Duncan and Duncan Solicitors logo

Privacy Policy

Duncan and Duncan Solicitors operates in accordance with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth). The APPs are designed to protect the confidentiality of information and the privacy of individuals by regulating the way personal information is collected, used, disclosed and managed. Generally, personal information is information or an opinion relating to an identified, or reasonably identifiable, individual.

This policy explains the types of personal information that we may collect and hold of our clients or registered users, how that information is used and with whom the information is shared. It also details how clients or registered users can contact us to make an enquiry or raise a concern about this information.

Who we are

Duncan and Duncan Solicitors Pty Ltd is an Australian legal practice located at 2/220 Varsity Parade, Varsity Lakes, QLD 4227, Australia. Our website address is: https://duncanandduncansolicitors.com.au

What personal data we collect and why we collect it

Contact forms

When you contact us via the forms provided on our website, this information is stored in a database for as long as is necessary for legal and record keeping purposes.


If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two hours, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.


We may use third-party analytics tools, such as Google Analytics to collect and retain data in relation to website performance and trends. The data collected by these providers may be shared with these providers and relevant third-party service providers who use this information to, for example, evaluate the use of the site. 

How long we retain your data

For users that register on our website (if any), we store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time. Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Your data is never shared with third parties. We do however create scheduled backups of of the information stored on this website to a secure, off-site storage location. When backups are created, the data is transmitted via encrypted channels and is also encrypted at rest using the AES-256 encryption algorithm.

Additional information

How we protect your data

This website is served only via HTTPS. This means that all data transmitted to and from this website is encrypted during transit and cannot be read by third-party actors. When your data is stored off-site, for example, for backup purposes, this information is encrypted during transit and encrypted at rest.

What data breach procedures we have in place

In the event that a data breach is discovered, we will inform all involved parties, including what data was breach and when.