Privacy policy

Josef Legal Pty Ltd (ACN 619 557 452) (collectively Josef, we, us, and our) is committed to keeping your personal information safe, secure and private. This privacy policy (Privacy Policy) applies to the information and data collected by Josef as a controller, including the information we collect from you on our website and through our products and services.

It sets out how Josef will collect, use, store and dispose of any personal information collected via the website (Josef website) and our products and services.

By visiting the Josef website, using our products and services or otherwise interacting with us, you agree to us processing your personal information in accordance with this Privacy Policy. 

We may update this Privacy Policy from time to time. If we do so, we will post any changes to our Privacy Policy on the Josef website. If the changes are significant we will send you details of those changes by email. 

How we collect personal information

“Personal information” or “personal data” is any information about an individual which can be used to identify them. We may collect personal information from you in the following circumstances:

– when you interact with us electronically or access the Josef website (e.g. by signing up to our subscription page or to request a demonstration of our products);

– when your employer uses our products and/or services, they may provide your personal information to us on your behalf (e.g. when you are registered as a user of our products and services for the purposes of setting you up with account access);

– when you contact our support team or make an enquiry about our products and services;

– if you are an employee or prospective employee of Josef we may collect personal information from you or other third parties (e.g. recruiters);

– when you access the Josef website or products we may collect information about your computer hardware and software which can include your IP address, domain and internet service provider, which files you look at or access. This information is used by us for security purposes and for statistical analysis of visitors.

We may also receive personal information about you from third parties. If we do, we will handle and protect it as set out in this Privacy Policy.

The Josef website and our products and services are not intended for or targeted at persons under 16 years of age and we do not knowingly or intentionally collect information about persons under 16 years of age.

The kinds of personal information we collect

The personal information we collect may include your name, email address, business name, phone number and any other contact information you provide us, information about your legal and personal affairs and any other information requested by us and provided by you.

We do not generally collect sensitive information about you. Sensitive information includes things like information or opinions about your racial or ethnic origin, political opinion, religious beliefs and sexual orientation.

How we may use personal information

We may use personal information collected from you to: 

– contact you or to provide you with information, updates and our services;

– improve our products and services and better understand your needs and improve your browsing experience of the Josef website;

– promote our services and products and share promotional information and content with you in accordance with your preferences.

We only use the information we collect in compliance with this Privacy Policy.

Processing personal information of persons from the European Economic Area (EEA)

If you are located in the EEA, we process personal information in accordance with the principles of data processing under the General Data Protection Regulation. Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it. 

However, we will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform our obligations under a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you.

If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information). 

When you visit our website, or use our product and services, we collect your IP address for security reasons pursuant to our legitimate interest under the GDPR.

Disclosure of personal information

We may disclose your personal information to our employees. We will only disclose your personal information to third parties if you have authorised us to do, if our businesses or assets (or part thereof) are transferred to that third party or if it is required, authorised or permitted by law.

How we hold personal information

Information that we collect may from time to time be stored, processed in or transferred between parties located in countries outside of Australia. These may include, but are not limited to USA.

Before we transfer your personal information overseas, we will take all reasonable steps to ensure that your information is only processed for authorised purposes and adequately protected using the appropriate technical, organisational, contractual or other lawful means. You consent to us disclosing your personal information to overseas recipients on this basis.

How we protect personal information

We are committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information. However, we cannot guarantee the security of any information that you transmit to us, or receive from us. The transmission and exchange of information is carried out at your own risk.

Retention of personal information

How long we keep information we collect about you depends on the type of information and what it is used for.  We retain personal information that you provide to us where we have an ongoing legitimate business need to do so (for example, as needed to comply with our legal obligations, resolve disputes and enforce our agreements).

When we have no ongoing legitimate business need to process your personal information, we will securely delete or anonymise it or, if this is not possible, securely store your personal information until deletion is possible. You have certain rights regarding the deletion of your personal information as described below. 

Sharing of personal information

To provide our products or services, we may need to disclose your personal information to third parties, including to:

– payment service providers;

– your employer if they are our client;

– where we are required by law to do so (e.g. to enforcement agencies, and government agency, regulatory bodies); and

– third parties such as our suppliers, subcontractors, professional advisors, courts of law, and our insurers who help us to deliver and support our products and services and related activities such as data storage and back-up, hosting our servers and website and providing IT services.

Direct marketing

We do not sell or trade your personal information. However, we may from time to time send direct marketing communications to you about our activities, products and services and other content which we think you may find interesting. If you do not wish to receive such direct marketing, you may opt out of receiving this material at any time.


We may from time to time use cookies on the Josef website, and on our products and services. Cookies are very small files which a website uses to identify you when you come back to the site and to store details about your use of the site. Cookies are not malicious programs that access or damage your computer. Most web browsers automatically accept cookies but you can choose to reject cookies by changing your browser settings. However, this may prevent you from taking full advantage of our website.

Our website may from time to time use cookies to analyse website traffic and help us provide a better website visitor experience. In addition, cookies may be used to serve relevant ads to website visitors through third party services such as Google Adwords. These ads may appear on this website or other websites you visit.

Data collected by us through cookies may include personal information, in which case, that personal information will be regulated by the applicable privacy laws and handled by us in accordance with this Privacy Policy.

Your rights

You have certain rights under law regarding your personal information, including:

– a right to request access, correction, update or deletion of your personal information;

– a right to object to processing of your personal information or withdraw your consent to our processing of your personal information at any time;

– a right to restrict our processing of your personal information or request that we provide you with a copy of your personal information;

– the right to lodge a complaint with a supervisory authority if you think our processing of your personal information infringes applicable laws.

If you wish to exercise any of those rights, you can contact


We take your complaints seriously. You can contact us at any time if you have any complaints about our privacy practices, you can send details of those complaints to We take these complaints very seriously, and will respond to you as soon as possible.

If we cannot resolve your complaint to your satisfaction you are entitled to lodge your complaint: 

– for residents in Australia, with the Office of the Australian Information Commissioner at:; or

– for residents in the EEA and UK, with the relevant supervisory authority.