Your personal information is important to us

Vander Kraats & Associates operates https://www.vdk.com.au/ (the “Site”). Vander Kraats & Associates and its associated entities (“us”, “we”, or “our”) recognises that your privacy is very important and believes that information received by us that can be used to identify an individual user (“you”, “your”, “User”) should be treated with respect.

This page informs you of our policies regarding the collection, use and disclosure of personal information we receive from users of the Site. We use your personal information only for providing and improving the Site.

By using the Vander Kraats & Associates Site and/or Services covered by this Policy and providing Personal Information to us, you agree that we can communicate with you electronically regarding security, privacy and administrative issues relating to your account information, and you agree to the collection and use of information in accordance with this policy.

 

Relevant regulations

Vander Kraats & Associates is bound by the Australian Privacy Principles (“APPs”) and the Privacy Act 1988 (Cth) (“Privacy Act”). Accordingly, we have adopted a privacy policy to comply with the APPs which includes policies and procedures to protect the personal information that we collect about you.

International regulatory expectations on requirements for collecting and sharing personal data have continued to evolve and guidance from Data Protection Authorities have further clarified expectations around how cookies and online collection of personal data is obtained. This can be seen through European laws, such as General Data Protection Regulation (“GDPR”) and Europe’s ePrivacy Directive, and the California Consumer Privacy Act (“CCPA”), a data privacy law which applies to certain businesses that collect personal information from California residents.

These and other international regulations and legislation continue to evolve in terms of collecting, using, and retention of personal data. Vander Kraats & Associates is committed to complying with applicable data protection laws, as is reasonable in the usual course of business.

 

Definitions of key terms

“collect”
Personal information, including sensitive information, will be ‘collected’ if it is received or taken from a generally available public document and then stored in a record.

“consent”
You can give consent either:

(a) expressly – express consent is given explicitly either in writing or orally; or
(b) impliedly – your consent will be implied where your consent can be inferred from your conduct and our conduct.

“personal information”
Personal information is defined in the Privacy Act. In summary, personal information is information or an opinion about an identifiable person, or a reasonably identifiable person no matter whether:

(a) the information or opinion is true or false; and
(b) the information or opinion recorded in a material form or not.

Some examples of personal information include a person’s name, address and date of birth.

“sensitive information”
Certain types of personal information are listed in the Privacy Act as being ‘sensitive information’.

Some examples of sensitive information are information or an opinion about a person’s racial or ethnic origin or membership of a trade union, and information or opinions about a person’s health or health services provided to that person.

 

What this Privacy Policy does not apply to

This Privacy Policy does not apply to:
(a) acts or practices of Vander Kraats & Associates that are directly related to employee records of current or former employees; and
(b) information about companies, individual partners or sole traders acting in a business capacity.

 

Why do we collect your personal information?

We only collect personal information if it is considered reasonably necessary to pursue at least one of our functions and activities in the course of providing legal services. In support of our provision of legal services we also carry out the following ancillary or related functions and activities:
(a) human resource activities (associated with employment);
(b) marketing and public relations activities; and
(c) accounting and corporate administration.

 

Information collection and use

While using our Site, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. We will keep your information secure by taking appropriate technical and organisational measures against its unauthorised or unlawful processing and against its accidental loss, destruction or damage. We will do our best to protect your personal information but we cannot guarantee the security of your information which is transmitted to our website, applications or services or to other websites, applications and services via an internet or similar connection. If we have given you (or you have chosen) a password to access certain areas of our websites, applications or services, please keep this password safe – we will not share this password with anyone.

 

What personal information do we collect about you?

The personal information we collect about you will vary depending upon how we interact with you. Examples of some ways we collect personal information include:

(a) we are instructed to provide legal services to you or in connection with a matter in which you are involved, or you inquire about us providing you legal services;
(b) you provide us, or one of our staff members, with your business card;
(c) you attend an event that we organise;
(d) you apply for a job with us or submit an expression of interest application; or
(e) you supply goods or services to us.

Examples of personal information that we collect include details like your address, telephone number and email address. We may also collect details such as your date of birth, your title or job description and employer or organisation.

From time to time, we may also be required to collect sensitive information about you in order to provide our services, for example information about your health or your ethnicity. We will only collect sensitive information if you consent to its collection and if the sensitive information is reasonably necessary for us to carry out at least one of our functions or activities, or if the APPs otherwise permit such collection.

 

How do we collect information about you?

Directly from you: We usually collect your personal information from you directly when we speak to you on the telephone, when we correspond with you by letter or email, when we meet with you in person, if you provide us with documents that contain your personal information or you provide information to us through our website. When we collect personal information from you we will do it in a lawful, fair and non-intrusive way.

From third parties: Sometimes we will collect your personal information from a third party. We will only do this if it is unreasonable or impracticable to collect the information from you directly or if we are required or authorised by an Australian law or court/tribunal order to do so.

Information you give us about someone else: If you supply us with the personal information of a third party, such as a spouse, colleague or friend, we accept that information on the condition that you have all the rights required from that third party to provide that personal information to us to use for our functions and activities.

Dealing with us anonymously: If you wish to deal with us without giving us any of your personal information, you may do so on an initial enquiry. However, we will not be able to give you advice or otherwise represent you on a legal matter, unless you provide us with all necessary personal information.

 

Log Data and Cookie Collection

Like many site operators, we collect information that your browser sends whenever you visit our Site (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics. In addition, we may use third party services such as Google Analytics that collect, monitor and analyse this. This information is used to continually improve our website and services to you. There are some cases where we will disclose your personal information.

  1. When required by law to comply with court orders or police investigations.
  2. When we need to protect our rights or income or we reasonably believe that it is in the best interests of other user’s rights.
  3. If all or part of Vander Kraats & Associates is sold to or merged with another company.
  4. Any third party that you have consented to having your personal information.

Cookies are small text files which are transferred from our websites, applications and services and stored on your devices. We use cookies to help us provide you with a personalised service and to help make our Site and services better for you. Our cookies may be session cookies (temporary cookies that identify and track users within our Site which are deleted when you close your browser or leave your session) and targeting cookies (cookies which enable our Site to “remember” who you are and to remember your preference within our Site, as well as which may be used in targeted marketing and remarketing as mentioned below).

 

Receipt of unsolicited personal information

If we receive personal information that we did not take any active steps to collect, we will determine whether we would have been permitted to collect that information as part of pursuing our functions and activities.

We will destroy or de-identify unsolicited personal information that we would not collect as part of our functions and activities if it is lawful to do so and in accordance with our document destruction policy. If the information is of the type that we would collect to pursue our functions and activities it will be protected by our privacy policies and procedures.

 

What do we do with your personal information?

Generally, we will only use or disclose your personal information for the purpose that we collected it for.

However, we may use or disclose your personal information for secondary purposes that relate to our functions and activities if we have your consent do so or without your consent if the APPs permit us to do so, for example if you would reasonably expect us to use your information for the secondary purpose. We will only use your personal information for a secondary purpose if it is related to the reason why we collected your personal information.

We will only use your sensitive information for the purpose for which we collected the sensitive information about you.

In some circumstances we are permitted or authorised by or under an Australian law or a court/tribunal order to use or disclose your personal and sensitive information. For example, if our disclosure of your information will reduce or prevent a serious threat to life, health or safety or our disclosure is in response to any unlawful activity.

Any personal information given to Vander Kraats & Associates will not be shared, sold, or given to any third parties, unless required or authorised under the exemptions set out in the Privacy Act.

 

Authorised Service Providers

Vander Kraats & Associates uses some authorised service providers to collect and store your data. For example, the data you submit in forms on our website is collected securely in the form builder software we use, before it is securely posted to our customer relationship management software and our email marketing provider.

Vander Kraats & Associates only uses authorised service providers that guarantee compliance with the GDPR, and where we have signed a binding Data Processing Agreement (DPA) with them.

We may share your personal information with authorised service providers that perform certain services on our behalf. These services may include:

  • Providing customer support
  • Providing customer relationship management (CRM)
  • Processing credit card payments
  • Providing email marketing
  • Providing marketing assistance
  • Performing business and sales analysis
  • Supporting our website functionality
  • Delivering documents and packages

Although these service providers may have access to personal information needed to perform their functions, they have entered into a contract that requires them to use your Personal Information only for the provision of services to us in a manner that is consistent with this policy.

 

Vander Kraats & Associates Employees

Individual Vander Kraats & Associates employees also have access to the data you have submitted to us, either actively or passively. We have policies in place to ensure your data remains secure and confidential and is never shared with third-parties without your express permission.

 

Third-Party websites

There are a number of places on our website or through our services where you may click on a link to access other websites that do not operate under this Privacy Policy. For example, if you click on ‘further information’ link on one of our blog articles, you may be taken to a website that we do not control. We recommend that you consult the privacy statements of all third-party websites you visit by clicking on the “privacy” link typically located at the bottom of the webpage you are visiting.

 

Marketing

Occasionally we may use your information to contact you in regards to products and services we believe may be of interest to you. By submitting any form on the Site, you are agreeing that you are willing to be contacted by Vander Kraats & Associates through our email marketing Software. You have the right at any time to request that we stop contacting you for marketing purposes – to do so, please contact our Privacy Officer by email at reception@vdk.com.au or by post at 291 Warwick Rd, Greenwood WA 6024.

You can also unsubscribe from any email marketing using the links provided in the emails we send you. We may share your hashed information (not personally identifiable) with third party providers such as Facebook, Google, LinkedIn and Twitter to serve targeted advertising/content to you via the relevant third party platform based on your profile and interests. Your information is used by this third party platform to identify your account and serve relevant advertisements to you.

You can control what advertisements you receive via the privacy settings on the relevant provider’s platform.

Visitors can opt out of Google Marketing Platform’s use of cookies by visiting the Google Marketing Platform opt-out page or the Network Advertising Initiative opt-out page.

 

Direct marketing

We may, from time to time, use or disclose your personal information (other than sensitive information) for the purpose of direct marketing if:

(a) we collected the information from you; and
(b) you have consented to us using or disclosing your personal information for direct marketing, or you would reasonably expect us to use or disclose the your personal information for direct marketing purposes.

If we do use or disclose your personal information for direct marketing we will provide you with a simple way to unsubscribe from receiving our direct marketing communications. If you follow our process for unsubscribing, we will no longer send you these communications.

We will not use or disclose sensitive information about you for direct marketing purposes unless we have your consent to do so.

We will also act in accordance with the Do Not Call Register Act 2006 (Cth) and the Spam Act 2003 (Cth).

 

How do we store and protect your personal information?

We take reasonable steps to protect your personal information from misuse, interference, loss, unlawful access, modification and disclosure.

We store hardcopy documents containing your personal information in secure facilities.

Electronic documents are stored with security measures implemented to ensure the security and confidentiality of the documents and the personal information contained in them.

 

Obligations on us to disclose

We may disclose your information if we are legally bound to do so or if, in our reasonable opinion, such disclosure is necessary to prevent harm to ourselves, other users or a third party. We will notify you of such disclosure in all such instances.

 

ASIC requirements

Division 3 of Part 3 of the ASIC Act outlines ASIC’s power to seek various records. Most often the notice will be addressed directly to a company or to an eligible addressee, usually a director, and will order the delivery of specified books and documents. The term ‘books’, as outlined in the ASIC Act is a broad term that can be defined as any form of stored information which include personal data covered by this Privacy Policy. Vander Kraats & Associates is obliged to disclose all information requested by ASIC to ASIC on receiving an appropriate notice under the ASIC Act.

 

Disclosure to overseas recipients

We store the personal information that we collect in Western Australia. However, from time to time our IT suppliers and service providers may be required to access our server and the personal information that we hold on our server to assist with resolving issues and maintenance. Our IT suppliers and service providers may be located in Australia or overseas.

Our arrangements with our IT suppliers and service providers ensure that at all times we maintain control of the information stored on our server and prohibit our IT suppliers and service providers from using or disclosing personal information for purposes other than providing services to us.

 

Access to personal information

If you would like to access the personal information that we hold about you, please write to our Privacy Officer at our contact details set out below. This right is subject to some exceptions allowed by law.

We will respond to your request within a reasonable time. There are some situations set out in the APPs where we will not be able to give you access to personal information. For example if giving you access would breach someone else’s privacy rights.

Generally, we will not charge fees for giving access to personal information. However, we reserve the right to charge reasonable fees where requests for personal information contain complications or are resource intensive.

If you have any questions about the data we have collected from you, you can make a subject access request, or request erasure (forget me) by contacting our Data Privacy Officer by email at reception@vdk.com.au or by post at 291 Warwick Rd, Greenwood WA 6024.

 

 

Vander Kraats & Associates aims to ensure that your personal information is accurate and complete. Please contact Vander Kraats & Associates if the information you have provided changes, and we will use all reasonable efforts to correct the information we hold. If you would like to correct personal information that we hold about you, you can write to our Privacy Officer at our contact details listed below.

 

Dispute resolution

If you are unhappy with the way in which we have handled your personal information, or if you believe that we have failed to meet our privacy obligations or breached your privacy rights, you may make a written complaint to our Privacy Officer. Our contact details are set out below.

The Privacy Officer will review your complaint, consider our conduct in relation to the complaint and the requirements of the APPs, and will consider appropriate action. The Privacy Officer will inform you of its decision within 30 days of receiving the complaint.

If you are unhappy following the determination of the Privacy Officer, you may appeal the determination of the Privacy Officer to our Managing Partner.

If you are not happy with our response, you may contact the Office of the Australian Information Commissioner by phone on 1300 363 992 or by mail at GPO Box 5218, Sydney, NSW 1042 or by email at enquiries@oaic.gov.au.

 

Our contact details

You can contact our Privacy Officer by email at reception@vdk.com.au or by post at 291 Warwick Rd, Greenwood WA 6024.

If you would like to speak to our Privacy Officer please call us on +61 8 9447 7868 and ask to speak to our Manager.

 

Policy reviews

Vander Kraats & Associates will review and revise its policies from time to time. Accordingly, at any time, if any changes are made to this policy, Vander Kraats & Associates will post those changes on the relevant section of its website.