INTRODUCTION TO JESSIMAN LAW WEBSITE POLICIES
1. No Lawyer-Client Relationship or Legal Advice
The material provided on the Website is for general information only and should not be taken as legal advice. Your interaction with the Website does not give rise to a lawyer-client, advisory, or fiduciary relationship or privilege. If you have a legal issue to discuss, please contact Stacey Jessiman.
2. No Liability
We assume no liability or responsibility for any errors or omissions in any content provided through the Website. Links to third party websites are provided as a convenience only and are not an endorsement of their content or a representation as to their accuracy. Use of the Website is at your own risk.
3. Communications with Third Parties via the Website
We cannot guarantee that communications with or information provided to third parties that are referred to in the Website will be confidential and use of such communication mediums are at your own risk.
4. British Columbia Law Applies
The use of the Website and the interpretation of these Policies will be governed by the laws of British Columbia and the laws of Canada applicable therein. You consent and submit to the exclusive jurisdiction of the courts of British Columbia in any action or proceeding related to the Website.
Copyright © 2020 Stacey Jessiman Law Corporation. All rights reserved. This Website contains information, communication, software, program code, images, sounds, music, graphics, photos, videos and other materials and services (collectively, “Content”). You agree that the Content is protected by Canadian and international intellectual and industrial property rights, including copyrights, trademarks, and other proprietary rights. Your use of the Content or Website existing now or in the future will be in accordance with such rights and these Policies.
1. YOUR PRIVACY
Jessiman Law is committed to protecting and respecting your privacy. Please read the following carefully to understand our practices regarding your personal information collected in conjunction with your use of the Website.
2. INFORMATION WE COLLECT & HOW WE USE IT
We may collect and use Personal Information and Non-Personal Information (defined below) from you when you access or use the Website. Below we describe the type of information that may be collected and how that information may be used.
2.1 Personal Information
“Personal Information” means personally identifiable information that specifically identifies someone as an individual, and with respect to Jessiman Law includes the items listed below.
2.1.1 Paying an Invoice Online
You may have the option of paying for your invoices through the Website. We use LawPay Canada (“LawPay”) to process all online payments. Any Personal Information you provide to LawPay, including billing information, is received directly by LawPay. We will receive and store the confirmation of your payment from LawPay, which will include:
name and billing address;
purchase order number; and
date and time of payment.
We use this information to track payment. We will not receive from LawPay or store your banking information or credit card numbers.
2.1.2 When You Use the Website
We may collect Personal Information about you as part of your use of the Website.
2.1.3 When You Contact Us Via the Website
When you choose to contact us through the Website, we may collect, store and use the Personal Information that you provide us, such as your name, email address, phone number and other information you choose to provide in the content of your message, so that we can respond to your inquiry.
2.14 Other Uses of Your Personal Information
We may also use Personal Information that we collect via the Website to help us to improve our services, communicate with you and fulfill your requests for products, services and information.
2.2 Use of Non-Personal Information
“Non-Personal Information” means: (1) information that does not directly identify you; and (2) “aggregate” and “de-personalized” information, which is data we collect about the use of the Website from which personally identifiable information has been removed.
2.2.1 Cookies, Beacons and Tracking
When you access or use the Website, we (or a third party provider) may use “cookies” and other technologies such as pixel tags, locally shared objects, clear GIFs and web beacons, to track what you view and interact with on the Website. We treat information collected by cookies and similar technologies as Non-Personal Information. A “cookie” is a small bit of record-keeping information that is sent to your computer. The cookies may be used to:
help you navigate around the Website,
monitor how many people are using the Website, and
Most browsers are initially set up to accept cookies, but you can disable cookies or set your browser to indicate when a cookie is being sent. However, disabling cookies may affect your ability to use the Website.
2.2.2 Trusted Partners and Sponsored Companies and Organizations
We may use and disclose collected Non-Personal Information to our affiliated companies, contractors, trusted partners or persons for the purpose of auditing, researching and analyzing usage of the Website, ensuring the technical functionality of the Website and further developing the Website and our other products.
2.2.3 Google Analytics
3. DISCLOSURE OF PERSONAL INFORMATION
3.1 How/When the Collected Information is Disclosed
We will never sell, share, transfer or rent your Personal Information. In certain circumstances, we may share any or all information we have collected, including Personal Information. For example:
a) your Personal Information may be shared with anyone who is helping us with our Website functionality, like technical agents, payment processing vendors, other subcontractors, and our affiliates and consultants, all subject to privacy and confidentiality obligations consistent with these Policies;
b) if you use the Website to provide credit card information to LawPay for payments, your credit card company will be provided with all relevant information about LawPay, item(s) purchased, cost and other information necessary to process the transaction;
c) we may be under a legal obligation to share your Personal Information without your consent, including pursuant to a judicial order and any of the exceptions in the Acts.
3.2 Data Processing Purposes
4. YOUR CHOICES REGARDING YOUR PERSONAL INFORMATION
5. THIRD PARTY PRIVACY POLICIES
We may make available third party links through hyperlinks or otherwise enable you to access via the Website third party products or services that are not affiliated with or controlled by us. We are not responsible for those parties, the content of their products or services, or the use of information you provide to them. Providing links or otherwise enabling access to third party products or services does not constitute sponsorship of or affiliation with those people or companies. You recognize and agree that we are not liable for any third parties' use of your Personal Information and you should review the privacy policies of these third parties.
6. DATA STORAGE
7. INFORMATION SECURITY
We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of Personal Information. We use physical, electronic and/or procedural safeguards to protect our systems and all Personal Information under our control against unauthorized access and use. We only use third party server hosts with certified facilities that contain the industry standard physical, operational and digital security and restriction protocols. All safety and security measures are reasonable and appropriate to the sensitivity level of the information collected.
8. ACCURACY AND ACCESS/CONTROL OVER PERSONAL INFORMATION
We will take reasonable steps to ensure that the Personal Information collected by us or on our behalf is accurate and complete, as required pursuant to the Acts. We will allow you to access your Personal Information in our custody or control, and you may request that we:
update or correct such Personal Information;
change your preferences with respect to communications and other information received from us; or
delete your Personal Information on our primary system, by submitting a request to email@example.com.
If we are satisfied on reasonable grounds that your request to update or correct your information should be implemented, we will correct your Personal Information on our primary system as soon as reasonably possible. We may retain an archived copy of your records as required or authorized by law.
9. EMAIL COMMUNICATIONS
By providing your email address to us via the Website or otherwise or communicating with us via email, you are deemed to consent to receiving email communications from us.
10. RETENTION OF PERSONAL INFORMATION
C. Cloud Computing: Policy & Procedures
Our use of web-based cloud computing services, tools and applications (“Cloud Services”) benefits our clients in a number of ways, including lower firm operation costs, increased Jessiman Law team performance, and more efficient delivery of legal services to clients. We recognize that the nature of the legal services we provide requires a high level of protection of client data. We take security and protection of your Personal Information seriously.
Our policy on cloud computing (“Cloud Policy”) is meant to ensure that client data is protected to the greatest extent reasonably possible. This Cloud Policy is based upon the Law Society of British Columbia’s cloud computing due diligence guidelines (“Law Society Guidelines”).
This Cloud Policy applies to all team members at Jessiman Law and pertains to all client data, without exception. This Cloud Policy concerns all external Cloud Services, including cloud-based email, document storage, firm management software, etc. Jessiman Law team member personal cloud based accounts are excluded from this policy. Jessiman Law team members may not store client data on personal accounts. This Cloud Policy also applies to all clients, excluding those that constitute a “public body” for the purposes of the Freedom of Information and Protection of Privacy Act (“FOIPPA”). FOIPPA requires that personal information in the custody of any public body be stored and accessed within Canada, unless consented to by the individual to whom the personal information pertains. In order to determine whether a client constitutes a public body, see the definition of “public body” in Schedule I of the FOIPPA.
Before Jessiman Law team members enter into any Cloud Services contracts they first complete a security screening (set out below). This is necessary to protect the security and confidentiality of client and firm data. Each Jessiman Law team member reviews this Cloud Policy and certifies that he or she acknowledges and understands the purpose and following procedures. Our Cloud Policy comprises two screening stages:
(a) Stage I: Initial Comprehensive Security Screening.
Before initial use of any Cloud Service, we consider the security requirements that must be satisfied in every case, including the following three Law Society requirements:
Ownership of client data must not transfer to the Cloud Service or any third party.
Jessiman Law must ascertain where the data will be stored.
Client information must be protected to maintain confidentiality and privilege.
We also consider certain additional issues that accord with best practices in the industry.
(b) Stage II: Ongoing Security Monitoring.
To ensure the protection of client data is ongoing, we review the service terms of each Cloud Service and track security breaches through a monitoring process. We use GoogleAlerts to ensure notification of security breaches for each Cloud Service we use.
(c) In the Event of a Security Breach:
Jessiman Law has a designated cloud computing security officer (“CCSO”) who is responsible for monitoring GoogleAlerts notifications. If a security breach is flagged by GoogleAlerts, the CCSO reviews the details of the breach to assess whether further action is required:
If the breach does not put client or lawyer data at risk, Jessiman Law. will continue to use the Cloud Service.
If the breach potentially puts client or lawyer data at risk, the CCSO will ensure removal of sensitive client data to ensure reasonable security. Jessiman Law will temporarily refrain from using the Website and wait for the CCSO to confirm security. The CCSO will gather as much information about the security breach as reasonably possible and will make an assessment. If the breach is determined not to put client or lawyer data at risk, the Cloud Service will remain in use.
If the breach does put client or lawyer data at risk, the CCSO and Jessiman Law will work to remove all data from the Cloud Service, will close any accounts with the Cloud Service, and will discontinue use of the Cloud Service permanently.
4. Annual Review of Law Society of British Columbia Cloud Computing Guidelines
The Law Society Guidelines are foundational to this Cloud Policy. Once per year, Jessiman Law will review the Law Society Guidelines to determine whether any amendments have been made to those guidelines that necessitate changes to our Cloud Policy.