Phi Finney McDonald is committed to protecting the privacy of our clients and their personal information. This Privacy Policy sets out our guidelines for collecting and managing the personal information of our clients, potential clients and others, including by reference to our obligations under the Australian Privacy Principles contained in the Privacy Act 1988 (Cth).

What types of ‘personal information’ do we collect and hold?

‘Personal information’ is information or an opinion, whether or true or not, and whether recorded in a material form or not, about an identified individual, or an individual who is reasonably identifiable.

In the course of our business, we collect personal information about our clients or potential clients and their associates and contacts, as well as employees, prospective employees, contractors and suppliers.

We may collect and hold the personal information including (but not limited to) names, addresses, contact details, birth dates, occupations, medical histories, details of memberships and associations, bank account details, financial and tax records, family and relationship information and other information which assists or may assist us to provide or market our professional services and to meet our legal and professional obligations.

Some personal information, including information we may collect, is ‘sensitive information’. Sensitive information includes information about a person’s religious or political affiliation, racial or ethnic origin, sexual preferences, physical or mental health or special needs, medical history, criminal record or membership in a trade union or other professional or trade association.

What is your personal information collected for?

We may collect, hold, use and disclose personal information for the following purposes:

  1. Providing legal services and related services, including but not limited to the investigation of potential claims; the preparation, commencement and conduct of proceedings; engaging in confidential alternative dispute resolution processes; and securing disbursement funding and/or litigation funding and/or insurance in connection with your claim.
  2. Reviewing, processing and responding to inquiries and requests for our services from prospective clients.
  3. Marketing, including direct marketing and market research and analysis.
  4. The general conduct and management of our business.
  5. Meeting our legal and professional obligations.

There may be situations where your claim is funded by an overseas-based litigation or disbursements funder, where insurance is obtained in connection with your claim from an overseas-based insurer, or where we consult overseas-based experts, consultants or lawyers regarding your claim. If these situations apply to you, then we may be required to disclose your personal information to recipients outside Australia. There may be other situations where personal information may be disclosed to external third party service providers based outside of Australia, such as when we outsource information technology support, mailing or digital marketing, and financial, administrative or other services in connection with our business. We currently consider that these recipients would most likely be located in the United Kingdom, Canada, New Zealand, Ireland, or the United States.

How is personal information collected and held?

We may collect personal information in a variety of manners, including in face-to-face meetings, by telephone, via hand-completed forms, by email or via online forms completed via our website. We may also engage third parties to analyse our website traffic, which may involve the use of cookies, however any information obtained via this kind of analysis is anonymous.

We may receive personal information about a person by a third party, for example, if a client provides personal information which includes the personal information of a family member.

All personal information we receive is held in secure and confidential files maintained in paper and/or electronic. In some instances, the personal information we hold will be securely stored with third party data storage providers. Because the privacy of your information is important to us, we take all reasonable steps to ensure that personal information held by us is protected from loss or misuse and from unauthorised access, modification or disclosure. These steps include ensuring the security of physical files and restricted access to electronic records. However, we cannot guarantee the security of information about you, and do not accept automatic liability for any loss or damage that may result from our collection, holding, use or disclosure of your personal information.


We may use your personal information to send you information related to the legal services we offer or publications we have produced. Such communications will contain a simple ‘opt out’ procedure for individuals who do not want to receive such materials in future.

Can I access my personal information held by Phi Finney McDonald?

Under Australian Privacy Principles 12 and 13, you have rights to access and seek correction of any of your personal information which we hold. Please address any requests for access and correction of personal information to our Privacy Officer, Kelly Bassett, on 03 9134 7100 or by email at


If you have any concerns about the manner in which we have dealt with your personal information, or if you believe that we may have breached our obligations under Australian privacy law, please contact our Privacy Officer, Kelly Basset, on 03 9134 7100 or by email at We will do our best to respond to you with a reasonable period of time, and no more than one month. If after that time we have not resolved your complaint, you may refer your complaint to the Office of the Australian Information Commissioner on 1300 363 992 or at

Where can I find out more about Australian privacy law?

If you would like more information about Australian privacy law, please visit the dedicated webpage maintained by the Office of the Australian Information Commissioner at