‍ ‍

Privacy Policy

Firm: Edwards Brown McNally Solicitors (the Firm, we, us, our)
Effective date: 23 June 2026

‍ This Privacy Policy explains how the Firm collects, holds, uses and discloses personal information, and how individuals may access and correct their personal information or make a privacy complaint.

‍We are committed to complying with the Privacy Act 1988 (Cth) (including the Australian Privacy Principles (APPs)) as applicable, and relevant Queensland requirements where they apply to our work and operations.

1. What is “personal information”?

Personal information has the meaning given in the Privacy Act and includes information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether true or not, and whether recorded in a material form or not.

Sensitive information includes information such as health information, criminal record information, biometric information, racial or ethnic origin, political opinions, religious beliefs, sexual orientation, and membership of a professional or trade association.

‍2. The personal information we collect

‍ We may collect personal information including (without limitation):

  • Identity and contact details (name, date of birth, address, phone, email);

  • Client and matter information (instructions, correspondence, invoices, payment details);

  • Employment information (where relevant to a matter);

  • Information contained in documents you provide or we obtain for you;

  • Information about your use of our website or online services (see section 11);

  • Where necessary for legal services: sensitive information, including health or criminal history information.

Where we are acting in a legal matter, we may also collect personal information about other individuals (for example, witnesses, opposing parties, family members, experts, treating practitioners or other relevant persons) as required for the provision of legal services.

3. How we collect personal information

We may collect personal information:

‍ ‍

  • Directly from you (in person, by phone, email, post, online forms, or via client portals);

  • From third parties with your consent or as authorised by law, including:

    • Courts, tribunals, government agencies (including police and prosecutors where relevant);

    • Other lawyers, barristers, experts, investigators, medical providers, insurers;

    • Your employer, family members, agents, or support persons (where appropriate);

    • Service providers (e.g., document production, transcription, eDiscovery, IT support);

  • From publicly available sources (e.g., registers, websites, publications) where relevant.

‍ Where reasonable and practicable, we will collect personal information directly from you.

‍ 4. Why we collect, hold, use and disclose personal information

‍ We collect, hold, use and disclose personal information to:

  • Provide legal advice and legal services and manage your matter;

  • Communicate with you and others in relation to your matter;

  • Perform conflict checks, client onboarding and identity verification;

  • Prepare documents, briefs to counsel, court or tribunal filings and evidence;

  • Liaise with courts, tribunals, government agencies and third parties;

  • Manage billing, accounts, trust accounting (where applicable), and debt recovery;

  • Improve our services, operations, and client experience;

  • Comply with legal, regulatory and professional obligations;

  • Maintain business records, insurance, risk management and security.

If you do not provide requested information, we may be unable to act for you or to provide services effectively.

5. Legal basis and consent (including sensitive information)

‍Where we collect sensitive information, we will generally do so with your consent, unless collection is otherwise permitted by law (for example, where it is necessary for the establishment, exercise or defence of a legal or equitable claim, or otherwise authorised under the Privacy Act).

By engaging us and providing information relevant to a matter, you consent to us collecting, using and disclosing your personal information (including sensitive information) for the purposes described in this Privacy Policy, to the extent required and permitted by law.

‍6. Disclosure of personal information

‍ We may disclose personal information to:

  • Barristers and expert witnesses;

  • Courts, tribunals and dispute resolution bodies;

  • Government agencies and regulators (where required or authorised);

  • Opposing parties and their lawyers (where necessary in the conduct of a matter);

  • Medical providers, employers, insurers, or other relevant third parties (with consent or as authorised);

  • Our professional advisers (e.g., accountants, auditors, insurers);

  • Our service providers (e.g., IT, cloud services, document management, courier, payments);

  • Any person to whom we are required or authorised to disclose information by law.

We take reasonable steps to ensure service providers handle personal information securely and only for authorised purposes.

7. Overseas disclosure

We use third-party, cloud-based service providers in the operation of our business and in providing legal services, including Microsoft 365, Google, and Smokeball (practice management). These providers (and their subcontractors) may store, process or access information outside Australia depending on configuration and service arrangements.

Where we disclose personal information overseas, we take reasonable steps to ensure overseas recipients handle personal information in a manner consistent with the APPs, unless an exception applies.

Locations: May include countries outside Australia depending on provider arrangements.

8. Direct marketing

‍We may send you information about our services, legal updates, or invitations (direct marketing), where permitted by law. You may opt out at any time by using the unsubscribe function (if provided) or contacting us (see section 14).

We do not sell personal information.

9. Anonymity and pseudonymity

‍Where lawful and practicable, you may deal with us anonymously or using a pseudonym. This will generally not be practicable when we provide legal services, conduct conflict checks, verify identity, or comply with legal obligations.

‍10. Security and retention of personal information

‍We take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification or disclosure. Measures may include physical security, access controls, encryption, secure backups, staff training, and policies for handling information.

‍We retain personal information for as long as necessary for the purposes described in this Privacy Policy, including to meet legal, regulatory, professional and insurance requirements. When information is no longer required, we take reasonable steps to de-identify or securely destroy it, where lawful and practicable.

11. Website, analytics, cookies and online services

‍If you visit our website or use our online services, we may collect technical information such as IP address, device information, browser type, pages visited, and usage data. We may use cookies and similar technologies to improve functionality and understand usage patterns.

You can manage cookies through your browser settings. Blocking cookies may affect website functionality.

We are not responsible for the privacy practices of third-party websites linked from our website.

12. Access and correction

You may request access to personal information we hold about you and request correction if you believe it is inaccurate, out-of-date, incomplete, irrelevant or misleading.

To request access or correction, contact us using the details in section 14. We may require verification of identity before granting access or making changes.

We will respond within a reasonable time. We may refuse access in limited circumstances permitted by law (for example, where granting access would prejudice legal proceedings or would reveal confidential legal advice). If access is refused, we will provide reasons where required and lawful.

13. Privacy complaints

If you have a concern or complaint about how we have handled personal information:

  1. Contact us using the details in section 14 and describe your complaint.

  2. We will acknowledge your complaint and investigate it.

  3. We will respond in writing within a reasonable time and take appropriate steps to address any issues.

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC):

14. Contact us

Privacy Contact: Nathan Edwards, Director – Operations Manager
Firm: Edwards Brown McNally Solicitors
Address: 70 Loudon Street, Sandgate QLD 4017
Phone: 07 3269 8511
Email: sandgate@ebmsolicitors.com.au

15. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The latest version will be available upon request and/or published on our website (if applicable). Changes take effect from the effective date shown at the top of this document.