Search

Quality and consistency through collaboration

Privacy policy

Who are we?

Sparke Helmore [ABN 78 848 387 938] (we, us, our) is an Australian law firm operating as a partnership from ten offices across Australia, Spamil Pty Ltd [ABN 59 828 738 349] is a company that provides services to the partnership (together known as Sparke Helmore).

Sparke Helmore provides legal services in a range of practice areas, including insurance, workplace relations, corporate, commercial and projects and construction. Our services primarily involve providing legal advice and representation in legal matters.

What privacy laws do we comply with?

We comply with the Privacy Act 1988 (Cth) and, where applicable, State or Territory legislation in relation to health information, for example, the Health Records Act 2001 (Vic). 

We also comply with our obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF Act) and the Anti-Money Laundering and Counter-Terrorism Financing Rules 2025 (Cth) (AML/CTF Rules).

What types of personal information do we collect?

In this policy, the term 'personal information' means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, or recorded in a material form or not. The term 'sensitive information' refers to personal information that requires additional protections, which includes health information, information about an individual's race, political opinion or membership, religion, philosophical beliefs, union membership, sexual preference and criminal record.

Sparke Helmore collect a range of personal information in the course of providing legal services to clients.

For clients who engage Sparke Helmore, we may collect the following kinds of personal information:

  • identification information, including names, birth certificates and directors identification numbers
  • contact information, including addresses, emails and telephone numbers
  • employment information, including employee information and job titles, and
  • financial information.

Depending on the nature of the legal matter, we may also collect:

  • medical reports and records
  • financial records
  • employment records
  • injury reports
  • investigation reports and witness statements
  • criminal records such as police reports, and
  • membership details.

For corporate and human resource purposes, we collect the following kinds of personal information about employees, contractors and job applicants:

  • identification information and government identifiers
  • contact information
  • employment history
  • information about education and qualifications
  • financial and payroll information
  • health and medical information
  • criminal record
  • membership of professional associations, and
  • information about referees.

When you register for an event or seminar hosted by Sparke Helmore, we may collect the following kinds of personal information:

  • identification information
  • contact information
  • employment information, and
  • areas of practice/interest.

We may also collect the following kinds of personal information for the purposes of complying with the AML/CTF Act:

  • identification information, including names, date of birth, addresses and directors identification numbers
  • identification documents, such as passports, birth certificates and proof of age cards
  • governance documents such as constitution or trust deeds
  • beneficial ownership information such as which person(s) ultimately owns more than 25% of your entity
  • information about the nature and purpose of business relationships and transactions you are entering
  • information relevant to assessing your money-laundering and terrorism financing risk
  • information regarding persons acting on your behalf, including their name, date of birth or address, and
  • information related to whether you, your family members or associates are politically exposed persons for the purposes of the AML/CTF Act.

If you do not provide requested personal information, we may be unable to provide you with legal services and/or comply with our legal obligations.

How do we collect, use & disclose personal information

Collection of personal information

How do we collect personal information?

  • Directly from the individual
  • From a third party the individual has authorised to provide the information
  • From a client or a third party where it is unreasonable or impracticable to collect it from the individual, such as your employer or other organisations with which you have contact or dealing
  • In the course of legal proceedings such as from parties, witnesses or the court
  • From publicly available sources
  • When we generate new information or an opinion about an individual in the course of providing legal services

Use and disclosure of personal information

How do we use and disclose personal information?

  • To provide legal services including advice and representation in legal matters, including to the client we are representing in the matter, counsel, expert advisers and those assisting us
  • To contact clients, business contacts and individuals associated with legal matters or business dealings with the firm
  • To market our legal services, including through subscription services
  • To meet our obligations under any relevant law, including the AML/CTF Act
  • To contracted service providers to organise or facilitate the efficient and effective administration, management or delivery of our services including but not limited to contracted service providers to support due diligence processes associated with the AML/CTF Act

Protecting your information

We will hold your personal information, including sensitive information, in either our electronic databases or in our physical files. We use a range of IT and physical security systems to protect your personal information.

We have privacy procedures and contractual requirements that our employees and contractors must comply with, aimed at protecting your personal privacy.

We will not retain personal information for longer than is reasonably necessary. In some cases, such as in relation to our AML/CTF Act obligations, we may record details of identity documents we have obtained (but not retain the documents).

Sending personal information overseas

We will not disclose your personal information to an overseas recipient, except where required for the purposes of providing legal advice or representation to a client or with your consent. In those limited circumstances, personal information may be sent to any country relevant to the particular matter.

Direct marketing

We will not use or disclose your personal information for direct marketing purposes unless you have provided express consent or your consent can reasonably be implied from the circumstances in which we collected the information. If we send you marketing material, we will ensure that you can 'opt-out' of receiving any future marketing material. In relation to direct marketing via electronic means, such as email, we comply with the Spam Act 2003 (Cth) and in relation to telephone marketing we comply with the Do Not Call Register Act 2006 (Cth).

We will not use personal information collected for the purposes of complying with our AML/CTF Act obligations for direct marketing.

Use of artificial intelligence (AI)

We use enterprise-grade AI tools to support our lawyers with tasks such as legal research, document review, summarisation and drafting. Any output derived from an AI platform will be reviewed and validated by a lawyer before being relied upon or provided to you.

Your personal information (or personal information of third parties that you provide to us) may be used in AI tools unless you notify us in writing that you object to us using that personal information in AI technologies.

We do not use publicly available or consumer AI tools for client matters. We do not use personal information to train, improve or fine-tune (however described) any AI learning models.

Credit information

You can access our Credit information policy here.

Accessing your personal information

You may request access to any personal information we hold about you or request that we make corrections to that information. However, by law we may refuse to allow you access to information in certain circumstances including where the information is subject to legal professional privilege.

We will respond to the request within a reasonable period after the request is made.

If we refuse to allow you access to your personal information held by us, we will explain why unless doing so would contravene a ‘tipping-off’ provision under the AML/CTF Act or we are otherwise prohibited by law.

Contacting us and complaints

If you want to access your personal information held by us, request a correction be made to your personal information or make a complaint about how we have handled your personal information, please contact:

  • By post, addressed to:

    Privacy Contact Officer
    Sparke Helmore
    PO Box Q1164, QVB Post Office
    Sydney NSW 1230

Your complaint should include:

  • your name
  • your contact details
  • a description of your privacy complaint (what happened and when), and
  • a statement of what outcome you’d like to resolve your complaint.

We take complaints about personal privacy seriously. We will acknowledge receipt of your communications and take reasonable steps to resolve your complaint within 30 days. We will notify you of the outcome of our enquiries unless it is unreasonable in the circumstances to do so.

If you are not satisfied with our response, you may complain to the Office of the Australian Information Commissioner. Information about how to make a complaint to the Commissioner can be found here.

Version: 10
Approved by: General Counsel
Effective Date: 6 July 2026