OBJECTIVE & SCOPE OF POLICY
Gowling WLG takes the protection of Personal Information seriously. Our obligations as legal professionals are governed, in part, by the Rules of Professional Conduct which impose strict duties and obligations regarding the confidentiality of the information provided to Gowling WLG by its clients. These obligations apply to all professionals, employees, contractors and agents who provide services in connection with our delivery of legal and other services to our clients. Gowling WLG observes these requirements strictly. Gowling WLG also observes other applicable laws, including privacy laws, in all jurisdictions within which Gowling WLG operates.
PURPOSE FOR COLLECTION, USE & DISCLOSURE OF PERSONAL INFORMATION
As a general rule, all information concerning the business and affairs of a person or organization acquired (1) for the purpose of determining whether Gowling WLG will enter into a professional relationship or (2) in the course of a professional relationship shall be held in strict confidence and not revealed to anyone unless expressly or implicitly authorized by the person or organization concerned. A professional relationship develops when Gowling WLG agrees to be retained to provide services to an individual or organization. To protect their own interests, individuals or organizations should not send confidential information to Gowling WLG until they have had a direct discussion with a professional at the firm regarding the retention of Gowling WLG to provide legal services.
In the course of its relationship with you, Gowling WLG will need to collect, use and sometimes, disclose various types of Personal Information for various purposes associated with the scope of the work as directed by you or your organization. Given the nature of Gowling WLG’s services, it is impractical to list all of types of Personal Information that may be collected, used or disclosed. When Personal Information is requested from you, Gowling WLG will always explain the purpose for which it is needed. Under no circumstances will Gowling WLG sell, trade, barter or exchange for consideration any Personal Information it has obtained. You may be assured that Gowling WLG will only collect Personal Information that is necessary for the following purposes:
- Establishing your identity and Compliance with “Know Your Client” regulations: which may require you to provide name, address, employment/business information, legally mandated forms of identification.
- Billing: which will include the collection of names, addresses, banking and/or financial details.
- Provision of Services/Products: which will include any Personal Information necessary to provide services requested by you or your organization. We may also analyze the Personal Information provided to us to offer you additional services or products. You may, at any time, advise us that you do not wish to receive such information from Gowling WLG.
LIMITING COLLECTION, USE, DISCLOSURE & RETENTION OF PERSONAL INFORMATION
Gowling WLG may collect your Personal Information in many forms (hard/soft copy, electronically, facsimile, telephone conversations/recordings, etc.), but will only do so by lawful means and only for necessary purposes that have been disclosed to you.
Gowling WLG provides clients and others with general access to public web sites and restricted access to extranets. Our Web servers and authorized third party providers track general information about visitors such as their domain name, IP address and time of visit. Gowling WLG’s Web servers also collect and aggregate information regarding which pages are being accessed as well as information volunteered by visitors through online surveys or subscriptions to electronic newsletters. This information is used internally, only in aggregate form, to better serve visitors by helping us to:
- Manage our sites
- Diagnose any technical problems
- Improve the content of our Web site
Personal Information collected in any form will only be retained by Gowling WLG so long as it is required: a) for the purpose for which it was collected; b) to be retained by law; c) to address any issues that may arise at a later date. When your Personal Information is no longer required for these identified purposes, Gowling WLG uses secure procedures to destroy, delete, erase or convert the Personal Information into an anonymous form.
Consent may be given in different ways such as: a) expressly by signing a document, agreeing through electronic means or verbally; or b) impliedly by providing the Personal Information voluntarily.
There may be circumstances where you have provided Personal Information for an identified purpose, and Gowling WLG later needs to use that information for a different purpose. In such circumstances, Gowling WLG will seek your consent to use the information for the new purpose.
Please note that there are circumstances where the use and/or disclosure of Personal Information may be justified or permitted or where Gowling WLG must disclose information without consent. Such circumstances may include:
- Where required by law or by order or requirement of a court, administrative agency or other governmental tribunal;
- Where Gowling WLG believes, upon reasonable grounds, that it is necessary to protect the rights, privacy, safety or property of an identifiable person or group;
- Where it is necessary to establish or collect monies owing to Gowling WLG;
- Where it is necessary to permit Gowling WLG to pursue available remedies or limit any damages that Gowling WLG may sustain; or
- Where the information is public.
- Where obliged or permitted to disclose information without consent, Gowling WLG will not disclose more information than is required.
You have the right to revoke your consent to the collection, use and disclosure of your Personal Information at any time. However, revocation of your consent may result in our inability to provide services to you. We will discuss with you the reason we need your Personal Information and why the revocation of your consent affects our ability to provide the service or product to you.
DISCLOSURE, STORAGE & SECURITY
Currently, Gowling WLG holds Personal Information principally in the cities in which Gowling WLG has offices or production facilities and nearby municipalities where off-site storage facilities may be located. Gowling WLG allows certain authorized third party providers to track and store certain information about visitors to Gowling WLG web sites (namely domain names, IP addresses and page views as described below) and such information will be stored outside of Canada if the third party provider is located outside of Canada. Personal Information is always subject to the local laws of the jurisdictions within which it is collected, used, disclosed and/or stored, and may be accessed by governmental authorities in those jurisdictions.
Personal Information may also be subject to transfer to another organization in the event of a merger, change of ownership, obtaining insurance or financing. This will occur only if the parties have entered into an agreement under which the collection, use and disclosure of the information is restricted to those purposes that relate to the business transaction, including a determination whether or not to proceed with the business transaction, and is used by the parties to carry out and complete the business transaction.
Gowling WLG has taken steps to maintain adequate physical, procedural and technical security regarding its offices and information storage facilities to prevent any loss, misuse, unauthorized access, disclosure, or modification of Personal Information (“Data Breach”). Gowling WLG further protects Personal Information by restricting access to those individuals that the management of Gowling WLG has determined need to know that information in order that Gowling WLG may provide its services. All Gowling WLG professionals, staff, contractors and agents are provided with training on maintaining the confidentiality and protection of the Personal Information provided to Gowling WLG.
No method of transmitting or storing data is perfectly secure. While the physical characteristics mail, telephone calls, faxes and transmissions over the Internet are different, each is susceptible to possible loss, misrouting, interception and misuse of the information being communicated or transmitted. In the unfortunate event of a Data Breach, Gowling WLG has procedures in place to contain the loss to the greatest extent possible and will comply with applicable breach notification requirements.
Gowling WLG attempts to strike a reasonable balance between security and convenience. In communicating with clients and others, Gowling WLG may request the use of a communication method that is less secure than more inconvenient alternatives. For example, email may be sent as unencrypted plain text because some of our clients and others cannot readily process encrypted e-mail. This is done for their convenience, but we expect that our clients and others understand that if misrouted or intercepted, unencrypted email could be read more easily than encrypted e-mail.
ACCURACY & ACCESS
Gowling WLG endeavours to ensure that any Personal Information provided and in its possession is as accurate, current and complete as necessary for the purposes for which Gowling WLG uses that information. In the event that you believe that your Personal Information is not accurate or you wish access to your Personal Information, you may make a request to the Privacy Officer.
We will always endeavor to provide timely access to your Personal Information. However, there may be circumstances where access will not be granted. For example, where access would lead to the disclosure of Personal Information of another individual and that individual refuses to provide consent to disclose or information subject to privilege or other legal restrictions. You will be notified in all cases of the reason for the denial of access.