This Privacy & Cookies Statement describes how ILH – International Legal Hub (the “Firm”) collects, uses, shares, and otherwise processes Personal Data (defined below) about:
- Visitors to our websites, mobile applications, and other online properties (each, a “Site”)
- Contact persons for our clients and/or prospective clients
- Contact persons for suppliers of goods and services to the Firm
- Any other individuals about whom the Firm obtains Personal Data
In this Privacy & Cookies Statement, “Personal Data” means information that (either in isolation or in combination with other information held by the Firm) enables you to be identified as an individual or recognized directly or indirectly. For the name and contact details of the ILH – International Legal Hub member firm in your jurisdiction, please select your country below:
Unless we specifically state otherwise, the Firm is the data controller of the Personal Data we process and is therefore responsible for ensuring that the systems and processes we use are compliant with data protection laws, to the extent applicable to us.
Firm personnel are required to comply with this Privacy & Cookies Statement and associated Firm policies when dealing with Personal Data and must also complete data protection training where appropriate to their role.
Summary of Key Points
|Collection||We collect Personal Data from a number of sources in connection with the day-to-day management of our business and our commercial relationships.|
|Use||We use Personal Data to provide our services and respond to inquiries, to manage accounts and maintain business operations, to provide relevant marketing, and to fulfill other business and compliance purposes.|
|Sharing||We share Personal Data as necessary to provide our services and respond to requests, and to fulfil other business and compliance purposes.|
|Marketing Choices||You have control on how we use Personal Data for marketing.|
|Data Subject Rights||You have certain rights to request access, rectification, deletion, objection, or other actions regarding your Personal Data where required by applicable law.|
|Data Security||We maintain technical and organizational measures to protect Personal Data from loss, misuse, alteration, or unintentional destruction of Personal Data.|
|Cross-Border Data Transfers||We provide appropriate protections for cross-border transfers where specified by law.|
|Other Issues||We provide other information in this Privacy & Cookies Statement about: (i) the possible consequences for not providing Personal Data, (ii) how we do not engage in automated decision-making that has substantial effects on individuals, (iii) how we handle do-not-track (DNT) signals, (iv) data retention, (v) links to third party websites, (vi) employee and contractor issues; and (vii) changes to this Privacy & Cookies Statement.|
|Contact Us||Please contact us as detailed below with any questions. Click here to learn more.|
Collection of Personal Data
We collect the following categories of Personal Data about Site visitors, clients, prospective clients, suppliers and other third parties:
- Basic data: Name, gender, title, organization, job responsibilities, phone number, mailing address, email address, contact details and information about family life (excluding special categories of data) including family, children, hobbies and interests.
- Special categories of data: in limited circumstances, where you have provided us with such information as it is necessary for a specific service we are providing to you: religious or other beliefs, racial or ethnic origin, sexual orientation, health data and details of trade union membership.
- Registration data: Newsletter requests, event/seminar registrations, dietary preferences (excluding special categories of data), subscriptions, downloads, and username/passwords.
- Client service data: Personal Data received from clients in respect of employees, customers or other individuals known to clients, invoicing details and payment history, and client feedback.
- Marketing data: Data about individual participation in conferences and in-person seminars, credentials, associations, product interests, and preferences.
- Compliance data: Government identifiers, passports or other identification documents, dates of birth, beneficial ownership data, and due diligence data.
- Device data: Computer Internet Protocol (IP) address, unique device identifier (UDID), cookies and other data linked to a device, and data about usage of our Sites (Usage Data).
We collect Personal Data from a number of sources, either directly from the data subjects, or from clients, colleagues and publically available sources. Where the Firm receives data from its clients about employees, customers or other individuals, the client is responsible for ensuring that any such data is transferred to us in compliance with applicable data protection laws.
Use of Personal Data
The purposes for which we use Personal Data, and the legal bases for such processing, are as follows:
- To provide legal advice and respond to inquiries we use basic data, registration data, client service data, and device data. We need to process your information in this way in order to perform our obligations under our contracts with our clients.
- To manage our business operations and administer our client relationships we use basic data, special categories of data, registration data, marketing data and client service data. This processing is necessary in order to perform our obligations under our contracts with our clients (e.g. issuing and processing invoices) and suppliers (e.g. managing the supply of goods and services to the Firm).
- To make our Sites more intuitive and easy to use we use device data. It is necessary for our legitimate interests to monitor how our Sites are used to help us improve the layout and information available on our Sites and provide a better service to our Site users.
- To protect the security and effective functioning of our Sites and information technology systems we use basic data, registration data, transaction data, and device data. It is necessary for our legitimate interests to monitor how our Sites are used to detect and prevent fraud, other crimes and the misuse of our Sites. This helps us to ensure that you can safely use our Sites.
- To provide relevant marketing such as providing you with information about events or services that may be of interest to you including legal services, legal updates, client conferences or networking events, and groups of specific interest (e.g. specific types of networking groups) we use marketing data, basic data, special categories of data, registration data, client service data, and device data. It is necessary for our legitimate interests to process this information in order to provide you with tailored and relevant marketing, updates and invitations.
- To address compliance and legal obligations, such as checking the identity of new clients and to prevent money laundering and/or fraud we use compliance data, basic data, registration data, transaction data, and device data. This processing is necessary for the purposes of complying with legal requirements to which we are subject.
Sharing of Personal Data
We may share Personal Data with the following categories of recipients:
- Affiliates: ILH – International Legal Hub operates with representative offices around the world. The Firm may share Personal Data with our representative offices in order to provide you with legal services and in order to administer our relationship with you (e.g. invoicing, marketing) or otherwise as necessary for the purposes described above. A list of ILH – International Legal Hub representative offices is provided in our web site.
- Suppliers and service providers: We share Personal Data with suppliers and service providers to enable such parties to perform functions on our behalf and under our instructions in order to carry out the purposes identified above. These include: infrastructure and IT services providers, for example, the providers of our client intake system, our finance systems and our customer relationship management databases; third party consultants who provide us with support in respect of business analytics and marketing campaigns; and the providers of external venues where we host conferences and events. We require such parties by contract to provide reasonable security for Personal Data and to use and process such Personal Data on our behalf only.
- Financial institutions: We share Personal Data with financial institutions in connection with invoicing and payments.
- Corporate purchasers: We may share Personal Data with any corporate purchaser or prospect to the extent permitted by law as part of any merger, acquisition, sale of Firm assets, or transition of service to another provider, as well as in the event of insolvency, bankruptcy, or receivership in which Personal Data would be transferred as an asset of the Firm.
- Mandatory disclosures and legal claims: We share Personal Data in order to comply with any subpoena, court order or other legal process, to comply with a request from our regulators, governmental request or any other legally enforceable demand. We also share Personal Data to establish or protect our legal rights, property, or safety, or the rights, property, or safety of others, or to defend against legal claims.
If you have questions about the parties with which we share Personal Data, please contact us as specified below.
You have control regarding our use of Personal Data for direct marketing. In certain markets, you will need to expressly consent before receiving marketing. In all markets, you can choose to not receive such communications at any time. If you no longer wish to receive any marketing communications, remain on a mailing list to which you previously subscribed, or receive any other marketing communication, please follow the unsubscribe link in the relevant communication or contact us as per below.
What are cookies
Cookies are small amounts of data that are stored on your browser, device, or the page you are viewing. Some cookies are deleted once you close your browser, while other cookies are retained even after you close your browser so that you can be recognized when you return to a website.
Cookies on our Sites are generally divided into the following categories:
- Strictly Necessary Cookies: These are required for the operation of our Sites. They include, for example, cookies that enable you to log into secure areas. These cookies are session cookies that are erased when you close your browser.
- Functional Cookies: These improve the functional performance of our Sites and make it easier for you to use. For example, cookies are used to remember that you have previously visited the Sites and asked to remain logged into it. These cookies qualify as persistent cookies, because they remain on your device for us to use during a next visit to our Sites. You can delete these cookies via your browser settings.
- Targeting Cookies: These record your visit to our Sites, the pages you have visited and the links you have followed to recognize you as a previous visitor and to track your activity on the Sites and other websites you visit. These cookies qualify as persistent cookies, because they remain on your device for us to use during a next visit to our Sites. You can delete these cookies via your browser settings. See below for further details on how you can control third party targeting cookies.
What are your options if you do not want cookies on your computer?
You can review your Internet browser settings, typically under the sections “Help” or “Internet Options,” to exercise choices you have for certain Cookies. If you disable or delete certain Cookies in your Internet browser settings, you might not be able to access or use important functions or features of this Sites, and you may be required to re-enter your log-in details.
Data Subject Rights
If you are in the European Economic Area (EEA) you have the following rights:
- Access. Subject to certain exceptions, you have the right to request a copy of the Personal Data we are processing about you, which we will provide to you in electronic form. At our discretion we may require you to prove your identity before providing the requested information. If you require multiple copies of your Personal Data, we may charge a reasonable administration fee.
- Rectification. You have the right to require that any incomplete or inaccurate Personal Data that we process about you is amended.
- Deletion. You have the right to request that we delete Personal Data that we process about you, unless we are required to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims.
- Restriction. You have the right to request that we restrict our processing of your Personal Data where:
- you believe such data to be inaccurate;
- our processing is unlawful; or
- we no longer need to process such data for a particular purpose, but where we are not able to delete the data due to a legal or other obligation or because you do not want us to delete it.
- Portability. You have the right to request that we transmit the Personal Data we hold in respect of you to another data controller, where this is:
- personal information which you have provided to us; and
- we are processing that data on the basis of your consent or in order to perform our obligations under contract to you (such as to provide legal services).
- Objection. Where the legal justification for our processing of your Personal Data is our legitimate interest, you have the right to object to such processing on grounds relating to your particular situation. We will abide by your request unless we have compelling legitimate grounds for the processing which override your interests and rights, or if we need to continue to process the data for the establishment, exercise or defense of a legal claim.
- Withdrawing Consent. If you have consented to our processing of your Personal Data, you have the right to withdraw your consent at any time, free of charge. This includes cases where you wish to opt out from marketing messages that you receive from us.
We have implemented technical and organizational measures in an effort to safeguard the Personal Data in our custody and control. Such measures include:
- restricting access to Personal Data to staff and service providers on a need-to-know basis;
While we endeavor to always protect our systems, sites, operations and information against unauthorized access, use, modification and disclosure, due to the inherent nature of the Internet as an open global communications vehicle and other risk factors, we cannot guarantee that any information, during transmission or while stored on our systems, will be absolutely safe from intrusion by others.
You also have an important role in protecting Personal Data. You should not share any username, password or other authentication data provided to you with anyone, and we recommend that you do not re-use passwords across more than one website or application. If you have any reason to believe that your username or password has been compromised, please contact us as detailed below.
Cross-Border Data Transfers
We transfer Personal Data to jurisdictions as necessary for the purposes described above, including to jurisdictions that may not provide the same level of data protection as your home country. In particular, our Sites are hosted on servers in the Republic of Panama. If you are located in a non-Panamanian jurisdiction, the transfer of Personal Data is necessary to provide you with the requested information and/or to perform any requested transaction. To the extent permitted by law, such submission also constitutes your consent for the cross-border transfer.
If you have questions or comments regarding this Privacy & Cookies Statement or our privacy practices, please contact us here: [email protected]