INTRODUCTION TO JESSIMAN LAW WEBSITE POLICIES

 

Your use of the Stacey Jessiman Law Corporation (“Jessiman Law”) website and any services offered within it (the “Website”) constitutes your acceptance of the below Terms of Use, Privacy Policy and Cloud Policy (all together, the “Policies”). The Policies may be modified from time to time and it is your responsibility to check for updates.  The words “we”, “us” or “our” in the Policies refer to Jessiman Law. The words “you” and “your” refer to the Jessiman Law client or other person accessing the Website and/or covered by the Cloud Policy.

 

A. Terms of Use

 

1. No Lawyer-Client Relationship or Legal Advice

The material provided on the Website is for general information only and should not be taken as legal advice. Your interaction with the Website does not give rise to a lawyer-client, advisory, or fiduciary relationship or privilege. If you have a legal issue to discuss, please contact Stacey Jessiman.

 

2. No Liability

We assume no liability or responsibility for any errors or omissions in any content provided through the Website. Links to third party websites are provided as a convenience only and are not an endorsement of their content or a representation as to their accuracy. Use of the Website is at your own risk.

 

3. Communications with Third Parties via the Website

We cannot guarantee that communications with or information provided to third parties that are referred to in the Website will be confidential and use of such communication mediums are at your own risk.

 

4. British Columbia Law Applies

The use of the Website and the interpretation of these Policies will be governed by the laws of British Columbia and the laws of Canada applicable therein. You consent and submit to the exclusive jurisdiction of the courts of British Columbia in any action or proceeding related to the Website.

 

5. Copyright

Copyright © 2020 Stacey Jessiman Law Corporation.  All rights reserved. This Website contains information, communication, software, program code, images, sounds, music, graphics, photos, videos and other materials and services (collectively, “Content”). You agree that the Content is protected by Canadian and international intellectual and industrial property rights, including copyrights, trademarks, and other proprietary rights. Your use of the Content or Website existing now or in the future will be in accordance with such rights and these Policies.

B. Privacy Policy

 

1. YOUR PRIVACY

Jessiman Law is committed to protecting and respecting your privacy. Please read the following carefully to understand our practices regarding your personal information collected in conjunction with your use of the Website.

 

This Privacy Policy governs only individuals’ use of the Website. Any confidential matters as between lawyer and client will be governed by an engagement letter, should you choose to retain Jessiman Law as your legal counsel.

 

This Privacy Policy complies with the Personal Information Protection Act (British Columbia) (“PIPA”) and the Personal Information Protection and Electronic Documents Act (Canada) (“PIPEDA”) as applicable (collectively, the “Acts”).

 

2. INFORMATION WE COLLECT & HOW WE USE IT

We may collect and use Personal Information and Non-Personal Information (defined below) from you when you access or use the Website. Below we describe the type of information that may be collected and how that information may be used.

 

2.1 Personal Information

“Personal Information” means personally identifiable information that specifically identifies someone as an individual, and with respect to Jessiman Law includes the items listed below.

 

2.1.1 Paying a Retainer or Invoice Online

When you sign an engagement letter to retain us as your lawyers, you will have the option of paying for your retainer and invoices through the Website. We use LawPay Canada (“LawPay”) to process all online payments. Any Personal Information you provide to LawPay, including billing information, is received directly by LawPay. We will receive and store the confirmation of your payment from LawPay, which will include:

  • name and billing address;

  • purchase order number; and

  • date and time of payment.

We use this information to track payment. We will not receive from LawPay or store your banking information or credit card numbers.

 

2.1.2 When You Use the Website

We may collect Personal Information about you as part of your use of the Website.

 

2.1.3 When You Contact Us Via the Website

When you choose to contact us through the Website, we may collect, store and use the Personal Information that you provide us, such as your name, email address, phone number and other information you choose to provide in the content of your message, so that we can respond to your inquiry.

 

2.14 Other Uses of Your Personal Information

We may also use Personal Information that we collect via the Website to help us to improve our services, communicate with you and fulfill your requests for products, services and information.

 

2.2 Use of Non-Personal Information

“Non-Personal Information” means: (1) information that does not directly identify you; and (2) “aggregate” and “de-personalized” information, which is data we collect about the use of the Website from which personally identifiable information has been removed.

 

2.2.1 Cookies, Beacons and Tracking

When you access or use the Website, we (or a third party provider) may use “cookies” and other technologies such as pixel tags, locally shared objects, clear GIFs and web beacons, to track what you view and interact with on the Website. We treat information collected by cookies and similar technologies as Non-Personal Information. A “cookie” is a small bit of record-keeping information that is sent to your computer. The cookies may be used to:

  • help you navigate around the Website,

  • monitor how many people are using the Website, and

  • track trends.

Most browsers are initially set up to accept cookies, but you can disable cookies or set your browser to indicate when a cookie is being sent. However, disabling cookies may affect your ability to use the Website.

 

2.2.2 Trusted Partners and Sponsored Companies and Organizations

We may use and disclose collected Non-Personal Information to our affiliated companies, contractors, trusted partners or persons for the purpose of auditing, researching and analyzing usage of the Website, ensuring the technical functionality of the Website and further developing the Website and our other products.

 

2.2.3 Google Analytics

Google Analytics is a web analysis website provided by Google. Google collects such data as email address, browser and version, event (e.g. clicked on a given link) and operating system of the user’s computer, and utilizes the data collected to track and examine the use of the Google Analytics Website, to prepare reports on its activities and share them with other Google services. Google may use the data collected to contextualize and personalize the ads of its own advertising network. Google’s privacy policy can be found here.  We use Google Analytics to collect user information, which allows us to better know our audience characteristics and behaviour, measure cross-device and cross-platform use, conduct data analysis and testing, and manage our data effectively. However, we will not upload information to Google Analytics that allows Google to personally identify you (such as certain names, social insurance/security numbers, email addresses, or any similar data), or data that permanently identifies a particular device (such as your mobile phone’s unique device identifier if such an identifier cannot be reset), even in hashed form.

 

3. DISCLOSURE OF PERSONAL INFORMATION

 

3.1 How/When the Collected Information is Disclosed

We will never sell, share, transfer or rent your Personal Information. In certain circumstances, we may share any or all information we have collected, including Personal Information. For example:

a) your Personal Information may be shared with anyone who is helping us with our Website functionality, like technical agents, payment processing vendors, other subcontractors, and our affiliates and consultants, all subject to privacy and confidentiality obligations consistent with these Policies;

b) if you use the Website to provide credit card information to LawPay for payments, your credit card company will be provided with all relevant information about LawPay, item(s) purchased, cost and other information necessary to process the transaction;

c) we may be under a legal obligation to share your Personal Information without your consent, including pursuant to a judicial order and any of the exceptions in the Acts.

 

3.2 Data Processing Purposes

We may also disclose Personal Information to our advisors for the purpose of their assistance processing Personal Information or operating the Website, always based on our instructions and in compliance with this Privacy Policy and any other appropriate confidentiality and security measures.

 

4. YOUR CHOICES REGARDING YOUR PERSONAL INFORMATION

If we propose to collect, use or disclose Personal Information for any purpose other than those described in this Privacy Policy, we will obtain your consent. You may choose to withdraw your consent to the collection, use or disclosure of your Personal Information at any time. If you withdraw consent, then we may no longer be able to provide you with full or any access to the Website. Users are also given the opportunity to “opt-out” of having their Personal Information used for specific purposes, such as receiving newsletters or other information from us. Withdrawals of consent will not have an effect on personal or other data that we have used or disclosed in accordance with this Privacy Policy prior to such withdrawals.

 

5. THIRD PARTY PRIVACY POLICIES

We may make available third party links through hyperlinks or otherwise enable you to access via the Website third party products or services that are not affiliated with or controlled by us. We are not responsible for those parties, the content of their products or services, or the use of information you provide to them. Providing links or otherwise enabling access to third party products or services does not constitute sponsorship of or affiliation with those people or companies. You recognize and agree that we are not liable for any third parties' use of your Personal Information and you should review the privacy policies of these third parties.

 

6. DATA STORAGE

We take commercially reasonable steps to ensure that your data is treated securely in accordance with this Privacy Policy and the Acts. However, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, we cannot guarantee or warrant the security of any information you transmit through use of the Website, and you do so at your own risk. Your Personal Information may be transferred to and maintained on servers or databases located in Canada and the U.S. in accordance with the Acts, as applicable. By using the Website, you consent to such processing and storage.

 

7. INFORMATION SECURITY

We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of Personal Information. We use physical, electronic and/or procedural safeguards to protect our systems and all Personal Information under our control against unauthorized access and use. We only use third party server hosts with certified facilities that contain the industry standard physical, operational and digital security and restriction protocols. All safety and security measures are reasonable and appropriate to the sensitivity level of the information collected.

 

8. ACCURACY AND ACCESS/CONTROL OVER PERSONAL INFORMATION

We will take reasonable steps to ensure that the Personal Information collected by us or on our behalf is accurate and complete, as required pursuant to the Acts. We will allow you to access your Personal Information in our custody or control, and you may request that we:

  • update or correct such Personal Information;

  • change your preferences with respect to communications and other information received from us; or

  • delete your Personal Information on our primary system, by submitting a request to info@jessimanlaw.com.

If we are satisfied on reasonable grounds that your request to update or correct your information should be implemented, we will correct your Personal Information on our primary system as soon as reasonably possible. We may retain an archived copy of your records as required or authorized by law.

 

9. EMAIL COMMUNICATIONS

By providing your email address to us via the Website or otherwise or communicating with us via email, you are deemed to consent to receiving email communications from us.

 

10. RETENTION OF PERSONAL INFORMATION

We retain Personal Information collected pursuant to our Privacy Policy only as long as is reasonably required to fulfill the purposes for which it was collected, or as required or authorized by law.

 

11. CHANGES TO THIS PRIVACY POLICY

We reserve the right to modify our Privacy Policy at any time. We may provide you with notice of such modifications, by sending you an email message or otherwise bringing it to your attention via the Website. Your continued use of the Website will signify your acceptance of the modifications to our Privacy Policy.

 

13. QUESTIONS?

If you have any questions relating to this Privacy Policy or our privacy practices, please write to us at: info@jessimanlaw.com
 

 

C. Cloud Computing: Policy & Procedures

 

1. Introduction

Our use of web-based cloud computing services, tools and applications (“Cloud Services”) benefits our clients in a number of ways, including lower firm operation costs, increased Jessiman Law team performance, and more efficient delivery of legal services to clients. We recognize that the nature of the legal services we provide requires a high level of protection of client data. We take security and protection of your Personal Information seriously.

 

Our policy on cloud computing (“Cloud Policy”) is meant to ensure that client data is protected to the greatest extent reasonably possible. This Cloud Policy is based upon the Law Society of British Columbia’s cloud computing due diligence guidelines (“Law Society Guidelines”).

 

2. Scope

This Cloud Policy applies to all team members at Jessiman Law and pertains to all client data, without exception. This Cloud Policy concerns all external Cloud Services, including cloud-based email, document storage, firm management software, etc.  Jessiman Law team member personal cloud based accounts are excluded from this policy.  Jessiman Law team members may not store client data on personal accounts. This Cloud Policy also applies to all clients, excluding those that constitute a “public body” for the purposes of the Freedom of Information and Protection of Privacy Act (“FOIPPA”). FOIPPA requires that personal information in the custody of any public body be stored and accessed within Canada, unless consented to by the individual to whom the personal information pertains.  In order to determine whether a client constitutes a public body, see the definition of “public body” in Schedule I of the FOIPPA.

 

3. Policy

Before Jessiman Law team members enter into any Cloud Services contracts they first complete a security screening (set out below). This is necessary to protect the security and confidentiality of client and firm data. Each Jessiman Law team member reviews this Cloud Policy and certifies that he or she acknowledges and understands the purpose and following procedures.  Our Cloud Policy comprises two screening stages:

 

(a) Stage I: Initial Comprehensive Security Screening.

Before initial use of any Cloud Service, we consider the security requirements that must be satisfied in every case, including the following three Law Society requirements:

  • Ownership of client data must not transfer to the Cloud Service or any third party.

  • Jessiman Law must ascertain where the data will be stored.

  • Client information must be protected to maintain confidentiality and privilege.

We also consider certain additional issues that accord with best practices in the industry.

 

(b) Stage II: Ongoing Security Monitoring.

To ensure the protection of client data is ongoing, we review the service terms of each Cloud Service and track security breaches through a monitoring process. We use GoogleAlerts to ensure notification of security breaches for each Cloud Service we use.

 

(c) In the Event of a Security Breach:

Jessiman Law has a designated cloud computing security officer (“CCSO”) who is responsible for monitoring GoogleAlerts notifications. If a security breach is flagged by GoogleAlerts, the CCSO reviews the details of the breach to assess whether further action is required:

  1. If the breach does not put client or lawyer data at risk, Jessiman Law. will continue to use the Cloud Service.

  2. If the breach potentially puts client or lawyer data at risk, the CCSO will ensure removal of sensitive client data to ensure reasonable security. Jessiman Law will temporarily refrain from using the Website and wait for the CCSO to confirm security. The CCSO will gather as much information about the security breach as reasonably possible and will make an assessment. If the breach is determined not to put client or lawyer data at risk, the Cloud Service will remain in use.

  3. If the breach does put client or lawyer data at risk, the CCSO and Jessiman Law will work to remove all data from the Cloud Service, will close any accounts with the Cloud Service, and will discontinue use of the Cloud Service permanently.

 

4. Annual Review of Law Society of British Columbia Cloud Computing Guidelines

The Law Society Guidelines are foundational to this Cloud Policy. Once per year, Jessiman Law will review the Law Society Guidelines to determine whether any amendments have been made to those guidelines that necessitate changes to our Cloud Policy.