Privacy Policy
Version: 2.0
Effective Date: 28 June 2026
Last Reviewed: 28 June 2026
Next Review: 28 June 2027
Introduction
At Nurture Law, we understand that our clients entrust us with highly personal and confidential information at some of the most important times in their lives. Whether we are assisting you with estate planning, administering the estate of a loved one, resolving an estate dispute or providing other legal services, protecting your privacy is fundamental to the way we practise.
We are committed to handling personal information responsibly, securely and transparently. We recognise the importance of maintaining the confidentiality of the information you provide to us, including information that is protected by legal professional privilege and our professional duties of confidentiality.
This Privacy Policy explains how Nurture Law Pty Ltd (“Nurture Law”, “we”, “our” or “us”) collects, holds, uses, discloses and otherwise manages personal information in accordance with the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs).
It also explains how you may access or request correction of your personal information, how you may make a privacy complaint and how we will deal with any concerns you raise.
Who We Are
Nurture Law is an Australian law practice specialising in wills and estates law, including estate planning, estate administration, estate litigation, elder law and related legal services.
In providing our services, we collect and manage personal information about our clients, prospective clients, employees, contractors, suppliers and other individuals connected with the legal matters in which we are engaged.
Our Privacy Officer is responsible for overseeing compliance with this Privacy Policy and our obligations under the Privacy Act.
Our Commitment to Privacy
We are committed to protecting your privacy and ensuring that your personal information is handled lawfully and respectfully.
We will:
- only collect personal information that is reasonably necessary for our legal practice and related activities;
- collect personal information by lawful and fair means;
- be transparent about how we collect, use and disclose your personal information;
- protect personal information from misuse, interference, loss and unauthorised access, modification or disclosure;
- take reasonable steps to ensure the personal information we hold is accurate, up to date and complete;
- securely destroy or de-identify personal information when it is no longer required and we are not required by law to retain it;
- respond promptly to requests for access or correction; and
- investigate and respond to privacy complaints fairly and efficiently.
What Personal Information We Collect
The personal information we collect will depend on the legal services we provide and our relationship with you.
The types of personal information we may collect include:
Identity and Contact Information
- full name;
- date of birth;
- residential, postal and email addresses;
- telephone numbers;
- occupation and employment details;
- signatures.
Identification Information
Where required, including to comply with our legal and regulatory obligations, we may collect information used to verify your identity, such as:
- driver’s licence details;
- passport details;
- Medicare card details;
- birth certificate details;
- other government-issued identification;
- verification information obtained through electronic verification providers.
Where possible and appropriate, we seek to minimise the collection and retention of copies of identification documents and instead retain only the verification information required by law.
Financial Information
Depending on the legal services we provide, we may collect:
- bank account details;
- payment information;
- trust account information;
- taxation information;
- superannuation information;
- information relating to companies, trusts and other entities.
Sensitive Information
Some legal matters require us to collect sensitive information as defined by the Privacy Act.
This may include information about:
- health;
- disability;
- family relationships;
- racial or ethnic origin where relevant to legal proceedings;
- other sensitive information necessary to provide legal services.
We will generally only collect sensitive information with your consent or where otherwise authorised or required by law.
Information Relating to Legal Matters
As part of providing legal services, we may collect information relating to:
- estate planning;
- deceased estates;
- trusts;
- companies;
- powers of attorney;
- advance health directives;
- estate disputes;
- court proceedings;
- beneficiaries;
- executors;
- attorneys;
- trustees;
- financial circumstances;
- family circumstances;
- other matters relevant to the legal services we provide.
Employment Information
If you apply for employment or work with us, we may collect information relevant to recruitment and employment, including qualifications, employment history, referee details and information necessary to administer the employment relationship.
How We Collect Personal Information
We generally collect personal information directly from you when you:
- contact us by telephone, email or through our website;
- make an enquiry or arrange an appointment;
- engage us to provide legal services;
- complete client questionnaires, forms or identity verification processes;
- provide instructions or documentation to us;
- communicate with us throughout your matter; or
- apply for employment with us.
In some circumstances, we may collect personal information from other people or organisations where it is lawful and reasonably necessary to do so. This may include collecting information from:
- your authorised representative, attorney or guardian;
- executors, trustees or beneficiaries;
- family members (where appropriate to the legal services being provided);
- accountants, financial advisers and other professional advisers;
- medical practitioners or other health professionals (with your authority or as otherwise permitted by law);
- government agencies;
- courts and tribunals;
- publicly available registers;
- identity verification providers; or
- other third parties authorised by you or otherwise permitted by law.
Where it is reasonable and practicable, we will collect personal information directly from the individual concerned.
Why We Collect Personal Information
We collect, hold, use and disclose personal information so that we can:
- provide legal advice and legal services;
- verify your identity where required;
- communicate with you and others involved in your legal matter;
- prepare legal documents;
- administer estates and trusts;
- conduct litigation and dispute resolution;
- manage trust account transactions;
- comply with our legal, regulatory and professional obligations;
- manage our business operations;
- recruit and manage employees; and
- improve our services.
We will generally only use or disclose your personal information for the purpose for which it was collected or for another purpose that is related, reasonably expected or otherwise authorised or required by law.
AML/CTF and Identity Verification
From 1 July 2026, Australian law requires legal practices providing certain designated services to comply with the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth).
Where those obligations apply, we may be required to collect, verify and retain personal information to:
- identify and verify our clients and, where relevant, beneficial owners and controlling persons;
- assess money laundering and terrorism financing risks;
- conduct customer due diligence and ongoing customer due diligence;
- comply with our reporting and record-keeping obligations; and
- otherwise comply with applicable AML/CTF legislation.
In many cases, we will verify your identity electronically using reputable identity verification providers.
Where permitted by law, we seek to minimise the collection and retention of copies of identification documents and instead retain the verification information necessary to demonstrate compliance. However, in some circumstances another law, regulatory requirement or professional obligation may require us to retain copies of identification documents.
If you do not provide information that we are legally required to collect, we may be unable to provide certain legal services.
Legal Professional Privilege and Confidentiality
As a law practice, much of the information you provide to us is confidential and may also be protected by legal professional privilege.
Legal professional privilege is an important legal protection that preserves the confidentiality of communications between a lawyer and client made for the dominant purpose of obtaining or providing legal advice or for use in existing or anticipated legal proceedings.
We take reasonable steps to preserve the confidentiality of privileged information and only disclose such information where authorised by you, required or permitted by law, or otherwise consistent with our professional obligations.
Disclosure of Personal Information
We may disclose personal information where reasonably necessary to provide legal services or where required or authorised by law.
Depending on your matter, this may include disclosure to:
- courts and tribunals;
- government agencies;
- AUSTRAC;
- the Office of the Australian Information Commissioner;
- law enforcement agencies;
- barristers;
- expert witnesses;
- accountants;
- financial advisers;
- banks and financial institutions;
- identity verification providers;
- information technology providers;
- cloud service providers;
- document storage providers;
- process servers;
- other parties involved in your legal matter; and
- other persons or organisations where you have authorised the disclosure or where disclosure is otherwise permitted or required by law.
We take reasonable steps to ensure that third parties handling personal information on our behalf are subject to appropriate contractual and security obligations.
Overseas Disclosure of Personal Information
Nurture Law uses a number of reputable third-party service providers to assist us in delivering legal services and operating our business. These providers may store, process or access personal information on our behalf.
As a result, personal information may be disclosed to, stored in or accessed from countries outside Australia. Depending on the service provider and the services used, this may include Australia, the United States, Ireland, Singapore, New Zealand, Canada and countries within the European Union.
Examples of technology providers we use include providers of cloud-based practice management, email and document management systems, electronic signature platforms, online forms, accounting software, customer relationship management systems and video conferencing services.
Before disclosing personal information to an overseas recipient, we take reasonable steps to ensure that appropriate contractual, technical and organisational safeguards are in place, or that another exception under the Privacy Act 1988 (Cth) applies.
As our technology providers and their infrastructure may change from time to time, the countries in which personal information is processed or stored may also change.
Website, Cookies and Analytics
When you visit our website, we may automatically collect limited technical information, including your IP address, browser type, device information, pages visited and the date and time of your visit.
Our website may use cookies and similar technologies to improve website functionality, understand website usage and enhance your experience.
Most web browsers allow you to manage or disable cookies through your browser settings. However, disabling cookies may affect the functionality of our website.
Our website may also use analytics services to help us understand how visitors use our website. Information collected for analytics purposes is generally aggregated and does not identify you personally.
Marketing Communications
Where permitted by law, we may send you information about our legal services, seminars, newsletters or other updates that we believe may be of interest.
You may opt out of receiving marketing communications at any time by using the unsubscribe facility provided or by contacting us directly.
We do not sell or rent your personal information to third parties for marketing purposes.
Information Security
Protecting the security of your personal information is a priority for Nurture Law.
We maintain administrative, physical and technical safeguards designed to protect personal information from misuse, interference, loss and unauthorised access, modification or disclosure.
Our security measures include, where appropriate:
- role-based access controls;
- multi-factor authentication;
- secure cloud-based systems;
- encryption and secure transmission technologies;
- information security policies and procedures;
- cyber security monitoring;
- managed information technology services;
- staff privacy and cyber security training; and
- secure document storage and destruction practices.
While we take reasonable steps to protect personal information, no method of electronic transmission or storage is completely secure. Accordingly, we cannot guarantee the absolute security of information.
Data Breaches
Nurture Law maintains a Cyber Security & Data Breach Response Plan to assist us in preparing for, responding to and recovering from cyber security incidents and data breaches.
Where we become aware of a suspected data breach, we will investigate the incident promptly and take reasonable steps to contain and mitigate any risks.
Where required under the Privacy Act 1988 (Cth), we will notify affected individuals and the Office of the Australian Information Commissioner in accordance with the Notifiable Data Breaches Scheme.
Retention of Personal Information
We retain personal information only for as long as it is reasonably required for the purposes for which it was collected, to comply with legal or regulatory obligations, resolve disputes or enforce our legal rights.
Retention periods vary depending on the nature of the information and the legal services provided. Certain records, including information collected for AML/CTF purposes, trust account records and client file records, may be required by law to be retained for specified minimum periods.
When personal information is no longer required and we are not required or authorised by law to retain it, we will take reasonable steps to securely destroy or permanently de-identify the information.
Accessing and Correcting Your Personal Information
You may request access to, or correction of, the personal information we hold about you by contacting our Privacy Officer.
We will respond to requests within a reasonable period and in accordance with the Privacy Act.
In some circumstances, we may lawfully refuse access, including where legal professional privilege applies or another exception under the Privacy Act is available. Where appropriate, we will explain the reasons for our decision.
Links to Third-Party Websites
Our website may contain links to third-party websites, applications or online services for your convenience or information.
Once you leave our website, any personal information you provide to a third-party website will be governed by that website’s own privacy policy and terms of use. Nurture Law does not control, endorse or accept responsibility for the privacy practices, content or security of third-party websites.
We encourage you to review the privacy policy of any third-party website you visit before providing your personal information.
Links to third-party websites do not constitute an endorsement by Nurture Law of those websites, their operators or the products or services they offer.
Privacy Complaints
If you believe we have breached your privacy or have not handled your personal information in accordance with the Privacy Act, you may lodge a complaint with our Privacy Officer.
Complaints should be made in writing and include sufficient information to enable us to investigate the matter.
We will acknowledge your complaint, investigate the issues raised and endeavour to provide a written response within 30 days.
If you are not satisfied with our response, you may make a complaint to the Office of the Australian Information Commissioner.
Office of the Australian Information Commissioner
Website: www.oaic.gov.au
Telephone: 1300 363 992
Contact Us
Privacy Officer
Nurture Law Pty Ltd
Telephone: 07 3174 5730
Email: hello@nurturelaw.com.au
Changes to this Privacy Policy
We may amend this Privacy Policy from time to time to reflect changes in our legal obligations, business practices, technology or the services we provide.
The current version of this Privacy Policy will always be available on our website.
We encourage you to review this Privacy Policy periodically to remain informed about how we manage your personal information.