Privacy Policy
About This Policy
Withstand Lawyers Pty Ltd (“we”, “us”, “our”) is committed to protecting the privacy of every person whose information we handle. This Privacy Policy explains how we collect, use, disclose, store and protect personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles.
By engaging our services, submitting an enquiry through our website, or otherwise providing us with personal information, you acknowledge that you have read and understood this Policy.
Who We Are
Withstand Lawyers is a law firm operating across Australia. We specialise in personal injury and compensation claims including Workers Compensation (NSW), Total and Permanent Disability (TPD) claims (Australia-wide), Public Liability, and Motor Vehicle Accident compensation (including Western Australia). Our principal office is located in New South Wales.
Enquiries about this Policy should be directed to our Privacy Officer using the contact details at the end of this document.
What Personal Information We Collect
We collect personal information that is reasonably necessary to provide legal services. This may include:
- Identity information such as your full name, date of birth, gender, and identification details.
- Contact details including residential address, postal address, email address, and telephone numbers.
- Financial information such as bank account details, superannuation fund details, income history, and government benefit payment details where relevant to a claim.
- Employment information including employer details, occupation, employment history, and workplace injury circumstances.
- Insurance information such as policy details, insurer names, claim reference numbers, and prior claim history.
- Legal history including prior compensation claims or court proceedings where directly relevant to your matter.
- Records of calls, emails, and correspondence between you and our firm.
Sensitive Information
Given the nature of our legal practice, we frequently handle sensitive information. Sensitive information attracts a higher level of protection and we will only collect it with your consent, or where we are otherwise permitted by law.
Sensitive information we may collect includes:
- Health and medical information such as medical records, reports, diagnoses, treatment histories, psychiatric and psychological assessments, and any other health data relevant to your injury or claim.
- Information about a disability including the nature, extent, and functional impact of any physical or psychological impairment.
- Genetic information where relevant to a workplace injury or disease claim.
We will not collect sensitive information that is not reasonably necessary for your matter. You may withdraw consent for collection of sensitive information at any time, however this may affect our ability to run your matter.
How We Collect Your Information
We collect personal information in a variety of ways:
- Directly from you when you contact us by phone, email, or through our website enquiry forms, or when you attend consultations.
- From third parties, with your authority, including medical practitioners, specialists, hospitals, employers, insurers, government agencies, courts, and other legal practitioners.
- From publicly available sources such as court records and public registers, to the extent relevant to your matter.
- Through our website, as described further below.
Why We Collect and Use Your Information
We collect and use personal information for the following primary purposes:
- To assess your legal matter and advise you on your rights and prospects.
- To provide legal representation and conduct your claim on your behalf.
- To communicate with you about your matter, including providing updates, requesting instructions, and responding to your enquiries.
- To correspond and negotiate with insurers, employers, government agencies, and other parties on your behalf.
- To prepare and file court documents and to conduct litigation where required.
- To verify your identity in accordance with our regulatory obligations.
- To issue invoices, receive payment, and manage costs and disbursements.
We may also use your contact information to send you updates about legal changes or our services that may be relevant to your matter. You may opt out at any time by contacting us.
We will not use or disclose your personal information for any purpose other than the primary purpose for which it was collected, unless you have consented or an applicable exception applies.
Disclosure of Your Personal Information
We may disclose your personal information to third parties where it is reasonably necessary to conduct your matter, or where we are required or permitted to do so by law. Recipients may include:
- Medical practitioners, specialists, independent medical examiners, and rehabilitation providers to obtain reports or arrange assessments relevant to your claim.
- Opposing parties, insurers, and their legal representatives as part of negotiations, dispute resolution, or litigation.
- Barristers and counsel briefed to appear in your matter.
- Courts and tribunals as required by the conduct of proceedings or by court order.
- Government agencies relevant to your claim, including those administering workers compensation, superannuation, motor accident compensation, and social security.
- Superannuation trustees and insurers in the conduct of TPD or income protection claims.
- Costs consultants and expert witnesses engaged in connection with your matter.
- Our professional indemnity insurers to the extent necessary for the management of professional risk.
- Third-party litigation and disbursement funders engaged to fund your matter or cover disbursements on your behalf, where you have agreed to such an arrangement.
- Our external accountants or advisors in connection with the management of our practice.
- Third-party service providers engaged to assist us in delivering legal services, including providers of cloud storage, document management, practice management, communications, and technology platforms. These providers are required to handle your information securely and only for the purposes for which it is provided.
We do not sell, rent, or trade personal information to third parties for marketing purposes.
Technology and AI-Assisted Processing
We use a range of technology platforms and tools to operate our firm efficiently and to deliver services to our clients. Some of these platforms incorporate artificial intelligence or automated processing capabilities that may assist with tasks such as drafting, research, document analysis, and information management.
We only use enterprise-grade AI platforms that are subject to formal data processing agreements and contractual confidentiality obligations. We do not use open-source AI models or consumer-grade AI tools to process client information. The enterprise platforms we use do not use client data to train their AI models.
Where we use AI-assisted or automated tools in connection with your matter, those tools are used to assist our lawyers. All legal advice and decisions affecting your matter remain the responsibility of a qualified legal practitioner. We do not use fully automated systems to make decisions about your legal matter without human review.
Personal information processed through our technology platforms is handled in accordance with this Policy. We take reasonable steps to ensure technology providers who may access or process your information maintain appropriate security standards and are bound by confidentiality obligations.
Cross-Border Disclosure
Some of the third-party technology and service providers we engage may store or process personal information on servers located outside Australia, including in the United States of America and other jurisdictions. This may occur in connection with cloud-hosted practice management, document storage, communications, research, or AI-assisted platforms.
Before disclosing personal information to overseas recipients, we take reasonable steps to ensure the overseas recipient does not breach the Australian Privacy Principles in relation to that information. We require overseas providers to maintain security and confidentiality standards consistent with those required under Australian privacy law.
By engaging our services and providing us with your personal information, you acknowledge and consent to the possibility of cross-border disclosure as described above. If you have concerns about cross-border disclosure, please raise them with us before engaging our services.
Our Website
When you visit our website (withstandlawyers.com.au), we may collect non-personal technical data including your IP address, browser type, pages visited, and time and date of access. This information is used to maintain and improve our website.
Our website uses cookies and similar technologies to enhance functionality and user experience. You may adjust your browser settings to decline cookies, though this may affect certain features of the website.
When you submit an enquiry through our website contact form, the information you provide is used solely to respond to your enquiry and, if you proceed, to assess and conduct your matter. Submitting an enquiry does not create a solicitor-client relationship. No confidential information should be included in an initial website enquiry.
Our website may contain links to third-party websites. We are not responsible for the privacy practices of those websites.
Security of Your Information
We implement reasonable technical and organisational measures to protect personal information against misuse, interference, loss, unauthorised access, modification, and disclosure. These measures include:
- Access controls limiting access to personal information to staff members who require it in connection with their role.
- Multi-factor authentication for access to our practice management and communication systems.
- Encrypted data transmission for information sent via our website and electronic communication platforms.
- Secure cloud storage with access controls for client files and documents.
- Regular staff training on privacy obligations and information security practices.
- Prompt revocation of access credentials when staff members leave the firm.
In the event of a data breach likely to result in serious harm to any affected individual, we will comply with our notification obligations under applicable privacy law, including notifying affected individuals as required.
Despite our measures, no method of electronic transmission or storage is completely secure. We cannot guarantee the absolute security of your information.
Retention of Your Information
We retain client files and associated personal information for a minimum of seven (7) years after the conclusion of a matter, as required by applicable professional rules. For matters involving minors, we retain information for seven (7) years from the date the person turns eighteen (18).
We may retain information for longer where required for professional indemnity purposes, ongoing regulatory compliance, or where otherwise required by law.
Once a retention period has expired, personal information will be destroyed or de-identified in a secure manner.
Accessing and Correcting Your Information
You have the right to request access to the personal information we hold about you, and to request that we correct information that is inaccurate, out of date, incomplete, irrelevant, or misleading.
To make an access or correction request, please contact our Privacy Officer in writing using the contact details below. We will respond within 30 days and may ask you to verify your identity before providing access.
We may decline access in limited circumstances permitted by law. If we refuse access, we will provide written reasons and advise you of the options available to you.
Privacy Complaints
If you believe we have handled your personal information in a manner inconsistent with the Australian Privacy Principles or this Policy, you may lodge a complaint with us. We take privacy complaints seriously and will respond promptly and fairly.
Step 1 — Contact our Privacy Officer by email at director@withstandlawyers.com.au
Step 2 — Set out the nature of your complaint in writing, including the relevant facts and the outcome you are seeking.
Step 3 — We will acknowledge your complaint within five (5) business days and provide a substantive response within thirty (30) days.
If you are not satisfied with our response, you may refer your complaint to the relevant privacy regulator in your jurisdiction.
Changes to This Policy
We review this Privacy Policy at least annually and whenever there is a material change to our practices or the law. The current version will always be available on our website at withstandlawyers.com.au/privacy-policy.
Where changes are material, we will take reasonable steps to notify you, for example by a prominent notice on our website.
Contact Us
| Privacy Officer | Withstand Lawyers |
| director@withstandlawyers.com.au | |
| Website | withstandlawyers.com.au/privacy-policy |
This Privacy Policy should be read in conjunction with our Costs Disclosure and any Engagement Letter provided to you at the commencement of your matter.