Personal information is information about an identifiable individual. Smith and Partners (we, us, our) complies with the New Zealand Privacy Act 1993 (the Act) when dealing with personal information.
We collect and hold two categories of personal information:
- personal information that we collect from or about our clients in the course of providing legal services to our clients (Client Information)
- personal information we collect from or about visitors to our website, people who use services provided via conversations with software applications such as chatbots, and people who subscribe to our newsletter.
We collect, use, disclose and protect Client Information in accordance with our terms of engagement, our duties under the New Zealand Law Society’s Rules of Conduct and Client Care for Lawyers, and any other specific arrangements we have agreed with our clients.
The remainder of this policy sets out how we collect, use, disclose and protect personal information that is not Client Information.
This policy does not limit or exclude any of your rights under the Act. If you would like further information on the Act, see www.privacy.org.nz.
Changes to this policy
We may change this policy by uploading a revised policy onto our website. The change will apply from the date that we upload the revised policy.
This policy was last updated on 1 March 2018.
Who we collect your personal information from
We collect personal information about you directly from:
- you directly, when you provide that personal information to us, including via our website, through any registration or subscription process, through any contact with us (e.g. phone call or email), or when you use services provided via conversations with software applications on our website such as chatbots
- if you provide us with your LinkedIn (or other social media) details, from your LinkedIn (or other social media) account profile page, in accordance with any privacy settings you have set for that account
- third parties where you have authorised this or the information is publicly available.
How we use your personal information
We use your personal information:
- to verify your identity;
- to provide to you, and improve, our website, chatbots and newsletters;
- to market our services and products to you, including electronically (e.g. by text or email);
- to bill you and process payments from you, including authorising and processing credit card transactions;
- to protect and/or enforce our legal rights and interests, including defending any claim and verifying your compliance with any terms under which we have provided our website or chatbots to you;
- for any other purpose authorised by you or the Act.
How we disclose your personal information
Generally, we do not disclose personal information to third parties for them to use for their own purposes. However, we may disclose personal information to:
- any business that supports our website, chatbots and newsletters (including any person that hosts or maintains any underlying IT system or data centre that we use to provide our website, templates and newsletters) but only where necessary for that business to provide those services to us;
- a person who can require us to supply your personal information (e.g. a regulatory authority);
- any other person authorised by the Act or another law (e.g. a law enforcement agency);
- any other person authorised by you.
A business that supports our website, chatbots and newsletters may be located outside New Zealand. This may mean your personal information is held and processed on servers outside of New Zealand.
Protecting your personal information
We will take reasonable steps to keep your personal information safe from loss, unauthorised activity, or other misuse.
Accessing, correcting or deleting your personal information
Subject to certain grounds for refusal set out in the Act, where we hold readily retrievable personal information about you, you have the right:
- to obtain confirmation of whether or not we hold that information
- to access that information
- to request a correction to that information.
If you would like to exercise any of the above rights, email us at email@example.com. Before you exercise these rights, we will need evidence to confirm that you are the person to whom the personal information relates. Your email should provide that evidence and set out the details of your request (e.g. the personal information, or the correction, that you are requesting).
In relation to a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction. If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction.
We may charge you our reasonable costs of providing to you copies of your personal information or correcting that information.
In addition to your rights under the Act, upon request in writing to firstname.lastname@example.org, we will return to you and delete any record we have of your personal information once we have verified evidence of your identity as the person to whom the information relates. Your email should provide that evidence and set out the details of your request (e.g. the personal information and the deletion that you are requesting). We reserve the right to retain your request to return and delete the personal information.
If you do not wish to receive subscription-based messages delivered via our or partner chatbots, you can unsubscribe by using the ‘unsubscribe’ feature offered in every subscription-based message from these chatbots.
While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.