Privacy Policy

Peace of mind

Privacy Policy

In providing legal services, we collect and handle personal information about clients, prospective clients, opposing parties, suppliers, and other people we deal with. We are committed to protecting your privacy and handling personal information in accordance with the Privacy Act 2020 and other applicable laws and professional obligations.

1.0 What personal information we collect

  • Identity and contact details (for example, name, address, email, phone number, date of birth).
  • Information relevant to your matter and instructions (which may include sensitive information depending on the work you ask us to do).
  • Verification and client due diligence information (for example, copies of identity documents, proof of address, and information about source of funds/wealth).
  • Billing and payment information.
  • Conflict-checking information.
  • Communications with us (including emails, letters, meeting notes, and phone records where kept).
  • Website usage information such as IP address, device/browser details, and pages visited (via cookies or similar technologies).
  • Any other information you provide to us or that we need to provide our services and meet our legal obligations.

2.0 How we collect personal information

We usually collect personal information directly from you when you contact us, instruct us, complete forms, attend meetings, or use our website and online services.

  • From third parties: We may collect information from third parties where this is necessary and lawful—for example, from government agencies, courts/tribunals, other professionals (including barristers and experts), your insurer, your bank, your employer, or other people involved in your matter. We may also obtain information from publicly available sources.

Information collected from third parties:  Where we collect personal information from a third party, we will take reasonable steps to the relevant party of that fact, the information collected, and the purposes for which it is collected, unless an exception under the Privacy Act 2020 applies (for example, where notification would prejudice the purposes of collection, is not reasonably practicable, or where the information is subject to legal professional privilege)

  • If you give us information about someone else: You confirm that you have authority to provide that information to us and that it is fair and lawful for us to use it for the purposes set out in this policy.
  • Website and cookies: Our website may use cookies or similar technologies to help it work properly, understand usage, and improve content. You can usually control cookies through your browser settings, but some site features may not work as intended if cookies are disabled.

3.0 Why we collect and use personal information

  • Provide legal services and carry out your instructions.
  • Verify identity and meet client due diligence requirements (including under anti-money laundering and countering financing of terrorism laws, where applicable).
  • Identify and manage conflicts of interest.
  • Communicate with you and others about your matter.
  • Manage our relationship with you, including opening and administering files.
  • Bill for our services, receive payments, and manage credit and debt recovery where necessary.
  • Improve our services, systems, and client experience.
  • Maintain the security of our people, premises, systems, and information.
  • Comply with legal, regulatory, and professional obligations, and respond to lawful requests from regulators and authorities.
  • Send updates about our firm (for example, legal updates or event invitations) where permitted. You can opt out at any time.

4.0 Who we may disclose personal information to

We generally only disclose personal information where it is necessary for the purposes in section 3, where you have authorised it, or where we are permitted or required by law.  Disclosure may be made to:

  • Our partners, employees and contractors or service providers who need the information to do their work.
  • Other lawyers, barristers, mediators and other professional advisers involved in your matter.
  • Courts, tribunals, and dispute resolution bodies.
  • Government agencies, regulators, and law enforcement where lawful (including where required under court order or statutory notice).
  • Service providers who support our business operations (for example, IT providers, practice management and document management systems, cloud storage, email, transcription, couriering, and e-discovery). We require service providers to protect personal information through appropriate contractual and security arrangements.
  • Insurers and professional indemnity providers (where relevant).
  • Financial institutions and payment providers (for example, when processing payments or trust account transactions).
  • Any other person you ask us to disclose information to, or who you authorise us to deal with (for example, your agent or representative).

5.0 Overseas disclosure and cloud services

Some of our service providers (for example, cloud-based software and storage providers) may store or process personal information outside New Zealand. Where we disclose personal information overseas, we take reasonable steps to ensure it is protected in a way that is comparable to the protections in New Zealand, including by using reputable providers and appropriate contractual safeguards, as required by the Privacy Act 2020.

6.0 How we keep personal information secure

We take reasonable steps to protect personal information from loss and from unauthorised access, use, modification, or disclosure. This includes administrative, technical and physical safeguards (such as access controls, secure storage, and staff confidentiality obligations).

7.0 How long we keep personal information

We keep personal information for as long as we have a lawful purpose to do so, including to provide services, meet professional and legal obligations, maintain appropriate business records, and manage any issues that may arise after a matter is completed. Unless we agree otherwise, you authorise us to destroy our file (including documents and correspondence) relating to your matter seven years after the matter is completed. We may destroy paper files or documents earlier if we have kept an electronic copy. We will not destroy any original documents we have agreed to hold in safe custody for you (for example, wills) unless we are entitled to do so by law or by agreement with you. When information is no longer required, we take reasonable steps to delete or securely destroy in accordance with our backup and archival practices.

8.0 Accessing and correcting your information

You may request access to, or correction of, the personal information we hold about you. There are limited grounds under the Privacy Act 2020 on which we may refuse a request (for example, where release would breach legal professional privilege or unreasonably disclose another person’s affairs). If we are unable to satisfy your request, we will explain why. We may charge reasonable costs for providing access where permitted by law, and we will tell you in advance if a charge will apply.

9.0 Privacy breaches

If we become aware of a suspected privacy breach, we will take steps to contain it, assess the risks, and remediate issues. Where required, we will notify the Office of the Privacy Commissioner and affected individuals.

10.0 Complaints

If you have questions, want to make an access/correction request, or have a complaint about how we handle personal information, please contact us at info@solomons.nz or 03 477 8574.  If you are not satisfied with our response, you can also complain to the Office of the Privacy Commissioner (see www.privacy.org.nz).

11.0 Changes to this Privacy Policy

We may update this Privacy Policy from time to time by publishing an updated version. The updated policy will apply to personal information we already hold as well as information collected after the update.