1. Key Terms
It would be helpful to start by explaining some key terms used in this policy:
- We, us, our refers to Fassonaki Law Firm, P.C.
- Personal Information means any information relating to an identified or identifiable individual.
- Special category personal information is personal information revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership, genetic and biometric data, data concerning health, sex life or sexual orientation.
2. Personal Information We Collect About You.
We may collect and use the following personal information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household: (1) Identifiers (e.g., a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, social security number, driver's license number, passport number, or other similar identifiers); (2) information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, his or her name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, financial information, medical information, or health insurance information; (3) characteristics of protected classifications under California or federal law; (4) commercial information (e.g., records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies); (5) internet or other electronic network activity information (e.g., browsing history, search history, and information regarding a consumer's interaction with an Internet Web site, application, or advertisement) (6) geolocation data; (7) professional or employment-related information; (8) education information; and, (9) inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. The personal information we request and collect when you enter into an agreement for legal services will be necessary to provide services to you.
We collect your Internet Protocol (IP) address. An IP address is a number that is assigned to your computer when you use the Internet. The IP address data that we collect does not contain any personally identifiable information about you and is used to administer our site, to determine the numbers of different visitors to the site and to gather demographic data. However, when you submit information via this website, that information becomes identifiable and is kept on record as having come from your IP address. This information may be used to identify you on subsequent visits to this site, and to other sites associated with it, and to personalize your user experience.
The non-personally identifiable data that this website collects is accessible by certain firm personnel as well as certain third-party Web site designers and personnel involved with the third-party service that hosts the Web site. We use all non-personally identifiable data that we collect internally and together with our Web site designer and host in order to improve the Web site. The information is used, for example, to evaluate what portions of the Web site are more popular than others, to determine where visitors to the site came from, and to determine how many times and how often particular pages of the site were accessed. We may use the data to prepare reports regarding Web site activity as part of the process of maintaining and improving the site.
We do not knowingly collect personally identifiable information from any children under age 13.
3. How Your Personal Information is Collected.
We collect most of this personal information directly from you—in person, by telephone, text, chat, email and some information via our website when you request that we contact you. Calls to our office may be recorded. However, we may also collect information:
- From publicly accessible sources (e.g., property records);
- Directly from a third party;
- Call and chat recordings;
- From a third party with your consent; and
- From cookies on our website.
To the extent you use forms, chats and e-mail links via the Web site, or call us via phone to communicate with us or anyone affiliated with us and provide us with personally identifiable information, you will not remain anonymous. Because it is impossible to predict every conceivable context in which such information might be provided to us via e-mail, we can provide you no assurance that personally identifiable information you choose to provide to us via e-mail will be maintained as private.
4. How and Why We Use Your Personal Information.
Under data protection law, we can only use your personal information if we have a proper reason for doing so, e.g.,:
- To comply with our legal and regulatory obligations;
- For the performance of our contract with you or to take steps at your request before entering into a contract;
- For our legitimate interests or those of a third party; or
- Where you have given consent.
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
What we use your personal information for:
- To provide services to you, for the performance of our contract with you or to take steps at your request before entering into a contract.
- To prevent and detect fraud against you or our firm for our legitimate interests or those of a third party, i.e. to minimize fraud that could be damaging for us and for you.
- To Conduct checks to identify our clients and verify their identity; screening for financial and other sanctions or embargoes; other processing necessary to comply with professional, legal and regulatory obligations that apply to our business, e.g. under health and safety regulation or rules issued by our professional regulator; and, to comply with our legal and regulatory obligations.
- To gather and provide information required by or relating to audits, enquiries or investigations by regulatory bodies for our legal and regulatory obligations.
- To ensure business policies are adhered to, e.g. policies covering security and internet use for our legitimate interests or those of a third party, i.e. to make sure we are following our own internal procedures so we can deliver the best service to you.
- Operational reasons, such as improving efficiency, training and quality control for our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service for you.
- Ensuring the confidentiality of sensitive information for our legitimate interests or those of a third party.
- Statistical analysis to help us manage our business, e.g. in relation to our financial performance, client base, service range or other efficiency measures for our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service for you.
- Preventing unauthorized access and modifications to systems for our legitimate interests or those of a third party, i.e. to prevent and detect criminal activity that could be damaging for us and for you and to comply with our legal and regulatory obligations.
- To update our records for legitimate interests.
- To ensure safe working practices, staff administration and assessments to comply with our legal and regulatory obligations
- For our legitimate interests or those of a third party, e.g. to make sure we are following our own internal procedures and working efficiently so we can deliver the best service to you.
- To market our services for our legitimate interests or those of a third party, i.e. to promote our business to existing and former client; third parties who have previously expressed an interest in our services; and, third parties with whom we have had no previous dealings.
- To perform external audits and quality checks, e.g. for accreditation and the audit of our matters for our legitimate interests or a those of a third party, i.e. to maintain our accreditations so we can demonstrate we operate at the highest standards and to comply with our legal and regulatory obligations.
We may use your personal information to send you updates (by email, text message, telephone or post) about our services and other news. We will also use your personal information to provide you with updates and communicate with you concerning the services you received or are currently receiving.
We have a legitimate interest in processing your personal information for marketing purposes (see above “How And Why We Use Your Personal Information”). This means we do not usually need your consent to send you marketing communications. However, where consent is needed, we will ask for this consent separately and clearly.
We will always treat your personal information with the utmost respect and never sell it to other organizations. You have the right to opt out of receiving marketing communications at any time by:
Contacting us at [email protected]; or
Using the “unsubscribe” link in emails or “STOP” number in texts.
We may ask you to confirm or update your preferences if you instruct us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business.
6. Who We Share Your Personal Information With.
We routinely share personal information with:
- Our affiliates, including other firms that assist in providing legal services;
- Service providers we use to help deliver our services to you;
- Other third parties we use to help us run our business, such as software companies or website hosts;
- Third parties approved by you; and
- Our insurers and brokers.
We only allow our service providers to handle your personal information if we are satisfied they take appropriate measures to protect your personal information. We may also share personal information with external auditors. We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.
We may also need to share some personal information with other parties, such as potential buyers of some or all of our firm or during a re-structuring. We will typically anonymize information, but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.
7. Personal Information We Disclosed for a Business Purpose.
In the preceding 12 months, we have disclosed for a business purpose to one or more third parties the following categories of personal information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household:
Identifiers (e.g., a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver's license number, passport number, or other similar identifiers);
Information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, his or her name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information;
Commercial information (e.g., records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies);
Professional or employment-related information;
Medical information obtained in the course of legal services; and,
Inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
We have not sold to a third party any personal information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
8. Where Your Personal Information is Held.
Regardless of where you are located, the Site collects information and processes and stores that information in databases located in the United States. Information may be held at our offices and those of our affiliates, third party agencies, service providers, representatives and agents as described above (see above: “Who We Share Your Personal Information with”). Some of these third parties may be based outside the United States.
9. How Long Your Personal Information Will Be Kept.
We will keep your personal information while you have an open matter with us or while we are providing services to you. Thereafter, we will keep your personal information for as long as it is necessary:
- To respond to any questions, complaints or claims made by you or on your behalf;
- To show that we treated you fairly; or
- To keep records as required by law.
We will not retain your personal information for longer than necessary for the purposes set out in this policy and to comply with applicable law. Different retention periods apply for different types of personal information.
10. Transferring Your Personal Information Out of the U.S.
To deliver services to you, it may become necessary for us to share your personal information outside the United States, e.g.:
With your and our service providers;
If you are based outside the U.S.; or
Where there is an international dimension to the services we are providing to you.
11. Your Rights Under the CCPA (where applicable).
You may have the right under the California Consumer Privacy Act of 2018 (CCPA) and certain other privacy and data protection laws, as applicable, to exercise free of charge:
Disclosure of Personal Information We Collect About You
You have the right to know:
Personal Information Sold or Used for a Business Purpose
We do not sell your information, but you have the right to know:
Right to Deletion
Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:
Protection Against Discrimination
You have the right to not be discriminated against by us because you exercised any of your rights under the CCPA. This means we cannot, among other things:
12. Keeping Your Personal Information Secure.
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorized way. We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
13. Third-Party Website Links.
14. How to Exercise Your Rights.
If you choose to contact directly by email, you will need to provide us with:
Enough information to identify you (e.g., your full name, phone number, address and matter name);
Proof of your identity and address (e.g., a copy of your driving license or passport and a recent utility or credit card bill); and
A description of what right you want to exercise and the information to which your request relates.
We are not obligated to make a data access or data portability disclosure if we cannot verify that the person making the request is the person about whom we collected information, or is someone authorized to act on such person's behalf. Any personal information we collect from you to verify your identity in connection with you request will be used solely for the purposes of verification.
15. Changes to This Privacy Notice.
16. How to Contact Us.
Attn: Data Protection Officer:
17. Do You Need Extra Help?
Please contact us (see “How to contact us” above).