Information we collect
We may collect information about the Services you use and how you use them, such as the selections your make on our Services. We collect Attorney-Client Information, PII, DII, and log information about your interactions as described below.
Attorney-Client Information is information as provided to us after signing an engagement letter to establish legal representation with our Law Firm. It may include your personal or business information, private documents, trade secrets, confidential information, and the fact that we represent you. We collect this information to provide you with Services and guard this information with appropriate levels of protection for the level of sensitivity, and in compliance with relevant ethics rules.
Personally identifiable information (PII) is information that can be used to identify or contact you online or offline, such as your name, address, email, phone number, and payment information. The Service may collect PII when it is provided to us, such as when you use our Services, attempt to contact us, submit a resume or job application, or connect with us on social media or one of our partners. Our definition of PII does not include Attorney-Client Information – we keep them separate to reflect different levels of sensitivity and legal obligations.
We may also create or collect device-identifiable information (DII), such as cookies, unique device and advertising identifiers, usernames, and similar identifiers that are linkable to a browser or device. These technologies help us maintain user sessions, keep track of your interactions with us, and help us to improve or market our Services.
Our Services also collect log information about your interactions, including navigation paths, search queries, crashes, timestamps, clicks and shares, and referral URLs. We may combine this data with PII and DII. We may also partner with third parties that collect additional information – please see their privacy policies for more details and see below for your choices regarding these parties.
How we use information we collect
We use the information we collect from our Services to provide, maintain, protect and improve our Services, to develop new Services and offerings, and to protect us and our users.
PII is primarily used for marketing, hiring, responding to inquiries, logins, and providing Services to customers. When you contact us, we may keep a record of your communication as well as the other information to help solve any issues you might be facing. We may share your PII with attorneys in or associated with our Law Firm to help provide your with Services. We may use your email address to inform you about our services, such as letting you know about upcoming changes or improvements.
We share PII, but not Attorney-Client Information, with companies, outside organizations, and individuals for limited reasons, outlined below:
- With your consent – We will share PII with companies, outside organizations or individuals if we have your consent to do so.
- For legal reasons – We will share PII with companies, outside organizations or individuals if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to meet any applicable law, regulation, legal process or enforceable governmental request, detect, prevent, or otherwise address fraud, security or technical issues or protect against harm to the rights, property or safety of our users or the public as required or permitted by law.
- In case of a sale or asset transfer – If we become involved in a merger, acquisition or other transaction involving the sale of some or all of our assets, user information, including PII collected from you through your use of our Services, could be included in the transferred assets. Should such an event occur, we will use reasonable means to notify you, either through email and/or a prominent notice on the Services.
- In aggregated form for business purposes – We may share aggregated information and DII with our partners such as businesses we have a relationship with, advertisers or connected sites. For example, we may share information to show trends about the general use of our services.
We use DII and log information to operate our Services and manage user sessions, including analyzing usage of our Services, preventing malicious behavioral and fraud, improving the content, to link your identity across devices and browsers in order to provide you with a more seamless experience online, and helping third parties provide relevant advertising and related metrics. We share DII with third parties primarily for advertising and analytics purposes, for external processing, and for security purposes.
While we strive to work with reputable companies with good privacy practices, this Policy does not apply to services offered by other companies or individuals, including products or sites that may be displayed to you on the Services. We also do not control the privacy policies and your privacy settings on third-party sites, including social networks. We may use third parties to help retarget our Services (without using any Attorney-Client Information), such as obtaining analytics about the users of our site and to help tailor advertising to your preferences. For further information, please see the relevant privacy policies for each third party and industry codes of conduct.
Legal Bases for Processing
The data we process may qualify for multiple legal bases for processing under Article 6 of the General Data Protection Regulation (and similar laws that specify legal bases for processing). Below are our primary legal bases for each type of data:
We may collect your name, email, address, and billing information as contractually necessary to provide you legal services.
We have a legitimate interest in collecting and using your name and email for email marketing and ongoing client updates.
We have a legitimate interest in having personal information about clients and other people in furtherance of providing representation to our clients.
We have a legitimate interest in conducting analytics, using social media, and conducting ad campaigns to improve our services and reach new users. We and our processors and co-controllers have multiple measures in place to protect your privacy.
Like many other companies, we do not honor DNT flags but instead offer other choices with respect to third party advertisers. Many third parties participate in self-regulation to offer you a choice regarding receiving targeted ads. Please note thata you’ll still see generic ads after opting out, but they won’t be based on your activities online. On the web, you can opt out of participating companies by visiting the following sites:
If you wish to similarly opt out of cross-app advertising on mobile devices, you can enable the Limit Ad Tracking flag on the device. Enabling Limit Ad Tracking sends a flag to third parties that you wish to opt out of targeted advertising on that device, and most major platforms require companies to honor this flag. Screenshots on how to find these options on various devices are available here: //www.networkadvertising.org/mobile-choices.
Users covered under the EU General Data Protection Regulation (or similar laws) also have the right to access their data, rectify mistakes, erase their data, restrict certain processing (i.e., opt out), move their data, withdraw consent, and lodge a complaint with a supervisory authority. However, client data cannot be destroyed or accessed without a client’s permission to protect their rights to legal representation.
Accessing and updating your information
We offer you the opportunity to access, update, or delete your Attorney-Client Information. Please contact us to do so.
We aim to provide you with reasonable opportunity to access, update, and delete to your PII. In some cases, we may have to keep that information for legitimate business or legal purposes. When updating your information, we may ask you to verify your identity before we can act on your request.
Note: Morrison / Lee has submitted an application for Privacy Shield. This section shall only apply if and when we are approved and listed on the website.
If we transfer personal information from the European Union to the United States, we comply with the EU-U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, respectively. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles. To learn more about the Privacy Shield program, and to view our certification, please visit //www.privacyshield.gov/.
For any questions or complaints regarding our compliance with either the EU-U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework, please contact us at firstname.lastname@example.org. If we do not resolve your complaint, you may submit your complaint free of charge to the dispute resolution panel set forth by the data protection authorities, our designated independent dispute resolution provider (a panel established by the EU data protection authorities). Under certain conditions specified by the principles of the EU-U.S. and the Swiss – U.S. Privacy Shield Frameworks, respectively, you may also be able to invoke binding arbitration to resolve your complaint. We are also subject to the investigatory and enforcement powers of the US Federal Trade Commission. While we do our best to ensure our partners are also compliant, we are not liable for third parties’ processing of EU Data in violation of the Principles. We may be legally obligated to disclose personal information to authorities to meet national security, law enforcement, or other legal requirements.
We work hard to protect our users from unauthorized access to or unauthorized alteration, disclosure or destruction of information we hold and undertake reasonable security measures with appropriate confidentiality, integrity, and availability protections. However, since no software or storage system is 100% secure, we cannot guarantee for the security of your information associated with the Services, or any other service for that matter. The data we have from your use of our Services is retained for up to 10 years since the last time we spoke with our, except for client data which is retained until the client requests deletion.
If you have questions, please contact us at email@example.com.