Privacy Policy
1. Introduction
Zed Labs, a trading name of Zed Consulting Pty Ltd (ABN 89 633 273 177) ("Zed Labs", "we", "us", or "our"), is committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) ("Privacy Act"), the Australian Privacy Principles ("APPs"), and other applicable privacy laws and regulations. This policy explains how we collect, use, disclose, and protect your personal information, with specific consideration to our AI-enhanced legal services for startups.As an AI-powered law firm, we recognize the importance of maintaining robust privacy practices that address the unique challenges and opportunities presented by artificial intelligence. We strive to leverage AI responsibly to enhance our legal services while ensuring the utmost respect for your privacy rights.
2. Collection of Personal Information
2.1 Types of Information We Collect We collect various types of personal information that are necessary for providing our legal services and operating our AI-enhanced platform. This may include, but is not limited to:Name, contact details, business and company informationFinancial information, payment details, government identifiersEmployment history, qualifications, legal matters and requirementsInformation related to your use of our AI-powered services, including inputs, outputs, and interactionsTechnical data from your interaction with our platforms, such as IP address, device information, and usage patternsSensitive information, such as health data or criminal records, when directly relevant to your legal mattersOther information you provide to us or that we collect in the course of providing our legal servicesWe aim to collect only the personal information that is reasonably necessary for the specific purpose for which it is collected.2.2 How We Collect InformationWe collect personal information through various channels, including:Direct communications with you, whether in-person, by phone, email, or through our online platformsOur website, client portals, and other online platforms that facilitate the delivery of our legal servicesAI-powered interaction systems, such as chatbots, virtual assistants, and automated intake formsPhysical and digital forms and applications that you complete in relation to our servicesThird-party service providers, such as identity verification services or data enrichment providersPublicly available sources, such as business registers, court records, and social media profilesElectronic communications, including emails, instant messages, and social media interactionsWe strive to be transparent about our data collection practices and will notify you of the specific purposes for which your personal information is collected at or before the time of collection.
3. Use and Disclosure of Personal Information
3.1 Primary Purposes
We primarily use your personal information for the following purposes:Providing legal services and advice tailored to your specific needs and circumstancesManaging and maintaining our client relationships, including communications, billing, and supportProcessing payments, generating invoices, and managing client accountsImproving our AI systems and algorithms to enhance the quality and efficiency of our legal servicesComplying with our legal and professional obligations, such as client due diligence and conflicts checksTraining and fine-tuning our AI models using appropriately anonymized and secured client dataQuality assurance, performance monitoring, and service improvement initiativesMarketing and promotional activities, where you have given your consent or it is otherwise permitted by lawPersonalization of your user experience on our platforms, subject to your preferences and consentFraud prevention, security monitoring, and protection of our legal rights and interestsWe will only use your personal information for the purposes for which it was collected, unless we have obtained your consent or the use is otherwise permitted by law.3.2 Disclosure to Third PartiesIn the course of providing our services and operating our business, we may disclose your personal information to third parties, including:Our employees, contractors, and service providers who need access to the information to perform their dutiesThird-party technology providers, including AI vendors, cloud storage providers, and cybersecurity servicesGovernment agencies, regulatory bodies, and law enforcement authorities, as required by law, Courts, tribunals, and alternative dispute resolution providers in relation to legal proceedings, auditors, insurers, and professional advisors, such as accountants, lawyers, and consultants. Potential acquirers or investors in the context of a merger, acquisition, or investment transactionOther parties as required or permitted by law, such as to protect our legal rights or prevent harm. We take reasonable steps to ensure that any third parties we disclose your personal information to are bound by appropriate confidentiality and data protection obligations.
4. Data Security and Storage
We are committed to protecting your personal information through the implementation of robust security measures, both organizational and technical. This includes: secure storage of physical records in access-controlled facilities with appropriate environmental controls, encryption of electronic records, both in transit and at rest, using industry-standard encryption algorithms, access controls and authentication procedures to ensure that only authorized personnel can access your informationRegular security assessments, penetration testing, and vulnerability scans to identify and address potential risksStaff training and awareness programs on privacy, data protection, and cybersecurity best practices. Specific protocols and safeguards for the security of our AI systems, including data segregation and monitoringRetention policies that ensure we only keep your personal information for as long as necessary to fulfill the purposes for which it was collectedSecure destruction and deletion of records that are no longer needed, using appropriate methodsBusiness continuity and disaster recovery plans to protect against data loss and ensure the availability of our servicesRegular auditing and review of our data handling processes to ensure ongoing compliance and improvementDespite our best efforts, no security measures can provide absolute protection against all risks. In the event of a data breach that compromises your personal information, we will promptly notify you and the relevant authorities as required by law.
5. AI-Specific Privacy Considerations As an AI-enhanced law firm, we are committed to using artificial intelligence in a responsible and privacy-preserving manner. This includes:Strict protocols for the anonymization and de-identification of client data used for AI training purposesRegular auditing and testing of our AI systems to ensure they are not producing outputs that violate privacyClear boundaries and data segregation between client information used for different purposes, such as legal advice versus AI trainingSpecific consent mechanisms for the collection and use of data for AI-related purposes, where required by lawTransparency about the use of AI in our service delivery, including explanations of how AI systems make decisionsHuman oversight and review of AI-generated outputs to ensure accuracy, fairness, and privacy complianceOngoing monitoring and assessment of our AI systems for potential privacy risks and unintended consequencesCollaboration with privacy regulators, industry bodies, and academic institutions to develop best practices for privacy in AIWe recognize that the use of AI in the legal sector is an evolving area, and we are committed to staying at the forefront of privacy best practices as the technology develops.\
6. Your Rights and Choices Under the Privacy Act and APPs, you have certain rights in relation to your personal information. These include:The right to access your personal information held by us, subject to certain exceptionsThe right to request correction of your personal information if it is inaccurate, incomplete, or out of dateThe right to opt-out of receiving direct marketing communications from us, either by unsubscribing or contacting usThe right to understand how your personal information is used in our AI systems, including the logic involvedThe right to lodge a complaint if you believe we have breached your privacy rights or the APPsThe right to request information about the countries to which your personal information may be disclosedTo exercise any of these rights, please contact our Privacy Officer using the details provided in section 9 of this policy. We will respond to your request within a reasonable timeframe and may require proof of your identity before proceeding.
7. Cross-border Data Transfers In the course of providing our services, we may need to transfer your personal information to recipients outside of Australia. This may include:Our service providers and business partners located in other countriesCloud storage providers with data centers in multiple jurisdictionsAI training and processing conducted in countries with specialized AI infrastructureLegal and regulatory authorities in foreign jurisdictions, as required by lawWhen transferring personal information overseas, we take reasonable steps to ensure that the recipient handles the information in a manner consistent with the Privacy Act and APPs. This may include:Conducting due diligence on the recipient's privacy and security practicesEntering into contractual arrangements that require the recipient to comply with applicable privacy lawsObtaining your consent for the cross-border transfer, where requiredEnsuring that the recipient has appropriate safeguards in place, such as being located in a country with similar privacy laws to AustraliaWe will provide you with more specific information about cross-border data transfers relevant to your personal information upon request.
8. Updates to This Policy We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. When we make material changes to the policy, we will take appropriate steps to notify you, such as by posting a notice on our website or sending you an email.We encourage you to review this policy periodically to stay informed about how we are protecting your privacy. The date at the top of the policy indicates when it was last updated.
9. Contact Us
If you have any questions, concerns, or requests regarding your privacy or this policy, please contact our Privacy Officer using the following details:
Privacy Officer
Zed Labs
Level 24, 3 International Towers
300 Barangaroo Avenue
Sydney NSW 2000
Email: hello@zedlabs.io Phone: +61 2 8916 6469
We will endeavor to respond to your inquiry within a reasonable timeframe and provide you with appropriate assistance.
10. Complaints If you believe that we have breached your privacy rights or failed to comply with the APPs, you have the right to lodge a complaint with us. To do so, please contact our Privacy Officer using the details provided in section 9. We take all privacy complaints seriously and will investigate and respond to your complaint within 30 days. If you are not satisfied with our response, you may refer your complaint to the Office of the Australian Information Commissioner (OAIC) by visiting www.oaic.gov.au or calling 1300 363 992.We will cooperate fully with the OAIC in the resolution of any privacy complaints and will take appropriate steps to remedy any privacy breaches or improve our practices as recommended by the OAIC.
11. Governing Law This Privacy Policy is governed by and shall be construed in accordance with the laws of Australia. You agree to submit to the exclusive jurisdiction of the courts of Australia in respect of any dispute arising out of or in connection with this policy or your use of our services.
