information or wishes to access, review or request corrections to their personal information or sensitive information held by the Company the person can do so at any time by contacting the Company by email at info@nplc.com.au or by mail to PO Box 75 Malvern 3144.
We must refuse to provide any individual or organisation with access to information where we are required by law to withhold that information.
How can you make a complaint?
Any individual or organisation may complain about a breach of the Australian Privacy Principles at any time by contacting the Company by email at info@nplc.com.au or by mail to PO Box 75 Malvern 3144.
When we receive a complaint regarding a breach, we will review and respond to the complaint within a reasonable period after receipt of the complaint.