Privacy Policy

Last Updated: 27 April 2025

1. Who we are

Our website address is: https://argylllaw.com/.   The party responsible for this website for the purposes of data protection law is:

Argyll Law Pty Ltd (ACN 658 262 483)
Level 13, 111 Elizabeth Street
Sydney NSW 2000
Australia
Telephone +61 2 9173 9894
Email: info@argylllaw.com

2. Introduction

We respect your privacy and are committed to protecting the privacy of your personal information.  This Policy explains how We collect, use, disclose and store Personal Information, including Personal Data, in accordance with the APPs and the GDPR.

Where applicable Australian Privacy Laws will apply in priority to the GDPR.

We will only collect, use and disclose Your Personal Information where it is fair and reasonable in the circumstances, having regard to Your rights and Our legitimate business needs.

This Policy also describes why We collect Personal Information about You.  This Policy does not cover information collected about Our employees.

This Policy is intended to inform You particularly about the type, scope, purpose, duration and legal basis for the Processing of such Personal Information either under our own control or in conjunction with others.

By using our Website or engaging Our services, You agree to the terms of this Privacy Policy.  If You do not agree, please refrain from using the Website or providing Your Personal Information.

3. What Personal Information and Personal Data We collect

3.1. Type of Personal Information including Personal Data collected

We may collect Personal Information or opinions about You in the normal course of Our Dealings with You.  This Personal Information is collected in order to provide You with legal services.

This Personal Information may include:

  • Your name, gender, contact details (email, address telephone number);
  • Your date of birth;
  • Government-issued identification documents (eg, passport, driver’s licence);
  • Your IP address;
  • Your device identifiers, location data, online browsing activity and interaction history with Our Website;
  • bank account and/or payment card details,
  • Your employment situation and financial information relating to Your legal matters; and
  • other information required by Us to provide You with legal services.

No Sensitive Information will be collected without Your consent, unless permitted by law.

3.2. Scope of Personal Information including Personal Data collected

We process Personal Information only to the extent necessary to fulfil one or more of the Primary or Secondary Purposes in accordance with this Policy.

Where the GDPR applies, We rely on the following lawful bases for Processing:

  • Your consent
  • the performance of a contract with You or to take steps at Your request before entering into a contract;
  • compliance with Our legal obligations; and/or
  • Our legitimate interests, provided that such interests do not override Your rights and freedoms.

4. How We collect Personal Information, including Personal Data

We collect Personal Information by various means, including:

  • directly from You, including but not limited to:
    • when receiving instructions and during Our discussions and correspondence with You;
    • when You contact Us via phone, fax, email, online forms, live chat services or newsletter subscriptions;
    • when You attend seminars, webinars or events that We host or present;
    • when You provide information relating to other individuals connected to Your legal matters;
  • from third parties, such as Your accountant, real estate agent, other legal representatives, financial institutions or through regulatory searches;
  • from public records and databases during searches and investigations; and
  • automatically through Your use of Our Website (including through cookies, analytics, server logs and tracking technologies).

Where reasonably practicable, at or before the time We collect Your Personal Information We will provide You with a collection notice setting out details about the collection, the purposes for which We are collecting the information and how You can access or correct it.

Personal Information collected by Us will always be handled in accordance with this Policy, the APPs and where applicable, GDPR, regardless of the source of collection.

4.1. Comments

When visitors leave comments on the Website, We collect the data shown in the comments form, the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from Your email address (also called a hash) may be provided to the Gravatar service to determine if You are using it.  The Gravatar service privacy policy is available here: https://automattic.com/privacy/.

After Your comment is approved, Your profile picture may be visible to the public in the context of your comment.

We are not responsible for Gravatar’s privacy practices and encourage you to review their policies before commenting on the Website.

4.2. Media

If You upload images to Our Website, please ensure that any embedded location data (XIF GPS) is removed.  Visitors to Our Website may be able to download and extract any location data from uploaded images.

4.3. Cookies

When You leave a comment on Our Website, You may opt-in to saving Your name, email address and Website in cookies for convenience.  These cookies will last for one year.

Session Cookies are also used for login purposes and are deleted when You log out.  No Personal Information is stored in these cookies unless necessary for functionality.

When You log in, We will also set up several cookies to save Your login information and Your screen display choices.  Login cookies last for two days, and screen options cookies last for a year.  If You select “Remember Me”, Your login will persist for two weeks.  If You log out of Your account, the login cookies will be removed.

If You edit or publish an article, an additional cookie will be saved in Your browser.  This cookie includes no personal data and simply indicates the post ID of the article You just edited.  It expires after 1 day.

4.4. Password Resets

If you request a password reset, Your IP address will be included in the reset email for security purposes.

4.5. Embedded content from other websites

Articles on Our Website may include embedded content (e.g. videos, images, articles). Embedded content from other websites behaves in exactly the same way as if You visited the other website directly.

Such websites may collect data about You, use cookies, embed additional third-party tracking, and monitor Your interaction with that embedded content, especially if You are logged into an account with that website.

4.6. Notification of Collection of Personal Information including Personal Data

If We collect Your Personal Information from a third party and We become aware that You were not aware of this collection, We will take reasonable steps to notify You, either at the time of collection or within a reasonable period (and in any event within one month where required under the GDPR) of becoming aware of the collection, in accordance with this Privacy Policy, the APPs and, where applicable, the GDPR.

5. Your Consent

By providing Personal Information to US, including by using Our Website, completing a contact form, or instructing Us to act for You, You consent to Our collection, use and disclosure of Your Personal Information in accordance with this Policy and for the Primary Purposes and the Secondary Purposes.

Where required by law, including under the GDPR, We will seek Your express, informed and specific consent before Processing Your Personal Information for any purpose that is not reasonably necessary for the Primary Purposes, such as direct marking communications.

You may withdraw Your consent at any time by contacting Us using the details set out in this Policy.  Withdrawal of consent will not affect the lawfulness of any Processing based on consent before its withdrawal, but may limit Our ability to provide certain services to You.

6. How We Use or Disclose Your Personal Information including Personal Data

We process Personal Information for the following purposes:

  • to provide You with legal services You have requested;
  • to comply with Our legal and regulatory obligations;
  • to improve and manage Our relationship with You;
  • to communicate with You, including providing updates, newsletter, event invitations and information about legal developments;
  • to prevent fraud, security breaches or other prohibited or illegal activities;
  • to investigate and manage complaints, disputes or claims made against, or involving Us;
  • to enforce Our rights under contracts and agreements with You.

We disclose Personal Information to third parties including:

  • service providers and professional advisers (such as barristers, expert witnesses, forensic accountants, auditors, insurers and information technology providers);
  • financial institutions (for example in connection with billing and payment processes);
  • government authorities and regulators, where required or authorised by law;
  • courts, tribunals and legal regulatory bodies;
  • other law firms acting on Our behalf or in collaboration on Your matter.

Where We disclose Personal Information to third parties, We will take reasonable steps to ensure those third parties handle Your Personal Information in accordance with this Policy, the APPs and, where applicable, the GDPR.

We rely on the following lawful bases for Processing under the GDPR:

  • Your Consent;
  • performance of a contract with You;
  • compliance with Our legal obligations; and
  • Our legitimate interests in providing and improving our Services, provided that such interests are not overridden by Your rights and freedoms.
  • You informed of changes to the law and the services offered by Us.

6.1. Cross-border Disclosure of Personal Information including Personal Data

In the course of providing Our legal services, We may disclose Your Personal Information to third parties located outside Australia, including but not limited to legal representatives, contractors, consultants, expert witnesses, translators, financial institutions or regulatory authorities in countries such as New Zealand, Austria, Germany, Switzerland, Italy, the United Kingdom, the United States of America, Norway, Finland, Thailand, the Philippines and other jurisdictions relevant to the provision of Our legal services.

We will take reasonable steps to ensure that any overseas recipients of Your Personal Information handle it in a manner consistent with this Policy, the APPs and where applicable, the GDPR and the United Kingdom General Data Protection Regulation.

We do not actively market Our services to individuals located in the European Economic Area (EEA) or the United Kingdom.  However, to the extent that We Process Personal Information of individuals located in the EEA or United Kingdom, We endeavour to handle that Personal Information in accordance with the principles of the GDPR and the UK GDPR, as applicable.  Where required, WE will implement appropriate safeguards, including contractual obligations or obtaining Your explicit consent prior to transfer.

We will only disclose Your Personal Information to parties external to Us where:

  • where You consent to the disclosure;
  • the disclosure is necessary to fulfil a legal obligation, complete a transaction or provide You with legal services; or
  • disclosure is otherwise required or authorised by law.

Although We seek to deal with reputable third parties, We cannot guarantee that any third party to whom Your Personal Information is disclosed will comply with applicable privacy obligations in all circumstances.  Where We disclose Your Personal Information to third parties with Your consent, and We have informed You that privacy protections may not be equivalent to those under Australian or European law, We are not be liable for any misuse of Your Personal Information by those third parties to the maximum extent permitted by law.

6.2. Direct Marketing

We may use Your Personal Information to contact You about Our services, areas of practice, legal updates, events or other information that may be of interest to You or Your business.

We will only use Your Personal Information for direct marketing purposes where:

  • You have provided Your voluntary, informed, specific, current, and unambiguous consent; or
  • You would reasonably expect Us to use Your Personal Information for direct marketing purposes, and We provide a simple means for You to opt out.

If We have collected Your Personal Information from a third party, We will only use it for direct marketing purposes where You have provided Your consent, or where it would be impracticable to obtain that consent but permitted under applicable law.

We will not sell, rent or disclose Your Personal Information to unrelated third parties for their own direct marketing purposes.

You may withdraw Your consent to receiving direct marketing communications from Us at any time, or opt out, by:

  • following the ‘unsubscribe’ instructions included in Our electronic communications; or
  • contacting Us using the contact details set out in this Policy.

We will action Your request to opt out or withdraw consent as soon as reasonably practicable and in accordance with applicable law.

6.3. Where we send your data

Visitor comments submitted in Our Website may be checked through automated spam detection services.  This may involve the transmission of Your Personal Information to a third-party service provider for the purpose of detecting and preventing spam or malicious activity.

These service providers may be located outside Australia, including in jurisdictions that may not have privacy laws equivalent to those in Australia or the EEA.  Where required by law, We will take reasonable steps to ensure appropriate safeguards are in place to protect Your Personal Information.  Further information about the spam detection services We use, including their privacy practices, can be provided on request.

7. Security of Personal Information including Personal Data

We take reasonable steps to protect the security of Your Personal Information held by Us against loss, misuse, unauthorised access, modification, or disclosure. These steps include:

  • password-protected digital systems;
  • network firewalls and intrusion detection systems;
  • role-based access controls limiting access to authorised personnel;
  • physical security measures such as secure office premises and locked filing cabinets;
  • regular reviews and updates of information security practices; and
  • confidentiality agreements with Our employees and contractors.

Where Personal Information is stored electronically, We implement technical and organisational measures to protect it, which may include encryption, secure backups and secure hosting arrangements.

While We take reasonable steps to secure Your Personal Information, no system is completely secure. If We become aware of an actual or suspected data breach that is likely to cause serious harm or a real risk of significant harm to any individuals, We will comply with Our obligations under the Notifiable Data Breaches Scheme in Australia and, where applicable, the GDPR.  This may include notifying affected individuals and relevant regulators without undue delay.

We encourage You to exercise care when sharing information online and to take precautions to protect Your own Personal Information.

8. How long we retain your Personal Information and Personal Data

We retain Your Personal Information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law or professional obligations.

Personal Information, collected via Our Website (such as comments or account registrations) may be retained indefinitely, or for as long as necessary to manage Your interactions with Us through the Website. If You leave a comment, the comment and its metadata are retained indefinitely to assist with moderation and follow-up.

Personal Information collected during Our provision of legal services is ordinarily retained for a period of six (6) years after Our relationship with You becomes inactive, in accordance with Our professional and legal obligations. Following that period, We will take reasonable steps to securely destroy or de-identify the information, unless further retention is required by law or court order.

Under the GDPR, You may request earlier deletion of Your Personal Data where the processing is no longer necessary, where You withdraw consent (where consent is the lawful basis for processing), or where You exercise Your right to erasure. We will comply with such requests unless We are required to retain the data by applicable law.

Please contact Us if You wish to request the deletion or de-identification of Your Personal Information.

9. What rights you have over your Personal Information

Subject to applicable law, You have the following rights regarding Your Personal Information and Personal Data:

  • Access: You may request access to the Personal Information We hold about You (APP 12, GDPR Art. 15).
  • Correction: You may request correction or completion of any inaccurate, incomplete or outdated Personal Information (APP 13, GDPR Art. 16).
  • Erasure („Right to be Forgotten“): You may request the deletion of Your Personal Information where there is no lawful reason for its continued Processing (Privacy Act, GDPR Art. 17).
  • Restriction: You may request that We restrict Processing of Your Personal Information in certain circumstances (Privacy Act, GDPR Art. 18).
  • Objection: You may object to the Processing of Your Personal Information, particularly for direct marketing purposes (Privacy Act, GDPR Art. 21).
  • Data Portability: Where technically feasible, You may request to receive a copy of Your Personal Information in a structured, commonly used and machine-readable format (Privacy Act, GDPR Art. 20).
  • Withdraw Consent: Where Processing is based on Your consent, You may withdraw that consent at any time without affecting the lawfulness of Processing based on consent before its withdrawal.
  • Lodge a Complaint: You may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).

Please note that some rights are subject to legal limitations and exemptions. For example, We may refuse access where granting access would unreasonably impact the privacy of others or where  the request is frivolous or vexatious or where We are required by law to retain certain information.

In addition, We are obliged to inform all recipients to whom We disclose Personal Information of any such corrections, deletions or restrictions placed on Processing the same.  However, this obligation does not apply if such notification is impossible or involves a disproportionate effort.  Nevertheless, You have a right to information about these recipients.

Where Your consent to Our use of your Personal Information is restricted or withdrawn, We may be unable to provide appropriate legal services to You or to any organisation with which You are connected.

To exercise any of Your rights under this Policy or for assistance in locating Your local Supervisory Authority, please contact us at info@argylllaw.com.  We will respond to all requests within a reasonable time and in accordance with applicable law

9.1. Access to your Personal Information and Personal Data

You may request access to the Personal Information that We hold about You at any time.

Subject to applicable law, We will provide access without undue delay and, where required under the GDPR, within one (1) month of receiving Your request.

Where You make the request by electronic means, and unless otherwise requested, We will provide the information in a commonly used electronic format.  For any additional copies requested, We may charge a reasonable fee based on administrative costs.

In certain circumstances, We may refuse to provide access to some or all of Your Personal Information, where:

  • providing access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety;
  • providing access would have an unreasonable impact on the privacy of others;
  • the request is frivolous or vexatious;
  • the information relates to existing or anticipated legal proceedings and would not be accessible by the process of discovery in those proceedings;
  • giving access would be unlawful or denying access is required or authorised by law;
  • the rights and freedoms of others would be adversely affected (GDPR Art. 15(4)); or
  • the request is manifestly unfounded or excessive (GDPR Art. 12(5)).

If We refuse access, We will provide You with written reasons for the refusal, unless it would be unreasonable to do so, and inform You of how You may lodge a complaint

10. Quality of Personal Information including Personal Data

We are committed to ensuring that the Personal Information We collect, use or disclose is accurate, up-to-date and complete, having regard to the purpose for which it is collected, used or disclosed.

We take reasonable steps to maintain the quality of Your Personal Information including by verifying information where necessary and updating Our records when advised of changes.

To assist Us in maintaining the accuracy of Your Personal Information, You must ensure that any information You provide to Us is true, complete and accurate.  Please notify Us promptly if any of Your Personal Information changes.

10.1. Notification of Correction

If We correct Personal Information about You that We previously disclosed to another organisation, and You request Us to notify that organisation of the correction, We will take reasonable steps to do so, unless it is impracticable or unlawful.

Where it is not reasonably practicable to notify each recipient, We will, upon Your request, provide You with information about the organisations to which Your Personal Information has been disclosed, where possible.

10.2. Anonymity

The Australian Privacy APPs) generally allow You to deal with organisations anonymously or by using a pseudonym.

However, due to the nature of Our legal services, it is impracticable — and in some cases unlawful — for Us to provide services without properly identifying You. Legal and regulatory obligations, including anti-money laundering, counter-terrorism financing, and legal professional conduct rules, require Us to verify the identity of Our clients and in some case the source of funds/source of wealth being used in transactions.

If You do not provide Your Personal Information when requested, We may be unable to provide appropriate legal services to You or to any organisation with which You are connected

11. Changes to the Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in Our practices, legal obligations, or the way We handle Your Personal Information.

Any changes will be posted on this page, and We encourage You to review this Policy regularly when accessing Our Website.

Where changes materially affect Your rights or the way We Process Your Personal Information, We will take reasonable steps to notify You, such as by email or by posting a notice prominently on Our Website.

Your continued use of Our Website or Our services after any such updates constitutes Your acknowledgement of the amended Privacy Policy.

12. Acceptance and Agreement

By accessing or using Our Website or engaging Our services, You acknowledge that You have read and understood this Privacy Policy and agree to its terms.

If You do not agree with this Privacy Policy, You should not use Our Website or provide Your Personal Information to Us.

13. Privacy complaints and enquiries

If You have any questions about this Privacy Policy, or wish to make a privacy enquiry or complaint, please contact:

Argyll Law Pty Ltd
Level 13, 111 Elizabeth Street,
Sydney NSW 2000
Australia
Telephone +61 2 9173 9894
Email: info@argylllaw.com

We welcome feedback about privacy issues and will endeavour to respond to Your enquiry or complaint promptly.

If You make a complaint, We will investigate it and respond to You within a reasonable period, usually within thirty (30) calendar days.

If You are not satisfied with Our response, You may lodge a complaint with the Australian Information Commissioner: http://www.oaic.gov.au/privacy/making-a-privacy-complaint or call 1300 363 992.

In addition, under the Privacy Act, You may have the right to seek legal remedies for a serious invasion of privacy through the courts.

14. Definitions and Interpretation

14.1. Definitions

In this Policy, unless the context otherwise requires:

  • “Act” means the Privacy Act 1988 (Cth)
  • “APPs”means the Australian Privacy Principles as set out in Schedule 1 of the Act.
  • “Company” means Argyll Law Pty Ltd ACN 658 262 483.
  • “Controller” means an entity that, alone or jointly with others, determines the purposes and means of the Processing of Personal Information (as defined under the GDPR), in this case the Company.
  • “EU Member State” means any country that is a member of the European Union, as defined under the Treaty on European Union and the Treaty on the Functioning of the European Union.
  • “GDPR” means the General Data Protection Regulation (EU 2016/679).
  • “Identified”or “Identifiable Natural Person” is one who has been or can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person.
  • “OAIC” means Office of the Australian Information Commissioner.
  • Our Dealings” means any interaction between You and Us, including
    • providing legal services,
    • responding to Your enquiries
    • receiving feedback and dealing with complaints
    • providing You with publications, newsletter or event invitations; and
    • otherwise carrying out Our Primary or Secondary Purposes
  • “Personal Data” means any information relating to an Identified or Identifiable Natural Person (as defined under the GDPR).
  • “Personal Information” means information or an opinion, about an Identified Individual, or an individual who is reasonably identifiable:
    (a) whether the information or opinion is true or not; and
    (b) whether the information or opinion is recorded in a material form or not, including but not limited to names, contact details, financial information, IP addresses, device identifiers, location data, and online identifiers, and includes Personal Data.
  • “Policy” means this privacy policy.
  • Primary Purposes” means any or all of:
    • providing legal services to You;
    • responding to Your enquiries;
    • receiving feedback and dealing with complaints;
    • providing a functional and user-friendly website, including its contents;
    • direct marketing services;
    • providing Our publications, newsletters or other information; and
    • inviting You to Our functions and presentations.
  • “Processing” means any operation or set of operations which is performed on Personal Information or sets of Personal Information, whether or not by automated means, such as collection, recording, organisation, storage, adaptation, retrieval, use, disclosure, dissemination, erasure, or destruction and “Process” has a corresponding meaning.
  • “Secondary Purposes” means any or all of:
    • confidential alternative dispute resolution processes;
    • the establishment, exercise or defence of a legal or equitable claim;
    • our having reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to Our functions or activities has been, is being or may be engaged in; and
    • our being authorised by or under an Australian law or a court/tribunal order.
  • “Sensitive Information” includes information about Your racial or ethnic origin, health, religious beliefs, criminal record, membership of a trade union or membership of a professional or trade association.
  • “Supervisory Authority” means an independent public authority in an EU Member State, responsible for monitoring compliance with data protection laws under the GDPR. This includes, but is not limited to, the Information Commissioner’s Office in the United Kingdom, and other national data protection authorities within the European Economic Area.
  • “We” and “Us” means the Company, and “Our” has a corresponding meaning.
  • “Website” means https://argylllaw.com
  • “You” means an individual dealing with Us and “Your” and “Yourself” have corresponding meanings.

14.2. Interpretations:

In this Policy,

  • a reference to a person includes any other entity recognised by law and vice versa;
  • the singular includes the plural and vice versa;
  • any reference to any of the parties by their defined terms includes that party’s executors, administrators or permitted assigns, or being a company, its successors or permitted assigns;
  • a reference to any Act or law includes all Acts and laws amending, consolidating or replacing same and a reference to an Act includes all regulations, local laws, by-law and principles made under the Act;
  • a reference to this or other document includes the document as varied or replaced regardless of any change in the identity of the parties;
  • headings and sub-headings are inserted for ease of reference only and do not affect the interpretation of this Agreement.
  • if a provision in this Policy is held to be illegal, invalid, void, voidable or unenforceable, that provision must be read down to the extent necessary to ensure that it is not illegal, invalid, void, voidable or unenforceable.
  • if it is not possible to read down a provision as required in a clause, that provision is severable without affecting the validity or enforceability of the remaining part of that provision or the other provisions in this Policy.