Privacy Policy

This Privacy Policy sets out how Kinny Legal Pty Ltd (ABN 86 613 099 746 / ACN 613 099 746) (together we or us) protect the privacy of personal information that is collected through the website available at www.kinnylegal.com (Website), or directly from you. We are committed to ensuring that your privacy is protected. Please read this Privacy Policy carefully.

About

This Privacy Policy applies to our Website and our activities in connection to our services and related business activities (together our Services). By engaging with our Services, including by using this Website, you agree to the collection, storage, usage and disclosure of your personal information by us in the manner described in this Privacy Policy. We conduct these activities in accordance with our obligations under the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (Privacy Act), which are reflected in this Privacy Policy.

You are not required to provide any personal information to us, but if you do not do so this decision may affect your use of our Services.

This Privacy Policy may be amended from time to time with changes, additions and deletions, at our sole discretion. You should check this page regularly to ensure that you are aware of any changes.  Your continued use of the Website following any amendments indicates that you accept the amendments.

What is personal information?

Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not. This includes sensitive information.

Sensitive information is information or an opinion about your racial or ethnic origin, religious beliefs or affiliations, philosophical beliefs, sexual orientation and/or practices, health information (including genetic information), and biometric information for the purpose of automated biometric verification, biometric identification, or biometric templates.

Sensitive information is subject to a higher level of privacy protection than other personal information. We will only collect sensitive information with consent, in specified circumstances under the Privacy Act, or as otherwise permitted or required by law. We will not use or disclose sensitive information for a secondary purpose unless directly related to the primary purpose of collection and within the reasonable expectations of the individual, or otherwise in specified circumstances under the Privacy Act, or as otherwise permitted or required by law.

Collection of personal information

The information that we collect may include:

• Personal and contact details: this includes information that we collect about you that will assist us in delivering our Services, such as your first and last name, date of birth, gender, email address, mailing address, telephone number, job title and place of employment, and information to verify your identity (if required).

• Service interaction information: this includes information you provide us when requesting an appointment or discussing our Services, and any information you provide us to facilitate our provision of services to you or another person or entity you are representing in your communications with us including about your personal affairs, business affairs and legal needs. 

• Financial information: this includes information such as payment card details and bank account details. We use this information to send to our third-party payment gateways when you make payment for our Services.

• Website and device use information: When you use our Website, we collect information that enables the website to be able to run, including information about your access and use of the Website, your device identity and type, I.P. address and standard web log information, geo-location information, computer and connection details, web traffic to and from our site, page view statistics, advertising data.

• Marketing use information: this includes information provided to us using a marketing or newsletter sign up form.

• Sensitive information: for example, health information.

How we collect Personal Information

We will only collect personal information by lawful and fair means and not in an unreasonably intrusive way. We may collect personal information either directly from you, or from third parties, including where:

• you enquire, register, make an appointment for, receive or sign up to our Services;

• you purchase a product or service or register an account on the website;

• you provide information directly to us through our Services;

• you subscribe to any of our newsletters or interact with our advertising and marketing campaigns;

• you communicate with us generally via: email; letter; telephone; SMS; social applications, services or websites (such as LinkedIn).

We may receive personal information from third parties, for example our clients, government agencies, insurers, third parties who produce any content, advertising, and marketing campaigns for us that you may interact with, our other service providers, and publicly available sources. If we do, we will protect it as set out in this Privacy Policy.

We may also collect personal information from you when you use or access our Website or social media pages. This may be done through use of web analytics tools, 'cookies' or other similar tracking technologies that allow us to track and analyse your Services usage and remember your preferences. While we do not use browsing information to identify you personally, we may record certain information about your use of our website, such as which pages you visit, the time and date of your visit and the internet protocol address assigned to your computer. See ‘How we use cookies’ below.

We may also use web beacons on this Website. Web beacons or clear .gifs are small pieces of code placed on a web page to monitor the behaviour and collect data about the visitors viewing a web page. For example, web beacons can be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page.

Third parties may also use cookies, web beacons, and other storage technologies to collect or receive information from the Website, Service and elsewhere on the internet and use that information to provide measurement services and target ads. You can opt out of the collection and use of information for ad targeting by visiting the Network Advertising Initiative opt out page or using aboutads.info/choices.

Use of personal information

We collect personal information for the primary purpose of providing our services. We may also use personal information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure. We collect and use your personal information:

• to operate the Website;

• to provide information and services to you;

• to respond to your queries about legal documents, advice and services;

• to better understand your needs, enabling us to improve our products and services;

• to confirm your identity;

• for record keeping and administrative purposes, including accounting purposes;

• to administer, operate, protect, improve and optimise the Website, Services and service offerings, and customer experience;

• to comply with our legal obligations, resolve disputes or enforce our agreements with third parties;

• to provide information to courts, tribunals, regulatory authorities, and law enforcement officers as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights;

• to administer and protect our Services;

• to send you marketing and promotional messages and other information that may be of interest to you and for the purpose of direct marketing (in accordance with the Spam Act 2003 (Cth)). In this regard, we may use email, SMS, social media or mail to send you direct marketing communications. You can opt out of receiving marketing materials from us by using the opt-out facility provided (e.g. an unsubscribe link);

• for quality and training purposes; and

• to consider an application of employment from you.

• to provide information to third parties to the extent required to achieve the intended outcomes of the uses outlined above.

You acknowledge and agree that we may also use your personal information in any other manner which is permitted by any agreement that we have in place with you.  

Disclosure of personal information

We may disclose personal information:

• for the purpose of providing information and Services to clients;

• to credit reporting agencies and courts, tribunals, regulatory authorities where clients fail to pay for goods or services provided by us to them;

• to courts, tribunals, regulatory authorities, and law enforcement officers as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights;

• to any other third parties involved in our client's matter, with our client's consent; and

• to third parties, including agents, referral partners, contractors and sub-contractors for the purposes of providing information, products and services to you.

Where you leave a review of our Services, or if you tag us in any of your own material (including any social media post on your personal account) you grant us a non-exclusive, royalty-free, perpetual, irrevocable and fully sub-licensable right to use, reproduce, modify, adapt, publish, translate and create derivative works from, distribute and display such content through the world in any media.

By providing us with personal information, you consent to this disclosure. Where we disclose your personal information to third parties, we will request or otherwise satisfy ourselves that the third party follows the APPs regarding handling your personal information.

If there is a change of control of our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser. We would seek to only disclose information in good faith and where we have sought to maintain confidentiality.

Marketing

We may use your personal information to send marketing and promotional messages and other information that may be of interest to you and for the purpose of direct marketing. This includes where you have signed up to our marketing or promotional newsletters. You can opt out of receiving these communications at any time.

Security

We use third-party cloud providers that provide hosting and data storage in Australia. We retain effective control over any personal information held on our cloud, and the information is handled in accordance with Australia laws.

We take reasonable steps to ensure your personal information is secure and protected from misuse, interference, loss, modification, disclosure or unauthorised access from both internal and external threats. We regularly assess potential risks and take appropriate measures to address those risks. Our security measures include:

• use of reputable cloud software backed by AWS to ensure state-of-the-art cybersecurity protection of data held in the system;

• controlling access to our information technology systems through identity and access management, including passwords and two-factor authentication;

• physical files being secured in locked areas;

• cybersecurity and information handling training of staff.  

However, we cannot guarantee or warrant the security of any information provided to us. We will retain your personal information for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law. Information we are not required to retain by law is securely destroyed. 

If we unexpectedly receive personal information without actively seeking it, we will promptly assess whether its collection aligns with this Privacy Policy. Should we determine that this unsolicited information was not permissible to collect under this Policy and it is not part of a Commonwealth record, we will destroy or de-identify it when feasible and lawful. Importantly, we will never share unsolicited personal details without prior approval.

No information transmitted over the internet can be guaranteed to be secure. We cannot guarantee the security of any information that you transmit to us, or receive from us. The transmission and exchange of information is carried out at your own risk. Although we take measures to safeguard against unauthorised disclosures of information, we cannot assure you that personal information that we collect will not be disclosed in a manner that is inconsistent with this Privacy Policy.

How we use cookies

We may use cookies on our Site from time to time. Cookies are small files that store information on your computer, mobile phone or other device and enable and allow the creator of the cookie to identify when you visit different websites, services, devices and/or browsing sessions. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience of the Service. Persistent cookies can be removed by following Internet browser help file directions. Cookies may enable automatic logins when you visit in the future and may enable content customisation. Cookies allow web applications to respond to you as an individual, and tailor its operations to your needs and preferences by collecting and remembering information about you.

We may also use third party vendor tracking cookies, including Google Analytics. You can opt out of Google's use of cookies or device identifiers by visiting Google's Ads Settings. Alternatively, you may visit the Network Advertising Initiative opt-out page or control the use of device identifiers by using your device’s settings.  You can disable cookies through your internet browser, but our websites may not work as intended for you if you do so.

We use traffic log cookies to identify which pages are being used.  This helps us analyse information about web page traffic and improve our Site by tailoring it to your needs.  We use this information for statistical analysis purposes only, following which the data is removed from the system.

Overall, cookies help us provide you with a better Website, by enabling us to monitor which pages you find useful and which you do not. A cookie does not give us access to your computer or any information about you, other than the data you provide to us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies but you can usually modify your browser settings to decline cookies if you prefer. This may, however, prevent you from taking full advantage of the Site.

Links to other websites

From time to time we may include embedded content from, and links to, other websites. Those websites are not under our control. The links and embedded content are provided for your convenience only and may not remain current or be maintained. Unless expressly stated otherwise, we do not guarantee website links or policy or privacy practices of third parties; and we do not endorse, and are not responsible for the content, validity, accuracy or your use of, those websites. You should check the privacy policy and terms of use for those websites before you use them. Our Privacy Policy will no longer apply once you leave our website.

You may not create a link to the Website from another website (other than to the home page) without our prior written consent, which may be given or withheld at our sole discretion.

Controlling and restricting the collection and use of your personal information

Providing us with your personal information is optional to you. You can choose not to provide personal information.  When you provide us with your personal information, you consent to the terms in this Privacy Policy, and to us disclosing or receiving your personal information for these purposes.  We will not sell, distribute or lease your personal information to third parties unless we have your permission or are legally required to do so.

You may choose to restrict the collection or use of your personal information.  If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us, details below.

Requesting details about your personal information

You may request details of personal information that we hold about you in accordance with the Privacy Act. A small administrative fee may be payable for the provision of information. If you would like a copy of the information which we hold about you, please email us. We reserve the right to refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act. We may need to verify your identity before providing you with your personal information. In some cases, we may be unable to provide you with access to all your personal information and where this occurs, we will explain why. We will deal with all requests for access to personal information within a reasonable timeframe.

Correcting your personal information

If you believe that any information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us, details below. We rely in part upon clients advising us when their personal information changes. We will respond to any request within a reasonable time and will endeavour to promptly correct any information found to be incorrect so that the information is accurate, up to date, complete, relevant and not misleading.

Notifiable data breach

In the event that there is a data breach and we are required to comply with the notification of eligible data breaches provisions in Part IIIC of the Privacy Act or any other subsequent sections or legislation which supersede this Part IIIC, we will follow our relevant notifiable data breach procedures in compliance with the Privacy Act and relevant laws.

Updates

This Privacy Policy may be updated by us from time to time, and the updated Privacy Policy will apply from the date it is published on our Website or otherwise communicated to you. Each time you use our Website you should revisit this Privacy Policy and familiarise yourself with any changes. Continued use of our Services (including our Website) shall indicate your acceptance of any changes.

Unsubscribe

To unsubscribe from our e-mail database, or opt out of communications, please contact us at the details below.

Enquiries, requests & complaints

Enquiries regarding this Privacy Policy or the personal information we may hold on you, should be addressed with the Privacy Officer, whose contact details are below. 

If you think your personal information, held by us, may have been compromised in any way or you have any other privacy related complaints or issues, you should also raise the matter with the Privacy Officer.

We will ensure your claims are investigated and a formal response will be provided to you, within a reasonable time, considering the circumstances of your claims. If any corrective action is determined to be required, as a result of that investigation, we will take all reasonable steps to rectify the situation and advise you of such, again within a reasonable time considering the circumstances.

If we do not resolve your enquiry, concern or complaint to your satisfaction or you require further information in relation to any privacy matters, please contact the Office of the Australian Information Commission, whose contact details are below.

Office of the Australian Information Commission
Telephone                                 1300 363 992
Email                                        enquiries@oaic.gov.au
Office Address                          Level 3, 175 Pitt Street, Sydney NSW 2000
Postal Address                          GPO Box 5288, Sydney NSW 2001
Website                                    www.oaic.gov.au

If you believe that we have breached the Privacy Act/APPs and wish to make a complaint about that breach then please email us setting out details of the breach. We will promptly investigate your complaint and will endeavour to respond to you in writing within 28 days setting out the outcome of our investigation, what steps we propose to take to remedy the breach and any other action we will take to deal with your complaint. To contact our Privacy Officer, please contact:

Kinny Legal Pty Ltd
Level 21/133 Castlereagh Street
Sydney  NSW  2000
jessicakinny@kinnylegal.com

Last updated

This Policy was last updated on: 11 May 2026.