top of page

Privacy Statement – Steed Lawyers

Effective date: 1 July 2026

1. Purpose of this Privacy Statement

As a small business, Steed Lawyers (we) may not generally be an organisation to which the Privacy Act 1988 (Cth) applies in all respects. However, we may be required to collect, use, verify, store and retain certain personal information under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) and associated rules and regulations, including incoming AML-CTF obligations that apply to legal practitioners and law firms.

For AML-CTF purposes, we may arrange for client identity verification to be undertaken by a chosen third-party identity verification provider. To the extent that personal information is collected, used, disclosed or stored for AML-CTF purposes, we will handle that information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles, where applicable.

This Privacy Statement explains how personal information is handled for AML-CTF compliance purposes. It should be read together with our professional obligations as legal practitioners, including duties of confidentiality, legal professional privilege and applicable South Australian legal profession rules.

2. What information may be collected

For AML-CTF compliance purposes, personal information may be collected from clients, prospective clients, beneficial owners, company officers, trustees, partners, agents and other relevant persons.

This information may include:

  • full name, date of birth, residential address and contact details;

  • occupation or business details;

  • copies or details of identification documents, such as a driver’s licence, passport, Medicare card or other identity documents;

  • biometric or liveness-check information, where required by the third-party verification provider and permitted by law;

  • information about companies, trusts, partnerships or other entities connected with you;

  • information about beneficial ownership or control, the source of funds or source of wealth, where required;

  • information required to conduct politically exposed person, sanctions or risk screening checks;

  • information about the nature and purpose of the proposed legal service or transaction; and

  • other information reasonably required for AML-CTF compliance.

We will only collect or arrange the collection of sensitive information where it is reasonably necessary for AML-CTF compliance or another lawful purpose and where permitted by law.

3. Third-party identity verification provider

We will generally use a chosen third-party provider to conduct identity verification checks for AML-CTF compliance.

This means that, rather than providing identification documents directly to us in the first instance, you may be asked to provide identification information and documents directly to the third-party provider through a secure online platform or other process.

The third-party provider may collect, use, store and disclose your personal information in accordance with its own privacy policy and terms of service, as well as applicable privacy and AML-CTF laws.

We may receive from the provider:

  • confirmation that your identity has been verified;

  • the outcome of verification checks;

  • copies or details of identification documents, where required;

  • screening results or risk indicators relevant to AML-CTF compliance;

  • information needed for our AML-CTF record-keeping obligations; and

  • other information necessary for us to comply with AML-CTF laws.

We will take reasonable steps to select a reputable provider with appropriate privacy, confidentiality and information security practices. However, the provider may be independently responsible for its own handling of personal information.

Our current third-party provider for AML-CTF compliance purposes is EasyAML [https://easyaml.com]. Their Privacy Policy may be viewed at [https://easyaml.com/privacy-policy/].

4. How information is collected

Personal information may be collected:

  • directly from you by our chosen third-party identity verification provider;

  • directly from you by us, where necessary for legal services or AML-CTF compliance;

  • from your authorised representatives;

  • from companies, trusts or other entities associated with you;

  • from government identity databases or verification services;

  • from electronic identity verification systems;

  • from publicly available sources;

  • from sanctions, politically exposed person or adverse media screening services;

  • from other professional advisers or parties involved in a transaction, where appropriate; and

  • from regulators or government agencies, where required or authorised by law.

Where practicable, we or the third-party provider will tell you what information is required and why it is being collected.

5. Why personal information is collected, used and stored

Personal information is collected, used and stored for purposes including:

  • verifying your identity through a third-party provider;

  • identifying and verifying beneficial owners or persons who control a client entity;

  • assessing and managing AML-CTF risk, complying with AML-CTF laws, regulations and rules;

  • conducting ongoing customer due diligence where required and keeping records required by AML-CTF legislation;

  • responding to lawful requests from regulators, government agencies, courts or law enforcement bodies;

  • managing risk, insurance and professional obligations and providing legal services in accordance with our professional duties.

We may not be able to act for you, or may need to stop acting for you, if required identity verification or AML-CTF information is not provided to us or to our chosen third-party provider.

6. Legal professional privilege and confidentiality

We owe professional duties of confidentiality to our clients.

Nothing in this Privacy Statement is intended to reduce or waive any legal professional privilege that may apply to communications or documents.

However, AML-CTF laws may require us to collect and retain certain information and, in some circumstances, disclose information to regulators or other authorities. Where disclosure is required or authorised by law, we will comply with our legal obligations while taking into account our professional duties, including legal professional privilege and confidentiality.

Information provided to a third-party identity verification provider may not have the same legal professional privilege status as confidential communications between you and the firm. You should review the provider’s privacy policy and terms before submitting information. The Privacy Policy is available at [https://easyaml.com/privacy-policy/].

7. Disclosure of personal information

We may disclose personal information where reasonably necessary for AML-CTF compliance or where required or authorised by law.

This may include disclosure to:

  • our chosen identity verification provider;

  • AML-CTF screening or compliance service providers;

  • secure document storage, practice management or IT service providers;

  • AUSTRAC or another AML-CTF regulator;

  • law enforcement, courts, tribunals or government agencies where required or authorised by law;

  • our professional advisers, insurers or auditors;

  • other parties where you have authorised disclosure; and

  • other persons or bodies where disclosure is permitted or required by law.

The third-party identity verification provider may also disclose information to other entities, such as document verification services, government identity checking services, credit reporting bodies or data verification sources, where permitted by law and described in its privacy policy.

We will take reasonable steps to ensure that third-party service providers who handle personal information on our behalf protect that information appropriately.

8. Overseas disclosure

Some third-party identity verification, screening, cloud storage, software or IT service providers may store or process information outside Australia.

Where we disclose personal information overseas, we will take reasonable steps to ensure that the recipient handles the information consistently with applicable Australian privacy requirements, unless an exception applies.

The third-party identity verification provider’s privacy policy should be reviewed for information about whether it discloses or stores information overseas.

9. Storage and security

We take reasonable steps to protect personal information we hold from misuse, interference, loss, unauthorised access, modification or disclosure.

Our security measures may include:

  • secure practice management systems with restricted access to client and AML-CTF records;

  • password protection and multi-factor authentication where available;

  • secure physical storage for paper files;

  • secure destruction or archiving procedures;

  • IT security measures.

Our chosen third-party identity verification provider is responsible for the security of personal information it collects, stores or processes through its own systems. We will take reasonable steps to use a provider with appropriate privacy and information security safeguards.

AML-CTF laws may require us to keep certain records for a minimum period, even after a matter has ended. We will retain AML-CTF records that we hold for as long as required by law and then securely destroy, archive or de-identify them where appropriate.

10. Access and correction

You may request access to personal information we hold about you for AML-CTF purposes.

You may also ask us to correct information we hold if you believe it is inaccurate, out of date, incomplete, irrelevant or misleading.

If the information is held by our third-party identity verification provider, you may need to contact that provider directly. We can provide details of the provider or assist you to identify the appropriate contact point where reasonable.

To protect confidentiality and security, we or the provider may need to verify your identity before responding to an access or correction request.

In some cases, access or correction may be refused, for example where:

  • disclosure would be unlawful or would affect legal professional privilege;

  • disclosure would breach confidentiality owed to another person;

  • access is restricted under AML-CTF or other laws;

  • the request is vexatious or unreasonable or another exception applies.

If we refuse access or correction, we will provide reasons where it is reasonable and lawful to do so.

11. Accuracy of information

We rely on the information provided to us and to our third-party identity verification provider being accurate and complete.

Please notify us promptly if your identification details, contact details, authority to act, beneficial ownership information or other relevant details change during the course of a matter.

12. Consequences of not providing information

If you do not provide information required for AML-CTF compliance to us or to our third-party identity verification provider, we may be unable to:

  • verify your identity, complete required customer due diligence and /or comply with our legal obligations;

  • provide some legal services, open a file, continue acting for you and/or complete a particular transaction;

In those circumstances, we may decline to act or cease acting, subject to our professional obligations.

13. Complaints

If you have a concern about how we have handled personal information collected for AML-CTF purposes, please contact us first.

Privacy Officer, Steed Lawyers

abigailsteed@outlook.com

0419 819 963

We will consider your complaint and respond within a reasonable time.

If your complaint concerns how the third-party identity verification provider has handled your personal information, you may also need to contact that provider directly. We can provide the provider’s details on request.

If your complaint relates to information handled under the Privacy Act, you may also be able to contact the Office of the Australian Information Commissioner.

Office of the Australian Information Commissioner

Website:https://www.oaic.gov.au

Phone: 1300 363 992

You may also have rights to raise concerns with relevant legal profession regulators or complaints bodies, depending on the nature of the issue.

14. Changes to this Privacy Statement

We may update this Privacy Statement from time to time, including to reflect changes to AML-CTF laws, privacy obligations, legal profession requirements, technology, our identity verification provider or our internal procedures.

The current version will be available from our office or on our website at: www.steedlaw.com.au

CONTACT ME

13 High Street, Kensington SA 5068

M: 0419 819 963

E: abigailsteed@outlook.com

Thanks for submitting!

​​​​© 2019 Steed Lawyers. Proudly created with Wix.com

bottom of page