Get in touch: (02) 9929 4043
Get in touch: (02) 9929 4043

Privacy Policy

This Privacy Policy (“Policy”) explains how Gupta & Co. (“we,” “us,” “our”) handle your personal information. It is intended to comply with applicable data protection and privacy laws.

This Policy is provided for transparency and accountability but does not create contractual rights, warranties, or duties of care beyond those required by law.

Please read this Policy carefully. If you have any questions, contact us using the details provided at the end of this Policy.

1. What Information Do We Collect?

“Personal information” means any information that identifies you. We may collect and hold the following types of personal information:

  • Identification details (e.g. full name, date of birth, national ID, passport information)

  • Contact details (e.g. phone number, email address, postal address)

  • Client matter details (facts, documents, and records relevant to your legal matter)

  • Professional or employment details

  • Enquiry details submitted via our website or other communication channels

  • Communication records with our team

  • Feedback, survey responses, or testimonials

  • Publicly available information (court records, government registries, company registers, social media profiles)

  • Online usage and technical data (browser type, IP address, device information, cookies, tracking data)

  • Marketing preference information

We do not typically collect sensitive personal information unless required for legal services (e.g. family law, wills, employment, discrimination, or personal injury) or as required by law. Sensitive information may include details of health, ethnicity, political opinions, religious beliefs, sexual orientation, criminal history, or biometric data.

2. How Do We Collect Information?

We may collect personal information in the following ways:

  • Directly from you – when you contact us, attend meetings, sign documents, provide instructions, or use our website.

  • From third parties – including clients, your representatives, counterparties, witnesses, government bodies, referral partners, experts, or service providers.

  • From public sources – including registries, courts, published materials, and media.

  • Automatically from your device – via cookies, pixels, session storage, analytics tools, or online activity logs.

  • From security devices – CCTV footage or visitor logs when you attend our premises.

We rely on you to provide accurate and up-to-date information. Providing false or incomplete data may limit our ability to act for you or comply with legal obligations.

If you provide information about another person, you must ensure they reasonably expect you to do so, or that you have obtained their consent where required.

3. Why Do We Use and Disclose Your Information?

We may collect, hold, use, and disclose personal information for the following purposes:

a. Client Services

  • Responding to enquiries and instructions

  • Verifying identity and preventing fraud

  • Managing and advancing your legal matters

  • Communicating with relevant third parties (courts, regulators, counterparties, experts)

  • Maintaining case management systems and records

b. Legal Obligations

  • Complying with anti-money laundering (AML) and know-your-client (KYC) obligations

  • Responding to lawful requests, subpoenas, or regulatory requirements

  • Meeting professional and ethical duties

c. Business Administration

  • Invoicing, payments, and debt recovery

  • Risk management and internal governance

  • Reviewing and improving services

d. Marketing & Business Development

  • Sending updates, newsletters, or event invitations

  • Direct marketing via email, phone, social media, or advertising (subject to opt-out rights)

  • Analysing engagement to personalise services

e. Recruitment

  • Assessing job applications, qualifications, and references

  • Conducting background checks where legally permitted

f. Safety & Security

  • Monitoring access to our offices and systems

  • Maintaining digital security, firewalls, and anti-virus protections

4. Cookies and Tracking Technologies

We use cookies, pixels, and similar technologies to:

  • Improve website functionality and performance

  • Analyse visitor behaviour and trends

  • Enable marketing and advertising personalisation

  • Maintain website security

Cookies may be temporary (session-based) or persistent. You may adjust your browser settings to refuse non-essential cookies, but this may impact website functionality.

5. Disclosure of Your Information

We may disclose your personal information to third parties where necessary, lawful, and appropriate, including:

  • Courts, tribunals, and regulatory bodies

  • Counterparties, witnesses, and experts in your matter

  • Government agencies and law enforcement authorities

  • Professional advisers (e.g. accountants, insurers, counsel, consultants)

  • Third-party service providers (e.g. IT, document management, marketing, analytics, cloud hosting)

  • Auditors and compliance officers

  • Referrers or counterparties with your consent

  • As otherwise required or authorised by law

Access to personal information within Gupta & Co. is restricted on a strict “need-to-know” basis.

6. Security of Information

We take reasonable steps to protect your personal information from misuse, loss, or unauthorised access. Safeguards include:

  • Secure servers and encryption

  • Restricted access controls

  • Staff confidentiality obligations

  • Cybersecurity monitoring

However, no data system is fully secure, and we cannot guarantee absolute protection against all risks.

7. Your Rights

Depending on applicable law, you may have the right to:

  • Request access to your personal information

  • Request corrections or updates if inaccurate or incomplete

  • Withdraw consent for certain uses (e.g. marketing)

  • Opt out of direct marketing communications

  • Request deletion of information (subject to retention obligations)

  • Complain to a data protection authority if you believe your rights have been violated

We may require proof of identity before responding to your request. Requests may be refused in limited circumstances (e.g. legal privilege, law enforcement, or unreasonable demands).

8. Retention of Information

We retain personal information only as long as necessary to fulfil the purposes set out in this Policy, or as required by law, professional obligations, or court rules.

After this period, records may be securely destroyed or anonymised.

9. Complaints

If you have concerns about how we handle your personal information, please contact us directly. We will investigate and respond promptly, usually within 10 business days.

If you are not satisfied with our response, you may escalate the complaint to the relevant privacy regulator.

10. Changes to This Policy

We may update this Policy from time to time. Updates will be posted on our website and are effective upon publication. Please review it periodically to stay informed.

Copyright © 2025 Gupta & Co - All Rights Reserved.

Brought to life by Ideas