Privacy & Confidentiality Policy

Duffy & Simon Lawyers takes privacy very seriously. We are also bound by and comply with the Australian Privacy Principles derived from the Privacy Act 1988 (Cth).

This privacy policy (Policy) is dated November 2015 and governs Duffy & Simon Lawyers. This Policy explains how we collect and use information that is provided to us through a website belonging to Duffy & Simon or otherwise in the usual course of investigating potential legal claims, acting for those who later retain us and conducting our legal services. This Policy applies to all information that we collect.

Please read this Policy carefully. Please contact us if you have any questions.

The Type of Information Collected

The type of information that we collect includes personal information concerning clients, potential clients who contact us, as well as suppliers, consultants, employees and applicants for employment.

The personal information we collect may include:

  • names;
  • contact details including phone numbers, postal and/or residential addresses and email addresses;
  • dates of birth;
  • photographs;
  • any facts or opinions that are connected to an enquiry that we are conducting on behalf of a client or potential client; and
  • any other personal information that is provided through a website belonging to Duffy & Simon or as otherwise requested by us or provided by you.

We may also need to collect sensitive information. Sensitive information is a subset of personal information that is given a higher level of protection under the Australian Privacy Principles. In referring to sensitive information, we mean:

  • information or opinion concerning racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a profession or trade association, membership of a trade union, sexual orientation and practice, and criminal records;
  • health information; and
  • biometric information.

The personal information (including sensitive information) collected will be referred to as “Information”.

If you do not provide us with the Information we request, we may not be able to fulfil the applicable purpose of collection, such as to supply products or services to you.

If we receive your Information from third parties, we will protect it as set out in this Policy and take reasonable steps to ensure you are aware that we have collected the Information about you and the circumstances of the collection.

If you provide us with third party personal information then you warrant to us that you have the third party’s consent to do this.

Purpose of Collection

We will not collect Information unless such information is reasonably necessary for the purposes of:

  1. contacting and communicating with you;
  2. assessing whether we are able to act for an individual or group of individuals;
  3. providing legal services and advice;
  4. conducting the effective management of our business;
  5. internal record keeping and analysis;
  6. seeking consent in relation to publications of reviews and testimonials
  7. for market research, business development and marketing, including direct marketing;
  8. running competitions and offering additional benefits to you; and
  9. sending promotional information about third parties that we think may be of interest to you.

We may also contact you to voluntarily respond to questionnaires, surveys or market research to seek your opinion and feedback.

We collect Information from individuals at the pre-client stage when a legal enquiry is made so that we can identify and assess whether we are able to act on that individual’s behalf. We will not consider acting for any individual who does not properly identify themselves as this could lead to a conflict of interest developing between our clients in the future.

In some instances, we may also need to collect Information at the initial stage of an enquiry if it is directly relevant to the advice being sought. For our internal business purposes, we retain and safely store the Information that is provided to us at the pre-client stage as this enables us to respond more efficiently and to inform such persons of our other legal services or developments that may be of interest to them at a later stage.

We also collect the Information provided to us by our clients who have commenced instructing us to act in their case. We collect all Information that is necessary to effectively conduct legal cases. Such Information is stored on our computer systems and within paper based files as appropriate.

At the conclusion of legal cases, we are required to keep legal files for a minimum period of 7 years from the closure of a legal file unless we are instructed to the contrary. In some cases, we may be required to retain documents for a longer period of time (e.g. documents that inform the making of a Will).

Method of Collection

In most circumstances, we will collect Information through completed questionnaires and forms that have been provided to us, interviews and telephone conversations.

Often, in the context of providing legal services, we collect Information from external professional sources (i.e. health professionals, financial advisors, accountants, other legal parties and their legal advisors). With the exception of Information obtained from opposing legal parties, this Information will, in the usual course, be obtained under our clients’ express authority and will be securely stored on their file.

Use of Cloud Computing Services

We utilise international cloud computing services for e-mail storage and to store Information that we collect through our New Client Services group. Countries in which such data may be stored include (but are not limited to the United Kingdom, Japan, Netherlands and the United States. Because the security of our clients’ (and pre-clients’) Information is of a paramount concern to us, we seek confirmation that such service providers comply with the Australian Privacy Principles or are subject to a binding law or scheme that offers substantially similar protection.

Information Security

The Information that is provided to us is stored on computer and paper based files as appropriate. We endeavour to keep all Information safe by taking all reasonable precautions to protect Information from misuse, loss and unauthorised access, modification or disclosure.

How we handle Information

We believe that it is essential that all Information is kept confidential. We will not disclose Information to third parties, other than as set out in this Policy or without your consent, unless it becomes necessary to lessen or prevent a serious and imminent threat to life, health or safety or unless we are otherwise compelled by law.

Disclosure of Information

We may disclose the Information:

  • for the purpose of providing information, products, services or marketing to you;
  • to credit reporting agencies and courts, tribunals and regulatory authorities where you fail to pay for goods or services provided by us to you; and
  • to third parties, including agents or sub-contractors, who assist us in providing information, products, services, or direct mail or digital marketing to you. This may include parties located, or that store data, outside of Australia.

We may also be compelled to disclose Information by law, for example, under court orders or statutory notices to produce documents under laws relating to social security, taxation, bankruptcy, anti-money laundering, counterterrorism and the management of incorporated entities.

Where we disclose your personal information to third parties for these purposes, we will request that the third party follow this Policy regarding handling of your Information.

If there is a change of control of our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible by law our user databases, together with any personal information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser. We would seek to only disclose information in good faith.

Information accessed within Duffy & Simon and to other Third Party Service Providers

Information may be accessed by personnel within Duffy & Simon. All personnel within Duffy & Simon are bound by the same confidentiality laws and standards that govern the legal profession within Australia and comply with the Australian Privacy Principles.

Third party service providers may also come into contact with Information when we outsource certain functions, such as: bulk mailing, direct mail or digital marketing, client experience research, company audits and information technology support. We have contractual arrangements in place with all of our third party service providers to protect Information from unauthorised use or disclosure.

Disclosure to Duffy & Simon and to Third Party Service Providers

In the course of providing legal services and conducting the effective management of our business, disclosure to third party professionals and service providers may occur (e.g. barristers, document reproduction service providers and debt recovery agents). It is our policy to have contractual arrangements in place with all of our service providers to protect Information up to the same standards as if we stored the Information ourselves and to prevent them from using the Information for any purposes other than our own.


As part of what we hope to be an on-going professional relationship with our pre-client and existing client base, we may from time to time send out information related to the other legal services that we offer using your Information. We do however respect the wishes of individuals who do not wish to receive such material from us in the future and have implemented simple ‘opt-out’ procedures that can be activated within the promotional e-mails and other commercial electronic messages that we may send you from time to time.

Improving Client Services

In order for us to better understand our clients’ needs, Information may also be shared within the client service members of Duffy & Simon. Because we are continually looking for ways to improve the quality of our legal services, we may in the future ask our clients to participate in a client feedback survey conducted by external consultants who are experts in their field. We obtain client consent prior to disclosing Information to external consultants engaged for this purpose and we will respect the wishes of those who do not wish to participate.


For statistical purposes we collect information on website activity (such as the number of users who visit our website, the date and time of visits, the number of pages viewed and location). We do not use this information to identify individuals but it does provide us with statistics that can be used to analyse and improve our website and services. Occasionally we analyse the traffic through our website, which may involve the use of cookies for marketing and market research more generally. See more about our Cookie Policy.

We may also use web beacons on Duffy & Simon’s websites from time to time. Web beacons or clear .gifs are small pieces of code placed on a web page to monitor the visitors’ behaviour and collect data about the visitors viewing a web page. For example, web beacons can be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page.

Information Quality, Access and Correction Processes

From time to time, we may take steps to verify Information by collecting Information from publicly available resources, for example, telephone directories or electoral rolls to improve the integrity of the Information that we hold.

We provide a transparent system of allowing individuals to access their Information and seek corrections to any inaccuracies. Requests for access and correction to Information for pre-clients (i.e. individuals who have made an enquiry but did not instruct us to act on their behalf) should be made by contacting our Privacy Officer using the contact details at the end of this Policy.

In certain circumstances, we are permitted to deny the request for access, or limit the access that we provide. For example, we will give an explanation of a decision not to offer an individual a client retainer, rather than direct access to the evaluative information connected to the final decision.

Links to other websites

Websites belonging to Duffy & Simon may contain links to other websites of interest. We do not have any control over those third party websites. We are not responsible for or liable for the protection and privacy of any Information which you provide whilst visiting such third party websites, and such third party websites are not governed by this Policy.


This Policy may be amended, including with changes, additions and deletions, from time to time in our sole discretion and notify you by posting an updated version of the Policy on our website. If at any point we decide to use Information in a manner materially different from that stated at the time it was collected we will notify users by email or via a prominent notice on our website, and where necessary we will seek the prior consent of our users.

Contact us about Privacy

Duffy & Simon operates a transparent Privacy Complaints Handling Policy that sets out our approach to resolving any privacy complaints in a fair and expeditious manner. For existing clients, we recommend that privacy related complaints are made directly to your lawyer – often a telephone call is all that is needed to resolve concerns. For all other complaints see our Privacy Complaints Handling Policy or contact our Privacy Officer by email at or by telephone on +61 3 5941 1622 between 8:30am and 5:30pm AEST Monday to Friday.

Quick Exit