The Molecular Fisheries Laboratory (MFL or we, us or our) deals with information privacy in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) set out in the Privacy Act. We also comply with the Spam Act 2003 (Cth) which imposes restrictions on sending emails and other types of commercial electronic messages.
What kinds of personal information do we collect and hold?
We collect and hold:
- your contact details, such as office address, home address, telephone numbers and email address;
- your personal details, such as date and place of birth, gender, qualifications, titles, whether or not you are Aboriginal or a Torres Strait Islander, the languages you speak;
- your browsing history on the MFL website and MFL Apps;
- your purchasing history; and
- records of your communications and other interactions with us.
How do we collect and hold your personal information?
We generally collect your personal information directly from you or when you use the MFL Website or a MFL App. However, in some cases, we may receive your personal information from a third party (for instance if we receive a complaint relating to a legal practitioner) or when it is relevant to our statutory responsibilities (for instance other regulators or government entities who have dealt with you).
What would happen if we did not collect your personal information?
Without your personal information we may not be able to process your application or request, perform our statutory functions or provide you with some or all of our services.
What are the purposes for which we collect and hold your personal information?
We collect and hold your personal information to:
- fulfil our functions and responsibilities under, and facilitate compliance with, the Legal Profession Act 2004(NSW) and the legal profession legislation (as defined in the Legal Profession Uniform Law Application Act 2014 (NSW), Professional Standards Legislation, the Corporations Act 2001 (Cth) and associated regulations (which require and authorise us to collect certain information) including:
- maintaining regulatory and corporate records;
- providing information on programs, services and benefits available;
- communicating regarding an enquiry, request for information or use of our services;
- providing information to subsidiaries of the MFL and other professional indemnity insurers;
- analyse your interaction with our personal and electronic services. The information collected from you may be analysed individually and/or aggregated with the information relating to other members to produce statistical information. Insights from this process is used to select and optimise the information, services and advertising we provide to you; and
- provide information to third parties as authorised or required by law.
Use and Disclosure of your personal information
We do not use your personal information or disclose it to another organisation unless:
- it is reasonably necessary for one of the purposes described above;
- having regard to the nature of the information or the circumstances of collection we believe you would expect us to use the information or make the disclosure;
- required or authorised by law or court or tribunal;
- it is necessary to protect the rights, property, health or personal safety of the public or our interests, and it is unreasonable or impracticable to obtain your consent;
- the disclosure is necessary to assist any entity, body or person to locate a person who has been reported missing;
- we have reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to our functions or activities has been, is being or may be engaged in, and we believe that the collection, use or disclosure is necessary in order for us to take appropriate action;
- the assets and operations of our business are transferred to another party as a going concern;
- it is obtain third party services, for example to carry out data analysis or provide information processing services. The use of your information by third parties is strictly controlled; or
- you have provided your consent.
If you operate in a foreign country (or intend to do so) we may send your personal information overseas in response to an inquiry from the relevant authority in that place. The MFL uses the services of certain third party service providers which may have offices or other operations outside of Australia. As a result, your personal information may be disclosed to overseas recipients located in India and China. All service providers that have access to personal information held by the MFL are required to keep the information confidential and not to make use of it for any purpose other than to provide services in accordance with their engagement.
If you do not want your personal information to be disclosed
If you do not want your personal information to be disclosed (for instance, you want to have your name excluded from commercial mailing lists) you should manage your subscriptions via the MFL website or advise the MFL by using the unsubscribe link provided on relevant emails. We will accommodate your request provided that the disclosure is not required by law.
Storage and security of personal information
We take reasonable precautions to protect the personal information we hold from misuse, loss, unauthorised access, modification or disclosure.
Where practicable we implement measures to require organisations to whom disclosure is made to comply with the Privacy Act. If a third party is given access to personal information we take reasonable steps to ensure that the information is held securely and used only for the purpose of providing the relevant service or activity.
We collect personal information through software such as cookies. A cookie is a text-only string of information that a website transfers to the cookie file of the browser on the hard disk of a user’s computer so that the website can remember that user. Without cookies, websites and their servers have no memory. This means that every time a user opens a new webpage on a website, the server where that webpage is stored will treat the user as new and require logon and password. In short, a cookie facilitates a user’s passage through a website.
Rights to access and correction of your personal information
You have the right to access your personal information unless we are permitted by law to withhold that information. Any requests for access to your personal information should be made to the MFL Privacy Officer (see below) in writing. You also have the right to request the correction of any of your personal information which is inaccurate. Any corrections should be advised to MFL in writing.
In some circumstances it may be appropriate and lawful for us to deny access, including if:
- we reasonably believe that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety;
- providing access would have an unreasonable impact on the privacy of another individual;
- the request is frivolous or vexatious;
- the information relates to existing or anticipated legal proceedings between you and us and the information would not be accessible by the process of legal discovery in those proceedings;
- giving access would reveal our intentions in relation to negotiations with you and prejudice those negotiations;
- we have reason to suspect that unlawful activity, or misconduct of a serious nature, relating to our functions or activities has been, is being or may be engaged in; and giving access would be likely to prejudice the taking of appropriate action in relation to the matter;
- providing access would be unlawful or if denying access is required or authorised under Australian law or a court/tribunal order;
- giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
- giving access would reveal evaluative information generated within the MFL in connection with a commercially sensitive decision-making process.
Further information and complaints
If you require any further information about our management of personal information or have a complaint about our handling of your personal information, you should initially write to the MFL Privacy Officer, who will respond to you within a reasonable time, usually 30 days.
If you are not satisfied with the outcome of your complaint you may contact us further to advise of your concerns and, if we are unable to reach a satisfactory resolution you may write to the Office of the Australian Information Commissioner using the form available at this linkhttp://www.oaic.gov.au/privacy/making-a-privacy-complaint for further review of your complaint.