Aubrey Brown Lawyers Privacy Policy

Last updated on 30 June 2026.

Aubrey Brown Lawyers Pty Ltd trading as "Aubrey Brown Lawyers" (ABN 88 131 120 039) ("we", "us" or the "Company") is committed to privacy protection. In our business, and at www.aubreybrown.com.au ("this site"), we understand the importance of keeping personal information private and secure. This privacy policy ("Privacy Policy") describes generally how we manage personal information and safeguard privacy. If you would like more information, please don't hesitate to contact us.

 

The Australian Privacy Principles

We will treat all personal information in accordance with any and all obligations that are binding upon us under the Privacy Act 1988 (Cth) (“Privacy Act”). The Privacy Act lays down 13 key principles in relation to the collection and treatment of personal information, which are called the “Australian Privacy Principles”.

 

 

What is "personal information"?

Personal information held by the Company may include your:

  • Name, job title and date of birth;
  • residential and business postal addresses, telephone/mobile numbers and email addresses;
  • information about your legal matters including communications between you and us;
  • information about your business or organisation; and
  • any information that you otherwise share with us.

 

How we may collect your personal information

We only collect personal information that is necessary for us to conduct our business as Aubrey Brown Lawyers Pty Limited.

 

 

Information that you provide to us

We may collect personal information that you provide to us about yourself when you:

  • use this site to complete an online contact form to contact us;
  • provide information to us by telephone, in person or during a video conference; or
  • send us an email or other communication.

We may also collect personal information from third parties including:

  • our clients;
  • government agencies;
  • law enforcement bodies;
  • public records;
  • Courts or Tribunals;
  • Search agencies;
  • Online searches; and
  • Social media.

 

How we may use your personal information

Your personal information may be used in order to:

  • verify your identity;
  • provide our legal services and run our business including to obtain the services or third party service providers as part of providing our services; and/or
  • maintain and develop our business systems and services where we are otherwise required by law,

and for any other purpose reasonably considered necessary or desirable by the Company in relation to the operation of our business.

From time to time we may email our clients with news, information and offers relating to our services. Your personal information may also be collected so that the Company can promote and market products and services to you. This is to keep you informed of products, services, and special offers we believe you will find valuable and may continue after you cease acquiring products and services from us. If you would prefer not to receive promotional or other material from us, please let us know and we will respect your request. You can unsubscribe from such communications at any time if you choose.

 

 

When we may disclose your personal information

Subject to our professional obligations to our clients, we may disclose personal information:

  • to other entities (such as barristers, experts and/or valuers we have engaged, and other parties involved in dispute resolution) as part of providing our services to our clients;
  • to third party service providers, agents and contractors;
  • to our professional advisers and insurers;
  • to regulators, government agencies and law enforcement agencies or as otherwise required or authorised by law;
  • to others where you have provided your consent for us to do so; and
  • the police or other appropriate persons where your communication suggests possible illegal activity or harm to others.

We do not routinely disclose personal information overseas. We do disclose personal information overseas when it is specifically appropriate to providing our legal services for a particular client.

If we do disclose your information we ensure that the recipient is bound by an obligation of confidentiality, where it is lawful and appropriate to do so (if information is disclosed to a Court or a government body, it will usually not be possible to require that it be kept confidential).

 

 

Sensitive information

We may collect personal information about you that is sensitive information under the Privacy Act, for example, membership of a professional or trade association, health information, criminal record and any other information classified as sensitive under the Privacy Act.

If you provide us with sensitive information, you consent to the collection of that information.

 

 

Contacting us about privacy

If you would like more information about the way we manage personal information that we hold about you, or are concerned that we may have breached your privacy, please contact us by email to enquiries@aubreybrown.com.au or by post.

 

 

Access to your personal information

In most cases, you may have access to personal information that we hold about you. We will handle requests for access to your personal information in accordance with the Australian Privacy Principles. All requests for access to your personal information must be directed to the Privacy Officer by email using the email address provided above or by writing to us at our postal address. We will deal with all requests for access to personal information as quickly as possible. Requests for a large amount of information, or information that is not currently in use, may require further time before a response can be given. We may charge you a fee for access if a cost is incurred by us in order to retrieve your information, but in no case will we charge you a fee for your application for access.

In some cases, we may refuse to give you access to personal information that we hold about you. This may include circumstances where giving you access would:

  • be unlawful (eg, where a record that contains personal information about you is subject to a claim for legal professional privilege by one of our contractual counterparties);
  • have an unreasonable impact on another person’s privacy; or
  • prejudice an investigation of unlawful activity.

We may also refuse access where the personal information relates to existing or anticipated legal proceedings, and the information would not be accessible by the process of discovery in those proceedings.

If we refuse to give you access, we will provide you with reasons for our refusal.

 

 

Correcting your personal information

We will amend any personal information about you that is held by us and that is inaccurate, incomplete or out of date if you request us to do so. If we disagree with your view about the accuracy, completeness or currency of a record of your personal information that is held by us, and you ask us to associate with that record a statement that you have a contrary view, we will take reasonable steps to do so.

 

 

Storage and security of your personal information

We are committed to maintaining the confidentiality of the information that you provide us and we will take all reasonable precautions to protect your personal information from unauthorised use or alteration. In our business, personal information may be stored both electronically (on our computer systems and with our website hosting provider) and in hard-copy form. Firewalls, anti-virus software and email filters, as well as passwords, protect all of our electronic information. Likewise, we take all reasonable measures to ensure the security of hard-copy information.

 

 

Third party websites

You may click-through to third party websites from this site, in which case we recommend that you refer to the privacy statement of the websites you visit. This Privacy Policy applies to this site only and the Company assumes no responsibility for the content of any third party websites.

 

 

Duration of retention of your data

We will only keep your data for as long as is necessary for the purpose for which it was collected, subject to satisfying any legal, accounting or reporting requirements.

 

 

Duration of retention of your data

We will only keep your data for as long as is necessary for the purpose for which it was collected, subject to satisfying any legal, accounting or reporting requirements. At the end of any retention period, your data will either be deleted completely or anonymised (for example, by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning). In some circumstances, you can ask us to delete your data.

 

 

Keeping your information up-to-date

To ensure that your personal information is accurate and up to date, please promptly advise us of any changes to your information by contacting our data protection officer by email at enquiries@aubreybrown.com.au or by post.

 

 

Cookies and web tracking technologies

This site may use cookies and similar web tracking technologies to collect information about your use of this site. This information may be used for purposes including website analytics, personalisation and marketing.

 

 

Your Rights – Serious Privacy Breaches

From 10 June 2025, under Australian law, individuals may seek compensation for serious invasions of privacy (e.g. misuse of personal information or unauthorised surveillance). If you believe your privacy has been seriously breached, you may have the right to take legal action in addition to lodging a complaint with the OAIC.

The OAIC now has enhanced powers, including civil penalties and broader investigation authority.

 

 

Complaints & Oversight

We take privacy complaints seriously. If you’re dissatisfied with our handling of your personal information, you may also lodge a complaint with the Office of the Australian Information Commissioner (OAIC). The OAIC has powers to investigate and enforce compliance under the Privacy Act 1988 (Cth).

 

 

Prohibited Use of Information

We do not permit the use of any personal information obtained via our services for unlawful purposes, including doxxing (the malicious sharing of personal information to cause harm). This is now a criminal offense under Australian law, carrying penalties of up to 7 years imprisonment.

 

 

Data Security & Protection

We maintain robust technical and organisational measures to protect your personal information, including data encryption, access controls, monitoring, and staff training. These practices are aligned with our obligations under the Privacy Act 1988 (Cth) and the Australian Privacy Principles.

 

 

Data Breaches

In the event of a data breach involving personal information that is likely to result in serious harm, we will notify affected individuals and the OAIC, as required by law.

 

 

Changes to this Privacy Policy

From time to time, it may be necessary for us to revise this Privacy Policy. Any changes will be in accordance with any applicable requirements under the Privacy Act and the Australian Privacy Principles. We may notify you about changes to this Privacy Policy by posting an updated version on this site.

 

 

Our Privacy Policy was last updated on 30 June 2026.


If you require any further information about the Privacy Act and the Australian Privacy Principles, you can visit the Federal Privacy Commissioner’s website (see www.oaic.gov.au).

We acknowledge and respect the traditional owners of the land on which we live and work, the Guringai and Darkinjung people.
We pay our respects to Elders past, present and emerging.