(07) 4772 6699 law@mackeywales.com.au
  1. Home
  2. Privacy Policy

Privacy Policy

Last updated: 12 June 2026

Introduction

At Mackey Wales Law (MWL) your privacy matters and we are committed to protecting it and complying with the Privacy Act 1988 (Cth) (Privacy Act).

Under the Privacy Act you have rights in relation to your personal information, such as:

  • ensuring your information is only collected for lawful purposes;
  • ensuring that we have processes in place to protect your information from misuse or interference;
  • ensuring we tell you why we are collecting your information and what information we are collecting; and
  • ensuring that you have a way to access your information and, if necessary, to correct it.

The Australian Privacy Principles are set out in the Privacy Act and govern the way MWL collects, stores, uses, and discloses your personal information.

MWL’s Privacy Policy is relevant to anyone who interacts with, or is considering interacting with, MWL.  It has been developed in accordance with the Privacy Act and the Australian Privacy Principles.

In this policy, the terms ‘MWL’, ‘we’ and ‘us’ refer to Mackey Wales Law Pty Ltd ACN 618 672 030 trading as Mackey Wales Law, and any other person or organisation operating those businesses from time to time.

You’ refers to the person reading this Privacy Policy or whose personal information MWL has collected.

What is ‘personal information’

Personal information refers to information or opinions about you, or that can reasonably be ascertained to be about you, and any relevant entity or person.  It can include information or opinions about

  • racial or ethnic origin;
  • political opinions;
  • membership of political association, professional or trade association or trade union;
  • religious beliefs or affiliations;
  • philosophical beliefs;
  • sexual orientation or practices; and
  • criminal record.

Under the Privacy Act, personal information does not have to be true and can be recorded in a non-material way.

Examples of personal information that we may collect include:

  • Identity information: name, date of birth, gender, signature, photographic identification, offices or directorships held and identification documents such as your Medicare, driver’s licence and passport information;
  • Contact information: residential and postal addresses, email addresses, telephone numbers;
  • Professional and business information: occupation, employer, job title, professional qualifications, business holdings and structures;
  • Financial information: bank account details, billing information, payment card details, tax file numbers;
  • Matter-related information: information relevant to your legal matter or the legal matter of our client;
  • Transaction information: details of services provided to you or your organisation;
  • Communication records: records of correspondence and communications with you;
  • Website and technical data: IP address, browser type, device information, pages visited, cookies (see section 8);
  • Recruitment information: employment history, qualifications, references, right to work status, background check results; and
  • Sensitive information: including sexual orientation, racial and ethnic origin, political beliefs, religious affiliation, criminal record, and health information.

What is ‘sensitive information’ ?

Under the Privacy Act, some types of personal information are also ‘sensitive information’ and this may mean that a higher standard of care applies to it. Sensitive information includes information or opinions about your:

  • health and genetic information (including information about illnesses, disabilities or injuries); and
  • biometric information and biometric templates.

What if you don’t want to provide us with your personal information?

Under the Privacy Act, you have the option of asking to deal with us anonymously or by using a pseudonym.

However for legal services, in most cases this is not lawful or practical.  This means that if you choose not to provide us with the personal information we request, we may not be able to provide you with legal services or respond to your enquiry.

Identity Verification and the AML/CTF Act

We are legally required to verify your identity and collect certain information under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF Act) when we provide designated services.  Identity documents might also be required for other services such as court matters, real property transactions and asset dealings.

This includes collecting identification documents and information about the source of funds and beneficial ownership of entities.

Why does MWL collect, use and disclose personal information?

We collect, use and disclose your personal information for the primary purpose of providing legal services, complying with regulatory and insurance obligations and operating our legal practice.

Secondary purposes include financial management, system improvement, marketing, enforcement of our right to payment, managing the relationship between our firm and former clients once our retainer has concluded.

If you ask us to provide you with a designated service as defined in the AML/CTF Act, we will also collect, use and disclose your personal information to comply with the Customer Due Diligence requirements in the AML/CTF Act, which requires us to:

  • establish and verify your identity before providing designated services to you or the person you are acting on behalf of;
  • assess and manage potential money laundering, terrorism financing, proliferation financing risks or related compliance risks associated with the provision of our services; and
  • make reports and meet record keeping obligations required by law under the AML/CTF Act.

We will never sell or otherwise disclose your personal information to third parties for financial gain.

How does MWL collect your personal information?

We collect information directly from our clients, from other lawyers, from government sources and from public sources such as registers websites and third parties.

Direct Collection

Where reasonable and practicable, we collect personal information directly from you.
This may occur when you:

  • ask or engage us to provide legal services;
  • respond to communication with us or engage a solicitor or agent to do so;
  • contact us by telephone, email, post or in person;
  • complete forms or provide documents to us;
  • visit our website or use our online services; or
  • apply for employment with us.

Indirect Collection

We may also collect personal information about you from third parties, including from:

  • our client, where we collect information while providing legal services;
  • other parties to legal proceedings or transactions, their lawyers and associated professional intermediaries such as real estate agents, financial planners, accountants and financial institutions;
  • witnesses of fact, expert witnesses, health care providers and hospitals;
  • courts, tribunals, law enforcement and government agencies;
  • publicly available sources, including public registers, websites and social media;
  • referrers who introduce you to us and advertising sites;
  • recruitment agencies and previous employers (for job applicants);
  • the use of cookies or other similar technology on our website;
  • technology designed to automatically collect personal information sent by your electronic device (such as IP address, device identifier and geolocation data) and non-personal, analytical information;
  • third party service providers; and
  • identity verification and background check service providers.

Regardless of how your personal information is collected, MWL will deal with your personal information in accordance with this Privacy Policy.

Who will MWL disclose your personal information to?

Your personal information and confidential data is held by MWL subject to our duty of confidentiality under the Australian Solicitor’s Conduct Rules (ASCR) and any applicable legal requirements.

We may disclose personal information to third parties subject to those obligations and for the purposes described in this Privacy Policy.  This may include disclosure to:

  • parties to proceedings or transactions and their representatives;
  • discharge our professional obligations to you or to our clients or in the reasonable execution of our instructions;
  • comply with our legal obligations or in answer to a compulsory notice such as a subpoena or warrant, or to disclose information under the AML/CTF Act, the Legal Profession Act 2007 (Qld) or other legislation;
  • government and regulatory agencies as may be necessary or appropriate to establish legal rights and to progress transactions in which we are instructed; and
  • third parties (such as data storage or archiving companies, our regulators or our insurers) who hold or process information for us;
  • barristers, mediators, expert witnesses, investigators and consultants and other legal practitioners engaged to act for you (and/or our client) or in relation to the matter;
  • other parties to legal proceedings or transactions as instructed, reasonably necessary or required by law;
  • courts, tribunals, government agencies and regulators;
  • our professional indemnity insurers;
  • service providers who assist us to operate our business (including IT providers, document management providers, and marketing service providers);
  • related entities; and
  • as permitted under any applicable confidentiality exceptions.

We may also use or disclose your personal information with your consent, which may be asked for and given expressly, or implied from your conduct and interaction with us.

Overseas Disclosure

We will disclose information to overseas recipients where this is reasonably necessary to progress our instructions.

We may disclose personal information to recipients located outside Australia where reasonably necessary or convenient to facilitate the purposes of collection, holding, use and disclosure of information stated in this Privacy Policy.

Common examples of when overseas disclosure apply include:

  • where your matter involves overseas parties or overseas proceedings;
  • to overseas law firms or legal practitioners engaged in a matter;
  • to our staff, staff of a related entity or contractors if they are working or travelling overseas;
  • to parties such as regulators and auditors who may use overseas servers, processors or offices;
  • to service providers whose systems or servers are located overseas (including cloud storage, AI and IT service providers if we consider that the confidentiality arrangements that will apply to such information is sufficient); and
  • where you instruct or authorise us to do so.

Countries outside of Australia where personal information may be disclosed include the United States of America and New Zealand

Call Recording

We may record incoming and outgoing telephone calls with clients, prospective clients and other third parties.

If a call is recorded, the recording may include the caller’s voice, personal information disclosed during the call, and any other information reasonably necessary to document the communication.

Call recordings are made for the following purposes:

  • file and note management, including creating attendance notes and maintaining a reliable record of instructions and communications;
  • staff training and supervision, including reviewing calls to improve client service, consistency and professional standards;
  • quality assurance and risk management; and
  • compliance with legal and professional obligations.

Where practicable, we will notify you at or before recording commences. By continuing with a call after that notification, you are taken to consent to the call being recorded for the purposes set out above.

Call recordings are stored securely and are only accessed by personnel who require access for those purposes, or otherwise as permitted or required by law. We retain call recordings in accordance with our document retention practices and applicable legal requirements.

If you do not want your call to be recorded, you may ask that the matter be dealt with without call recording where reasonably practicable. Alternatively, you may ask to communicate with us by another available means, such as in person, by email or in writing.

Use of personal information for artificial intelligence (AI) and automated decision making (ADM)

We may use artificial intelligence (AI) tools and automated technologies to support our provision of legal services and our internal business operations, including document management, administrative support, legal research assistance and workflow efficiencies. Some of our technology providers may process personal information on our behalf when providing AI-enabled or automated functionality.

Where personal information is used in connection with AI, we take reasonable steps to minimise the information used, assess the privacy, security and confidentiality risks of the relevant tool, and apply appropriate safeguards.

As a general practice, we do not intentionally process sensitive information or confidential client information into open or publicly accessible generative AI tools.  Any exception to this approach will only occur where we are satisfied that there is a lawful basis for doing so, appropriate safeguards are in place and the proposed use is consistent with our professional and legal obligations.  We do not rely solely on AI or ADM to make decisions that significantly affect a party’s rights or interests without appropriate human oversight.

If you would like more information about our use of AI or automated processing of personal information or wish to raise a concern, please contact our Privacy Officer using the details set out in this Privacy Policy.

Security measures

MWL prides itself on the maintenance of up-to-date and technologically advanced computer systems.

To ensure that your personal information is secure, MWL employs a number of means, including:

  • external and internal premises security;
  • a system designed to protect against data breaches such as computer firewall protection, anti-virus software, password restrictions, multi-factor authentication and data encryption;
  • restricted access to files and information;
  • up-to-date technology and computer maintenance to prevent unauthorized access; and
  • document handling and shredding procedures for personal information.

However like all data security systems, risks can only ever be mitigated not eliminated.

MWL will correspond with you via email where you consent by providing us with your email address. In consenting to email communications, you accept the security risks inherent in electronic communications.

Retention and Destruction

We retain personal information for as long as necessary to fulfil the purposes for which it was collected, to comply with our legal and professional obligations and to ensure that information remains available if reasonably required. Personal information will otherwise be deidentified or destroyed as required by the Privacy Act.

Marketing

With your express or implied consent, MWL may from time to time use your personal information such as your address or contact details, or personal information that is also publicly available, to provide you with information about other services that we offer.

If at any time you do not want to receive any information about these services you can:

  • use the ‘unsubscribe’ or ‘opt out’ feature contained in electronic communications; or
  • tell us by telephoning, emailing or writing to us using the details in the Questions, complaints and contacting us section of this Privacy Policy.

Third party websites

Our website may contain links to third party websites, such as payment processors. We are not responsible for the privacy practices of those websites, and we encourage you to read the privacy policies of those providers.

Accessing and correcting your personal information

You have the right to ask us for access or to correct the personal information we hold about you.

Access

To ask for access request, please contact our Privacy Officer (see Questions, complaints  and contacting us section below).  You may only access your own personal information. 

The Privacy Act permits us to refuse access in some circumstances.

If you are not a client or former client, our confidentiality obligations to them and other relevant exemptions under the Privacy Act may preclude us giving you the information requested.

If we refuse your access request, we will provide you with written reasons for the refusal (unless unreasonable to do so or we are prohibited from doing so by law) and information about how you may complain.

Corrections

We take reasonable steps to ensure that the personal information we hold during the currency of your matter is accurate, up-to-date, complete and relevant. For clients, personal information held by us after completion of our retainer will not be monitored for accuracy or completeness unless we receive further instructions from you.

If you believe that personal information we hold about you is inaccurate, out-of-date, incomplete, irrelevant or misleading, you may ask us to correct it.

We will respond to correction requests within a reasonable period. If we correct information that we have previously disclosed to a third party, we will notify that third party of the correction if you ask us to.

If we refuse to correct your personal information, we will provide you with written reasons for our refusal and information about how you may complain.

Changes to this Privacy Policy

From time to time, we may change our policy on how we handle personal information or the types of personal information which we hold. Any changes to our policy will be published in the Privacy Policy that is available on our website here: Privacy Policy | Mackey Wales Law

You can also obtain a copy of our current Privacy Policy by contacting us at the details shown below.

Questions, complaints and contacting us

If you have a question about this policy or complaint about how we have handled your personal information, including your request for access to or correction of your personal information you should contact our Privacy Officer.

You will need to provide us with details of your complaint in writing.

We will acknowledge your complaint within 5 business days and investigate it promptly. We aim to resolve complaints within 30 days. If we need more time, we will keep you informed of our progress.

MWL Privacy Officer
The Privacy Officer
Mackey Wales Law
PO Box 6080
Townsville QLD 4812

Email: privacy@mackeywales.com.au 

If you are not satisfied with our response, you may escalate your complaint to:

Additional information on privacy-related complaints can be located here:  http://www.oaic.gov.au/privacy/privacy-complaints.

Privacy Policy

MW

Talk With Us

Book A Consultation

Contact us to start
your resolution today

Name
Email
Phone
Message

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Contact

p. (07) 4772 6699
f. (07) 4721 1649

Postal Address PO Box 6080
Townsville Qld 4810

Address 369 Flinders Street
Townsville Qld 4810

Privacy Policy

Stay In Touch

Queensland Collaborative Law FLPA Member of Queensland Law Society Mackey Wales TSV

Liability limited by a scheme approved under professional standards legislation.

Copyright © 2026 Mackey Wales Law. Powered by Oraclestudio CMS.