Last updated: October 14, 2020
1. Our Obligations Under PIPEDA
We manage your personal information in compliance with the Personal Information Protection and Electronic Documents Act (“PIPEDA”). Personal information is any information (or when combined with other information) that may be used to identify an individual. Generally, PIPEDA does not apply to employment information or information such as your name, title, business address and telephone number unless such information is deemed to be personal information under the privacy laws applicable to your jurisdiction.
We are responsible for personal information under our control and have appointed a Privacy Officer who is accountable for our compliance with the PIPEDA’s ten fair information principles (the “Principles”). We adhere to the Principles when collecting, using, or disclosing your personal information.
2. Purpose for Collecting and Using Personal Information
Through our professional engagements, we collect and use personal information:
- for the purposes of serving the legal and related needs of our clients,
- to identify any conflicts of interests,
- to administer our client records and to bill for our services,
- to fulfill our legal and professional obligations, and
- as permitted or required by law or for purposes for which you otherwise provide consent.
Our collection of personal information is limited to that which is needed for us to conduct business. We do not and will not disclose or sell your personal information or business contact information to any third-party to enable them to market their products or services.
3. What Personal Information Do We Collect?
Credit Card Information
Questions Through Our Website
If you send us a question, accompanied by personal information, on our website, we will respond to your question using the personal information provided. Our website does not collect or store any personal information.
During our professional relationship with you, we may, by verbal, written, electronic, or other means, also collect information including your name, address, telephone number, income, or credit, as well as any information relevant to your legal issue, or necessary for us to provide legal services to you.
Should we need to obtain your personal information from a third-party (such as medical professionals or financial institutions) we will obtain your written consent, unless obtaining such consent is unreasonable in the circumstances.
If you provide us with the personal information of another individual, you represent and warrant that you have the authority to provide such information and that you have obtained the necessary consent of such individual for us to collect, use, or disclose their personal information.
Personal information is only used or disclosed for the purposes for which it was collected unless you provide consent to a different use or disclosure. Any disclosure of your personal information is done to serve your specific needs in the course of providing legal services to you. This may include releasing information to:
- Our staff and agents, or any professionals who may work with us,
- Government or regulatory agencies,
- Third parties such as opposing counsel, or experts or consultants retained by us to assist us in providing you with legal services,
- Third-party service providers that provide administrative services to us. For example, a service provider that backs up our computer services. We limit the service provider’s right to use the personal information only for the services it provides to us. We also require the service provider to maintain the confidentiality of your personal information and to take adequate steps to protect the security of the personal information we give it,
- Third parties to assist us in evaluating your creditworthiness or to collect debts outstanding on an account, and
- Any other parties, where you provide us with consent.
Your personal information will be retained for as long as needed for the purposes for which it was collected or as required by law, which may extend beyond the termination of our relationship with you. We may retain certain data as necessary to prevent fraud or future abuse, or for legitimate business purposes, such as analysis of aggregated, non-personal information, or if otherwise required by law. We use third party service providers to host our emails, documents, document storage and exchange, and legal practice management. Most of the information retained is stored on either Microsoft Servers data centres or servers located in the province of Ontario.
7. Accuracy of and Access to Personal Information
We do our best to ensure that the information we have is accurate. You have the right to request information about the existence, use, disclosure, and correction of your personal information, subject to any limitations imposed by law. The request must be in writing and directed to the Privacy Officer using the information below. If, during our professional relationship, any of your information changes, please inform us so that we can make the appropriate changes.
8. Protection of Personal Information
- Keep your personal information physically secure (for example, in locked or secure offices, rooms, or cabinets),
- Maintain technological safeguards, such as passwords or encryption for your sensitive personal information, and
- Enter into contractual obligations to bind third-party service providers.
9. Exceptions to your Right to Access Your Personal Information
By law, we must deny requests to access personal information when:
- your file contains personal information of a third-party, and such information cannot be severed to maintain the privacy of the third-party information, or
- required or authorized by law (e.g. when a record is subject to privilege).
At our discretion, we may deny access to your personal information when our information relates to existing or anticipated legal proceedings against you, including unpaid bills to us.
11. Contact Information
Privacy Officer, [email protected]