At Thomson Legal & Regulatory Limited (TLR), a part of the global Thomson Corporation group, we support the protection of your privacy rights as a fundamental element of our business. We recognise the importance of protecting your personal information and will ensure that our relationship is as exclusive as you want it to be.

This Privacy Policy will answer your questions about the kind of information TLR (which, where relevant includes a reference to TLR's Australian related bodies corporate) collects and how it uses it. However, this Privacy Policy does not apply to any act or practice by TLR which is done in the course of journalism. TLR has published a separate set of Privacy Standards regarding acts and practices done by it as a media organisation in the course of journalism.

To the extent TLR collects and uses the personal information of its suppliers and business contacts, it will be held in accordance with this policy generally as varied by a Supplemental Statement.

If you have any further questions or if you wish to receive more information on TLR’s information practices and privacy policy, please contact our Privacy Officer at TLRAP.privacy@thomson.com.au.

What information do we collect?

In the course of doing business, TLR may collect information about its customers such as: names, addresses, telephone numbers, credit card information and e-mail addresses; depending on the nature of the transaction with us.

Any information that personally identifies you may be used by TLR to:

• inform you about products and services;
• improve the products and services we offer; and
• otherwise better meet the needs and preferences of our customers.

It should be clear why the information is being collected each time you are asked, for example, being asked to supply an address so a product can be shipped to you.

We will not collect from you any sensitive information revealing your: race, ethnic origin, political opinions, religious or philosophical beliefs, trade union memberships or details of health or disability. Exceptions to this include:

• where you have given express consent to TLR to do so;
• the use of this information is authorised by law or is considered reasonably necessary to enforce the law; or
• when the information is necessary for the establishment, exercise or defence of a legal claim.

Web Logging

TLR’s web sites record standard information such as time, date and URL of request (the web page you arrived from) via our web servers. This information is recorded by all web servers and is used to improve the functionality, structure and performance of our web sites.

We track the pattern of visitor usage across the sites by issuing an anonymous user ID via a cookie (a cookie is a small data packet given to your web browser by our web servers, the browser stores the message in a text file in your computer). This user ID is sent back to our servers each time you view a page from our servers. This ID is deleted at the end of your session.

In addition, we use a persistent cookie to hold user preferences on site operation. These preferences are accessed by your browser to configure the operation of the site to your requirements but are not downloaded back to our web servers. If you choose to save your password this will also be stored on your local machine in a persistent cookie not downloaded to the server.

Cookies can make using the sites easier for you by storing information about your preferences on the web sites. This will enable you to take full advantage of the services and features that our sites offer. If you prefer not to receive cookies, you may be able to change the settings of your Internet browser to disable cookies or to warn you when cookies are being used. This may preclude you from using some services or enhanced functionality.

How we use your personal information

TLR operates a number of businesses that process personal information (eg. Lawbook Co., Thomson ATP, Thomson CPD and cvMail). In general, our policy is that we only use or disclose personal information for the purpose that was specifically or reasonably apparent at the time of collection. The personal information that you provide us will be used in order to process your request as well as to assist you in subscribing to TLR’s products and services. We may use this personal information or data for another purpose if:

• you would reasonably expect us to use the personal information for that other purpose; and
• the other purpose is related to the original purpose of collection, for example, sending you correspondence on new features and services.

TLR may use your personal information for the purposes of direct marketing in relation to promotional activities where it is impractical for us to gain consent. However, in these circumstances, we will provide an express opportunity when we contact you to decline receiving from TLR specified marketing communications via an opt-out mechanism. This includes direct marketing material relating to all TLR’s brands and imprints (eg. Lawbook Co., Thomson ATP, CPD, FindLaw Australia, Westlaw Australia and cvMail).

By providing your home telephone number, you expressly consent to receive telemarketing calls from us, until such time as you tell us otherwise.
By providing your email address or mobile telephone number, you expressly consent to receive commercial electronic messages (such as email, SMS or MMS) until such time as you tell us otherwise.

At any time you may choose not to receive these marketing communications by contacting us at TLRAP.privacy@thomson.com.au.

Disclosure of personal information to third parties

TLR may be required by law enforcement or judicial authorities to provide personal information to the appropriate governmental authorities. If such a request is received, we will provide this information upon receipt of the appropriate documentation.

Personal information collected may be disclosed to third parties by TLR, for example:

• If you are informed at the time of collection of the information that such a disclosure may take place.
  For purposes related to the purpose for which the information was collected, for example, to complete a transaction on your behalf or provide you with a service that you requested. In some cases we contract with other companies to perform services for us. Examples of this include sending mail, faxes and emails; processing orders; providing marketing support; deliveries; market research; debt collection agencies and storing back-up copies of our databases. We will provide them only with such information about you as they need to perform their services, but we will impose strict requirements of security and confidentiality on them in how they handle your personal information. Also, they will not be permitted to use information about you for any purpose except to perform the services we have asked them to provide.
  We may share information about you with other business units across The Thomson Corporation group, so we can provide you with products and services you have requested, and in order that they or TLR can bring you information about other Thomson products and services. This may involve providing your personal information to other Thomson Corporation companies within and outside of Australia, including the USA, for processing, servicing or marketing purposes. We will require these other Thomson Corporation companies to agree to strict conditions governing how this information will be used. By providing your personal information you consent to the transfer of that information to entities in the Thomson Corporation group located outside of Australia.
  Access and correction to information we hold about you
  Where practicable you will have access to the information that you provide to us and can update that information if your circumstances have changed. You may request this information by writing to:

Privacy Officer
Thomson Legal & Regulatory Limited
100 Harris Street
Pyrmont NSW 2009
or sending an email to us at TLRAP.privacy@thomson.com.au.

Exceptions to this include:

• where providing access will provide a serious threat to life or health of any individual or pose an unreasonable impact on the privacy of an individual;
  your request for access is frivolous or vexatious;
  where information relates to existing legal proceedings between TLR and you; or
  where providing access would be unlawful or may prejudice an investigation of possible unlawful activity.

Changing information

If you wish to change your personal information, which is inaccurate or out-of-date, you must notify us by sending a letter or fax signed by you; and the record will be changed. Your notification should be marked to the attention of our Privacy Officer.

Links to third parties

Some of the pages of TLR’s web sites may be hosted by third parties. If personal information is collected from one of those pages and provided to us, we will treat that information in accordance with this Privacy Policy; and as if it was collected directly by TLR.

TLR’s web sites contain links to third party web sites that are not operated or controlled by us. Please note that TLR is not responsible for the privacy or security practices of those third party web sites and those sites are not covered by this Privacy Policy. Third party web sites should have their own privacy and security policies, which we encourage you to read.

Other companies that place advertising on our web sites may collect information about you when you view or click on their advertising or content through the use of cookies or web bugs. We cannot control this collection of information. You should contact these advertisers or content providers directly if you have any question about their use of the information they collect.

Security of your information online

Data transmission over the Internet cannot be guaranteed to be 100% secure. While we will strive to protect your personal information from misuse, loss and unauthorised access, we cannot guarantee the security of any information you transmit to us or receive from our online products and services. These activities are conducted at your own risk.

However, TLR does provide a secure server for selected services (eg. to purchase product via Thomson eStore). These services use Secure Sockets Layer technology (SSL), which is the industry standard for encryption technology. SSL encryption technology makes it almost impossible to be intercepted by an unauthorised party. For obvious reasons, please do not send credit card information through unsecured electronic mail.

What to do if you have a problem or question
If TLR becomes aware of any ongoing concerns or problems you may have with TLR’s handling of your personal information, we will work to address these concerns. If you have any queries relating to our Privacy Policy, or you have a problem or complaint, please contact us at TLRAP.privacy@thomson.com.au.

Changes to this Privacy Policy

We may amend this Privacy Policy from time to time by posting an updated version of this policy on our web sites therefore we recommend that you review it regularly for any changes .

Additional information

For further information about privacy issues and the protection of privacy, visit the Australian Federal Privacy Commissioner’s web site at www.privacy.gov.au.

4 March 2008