LEAP Legal Software Pty Ltd ABN 68 085 029 885 (“LEAP” or “we”, “our” or “us”) is bound by the Privacy Act 1988 (Cth) (as amended) (“Privacy Act”), including the Australian Privacy Principles. This Privacy Policy sets out how we treat the personal information that we collect, use and disclose and our procedures regarding the handling of personal and sensitive information, including the collection, use, disclosure and storage of information, as well as the right of individuals to access and correct that information.

From time to time, we may revise or update this Privacy Policy or our information handling practices. If we do so, the revised Privacy Policy will be published on our website, www.leap.com.au.

LEAP may collect personal information in order to conduct our business, to provide and market our services and to meet our legal obligations. By using our website or our services, or by providing any personal information to us, you consent to the collection, use and disclosure of your personal information as set out in this Privacy Policy.

The types of personal information we collect and hold

The types of personal information we may collect and hold includes (but is not limited to) personal information about:

Personal information that we collect and hold may include:

You are not obliged to provide personal information to LEAP. However, in many cases, if you do not provide your personal information to us, we may not be able to supply the relevant product or service that you have requested from us.

In some circumstances, you may provide to us, and we may collect from you, personal information about a third party. Where you provide the personal information of a third party, you must ensure that the third party is aware of this Privacy Policy, understands it and agrees to accept it.

If it is necessary to provide specific services to you, we may collect sensitive information about you. Under the Privacy Act, “sensitive information” includes but is not limited to information or an opinion about an individual’s racial or ethnic origin, religious belief, or criminal record and also includes health information about an individual. However, we will only collect sensitive information from you if you agree to provide it to us, you authorise us to obtain it from a third party or where the collection of the information is required or authorised by or under an Australian law or a Court/Tribunal order or otherwise where the collection is not prohibited under the Privacy Act. We will only use sensitive information in accordance with the Privacy Act and for the purpose for which it is provided.

How personal information is collected and held by us

We collect personal information in the following ways:

We may also collect information about you from third party suppliers and government database services.

We store personal information in computer storage facilities and paper-based files. We take steps to protect your personal information against loss, unauthorised access, use modification or disclosure. Some examples of the steps we take to protect your personal information include:

Collection of personal information through website activity

Information that may identify you as a user may be gathered during your access with our website.

Our website includes pages that use ‘cookies’. A cookie is a unique identification number that allows the server to identify and interact more effectively with your computer. The cookie assists us in identifying what our users find interesting on our website.

A cookie will be allocated each time you use our website. The cookie does not identify you as an individual in our data collection process, however it does identify your Internet Service Provider.

You can configure your web browser to refuse cookies. If you do so, you may not be able to use all or part of our website.

Analytics and Anonymisation

We use Google Analytics, a web analytics service provided by Google, Inc. (“Google”. Google Analytics uses cookies (see above), to help us analyse how users use our site and our products. Although Google Analytics records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you with us.

The information generated by the cookie about your use of the website and products will be transmitted to and stored by Google on servers in your country of residence. Google will use the information on behalf of LEAP for the purpose of evaluating your use of the website and products, compiling reports on activity for us and providing us with other services relating to activity and internet usage. The IP address that your browser conveys within the scope of Google Analytics, will not be associated with any other data held by Google. You may refuse the use of these cookies via the settings in your browser as explained above. You can also opt out of being tracked by Google Analytics in the future by downloading and installing Google Analytics Opt-out Browser Add-on for your current web browser: http://tools.google.com/dlpage/gaoptout?hl+en

Adoption, use and disclosure of government related identifiers

LEAP, or its related body corporates in the ATI Group, may collect some personal information that is a government related identifier.

Personal information from identity documents may be provided to the document issuer or official record holder via third party systems for the purpose of confirming your identity, for example, the Australian Government’s Document Verification Service (DVS). Where LEAP does collect government related identifiers, they are maintained on a separate database for audit and compliance purposes.

LEAP may use or disclose a government related identifier where:

The purposes for which we collect, hold, use and disclose personal information

We collect, hold, use and disclose personal information for a variety of business purposes including:

Direct marketing

We also collect, hold, use and disclose your personal information to:

If you do not wish to disclose your personal information for the purpose of direct marketing or you would like to opt-out of receiving direct marketing communications, you can do so by contacting the LEAP Privacy Officer using the contact details set out below, or by following the instructions to unsubscribe which are contained in a communication that you receive from us.

Who do we disclose personal information to?

The ATI Group and Related Companies

The ATI Group includes our parent company Australian Technology Innovators Pty Ltd, LEAP Group Pty Ltd and their subsidiaries, including CreditorWatch Holdings Pty Limited and its subsidiaries, CNCNA Pty Ltd (trading as eCompanies), InfoTrack Limited (NZ), InfoTrack Group Limited (UK) and its subsidiaries, and LotSearch Pty Ltd. Different companies within the ATI Group provide different services.

The ATI Group may share information with our integration partners to ensure the smooth running of the services which we, and they, provide. These partners include Sympli Pty Ltd and Legal Software Developments Pty Ltd and its subsidiaries, including By Lawyers For Lawyers Pty Ltd and Zaliet Pty Limited (among others) and other partners as mentioned on our website and updated from time to time. At times, we may need to provide personal information to them to help them run their businesses or for reporting purposes. We may also share your personal information within the wider ATI Group and with our service providers for the purposes outlined above.

Third Party Service Providers

We may disclose your personal information to third party service providers who assist us in providing the services you request, including public authorities and providers of information services.

We may also disclose your personal information to third parties who work with us in our business to promote, market or improve the services that we provide, including:

We may also combine your personal information with information available from other sources, including the entities mentioned above, to help us provide better services to you.

Where we do share information with third parties, we require that there are contracts in place that only allow use and disclosure of personal information to provide the service and that protect your personal information in accordance with the Privacy Act. Otherwise, we will disclose personal information to others if you've given us permission, or if the disclosure relates to the main purpose for which we collected the information and you would reasonably expect us to do so.

Disclosure of personal information to overseas recipients

We do not presently disclose personal information to any organisations located overseas; however, we do disclose information in Australia, for the purposes described above, to some multinational organisations that are located both in Australia and overseas, including the United Kingdom, the United States and New Zealand.

European Union – General Data Protection Regulation (GDPR)

If you are a resident of the European Union for the purposes of the GDPR, then in addition to what is set out above, the following applies to you.

LEAP is a data controller and processor for the purposes of the GDPR and by your consenting to this Privacy Policy, LEAP is able to process your Personal Information in accordance with this Privacy Policy.

In providing services to you, LEAP may make use of a number of automated processes using your Personal Information and your activity on our site as tracked by us, in order to provide more tailored and relevant services to you.

In addition to your rights set out above, you may update or rectify any of your Personal Information that we hold about you, in the manner described in the “How you can access your personal information” paragraph above.

How we handle requests to access your personal information

You have a right to request access to your personal information which we hold about you and to request its correction. You can make such a request by contacting the LEAP Privacy Officer using the contact details set out in this policy.

We will respond to any such request for access as soon as reasonably practicable. Where access is to be given, we will provide you with a copy or details of your personal information in the manner requested by you where it is reasonable and practicable to do so.

We will not charge you a fee for making a request to access your personal information. However, we may charge you a reasonable fee for giving you access to your personal information.

In some cases, we may refuse to give you access to the information you have requested or only give you access to certain information. If we do this, we will provide you with a written statement setting out our reasons for refusal, except where it would be unreasonable to do so.

How we handle requests to correct your personal information

We will take such steps (if any) as are reasonable in the circumstances to make sure that the personal information we collect, use or disclose is accurate, complete, up to date and relevant.

If you believe the personal information we hold about you is inaccurate, irrelevant, out of date or incomplete, you can ask us to update or correct it. To do so, please contact us using the contact details listed below.

If we refuse your request to correct your personal information, we will let you know why. You also have the right to request that a statement be associated with your personal information that says you believe it is inaccurate, incomplete, irrelevant, misleading or out of date.

How to contact us or make a complaint

If you have any questions about this Privacy Policy, if you wish to correct or update information we hold about you or if you wish to request access or correction of your personal information or make a complaint about a breach by LEAP of the Australian Privacy Principles (including the way we have collected, disclosed or used your personal information), please contact:

LEAP Privacy Officer
GPO Box 4029 Sydney NSW 2001
quality@leap.com.au
1800 738 524

We will acknowledge and investigate any complaint about the way we manage personal information as soon as practicable. We will take reasonable steps to remedy any failure to comply with our privacy obligations. If you are unhappy with our handling of the complaint, you may contact the Office of the Australian Information Commissioner at https://www.oaic.gov.au/

Last update: 29 May 2019