LawCRM
Log InStart Free Trial

Privacy Policy

Last updated: 21 January 2026

🇦🇺

Australian Privacy Act Compliant

This policy complies with the Privacy Act 1988 (Cth) and Australian Privacy Principles (APPs).

1. Introduction

Law CRM Pty Ltd (ABN pending) ("we", "us", or "our") is committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use our legal practice management software and related services ("the Service").

2. Information We Collect

2.1 Information You Provide

We collect information you voluntarily provide, including:

1

Account Information

Name, email address, phone number, firm name, and billing details when you register

2

Client Data

Information about your clients that you enter into the Service, including names, contact details, and matter information

3

Documents

Files you upload, including legal documents, correspondence, and other materials

4

Communications

Messages you send through the Service or to our support team

2.2 Information Collected Automatically

When you use the Service, we automatically collect:

  • Usage Data: Pages viewed, features used, time spent, and actions taken within the Service
  • Device Information: Browser type, operating system, device identifiers, and IP address
  • Log Data: Access times, error logs, and system activity

2.3 Cookies and Similar Technologies

We use cookies and similar technologies to maintain sessions, remember preferences, and analyze usage. You can control cookies through your browser settings, but some features may not function properly without them.

3. How We Use Your Information

We use collected information to:

Provide, maintain, and improve the Service
Process transactions and send billing information
Send service notifications and updates
Respond to support requests and communications
Analyze usage patterns to improve user experience
Detect and prevent fraud, abuse, and security incidents
Comply with legal obligations

4. Legal Privilege and Confidentiality

🔒 We understand the sensitive nature of legal practice

Your client data and documents may be protected by legal professional privilege. We implement strict confidentiality measures and do not access, review, or disclose your client data except as necessary to provide the Service or as required by law.

AI features process data to generate documents, but this processing is automated and does not involve human review of privileged content.

5. Disclosure of Information

5.1 Service Providers

We may share information with trusted third-party service providers who assist in operating our Service, including:

  • Cloud hosting providers (Australian data centers)
  • Payment processors
  • Email service providers
  • Analytics services

These providers are contractually bound to protect your information and use it only for the purposes we specify.

5.2 Legal Requirements

We may disclose information if required by law, court order, or government regulation. Where permitted, we will notify you of such requests.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change.

6. Data Storage and Security

6.1 Location of Data

🇦🇺

All data is stored on servers located in Australia

We do not transfer personal information overseas except where necessary for service delivery (e.g., AI processing) and appropriate safeguards are in place.

6.2 Security Measures

We implement comprehensive security measures including:

🔐Encryption of data in transit (TLS/SSL) and at rest (AES-256)
🔐Regular security assessments and penetration testing
🔐Access controls and authentication requirements
🔐Regular backups with secure off-site storage
🔐Employee security training and confidentiality agreements

6.3 Data Breach Response

In the event of a data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required by the Notifiable Data Breaches scheme.

7. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. Upon account termination, we retain data for 90 days to allow for data export, after which it is securely deleted unless retention is required by law.

8. Your Rights

Under the Privacy Act 1988, you have the right to:

Access

Request access to personal information we hold about you

Correction

Request correction of inaccurate or incomplete information

Deletion

Request deletion of your personal information (subject to legal retention requirements)

Data Portability

Export your data in a commonly used format

Complaint

Lodge a complaint with the OAIC if you believe we have breached the Privacy Act

To exercise these rights, please contact us using the details below. We will respond to requests within 30 days.

9. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

10. Third-Party Links

The Service may contain links to third-party websites. We are not responsible for the privacy practices of these sites and encourage you to review their privacy policies.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. The updated policy will be effective upon posting.

12. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact our Privacy Officer:

Law CRM Pty Ltd

Email: privacy@lawcrm.space

Sydney, Australia

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.