Privacy Policy

1. Overview and Scope

Krish Law ("the Firm", "we", "us", or "our") is a leading legal practice operating in Australia. We are committed to protecting the privacy and confidentiality of the personal information we collect in the course of our business.

This Privacy Policy is prepared in accordance with the Privacy Act 1988 (Cth) (the "Privacy Act") and the Australian Privacy Principles (APPs). It describes how we manage "personal information", which is information or an opinion about an identified individual, or an individual who is reasonably identifiable.

2. The Types of Personal Information We Collect

The types of personal information we collect depend on the nature of your interaction with the Firm. This may include:

• Identification and Contact Data: Name, address, email, telephone number, and government-issued identification (e.g., driver’s license or passport) for identity verification.
• Professional and Employment Data: Your job title, employer, professional history, and educational background.
• Financial Data: Bank account details, billing information, and credit-related information where relevant to our services.
• Matter-Related Data: Detailed information provided by you or third parties that is relevant to the legal services we provide, which may include sensitive information.
• Digital Data: IP address, browser type, and information about your interaction with our website collected via cookies and similar technologies.

3. Collection of Sensitive Information

Under the APPs, certain categories of personal information are classified as "sensitive information". This includes information about your racial or ethnic origin, political opinions, religious beliefs, trade union membership, criminal record, or health information.

We only collect sensitive information if it is reasonably necessary for one or more of our functions or activities (such as representing you in a family law or criminal matter) and you have consented to that collection, or if we are required or authorized by law to do so.

4. How We Collect Your Information

We collect information through various transparent methods:

• Direct Collection: Through meetings, telephone calls, letters, emails, and online forms on our website.
• Third-Party Sources: From other parties involved in your legal matter, government agencies (e.g., Land Registry, ASIC), financial institutions, or other professional advisors.
• Public Records: From publicly available databases and social media platforms where relevant to your legal matter.

5. Purpose of Use and Disclosure

We use and disclose personal information for the primary purpose for which it was collected, including:

• Legal Service Delivery: Providing legal advice, conducting litigation, and managing your legal files.
• Client Relationship Management: Communicating with you, processing payments, and conducting internal conflict checks.
• Marketing and Business Development: Sending you legal updates, newsletters, and information about our services (where you have consented or as permitted by the Spam Act 2003 (Cth)).
• Regulatory Compliance: Meeting our professional obligations under the Legal Profession Uniform Law and anti-money laundering legislation.

6. Disclosure to Third Parties

In the course of providing our services, we may disclose your information to:

• Barristers, experts, mediators, and other professional consultants engaged in your matter.
• Courts, tribunals, and opposing parties in the context of legal proceedings.
• Our third-party service providers (IT support, cloud storage providers, and auditors).

We take reasonable steps to ensure that any third-party recipients are bound by confidentiality and privacy obligations.

7. International Data Transfers

Generally, we store your personal information on secure servers located within Australia. However, we may occasionally disclose information to overseas recipients (e.g., foreign legal counsel or international experts). If we do so, we will comply with APP 8 by taking reasonable steps to ensure the recipient does not breach the APPs.

8. Data Security and Retention

The Firm employs high-level security measures to protect your information from unauthorized access, loss, or disclosure. This includes multi-factor authentication, data encryption (at rest and in transit), and physical security at our premises.

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, and to comply with legal record-keeping requirements (typically 7 years for legal files).

9. Your Rights: Access and Correction

You have the right to request access to the personal information we hold about you. You may also request that we correct any information that is inaccurate, out-of-date, or incomplete.

We will respond to your request within 30 days. In some circumstances, we may refuse access where permitted by the Privacy Act (e.g., if access would infringe on the privacy of others or is protected by legal professional privilege).

10. Complaints and Contact Information

If you believe we have breached the APPs, please contact our Privacy Officer. We take all complaints seriously and will provide a written response following an internal investigation.

If you are not satisfied with our handling of your complaint, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.