Ming Dao Law Pty Ltd (ACN [insert]) (“Ming Dao Law“, “we“, “our” or “us“) recognises the importance of protecting the privacy and personal information of individuals with whom we interact. We are committed to handling your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This Privacy Policy explains how we collect, use, disclose and store your personal information, and how you may access or correct it or make a complaint.

We may update this policy from time to time by publishing a revised version on our website. We encourage you to review this policy regularly.

“Personal information” means any information or opinion about an identified individual or an individual who is reasonably identifiable, whether the information is true or not and whether recorded in material form or not.

“Sensitive information” is a subset of personal information and includes information about an individual’s racial or ethnic origin, political opinions, religious beliefs, sexual orientation, health information, criminal record, and membership of professional or trade associations.

We may collect your personal information when you:

• Engage or enquire about our legal services;
• Are a party to or otherwise involved in a legal matter we are handling;
• Visit our website or interact with us online;
• Subscribe to our newsletters or marketing communications;
• Register for our seminars or networking events;
• Apply for employment or participate in recruitment processes;
• Are a supplier, service provider, or referral partner; or
• Otherwise interact or communicate with us.

The personal information we may collect includes:

• Name, title, and contact details (e.g. address, email, phone number);
• Gender, date of birth, and nationality;
• Employment and professional details (e.g. job title, employer, qualifications);
• Billing and financial information (e.g. bank details, tax file number);
• Identity documents (e.g. driver’s licence, passport);
• Health, dietary, or access requirements (e.g. for event or office visits);
• Information related to legal matters, including sensitive information.

For recruitment, we may also collect:

• CVs, references, work eligibility, visa details, and criminal history; and
• Sensitive information such as diversity indicators (e.g. cultural background, Aboriginal or Torres Strait Islander status) if you choose to provide it.

Where possible, we will collect your personal information directly from you. This may occur in person, by phone, email, web forms, or through job applications.

We may also collect personal information from third parties such as:

• Clients, referrers, or other persons involved in a legal matter;
• Your employer, legal representative, financial advisor or referee;
• Government agencies, courts or regulators;
• Publicly available sources (e.g. online directories, social media, public registers); and
• Service providers, such as search firms, credit reporting bodies or IT hosts.

If you provide us with personal information about someone else, you must have their consent and notify them of this Privacy Policy.

We may collect, use and disclose your personal information for purposes including:

Legal Practice

• Providing legal services to you or our clients;
• Conducting legal research, conflict checks, due diligence, and matter management;
• Engaging experts, counsel or third-party service providers in legal matters.

Business Operations

• Managing our internal processes (e.g. risk, billing, compliance, reporting);
• Maintaining relationships with clients, partners and suppliers; and
• Assessing and managing employment applications and staffing.

Communication & Marketing

• Sending updates, legal alerts, invitations, and surveys;
• Responding to enquiries, feedback or complaints; and
• Improving our services and understanding user preferences.

Compliance

• Complying with legal, regulatory, or professional obligations;
• Protecting our legal rights and managing disputes or audits; and
• Preventing fraud, cybercrime, or unlawful conduct.

You may opt out of receiving marketing communications at any time by using the “unsubscribe” link or contacting us.

We may disclose your personal information to:

• Clients or third parties involved in a legal matter;
• Legal counsel, consultants, accountants, or expert witnesses;
• Third-party service providers (e.g. IT support, CRM, cloud storage, marketing);
• Insurers, auditors, banks, or regulatory authorities;
• Government bodies, courts, and tribunals where legally required;
• Legal directories and market researchers;
• Entities acquiring our business (as part of a merger or restructure); and
• Affiliates and trusted third parties with your consent.

Some of our IT systems and service providers may be located overseas. When we disclose personal information overseas, we take reasonable steps to ensure that the recipient complies with the APPs or equivalent standards.

Overseas disclosure may also occur when:

• Our client is overseas;
• A matter involves international jurisdictions or parties;
• You apply for a role and nominate overseas referees; and
• We collaborate with overseas legal directories or networks.

Our website uses cookies to improve user experience and website performance. Cookies are small files that store data about your visit.

We use:

• Functional cookies to remember preferences;
• Analytics cookies to understand website traffic and usage; or
• Advertising cookies for remarketing via platforms such as Google and LinkedIn.

By using our website, you consent to our use of cookies. You can disable cookies via your browser settings, but this may affect functionality.

Our website may contain links to third-party sites. We are not responsible for the content or privacy practices of those websites. Please review their policies independently.

We take reasonable steps to protect the personal information we hold from misuse, interference, loss, unauthorised access, modification, or disclosure. These measures include:

• Physical security for premises and files;
• Password-protected systems;
• Secure cloud storage providers with encrypted backups; and
• Staff confidentiality obligations and access controls.

You may request access to or correction of personal information we hold about you by contacting our Privacy Officer. We will respond within a reasonable period, usually within 30 days.

We may:

• Require verification of your identity;
• Charge a reasonable administrative fee (where permitted); and
• Decline access in limited circumstances (e.g. legal privilege or unreasonable burden).

If we refuse access or correction, we will explain our reasons unless it is unreasonable to do so.

We retain personal information for as long as is necessary for our legal and business needs, or as required by law. When no longer needed, information is securely destroyed or de-identified in accordance with our data retention policies.

If you have any concerns about how we have handled your personal information or would like to make a complaint, please contact our Privacy Officer.

We will investigate and respond to your complaint within a reasonable timeframe. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

• Website: www.oaic.gov.au
• Email: enquiries@oaic.gov.au

Phone: 1300 363 992

For any queries, requests or complaints about your privacy or this policy, please contact:

Privacy Officer
Ming Dao Law Pty Ltd
Email: info@mingdaolaw.com