Privacy Policy

The types of information that we collect depends on how you interact with us. We collect both personal and non-personal information. In this Privacy Policy, "personal information" has the meaning given in the Privacy Act 1988 (Cth) (Privacy Act) and includes information or an opinion (whether true or not) about an identified individual or an individual who is reasonably identifiable.

We may collect personal information about:

• our clients, business associates, potential clients and their personnel;
• individuals in the course of acting for our clients' matters;
• our suppliers and their employees;
• our employees, partners, contractors, former employees, contractors or partners; and
• other individuals who interact with us.

Personal information we may collect includes, but is not limited to: name, date of birth, contact details (such as email address and phone number), occupation, company name, username and password (where applicable), personal preferences, payment details, employment history, education and qualifications, testimonials, feedback, and other information relevant to our business operations, service delivery, marketing activities, or legal obligations. In some cases, we may also collect sensitive information, such as details about professional memberships, criminal records, or health information, where permitted by law.

We may also collect non-personal information automatically when you visit our websites or use our applications, such as your IP address, device and browser type, location information, referring website and the date and time of access.

We will generally collect personal information in the following ways:

• Directly from you, when you provide your details to us, such as through forms, emails, meetings, interviews, event registrations, business cards, online queries, or telephone conversations, as well as when you use our websites, applications, or social media channels;
• Indirectly from your interactions with us, including information generated or recorded when you use our digital platforms, attend our events, particularly in online meetings or webinars, or engage with our services available through our websites, applications and social media channels (including our blogs and LinkedIn channels); and
• From third parties where relevant, such as recruitment agencies, referees, government agencies, credit reporting services or publicly available resources.

We may also use third party analytics providers to help understand how our websites and digital services are used. These providers may use cookies and similar technologies to collect information about your device, browsing activity and usage patterns. You can manage your cookie preferences through your browser settings, but disabling cookies may affect your experience on our sites.

In general, we may collect, hold, use and disclose your personal information for several purposes, including to:

• conduct our business;
• provide and market our products or services;
• communicate with you about our products or services;
• purchase goods or services;
• manage, develop and improve our services, websites and applications;
• assess prospective employees;
• comply with our legal obligations; and
• administer, maintain, support our services and applications.

We may also use or disclose your personal information for other purposes you consent to, or as required or permitted by law. This may include related secondary purposes that you would reasonably expect.

If you wish to unsubscribe from our marketing communications, you can do so using the unsubscribe link in our electronic messages or by contacting us at [email protected] to update your preferences.

We may disclose your personal information (including, in limited circumstances, your sensitive information) for the purposes for which it was collected, including to:

• other members of the MinterEllison Group, on a confidential basis, for business, administrative or service delivery purposes, except where confidentiality obligations prevent this;
• external service providers who assist us in delivering our services, such as IT, data storage, cloud analytics and debt collection providers;
• barristers, consultants, experts or other legal specialists engaged in your matter, or to foreign law firms when required;
• clients, where your information has been collected in the course of providing services to them;
• third parties who help us collect feedback, conduct compliance checks, or support fraud and crime prevention;
• courts, regulators, law enforcement, or other parties where required or authorised by law, or for the establishment, exercise, or defence of legal claims;
• social media channels where we have a presence; and
• any third party to whom we assign or novate our rights or obligations.

We may disclose your personal information:

• to other members of the MinterEllison Group, including those members located in New Zealand, the United Kingdom and China, except where specific confidentiality obligations prevent us from doing so;
• to third parties who assist us in delivering our services or perform functions on our behalf (such as service providers, specialist consultants, and barristers), including those based outside of Australia;
• to courts, tribunals and regulatory authorities;
• to any person or entity you have authorised us to disclose it to; or
• where required or permitted by law.

We may provide links to third party websites which are not operated or controlled by us. We do not make any representations or warranties regarding the privacy practices, content, or security of third-party websites, and they are not governed by this Privacy Policy. Third-party websites should have their own privacy and security policies, which we encourage you to read before supplying any personal information to them.

Subject to the exceptions under the Privacy Act, you have the right to request access to the personal information we hold about you, and to ask us to correct or update any information that is inaccurate, incomplete or out of date. You can do this by contacting our Privacy Officer at [email protected].

To process your request, we may ask you to verify your identity and specify the information you wish to access or amend. In some cases, we may be legally permitted to reduce access or correction. If that happens, we will explain the reason. If a fee applies for providing access, we will let you know the likely cost in advance.

If you have any questions about privacy related issues or wish to complain about a breach of your privacy or the handling of your personal information by us, please contact our Privacy Officer.

Mail: MinterEllison Privacy Officer, 40 Governor Macquarie Tower. 1 Farrer Pl, Sydney, NSW 2000

Email: [email protected]

Any complaint will be investigated by our Privacy Officer, and we will notify you of the outcome as soon as reasonably practicable, typically within 30 days of receiving your complaint.

If we are unable to resolve your concerns to your satisfaction, you may contact the Office of the Australian Information Commissioner (OAIC) for further assistance:

GPO Box 5218
Sydney NSW 2001
Email: [email protected]
Tel: 1300 363 992

www.oaic.gov.au

If you are an individual in a country in the European Economic Area (EEA), we may be required to comply with the EU General Data Protection Regulation 2016/679 (the GDPR) which applies to us when processing the personal information of individuals (data subjects) who are in countries in the EEA in relation to offering you our products or services or if we monitor any of your behaviour when in those countries. You can read our GDPR Collection Notice here. This includes additional information we are required to tell you in relation to your privacy, including the basis on which we collect your personal information, and your data subject rights under the GDPR. The MinterEllison Group is a data controller for our website and services provided through our website at the address shown above.

We may use Artificial Intelligence ("AI") technology to support the processing of personal information for the purposes outlined in this Privacy Policy. All such AI tools undergo rigorous pre-implementation screening to ensure compliance with applicable ethical, legal and contractual requirements, data privacy and information security. When personal information is processed using AI, we ensure full adherence to relevant data protection laws and regulations.

This Policy will be reviewed periodically to reflect any changes in how we process your personal data, evolving legal requirements, new technologies and shifts in the business environment. A current version will be posted on our website at www.minterellison.com/privacypolicy and a copy may also be obtained by contacting our Privacy Officer (details above).

In this Policy:

MinterEllison Group refers to each MinterEllison Organisation; and the partnerships known as MinterEllison Hong Kong and MinterEllison Rudd Watts in Auckland and Wellington.

MinterEllison Organisations refers to:

• MinterEllison’s offices located in Brisbane, Sydney, Canberra, Melbourne, Perth, Adelaide, London, Beijing, and Shanghai.
• MinterEllison Consulting (ABN 50 017 469 292), MinterEllison Consulting Pty Ltd (ABN 50 077 613 828) and MinterEllison Advisory (ABN 27 632 804 465).
• Any other firm, entity, or company formally associated with these entities.