Privacy Policy - DSL Law

Privacy Policy
1. Introduction
DSL Law Pty Ltd as trustee (ABN 33 271 545 016) are referred to in this Privacy Policy as we, us or our.
This Privacy Policy explains how we manage personal information. It also describes your rights to access and correct personal information we hold about you, and how you can make a complaint about our management of your personal information. This is in addition to our obligations of confidentiality to clients and other parties arising from sources other than the Privacy Act.
1.1. Application of this Policy
This Privacy Policy only applies to some of the personal information we manage.
Where information is collected for Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (the AML/CTF Act) compliance purposes this policy will apply. Similarly, where information is collected for both the AML/CTF purposes and the provision of legal services, we may apply the protections described in this policy to all such information.
Where applicable, other personal information we manage remains excluded by applicable exemptions in the Privacy Act.
1.2. Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The current version will be available on our website at https://dsllaw.com.au/privacy-policy/
2. Personal information: what we collect
2.1. Types of personal information
We collect your contact and identity details, financial information and case related information about you and any relevant entity or person. This may include sensitive information.
The types of personal information we may collect includes:
• Identity information: name, date of birth, gender, signature, photographic identification, offices or directorships held;
• Contact information: residential and postal addresses, email addresses, telephone numbers;
• Professional and business information: occupation, employer, job title, professional qualifications, business holdings and structures;
• Financial information: bank account details, billing information, payment card details, tax file numbers*;
• Matter-related information: information relevant to your legal matter or the legal matter of our client;
• Transaction information: details of services provided to you or your organisation;
• Communication records: records of correspondence and communications with you;
• Website and technical data: IP address, browser type, device information, pages visited, cookies (see section 8);
• Recruitment information: employment history, qualifications, references, right to work status, background check results; and
• Sensitive information: including: sexual orientation, racial and ethnic origin, political beliefs, religious affiliation, criminal record, and health information.
2.2. Tax File Numbers
We may collect your Tax File Number (TFN) where it is reasonably necessary to assist with a transaction involving taxation laws, including obtaining a clearance certificate or otherwise complying with obligations under taxation legislation.
We collect TFNs only where authorised or permitted by law, including the Taxation Administration Act 1953 (Cth) and related taxation legislation.
Providing a TFN is generally voluntary. You are not required by law to provide your TFN to us. However, if you choose not to provide your TFN, we may be unable to obtain a clearance certificate or otherwise assist with certain taxation-related aspects of your matter. This may result in withholding obligations, delays or additional administrative requirements applying to the transaction.
We take reasonable steps to ensure that any TFN collected is relevant and necessary for the purpose for which it is collected, and that the manner of collection does not unreasonably intrude upon your personal affairs.
TFNs are treated as highly sensitive information and are stored, used and disclosed only as permitted by law.
2.3. Identity Verification and the AML/CTF Act
We may be required to verify your identity and collect certain information under the AML/CTF Act when we provide designated services. Identity documents might also be required for other services such as court matters, real property transactions and asset dealings.
This includes collecting identification documents and information about the source of funds and beneficial ownership of entities.
3. How we collect personal information
3.1. Sources of information
We collect information directly and indirectly.
Direct Collection
Where reasonable and practicable, we collect personal information directly from you.
This may occur when you:
• engage us to provide legal services;
• respond to communication with us or engage a solicitor or agent to do so;
• contact us by telephone, email, post or in person;
• complete forms or provide documents to us;
• visit our website or use our online services; or
• apply for employment with us.
Indirect Collection
We may also collect personal information about you from third parties, including:
• our client(s), where we collect information in the course of providing legal services;
• other parties to legal proceedings or transactions and their lawyers;
• witnesses of fact, expert witnesses, health care providers and hospitals;
• courts, tribunals, law enforcement and government agencies;
• publicly available sources, including public registers, websites and social media;
• referrers who introduce you to us or lead agencies and advertising sites;
• recruitment agencies and previous employers (for job applicants); and
• identity verification, commercial data brokers and background check service providers.
3.2. Anonymity and Pseudonymity
If you are a client, you have the option of requesting to deal with us anonymously or by using a pseudonym. However, in most cases this is not lawful nor practical for legal services. If you do not provide us with the personal information we request, we may not be able to provide you with legal services or respond to your enquiry.
4. Why we collect personal information
and how we use it
We collect, hold, use and disclose personal information for the primary purpose of providing legal services to our clients, complying with regulatory and insurance obligations and operating our legal practice. This includes:
• providing legal advice and representation to you or to our client(s);
• managing client matters and files;
• conducting legal research and investigations;
• preparing and reviewing legal documents;
• communicating with you and other parties;
• billing and collecting fees, including pursuit of our rights under a Costs Agreement or retainer;
• complying with our legal, professional and insurance obligations; and
• administering and managing our firm.
We may also use and disclose personal information for secondary purposes that are related to our primary purposes, including:
• maintaining and developing our relationship with you;
• quality assurance and improvement of our services, including training our AI models or those of our AI providers (subject to our obligations of confidentiality to you);
• training and professional development;
• ongoing Customer Due Diligence as required by the AML/CTF Act;
• using artificial intelligence and automation tools to assist in delivering legal services, subject to our professional obligations, confidentiality obligations and appropriate contractual safeguards;
• internal reporting and analysis; and
• risk management and insurance purposes.
5. Disclosure of Personal Information
We may disclose personal information to third parties to facilitate the purposes of collection noted in section 4.
Your personal information and confidential data is held by us subject to our duty of confidentiality under the Australian Solicitor’s Conduct Rules (“ASCR”) and any applicable undertakings or court rules.
We may disclose personal information to third parties subject to those obligations and for the purposes described in this Privacy Policy, including:
• to discharge our professional obligations to you or to our clients or in the reasonable execution of our instructions;
• to comply with our legal obligations or in answer to a compulsory notice such as a subpoena or warrant, or to disclose information under the AML/CTF Act, Criminal Code(s), Legal Profession Act or other relevant legislation;
• to barristers, mediators, expert witnesses, investigators and consultants and other legal practitioners engaged to act for you (and/or our client) or in relation to the matter;
• other parties to legal proceedings or transactions as instructed, reasonably necessary or required by law;
• courts, tribunals, government agencies and regulators;
• our professional indemnity insurers;
• a Costs Assessor in the event that an assessment is ordered or reasonably necessary.
• service providers who assist us to operate our business (including IT providers, AI providers, document management providers, and marketing service providers);
• related entities;
• as permitted under the ASCR confidentiality exceptions; and
• any person you expressly or impliedly authorise us to disclose information to.
6. Overseas Disclosure
We will disclose information to overseas recipients where this is reasonably necessary to progress our instructions (dealing with a company with an overseas office, for example).
We may disclose personal information to recipients located outside Australia where reasonably necessary or convenient to facilitate the purposes of collection, holding, use and disclosure of information stated in sections 2 and 5 of this policy.
The following circumstances are common examples when that may apply:
• where your matter involves overseas parties or overseas proceedings;
• to overseas law firms or legal practitioners engaged in a matter;
• to our staff, staff of a related entity or contractors if working or travelling overseas;
• to parties such as regulators and auditors who may use overseas processors or offices;
• to service providers whose systems or servers are located overseas (including cloud storage, AI and IT service providers if we consider that the confidentiality arrangements that will apply to such information is sufficient); and
• where you instruct or authorise us to do so.
Countries where personal information may be disclosed include: United Kingdom, United States, New Zealand, Singapore.
7. Security of Personal Information
7.1. Security Measures
We hold your personal information using a system designed to protect against data breaches, however like all data security systems, risks may only be mitigated but not eliminated. It is our practice to require our storage service providers to be reputable [and to seek assurances from them regarding security and confidentiality].
7.2. Retention and Destruction
We retain personal information for as long as necessary to fulfil the purposes for which it was collected, to comply with our legal and professional obligations and to ensure that pertinent evidence remains available if reasonably required.
8. Third party websites
Our website may contain links to third party websites, such as payment processors. We are not responsible for the privacy practices of those websites, and we encourage you to read their privacy policies.
9. Access and Correction
9.1. Access to and correction of your Personal Information
You have the right to request access to or correction of the personal information we hold about you. To make an access request, please contact our Privacy Officer (see Section 10).
If we refuse to correct your personal information, we will provide written reasons for the refusal and information about how you may complain.
The Privacy Act permits us to refuse access in some circumstances. If we refuse your access request, we will provide you with written reasons for the refusal (unless unreasonable to do so or we are prohibited from doing so by law) and information about how you may complain.
10. Complaints and questions
If you have a question about this policy or complaint about how we have handled your personal information, please contact our Privacy Officer. We ask that you provide details of your complaint in writing. We will acknowledge your complaint within 5 business days and investigate it promptly. We aim to resolve complaints within 30 days. If we need more time, we will keep you informed of our progress.
Privacy officer details and complaints
Privacy Officer, DSL Law
Address: PO Box 368, Biggera Waters Qld 4216
Email: danielle@dsllaw.com.au
Phone: 1300 375 529
If you are not satisfied with our response, you may escalate your complaint to:
Office of the Australian Information Commissioner (OAIC) or the Legal Services Commission.
Website: www.oaic.gov.au
Phone: 1300 363 992
Email: enquiries@oaic.gov.au
Post: GPO Box 5218, Sydney NSW 2001

Ver 1.0 03/06/2026 AML provisions