Privacy Policy


Geoffrey Mendelson Lawyers (GML) recognise the importance of protecting the privacy and the rights of individuals in relation to their personal information this includes existing and former customers of our clients, potential and existing employees and contractors whom GML collects personal information from or is provided with such information from our clients . This privacy policy details how we collect, hold, use, disclose and manage personal information and your rights in relation to the personal information that we hold about you.

We respect your rights to privacy under the Australian Privacy Act 1988 (Cth) and we comply with all of the Act’s requirements in respect of the collection, use, management, disclosure, quality, security, access to and correction of your personal information.

What is your personal information?

When used in this privacy policy, the term “personal information” has the meaning given to it in the applicable Act. In general terms, “personal information” means any information about an identifiable individual. This may include an individual’s name, address, telephone number, email address, credit card details, account number, and profession or occupation. If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information.

What personal information do we collect & hold?

We collect and hold a range of personal information in carrying out a business and functions as a legal services provider. The kinds of personal information that we collect and hold about you will depend on the nature of our relationship with you. We may collect the following types of personal information:

Where applicable we may also collect and hold health information about you where you make such information available to us.

It is important to appreciate that much of the personal information we collect and hold is done so by us when we are acting as the “agent” or service provider of our client. For example, we provide litigation and debt recovery services for many Australian companies, from retailers to banks and other institutions. We have set out in the Annexure to this policy some more detail around the information we may collect and hold in respect of each of our key businesses. Please read this carefully.

We may also collect some information that is not personal information because it does not identify you or anyone else. For example, we may collect anonymous data or aggregated information about how users use our websites. We do not re-identify this information to turn it into personal information.

How do we collect your personal information?

Personal information is only collected by lawful and fair means in accordance with the Act. We collect your personal information directly from you or our client unless it is unreasonable or impracticable to do so. When collecting personal information from you, we may collect in ways including:

Some of the personal information GML holds or deals with is not actually collected by GML. Because GML is a legal services provider, much of the data and personnel information we deal with is provided to us by our client, and has not actually been directly collected by GML from the individual concerned.

It is impracticable for us to collect information directly from you when we are acting as the “agent” or service provider of our client, as our client has already collected the relevant information from you (or another third party), and our client has provided it to us for our use in providing services to or on behalf of our client. For example, we act on behalf of many clients in sending written communications. To enable us to do so we may use our client’s database of personal information which our client has supplied to us. It is impracticable for us to “recollect” this information from you directly before we use as requested by our client.

In respect of personal information which is provided to us by our client, where possible we do seek client assurances that all such personal information has been collected lawfully and in compliance with the Privacy Act and that all required consents have been obtained for, and disclosure statements made in respect of, the intended use of that personal information. GML however will not be responsible for, and accepts no liability in respect of, any failure by a client to do so.

We may also collect personal information from third parties who are not our clients including for example, from third party companies such as credit reporting bodies, law enforcement agencies and other government entities.

What happens if we can't collect your personal information?

If you do not provide us with the personal information described above, some or all of the following may happen:

    • we may not be able to provide the requested products or services to you, either to the same standard or at all, or we may not be able to supply services to our clients which will enable our clients to do the same; or
      we may not be able to provide you with information about products and services that you may want, including information about discounts, sales or special promotions, or we may not be able to supply services to our clients which will enable our clients to do the same; or
      we may be unable to tailor the content of our websites to your preferences, or we may not be able to supply services to our clients which will enable our clients to do the same; or
      if you are a client of ours, we may not be able to provide you with the products and services you require; or
      if you are a prospective employee, we may not be able to hire you; or
      if you are our employee, it may be a breach of your employment conditions to not provide us with the information; or
      if you are a contractor to us, you may not be able to provide your services to us.
  • For what purposes do we collect, hold, use & disclose your personal information?

    We collect personal information about you so that we can perform our legal services business activities and functions.

    We collect, hold, use and disclose your personal information for the following purposes, in each case, either on our own behalf or when acting on behalf of a client:

    Where you are our employees, we may collect, hold, use and disclose your personal information for all purposes connected with our employment relationship. This includes hiring you, training you, administering your personnel records (including pay and leave records), and managing your performance.

    We may also use your personal information for other purposes related to those described above, and/or for a purpose for which you would reasonably expect it to be used, as permitted by the applicable Act.

    Except as provided below, your personal information will not be shared, sold, rented or disclosed other than as described in this Privacy Policy. We do not disclose personal information we obtain when acting on behalf of one client, to any other client, unless directed by the client.

    GML sometimes handles personal information relying on exemptions under the applicable Act. Under the Australian Privacy Act 1988 (Cth), these include exemptions in relation to

    1. employee records;
    2. related bodies corporate;
    3. provision of services to State or Territory authorities; and
    4. overseas operations relating to personal information of non-Australians. Any permitted handling of personal information under such exemptions will take priority over this Privacy Policy to the extent of any inconsistency.

    To whom may we disclose your information?

    We may disclose your personal information to:

    We may combine or share any information that we collect from you with information collected by any of our related bodies corporate. Our clients may do likewise.

    Direct marketing materials

    We may send you direct marketing communications and information about our products and services that we, or our clients, consider may be of interest to you. These communications may be sent in various forms, including email, in accordance with applicable marketing laws, such as the Australian Spam Act 2003 (Cth).

    At any time you may opt-out of receiving marketing communications from us by contacting us (see the details below) or by using opt-out facilities provided in the marketing communications and we will then ensure that your name is removed from our mailing list (or where are using a mailing list provided by our client, we will pass your request on to our client).

    We do not provide your personal information to other organisations for the purposes of direct marketing (see also our use of cookies). However, where we are engaged by our clients to act on their behalf in collecting personal information then we will pass that personal information on to our client.

    How can you access and request correction of your personal information?

    You may request access to any personal information we hold about you at any time by contacting us (see the details below). Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you). We may charge you a fee to cover our administrative and other reasonable costs in making the information available to you and, if so, the fees will be $30 per hour of time spent. We will not charge for simply making the request and will not charge for making any corrections to your personal information.

    There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would unreasonably interfere with the privacy of others or would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal.

    If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to correct it. We will consider if the information requires correction. If we do not agree that there are grounds for correction then as required by the applicable Act we will, where requested by you, take reasonable steps to attach to or associate with the information a statement of the correction sought but not made, or a statement that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading.

    What is the process for complaining about a breach of privacy?

    If you believe that your privacy has been breached, please contact us using the contact information below and provide details of the incident so that we can investigate it.

    Our procedure for investigating and dealing with privacy breaches is to ascertain all relevant facts and correspond with those involved (including where relevant our clients), reach a view as to the existence, scope and cause of the issue, and where relevant and appropriate, implement corrective or rectification measures.

    A request for access to the personal information held by GML concerning an individual can be made by that individual to GML on the numbers or address mentioned below or, in cases where GML is acting on behalf of a client, to GML's client. A fee may apply, the amount of which will be advised at the time of application.

    Do we disclose your personal information to anyone overseas?

    We may disclose personal information to our related bodies corporate and third party suppliers and service providers located overseas for some of the purposes listed above.

    Except where specific individual consent has been obtained, we take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information.

    We may disclose your personal information to entities located overseas, including the following:


    We take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorised access, modification or disclosure. We may hold your information in either electronic or hard copy form.

    Personal information is destroyed or de-identified when no longer required for any of the purposes for which it may be lawfully used or disclosed.

    As our website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.


    Our website may contain links to other websites operated by third parties. We make no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices.

    Credit Reporting Privacy Policy – Australia only

    This Credit Reporting Privacy Policy describes our practices in connection with the information we collect and hold about clients when providing commercial credit, in particular:

    In this Credit Reporting Privacy Policy, "credit-related personal information" means one or more of "credit information", "credit eligibility information", "credit reporting information" or "regulated information", as those terms are defined in the Australian Privacy Act 1988 (Cth).

    When you apply for or obtain or guarantee credit from us, the credit-related personal information that we collect from you includes information that identifies you, such as your name, postal address, email address and date of birth and your driver’s license number.

    We may exchange credit-related personal information about you with credit reporting bodies (CRBs) for the purposes of assessing commercial credit applications from you or companies of which you are a director, and also to assess whether to accept a guarantee from you.

    We may use the information we collect from and about you for account management and administrative purposes directly related to the provision or management of the commercial credit we provide to you or to companies of which you are a director.

    We may also report defaults in payment terms or guarantee commitments in relation to commercial credit to CRBs. We may also disclose your credit-related personal information to any guarantor of your obligations to us.

    We may also use the information we collect from and about you to:

    We may disclose your credit-related personal information to our related bodies corporate and third party suppliers and service providers located outside Australia, for the purposes set out in this Credit Reporting Privacy Policy.

    Further details about such overseas disclosures are set out in the section “Do we disclose your personal information to anyone overseas?” of this Privacy Policy.

    For information about the following topics in relation to our handling of credit-related personal information please refer to the applicable section of our Privacy Policy (of which this Credit Reporting Privacy Policy comprises a part):

    Contacting us

    If you have any questions about this privacy policy, any concerns or a complaint regarding the treatment of your privacy or a possible breach of your privacy, please contact us using the details set out below.

    We will treat your requests or complaints confidentially. Our representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in a timely and appropriate manner.

    Please contact us at:

    Geoffrey Mendelson Lawyers
    214 Balaclava Road
    Caulfield North, Victoria 3161
    Phone (within Australia): 1300 489 880

    Changes to our privacy policy

    We may change this privacy policy from time to time. Any updated versions of this privacy policy will be posted on our website.

    This privacy policy was last updated on 30 August 2019.

    Specific examples of Personal Information held by GML

    Business Activity Types of Personal Information held and/ or collected
    Legal services
    • name, address, contact details, payment details including bank account details, credit card information, customer account information including customer debt and associated payment arrangements and payment history.
    • Where we are given access directly to our clients systems, we have access to the personal information held in those systems.
    • Correspondence exchanged with customers.
    Physical Site security
    • Surveillance camera data
    Credit reporting in relation to
    commercial credit
    • See “Credit Reporting Privacy Policy” section of this Policy
    • Personnel records, including employment agreements, pay records, leave records, tax statuses, criminal record checks, superannuation records, training records, performance and disciplinary records
    © Copyright Geoffrey Mendelson Lawyers | Site Designed by Techno Phobia
    Privacy Policy