Privacy Policy


AGH Law (AGH, we or us) respects your privacy and is committed to complying with the Australian Privacy Principles contained in the Privacy Act 1988 (Privacy Act).

This privacy policy sets out how we collect, use, store and disclose your personal information.

We may modify this policy from time to time by publishing it on our website. We encourage you to check our website periodically to ensure that you are aware of our current privacy policy. A copy of the Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner at


Personal information includes information or an opinion (whether true or not) about an identified or a reasonably identifiable individual. We may collect personal information about our clients, prospective clients, business associates, suppliers, contractors, employees and other individuals who come into contact with us.

We may collect personal information from you when:

  • you inquire about, or instruct us to provide you (or your employer or other representative), with legal advice;
  • you subscribe to one of our online services, newsletters, mailings lists or our website;
  • you register for or attend one of our events or seminars;
  • indirectly from you via interviews, correspondence, telephone conversations, emails, business cards, via our website, from media and publications, from other publicly available sources, social media channels and from third parties;
  • we have other business dealings with you (eg as a regulator, a supplier to AGH, or in relation to a transaction); or
  • you apply for, or register your interest in, a role at AGH.

The types of personal information we may collect from you include:

  • general personal or business details such as your name, job title, contact number, address and email address;
  • particularly if you are a client or potential client (or employed or engaged by one), your expertise and business interests and, where relevant, other information such as your membership of professional associations or boards;
  • contact information such as your name, address, email address, phone number, your relationship to another person, the company you work for and your position;
  • your financial or billing information (such as billing address, bank account and payment information); and
  • only where relevant and with your consent, sensitive information (eg where you register for an event or seminar we may ask you for information about your health, any disabilities and special dietary needs; or we may collect this information where we need it to provide you with legal advice).

In addition, if you apply for a job with us, we may collect certain information about you including information about your working history, and relevant records or checks from any recruitment consultant or from your previous employers, universities and others who may be able to assist us in our decision as to whether to make you an offer of employment.

The Privacy Act contains certain exemptions in relation to certain acts undertaken in relation to employee records and related bodies corporate. Where appropriate we make use of relevant exemptions in the Act.

We generally endeavour to collect your information directly from you. However, in some circumstances we may collect your information from third parties, such as your employer or contracting organisation, your business contacts or other organisations that you deal with, regulatory or credit reporting agencies, a service provider or from a publicly available record.


We may use your information to:

  • provide to you and improve our products and services;
  • communicate with you, and build and maintain our relationships with you and our clients;
  • conduct, monitor and analyse our business and internal operations;
  • identify and develop new products and services you may be interested in;
  • send you legal updates, publications, marketing, event details and new product or service offerings (however, if you do not want to receive marketing emails from us, you can opt out at any time using the contact details set out below);
  • perform analytics on matter management, financial performance and event attendance, (however, our analytics are always conducted on a de-identified basis);
  • comply with applicable laws and our other regulatory, accounting, reporting or professional obligations;
  • protect, exercise or defend our legal rights; and
  • process and respond to your requests, enquiries or complaints.

Of course, we are also bound to our clients by professional obligations of confidentiality and legal professional privilege. We will continue to treat and protect all client information we receive (including any personal information) in accordance with these obligations.


We may share your information and also disclose your information to:

  • our employees in order to deliver our services and conduct our business;
  • our service providers, agents and contractors from time to time that provide services to us and/or help us to provide and market our services to you;
  • specific third parties authorised by you to receive information held by us; and
  • other persons, including government agencies, regulatory bodies and law enforcement agencies; or as otherwise required or authorised by law.

AGH does not host or store your personal information outside Australia. AGH do not sell, rent or trade your personal information to or with any third parties. Your personal information may be disclosed confidentially to third parties:

  • as required or permitted by law; or
  • with your consent.


Your personal information is stored in a manner that reasonably protects it from misuse and loss and from unauthorised access, modification or disclosure.

When your personal information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your personal information. However, most of the personal information is or will be stored in client files which will be kept by us for a minimum of seven years.

Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.

Sensitive information will be used by us only:

  • for the primary purpose for which it was obtained;
  • for a secondary purpose that is directly related to the primary purpose; and
  • with your consent; or where required or authorised by law.


While we do not use your browsing information to identify you personally, we may record certain information about your use of our website, such as which pages you visit, the time and date of your visit and the internet protocol address assigned to your device.

We and our ISP also collect information such as the webpages that visitors to our site access, the documents they download, links from other sites they visit to reach our site, and the type of browser they use. However, this information is anonymous (i.e. it does not contain your personal information) and is only used for statistical and website development purposes.

If you have registered to receive electronic client publications or legal updates from us, then we may identify and record when you click on a link to our site that is contained in that publication or update.


We also make limited use of cookies and other similar tracking technologies on this website. We use cookies to measure usage sessions, to better understand how our website is used (including which areas of the site attract traffic). We also use cookies to improve the functionality of our website – for example, if we provide a notice or update regarding a significant change to the law, we may use cookies to ensure that you do not receive this notice with each page you access on our website.

When cookies are used on this site, they are used to store information relating to your visit such as a unique identifier, or a value to indicate whether you have seen a web page. The information collected by a cookie or other tracking device does not contain your personal information.

Most Internet browsers are set up to accept cookies. If you do not wish to receive cookies, you may be able to change the settings of your browser to refuse all cookies or to notify you each time a cookie is sent to your computer, giving you the choice whether to accept it or not.


We may hold your personal information in either electronic or hard copy form. We use a variety of physical and electronic security measures to keep your personal information secure from misuse, interference, loss or unauthorised use or disclosure. For example, we restrict physical access to our offices, employ firewalls and secure databases, password protect our IT systems, frequently update our anti-virus software and conduct regular audit and data integrity checks. All of our employees are also bound to keep your personal information secure and treat it as confidential.

However, we cannot guarantee the security of your personal information. The internet is not a secure environment. If you do use the Internet to send us any information, including your email address, please be aware that it will be sent at your own risk.

Our websites and electronic newsletters may also contain links to other websites operated by third parties. Unless expressly stated otherwise, AGH is not responsible for the privacy practices or the content of those linked websites. The privacy policies that apply to those other websites may differ from our privacy policy, so we encourage individuals to read them before using those websites.


You have rights under the Privacy Act to:

  • request access to personal information we hold about you;
  • ask us to update or correct any information that is inaccurate, incomplete or outdated; and
  • opt-out of receiving direct marketing communications from us.

You can do any of these things by contacting our Privacy Compliance Officer using the contact details below.

If you request access to your personal information or ask us to correct or update information about you, we may need to verify your identity. In some circumstances, there may be a valid reason for us to deny your request to access or correct your information. If we do this, we will tell you why.

Making a complaint

If you think we have breached the Privacy Act, or you wish to make a complaint about the way we have handled your personal information, you can contact us using the details set out below. Please include your name, email address and/or telephone number and clearly describe your complaint.

Any complaint will be investigated by the firm’s Office of General Counsel and the outcome of that investigation communicated to you (please allow at least 30 days for us to do so).

If you are not satisfied with the outcome of any internal investigation that we conduct, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at or on 1300 363 992. More information is available on the OAIC’s website at