Taft Privacy and Data Security Mobile Application Privacy Policy

Taft Privacy and Data Security Mobile Application Privacy Policy

Last Revised: 2/22/2022

1. General

We know that your privacy is important to you, and we work hard to earn and keep your trust.  Taft Stettinius & Hollister LLP  (collectively with its subsidiaries, “Taft,” “Company,” “we,” “us,” and “our,”) respects your privacy and is committed to protecting your privacy through our compliance with this Privacy Policy (the “Policy”).

This Policy describes:

• The types of information we collect from you or that you may provide when you use the Taft Privacy and Data Security Mobile Application or web application available at https://apps.fliplet.com/taft-privacy (collectively, the “App”); and 
• Our practices for collecting, using, maintaining, protecting, and disclosing that information.

This Policy applies to information we collect on the App or in emails and other electronic messages between you and the App.

This Policy does not apply to information collected by us offline or through any other means, including on any other website operated by Taft or any third party, or information collected by any third party through any application or content (including advertising) that may link to or be accessible from the App (for further information, see below, “Third-party Websites”).

Please read this Policy carefully to understand our practices regarding your information and how we will treat it.  If you do not agree with our policies and practices, then please do not use our App.  By using our App, you agree to the terms of this Policy.  This Policy may change from time to time (see below, “Changes to this Policy”).  Your continued use of our App after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.

2. Application Terms of Use; Other Agreements

This Policy should be read in conjunction with any applicable Terms of Use, into which this Policy is incorporated by reference.

3. What We Collect and How We Collect It

To ensure that we provide you with the best possible experience, we will store, use, and share personal information about you in accordance with this Policy.  Personal Information is information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular user, household or device (“Personal Information”).  In particular, the App has collected the following categories of Personal Information from users of the App within the last 12 months:

Category	Examples	Collected
Identifiers.	A real name, postal address, unique personal identifier, online identifier, telephone number, company/organization name, title, industry, Internet Protocol address, email address, account name.	YES
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.	NO
Protected classification characteristics.	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).	NO
Commercial information.	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	NO
Sensitive Personal Information	Precise geolocation, Social security number, driver’s license or state identification card number, passport number, account log-in, financial account, debit card, credit card number with security, or access code or password, racial or ethnic origin, religious/philosophical beliefs, or union membership, contents of mail, email, and text messages, genetic data and processing of biometric information; health and sexual orientation.	NO
Biometric information.	Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.	NO
Internet or other similar network activity.	Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.	YES
Geolocation data.	Physical location or movements.	NO
Sensory data.	Audio, electronic, visual, thermal, olfactory, or similar information.	NO
Professional or employment-related information.	Current or past job history or performance evaluations.	NO
Non-public education information.	Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.	NO
Inferences drawn from other Personal Information.	Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	YES

We obtain the categories of Personal Information listed above from the following categories of sources:

• Directly from you. For example, when you:

o   register yourself with the App;

o   subscribe to one of our e-newsletters;  

o   communicate with us, such as request information.

• Indirectly from you. For example, through information we collect from you in the course of providing our services to you.
• Directly and indirectly from activity on our App. In addition to the information that you provide to us, we may also collect information about you during your visit to our App.  We collect this information using automated tools.  We may collect information about your behavior and your computer system, such as your internet address (IP Address), the pages you have viewed, and the actions you have taken while using the App

The information that you provide in each case will vary. In some cases, you may be able to provide Personal Information via email or free text boxes, such as contacting Taft to request further information.  When providing your Personal Information, please provide only relevant information and do not provide unnecessary sensitive information, such as your Social Security number, credit card information or other sensitive personal data, unless required for our services. 

Additionally, we may ask you to create a username and password that should only be known to you.  When you provide this information to us, you are no longer anonymous.  Moreover, we may receive information about you from other sources and add it to the information you have provided to us.

4. How We Use Your Information

The information we gather and that you provide is collected to provide you information and the services you request, in addition to various other purposes, including, but not limited to:

• security, credit, or fraud prevention purposes;
• providing you with effective customer service;
• providing you with a personalized experience when you use this App;
• contacting you with information we believe will be of interest to you (in accordance with any privacy preferences you have expressed to us);
• contacting you with information and notices related to your use of this App;
• inviting you to participate in surveys and providing feedback to us (in accordance with any privacy preferences you have expressed to us);
• better understanding your needs and interests;
• improving the content, functionality, and usability of this App;
• improving our services;
• improving our marketing and promotional efforts; and
• any other purpose identified in an applicable privacy notice, click-through agreement or other agreement between you and us.

Duration. The length of time Taft intends to retain Personal Information is for as long as reasonably necessary to carry out Taft’s intended business purpose for such information. 

5. How We Share Your Information

We do not sell or lease your Personal Information to any third party.  We may share your Personal Information by disclosing it to a third party for a business purpose.  When we disclose your Personal Information, we enter into a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except for the purposes set forth in the contract.

In the preceding 12 months, we have disclosed the following categories of Personal Information for one or more business purposes:

• Identifiers; and

Internet or other network activity information.

We disclose your Personal Information for a business purpose to the following categories of third parties:

• Our affiliates; and
• Third-party vendors who provide services that enhance our App and services to you.

Except as described in this Policy, we will not share your information with third parties without your notice and consent, unless it is under one of the following circumstances: 

• Legal Reasons.

o   We believe that disclosure is reasonably necessary to comply with any applicable law, regulation, subpoena, or court order;

o   To respond to duly authorized information requests from law enforcement or other governmental authorities;

o   To enforce our agreements, policies, or the Terms of Use;

o   To investigate and prevent security threats, fraud, or other malicious activity; or

o   To respond to an emergency that we believe in good faith requires us to disclose such information to assist in preventing the death or serious bodily injury of any person or Taft employee.

• Sale of Business or Merger. There are circumstances where Taft may decide to buy, sell, or reorganize its business in selected countries.  Under these circumstances, it may be necessary to share or receive Personal Information with prospective or actual partners or affiliates.  In such circumstances, Taft will ensure your information is used in accordance with this Policy.

6. Your Choices and Selecting Your Privacy Preferences

We want to provide you with relevant information that you have requested.  When possible, we will always provide options as to what information we collect and how you can manage any preferences that pertains to such information.

If we provide subscription-based services, such as email newsletters, we will allow you to make choices about what information you provide at the point of information collection or at any time after you have received a communication from us while you are subscribed.  Transactional or service-oriented messages, such as delivery confirmation messages, are usually excluded from such preferences, as such messages are required to respond to your requests or to provide goods and services, and are not intended for the purposes of marketing.

We will not intentionally send you email newsletters and marketing emails unless you consent to receive such marketing information.  After you request to receive these emails, you may opt out of them at any time by selecting the “unsubscribe” link at the bottom of each email.  Please note that by opting out or unsubscribing you may affect other services you have requested we provide to you, in which email communication is a requirement of the service provided. 

7. Accuracy and Access to Your Personal Information

We strive to maintain and process your information accurately.  We have processes in place to maintain all of our information in accordance with relevant data governance frameworks and legal requirements.  We employ technologies designed to help us maintain information accuracy on input and processing.

Where we can provide you access to your Personal Information in our possession, we will always ask you for a username and password to help protect your privacy and security.  We recommend that you keep your password safe, that you change it periodically, and that you do not disclose it to any other person or allow any other person to use it. 

To view and change the Personal Information that you have provided to us, you can log in to your account and follow the instructions on that webpage, or contact us directly for assistance.

8. Information of Minors

We do not intentionally seek to gather information from individuals under the age of 18.  We do not target the App to minors, and would not expect them to be engaging with our App or services.  We encourage parents and guardians to provide adequate protection measures to prevent minors from providing information unwillingly on the internet.  If we are aware of any Personal Information that we have collected about minors, we will take steps to securely remove it from our systems.

9. Third-party Websites

This Policy does not apply to websites or other domains that are maintained or operated by third parties or our affiliates.  Our App may link to third-party websites and services.  For example, if you click on an advertisement on this App, you may be taken to another website that we do not control.  These links are not endorsements of these websites, and this Policy does not extend to them.  Because this Policy is not enforced on these third-party websites, we encourage you to read any posted privacy policy of the third-party website before using the service or website and providing any information. 

10. Your California Rights

Shine the Light law.  Pursuant to California Civil Code Section 1798.83, we will not disclose or share your Personal Information with third parties for the purposes of third-party marketing to you without your prior consent.

Do Not Track Signals.  Other than as disclosed in this Policy, the App does not track users over time and across third-party websites to provide targeted advertising.  Therefore, the App does not operate any differently when it receives Do Not Track (“DNT”) signals from your internet web browser.

WE DO NOT SELL OR SHARE YOUR PERSONAL INFORMATION.  If we ever decide to sell or share Personal Information, as those terms are defined under the California Consumer Privacy Act of 2018, we will update you via this Policy and include a link entitled “Do Not Sell or Share My Personal Information,” to provide you with an opportunity to opt out of sales of your Personal Information.

California Consumer Rights.  If you are a California consumer, as defined by the California Consumer Privacy Act of 2018, you may be afforded additional rights with respect to your “Personal Information” as that term is explicitly defined under California law.  Any Personal Information we collect is collected for the commercial purpose of effectively providing our services to you, as well as enabling you to learn more about, and benefit from, our services.  You may exercise each of your rights as identified below, subject to our verification of your identity.

1. Access.  You have the right to request that we disclose certain information to you about our collection, use and disclosure of your Personal Information over the past 12months.  Any disclosures we provide will only cover the 12-month period preceding the receipt of your request.  The response we provide will also explain the reasons we cannot comply with a request, if applicable.
2. Correction.  You can correct what personal data our App database currently contains by accessing your account directly, or by contacting us to request that we correct or rectify any personal data that you have provided to us.
3. Prohibit Data Sharing.  When applicable, you may prohibit the sharing of your Personal Information.  In your request, please explain how you wish us to prohibit the sharing of your Personal Information, and which categories of third parties you want to prohibit from receiving your Personal Information.  When such prohibitions are not possible to provide our services to you, we will advise you accordingly.  You can then choose to exercise any other rights under this Policy.
4. Portability.  Upon request and when possible, we can provide you with copies of your Personal Information.  When such a request cannot be honored, we will advise you accordingly.  You can then choose to exercise any other rights under this Policy
5. Deletion.  You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions.  Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.  Where applicable, we will ensure such changes are shared with trusted third parties.
6. Non-Discrimination.  If a California data subject exercises his or her rights under California law, including the CCPA, we shall not discriminate against that California resident by denying our goods or services, charging different prices or rates to similarly situated consumers, providing a different level or quality of our goods or services, or taking any other adverse action.
7. Exercising your rights.  If you are a California resident who chooses to exercise the rights listed above, you can:

1. Submit a request via email at privacy@taftlaw.com; or

2. Call us at (833) 974-4292 to submit your request.

Only you, or someone legally authorized to act on your behalf, may make a request related to your Personal Information.  If an authorized agent makes a request on your behalf, we may require proof that you gave the agent permission to submit the request.  

Responding to Your Request. Upon receiving your request, we will confirm receipt of your request by sending you an email confirming receipt.  To help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to the Personal Information.  In some instances, such as a request to delete Personal Information, we may first separately confirm that you would like for us to in fact delete your Personal Information before acting on your request.

We will respond to your request within 45 days.  If we require more time, we will inform you of the reason and extension period in writing.

In some cases our ability to uphold these rights for you may depend upon our obligations to process Personal Information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, listed below, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request. We may deny your deletion request if retaining the information is necessary for us or our service providers to:

• Complete the transaction for which we collected the Personal Info, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
• Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
• Debug products to identify and repair errors that impair existing intended functionality.
• Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
• Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
• Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
• Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
• Comply with a legal obligation.
• Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

11. For App Users or Visitors Outside of the United States

Our App is designed for use by individuals in the United States only.  We do not warrant or represent this Policy or the App’s use of your Personal Information complies with the laws of any other jurisdiction.  Furthermore, to provide you with our services, we may store, process, and transmit information in the United States and other locations around the world, including countries that may not have the same privacy and security laws as yours.  Regardless of the country in which such information is stored, we will process your Personal Information in accordance with this Policy. 

12. Safeguarding the Information We Collect

We use reasonable technical, administrative, and physical safeguards in order to protect your Personal Information against accidental loss and from unauthorized access, use, alteration, and disclosure.  However, we can never promise 100% security.  You have a responsibility, as well, to safeguard your information through the proper use and security of any online credentials used to access your Personal Information, such as a username and password.  If you believe your credentials have been compromised, please change your password.  Please also notify us of any actual or suspected unauthorized use.

13. Changes to this Policy

This Policy describes our current policies and practices with regard to the information we collect through this App.  We are continually improving and adding to the features and functionality of this App along with the products and services we offer through this App.  If we make any changes to this Policy, a revised Policy will be posted on this webpage and the date of the change will be reported in the “Last Revised” block above.  You can get to this page from any of our webpages by clicking on the “Privacy Policy” link (usually at the bottom of the screen).

14. How to Contact Us

We value your opinions and welcome your feedback.  To contact us about this Policy or your Personal Information, please contact us by email at privacy@taftlaw.com.