Last Updated: August 20, 2018
“Personal Information” means any information provided to or collected by Smutylo Sigler, in any form, about an identifiable individual, or an individual whose identity may be inferred or determined from the information. This Policy does not cover any information or aggregate information, in any form, about more than one individual where the identity of the individuals is not known and cannot be inferred.
“Processing” means any work we do with Personal Information, including how we change Personal Information into non-personally identifiable information or aggregate information, whether by automated means or not. This includes, but is not limited to, collecting, retaining, using, disclosing, storing, and destroying the information.
You have the right to request: (1) to clarify what Personal Information we have; (2) to update inaccurate information; (3) to access your Personal Information; (4) to have us send your Personal Information to someone else; (5) to restrict what we do with your Personal Information; (6) that we erase your Personal Information, subject to our legal obligations. You have the right to withdraw your consent of the processing of your Personal Information at any time.
INFORMATION WE COLLECT
Smutylo Sigler collects information to determine whether we will enter into a solicitor-client relationship. Once retained, we will hold your information in strict confidence and generally not disclose your information to anyone. However, through the course of the solicitor-client relationship, Smutylo Sigler may need to collect, use, and disclose certain types of Personal Information but will only do so as expressly or implicitly directed or authorized by you unless required or permitted by applicable law.
To serve you better and comply with our obligations under Law Society of Ontario’s Rules of Professional Conduct, when we open a file we collect the information including:
- your full name;
- your contact information, including telephone number and email;
- your employment title, social media and other identifiers;
- your organization and subordinates;
- your payment information;
- any other Personal Information that you voluntarily choose to provide to us.
Please note that certain Services may only be offered to you if you provide Personal Information to Smutylo Sigler, and therefore Smutylo Sigler may not be able to offer you certain Services if you choose not to provide us with the required Personal Information.
We also use “cookies” that identify you as a return visitor and which can help us apply your individual preferences. A cookie is a small text file that a website can send to your browser, which may then store the cookie on your hard drive. The goal is to save you time next time you visit, provide you with a more meaningful visit, and measure website activity. Cookies in and of themselves cannot be used to reveal your identity. Many browsers, however, allow you to disable cookie collection if you wish, or inform you when a cookie is being stored on your hard drive.
For information collected from our website, we only collect aggregated, anonymous statistics including domain names, IP addresses and page views. You may opt out of being tracked by Google Analytics by disabling or refusing the cookies.
HOW WE USE THE INFORMATION
Smutylo Sigler processes Personal Information for the purposes outlined in this Policy. A few examples of the usages and disclosures of Personal Information include but are not limited to:
- Establishing your identity and compliance with regulations and our legal obligations;
- Invoicing and billing;
- Providing our Services;
- Collecting analytics;
- Maintaining our internal record-keeping;
- Answering your questions and/or providing you with information you have requested;
- Doing market research;
- Keeping your information and preferences up to date;
- Permitting Smutylo Sigler to pursue available remedies or limit any damages that Smutylo Sigler may sustain;
- Any purpose which is required or permitted by applicable law; and
- Carrying out any other purpose which is disclosed to you and to which you consent.
Smutylo Sigler may share Personal Information among its employees and members through the normal course of business for the purposes set out in this Policy.
Smutylo Sigler allows certain authorized third party providers to process certain information, including tracking website use or for billing purposes. Smutylo Sigler may also outsource certain administrative functions. To the extent that we can, we engage only third parties and information processors that follow and implement the same or more stringent data protection measures. You acknowledge that you will be subject to the terms and conditions, and privacy policies of our third party providers. Our third party providers include:
- Google Analytics (https://policies.google.com/privacy)
- Docusign (https://www.docusign.com/company/privacy-policy)
- Speedyrails (https://www.speedyrails.com/privacy-policy/)
- WordPress (https://automattic.com/privacy/)
- WP Expert (https://wpexpert.ca/privacy-policy/)
- Gmail (https://policies.google.com/privacy)
- Skype (https://privacy.microsoft.com/en-us/privacystatement)
- Dropbox (https://www.dropbox.com/privacy)
- Cosmolex (https://canada.cosmolex.com/privacy-policy)
For information collected from our website, we only collect aggregated, anonymous statistics including domain names, IP addresses and page views.
We keep payment information on our systems and servers as required by law.
Smutylo Sigler will only use your Personal Information for marketing purposes with your consent. We will never share your name, email address, or put you on an email list without asking you first.
In most cases, we will keep case-related Personal Information at least up to 6 years or as required by the Law Society of Ontario. Smutylo Sigler may keep other types of information, i.e. aggregate information, until you or the individual to whom it pertains informs us to cease collecting, using, or storing said information.
Smutylo Sigler believes in doing our part to protect the environment and future. To the extent that we can, Smutylo Sigler maintains a paperless and sustainable practice. As such, Smutylo Sigler engages cloud services to store documents and send correspondence.
Smutylo Sigler uses Gmail, Skype, and Dropbox services for communication and documents, as applicable for communication, file management, and storage. Personal Information we store on these mediums are encrypted and password-protected. Some or all of the Personal Information stored on these mediums may be located on servers outside of Canada.
From time to time, we may employ other cloud Services. We believe these services to be sufficiently secure given the nature of the information we routinely store and communicate. Aside from encrypting documents stored in Dropbox, we do not employ any additional safeguards. However, to the extent that we can limit unauthorized dissemination of your Personal Information through the use of Gmail, Skype, and Dropbox, we endeavour to limit any risks or breaches of your privacy.
We do not guarantee that any data or Personal Information transmitted or stored will not be intercepted or otherwise accessed. NOTWITHSTANDING THE FOREGOING, WE CONFIRM THAT YOU ARE AUTHORIZING US TO COMMUNICATE WITH YOU VIA E-MAIL, GMAIL, SKYPE AND OTHER ELECTRONIC MEANS AND TO STORE YOUR DOCUMENTS USING DROPBOX AND OR OTHER CLOUD STORAGE SERVICES.
If, due to the nature of your information, you wish additional security measures be implemented in communicating with you and/or storing your data, please advise us in writing prior to sending us any Personal Information.
Our offices are physically secured by lock, alarm, and security cameras. Only authorized personnel and employees may enter and have access to your Personal Information if we have retained physical copies. All Personal Information is otherwise password-protected and secured on third party platforms (see Cloud Services).
Where we reasonably believe that Personal Information in our control has been breached and there is significant risk to you, we will provide (i) a report to the Office of the Privacy Commissioner of Canada; (ii) a notice to the affected individuals as soon as feasible; and, (iii) a notice to other affected organizations. Significant risk to you includes harms, humiliation, damage to your reputation, relationships, and identity theft. We will consider the sensitivity of the information, the probability of misuse, and any other factors required by law.
We will keep a record of every breach in our security for 24 months after the day when we discover the breach. The record will include any information about the breach. We reserve the right to keep copies of Personal Information to fulfill legal obligations.
You may submit a complaint to:
Office of the Privacy Commissioner of Canada
30 Victoria Street
Gatineau, Quebec K1A 1H3
819-994-5444 or 819-994-6591
If you have any questions regarding this Policy, or complaints you wish to report, please call 613-744-8025 or email us at firstname.lastname@example.org. Subject to certain exceptions prescribed by law, you will be given reasonable access to your Personal Information and will be entitled to challenge the accuracy and completeness of that information and, to the extent that you have proven such inaccuracy or incompleteness, have it amended as appropriate.