The LPLC Privacy Policy

The Legal Practitioners’ Liability Committee (ABN 45 838 419 536) (the LPLC) is an independent statutory entity providing professional indemnity insurance to Victorian barristers and solicitors and many of Australia’s national law firms. The LPLC provides advice, support and resources to help insured practitioners manage the risks of practice.

As a Victorian public sector entity, LPLC is committed to safeguarding your privacy and understands the importance of protecting your personal information.

The Privacy Policy (the Policy) applies to LPLC and describes how it collects, handles and protects the privacy of your personal information.

The LPLC may change the Policy from time to time, by publishing changes on its website at lplc.com.au. The LPLC recommends you review the Policy at its website from time to time.

The LPLC will handle your personal information in accordance with the Policy, and legislation including the Privacy and Data Protection Act 2014 (Vic) (PDP Act), the Information Privacy Principles (IPPs), the Spam Act 2003 (Cth), and the Health Records Act 2001 (Vic) (HR Act).

When you purchase an insurance policy at the LPLC, access its services or apply for a job or contract position with the organisation, the LPLC will collect personal information about you. The types of personal information the LPLC collects about you depends on the dealings you have with it, and may include your:

• Contact details, including name, business address, phone number, email address, and next of kin details
  
• health information, including date of birth, and medical information;
• sensitive information, including information related to historic abuse/personal injuries claims
• commercial information, including rates, experiences, clients, tender responses, commissioned reports, and intellectual property;
• employment history, including your current and past occupation and employees, rates, curriculum vitae, academic records, qualifications, references and job application letters; and
• financial information such as your income.

The LPLC may collect personal information from or about you in different ways, including:

• from you directly when you interact with the LPLC, e.g. from its discussions with you, when you complete a form, whether that is online or via hard copy, including the completion of your annual renewal and when you submit a claim or notification, your emails, and your interactions with the LPLC’s website; an
  
• from third parties. For example, the LPLC may collect your personal information:
  - from your employer when they arrange insurance cover which extends to you in your capacity as an employee or consultant of the firm in which you are employed; or
  - from the Legal Services Board in the course of fulfilling the LPLC’s statutory functions in connection with the provision of insurance policies and risk management services.

If you apply for a job or contract position with the LPLC, the LPLC may also collect personal information about you from third parties and publicly available sources, including:

• recruiters;
• government departments to verify your entitlement to work in Australia;
• police agencies to obtain your criminal history record;
• academic institutions;
• superannuation fund provider;
• your current or previous employers; or
• your referees.

When you visit the LPLC’s website, the platform provider may use ‘cookies’ or other similar tracking technologies that help the LPLC track your website usage and remember your preferences. Cookies are small files that store information on your computer, mobile phone or other devices that have access to the internet. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions. You can disable cookies through your internet browser but the LPLC’s website might not work as intended for you if you do so.

Whilst the LPLC does not use browsing information collected via cookies to identify you personally, the LPLC may record certain information about your use of its website, such as which pages you visit, the time and date of your visit and search engine referrals.

The LPLC’s web pages may contain electronic images, known as web beacons to enable it to count users who have visited certain pages on the LPLC’s website. Web beacons are not used by the LPLC to access your personal information, they are simply a tool used to analyse which web pages are viewed, in an aggregate number.

The LPLC’s website may contain links to third party websites or platforms. Clicking on those links may allow third parties to collect information about you.

Links to external websites or platforms are provided for your convenience. These sites and platforms are not governed by the Policy, and the LPLC recommends reviewing their privacy policies or statements before submitting any personal information to them.

The LPLC collects your personal information for the following purposes:

• to provide you with professional indemnity insurance;
• to provide you with insurance and risk management services, including communicating risk management services you may be interested in;
• to provide you with claims management services;
• to maintain and develop its relationship with you;
• to facilitate the ongoing operation of its business;
• to meet its legal, regulatory, accounting, audit, reporting and professional obligations;
• to send you insurance renewal information, risk management publications, details of events that the LPLC arranges, and information about the LPLC’s suite of risk management resources and services for practitioners;
• in relation to persons applying for a job or contract position, to consider your suitability for employment; and
• to respond to your requests, enquiries or any complaint received from you.

The LPLC stores your personal information in hard copy and electronically. The LPLC takes reasonable steps, including through organisational and technological measures, to protect it from misuse, interference and loss, as well as from unauthorised access, modification or disclosure.

Information held in hard copy is securely stored at the LPLC’s office in Melbourne. Documents no longer required to be held onsite are maintained by a third party at a secure offsite location. The LPLC uses physical security, including electronic passes, to enter these premises, as well as other measures to ensure that personal information is protected against misuse and loss and from unauthorised access, modification and disclosure.

Information held electronically is generally held on servers controlled by the LPLC in Victoria. The LPLC uses physical security, password protection and other measures to ensure that personal information is securely stored in electronic form.

Some information collected through third party software or platforms, such as Google Analytics, may be transmitted to and stored by the third-party storage provider on their systems.

The LPLC only keeps your personal information for as long as it is required for the purpose for which it was collected or as otherwise required by applicable law. If the LPLC no longer needs to hold your personal information for any reason or is no longer required by law to keep it, the LPLC will take reasonable steps to delete, destroy or de-identify that information in accordance with the relevant laws and regulations and the LPLC’s Document Retention Policy.

In the course of providing its products and services to you, the LPLC may disclose your personal information:

• to third parties who are retained by the LPLC to assist with its statutory functions, including:
  - external claims panel lawyers;
  - consulting actuaries;
  - auditors;
  - internet service and other Information Technology (IT) providers, including video conferencing providers; and
  - other service providers to the LPLC.
• to organisations which whom the LPLC contracts to provide services on its behalf, such as mail houses; and
• to government agencies, regulatory bodies and law enforcement agencies, or other similar entities.

The LPLC also discloses de-identified claims information to other government agencies and regulatory bodies, and de-identified risk prevention markets information to the public (eg, to other legal practitioners).

Some organisations to whom the LPLC discloses information to may be located, or may store information, outside of Victoria. For example, reinsurers and other service providers to the LPLC may be based outside of Victoria.

Unless the LPLC has your consent, or an exception under the IPPs applies, the LPLC will only disclose your personal information to recipients outside of Victoria where the LPLC has taken reasonable steps to satisfy itself that the recipient will not breach the IPPs in relation to your personal information.

You have the option to remain anonymous or use a pseudonym in your dealings with the LPLC. This may be appropriate when making a general enquiry about the insurance products and services the LPLC offers to its clients.

However, it may not be practicable or lawful for the LPLC to deal with you anonymously or pseudonymously on an ongoing basis. For many of the LPLC’s functions and activities your name, contact information and other details are needed to enable products and services to be provided to you.

The LPLC may, from time to time, use your personal information to identify products or services that may be of interest to you, or contact you about an event or promotion. The LPLC may, with your consent, use the personal information collected about you to contact you from time to time whether by phone, SMS, or email, to keep you informed about insurance products, risk management services, and new developments the LPLC considers may be of interest to you.

You may unsubscribe from any direct marketing communications at any time by clicking on the unsubscribe link at the bottom of the LPLC’s email communications. Alternatively, you may request that you not receive direct marketing communications at any time by contacting the LPLC at [email protected].

The LPLC will take reasonable steps to ensure that the personal information collected from you is up to date, accurate and complete.

You may request access to, or the correction of, the personal information the LPLC holds about you at any time by contacting the LPLC at [email protected].

The LPLC may need to verify your identity before responding to your request. Subject to any applicable exceptions or requirements, the LPLC will provide you with access to the personal information you request within a reasonable time, and usually within 30 days. If the LPLC decides to refuse your request, it will tell you why in writing and how to complain.

You can make a complaint in writing to [email protected] or verbally by contacting us by telephone on the number below. The LPLC will respond to you within a reasonable period of time (no later than three business days) to acknowledge your complaint and inform you of the next steps the LPLC will take in dealing with your complaint. Your complaint will be handled in accordance with the Complaints Policy, which can be found on the LPLC’s website.

If you have contacted us and your question or concern has not been resolved to your satisfaction, you may make a complaint to the LPLC’s Complaints Officer at [email protected].

If you are not satisfied with the LPLC’s response to your complaint, you may make a complaint to the Office of the Victorian Information Commissioner (OVIC) via the OVIC website http://ovic.vic.gov.au.

If you have any questions or comments regarding the Policy or wish to exercise your privacy rights, please contact:

Privacy officer
Legal Practitioners’ Liability Committee
140 William street, Melbourne, 3000, VIC

Phone: 03 9672 3800

Email: [email protected]

Last updated December 2025