It is the policy of Norris Mclaughlin, P.A. (Norris McLaughlin) to deal with your personal information responsibly and in accordance with the requirements of applicable data protection laws, including the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). The following discloses and explains how Norris McLaughlin does that. Norris McLaughlin is a professional association established under the laws of the State of New Jersey.
Nothing stated in this notice is intended to, nor will it, establish a client-attorney relationship with persons reading it. Information provided to us during any attorney-client relationship enjoys a special status and may be protected by confidentiality, the attorney-client privilege, the attorney work product doctrine and other similar protections (whether in the United States or elsewhere). Nothing in this notice detracts from any of the protections that attach to such information.
In addition, a privacy notice specific for individuals seeking for employment with Norris McLaughlin is available when applying for a specific position through our website at https://norrismclaughlin.com/join-our-team/
Our Website is not intended for children under 16 years of age and no one under age 16 may provide any personal information to the Website. We do not knowingly collect personal information from children under 16. If you are under 6, do not use or provide any information on this Website or through any of its features, use any of the interactive or public comment features of this Website, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or username you may use. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at https://norrismclaughlin.com/contact-us/.
We may collect personal information from you during our relationship with you, including through your use of our website, when you contact or request information from us, when you engage us to provide legal services or as a result of your relationship with any of our personnel, consultants or our clients.
The personal information that we process includes:
The personal information we collect may include special categories of data.
We use the information that we collect in a number of ways, including:
Other uses in the ordinary course of our business that are permissible under applicable law
We process personal information on one or more of the following grounds:
Norris McLaughlin has offices in New Jersey, New York and Pennsylvania. Norris McLaughlin is also a member of law firm consortiums with offices around the world.
Personal information that is given to Norris McLaughlin office or personnel of that office may be transferred to one or more other offices in our network (including any office we may open in the future or any consortium of law firms that we may join).
We may also share your personal information with third parties in accordance with contractual arrangements in place with them, including:
There may be circumstances under which we may be required to share information with regulatory authorities, courts, tribunals, government agencies and law enforcement agencies. We may also be required to disclose your information to comply with legal or regulatory requirements. Where possible, we will use reasonable efforts to notify you before disclosing your information, but we may be legally restricted from doing so.
The information sharing described above may involve a transfer of your information from a location within the European Economic Area (the “EEA”) to outside the EEA, or from outside the EEA to a location within the EEA. The level of information protection in countries outside the EEA may be less than that offered within the EEA. We will implement appropriate measures to ensure that your personal information nevertheless remains protected and secure in accordance with applicable data protection laws. There may be standard contract clauses in place between Norris McLaughlin and EEA persons and entities with respect to the sharing and processing of personal data. Countries that belong to the EEA include Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, and Sweden. The EEA includes the EU countries and Iceland, Liechtenstein and Norway.
Norris, McLaughlin leverages a private cloud service for maintaining client data. We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. This system utilizes state of the art security, encryption, event monitoring and disaster recovery.
Please note that email is not a secure medium for sharing personal or confidential information and should not be used to share confidential or sensitive information with us. We try to take all reasonable steps to protect your personal information but cannot guaranty the security of any data that you disclose to us over the internet. By providing your information to us online, you accept the security risks inherent with sharing such information and will not hold Norris McLaughlin responsible for any breach or security unless due to our negligence or willful neglect.
We take commercially reasonable steps to protect your personal information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction consistent with applicable data protection laws. These measures are reviewed monthly by external assessors. Please understand, however, that no security system is impenetrable. We cannot guarantee the security of our databases, nor can we guarantee that the personal information that you supply will not be intercepted while being transmitted to and from us over the Internet.
The GDPR and other applicable data protection laws provide certain rights for data subjects. Broadly speaking you have, or may have, the right (as more fully provided in applicable data protection laws):
It is important to be aware that these rights may not be absolute. For example, if you withdraw your consent to our processing of your personal information, we may be able to continue to process your personal information to the extent required or otherwise permitted by law, in particular in connection with exercising and defending our legal rights or meeting our legal and regulatory obligations.
Pursuant to the California Consumer Privacy Act, as amended by the California Privacy Rights Act of 2020 (CRPA) (collectively, the CCPA), California residents receive certain rights with respect to their personal information, as described below. These rights are not absolute and are subject to certain exceptions more fully set forth in the CCPA. California residents have the right not to receive discriminatory treatment from us for the exercise of the privacy rights conferred by the CCPA as well as the following rights:
Right to know about personal information collected, disclosed, or sold
Each California resident has the right to request, subject to certain exceptions described in the CCPA, that we disclose to that resident:
To make such a Request to Know, you can either call us toll-free at (1-866-258-7068) or emails us here at CCPA@norris-law.com .
Since the effective date of the CCPA, we have collected, and in the future, we will continue to collect, the categories of personal information cited in the section entitled “The personal information we collect” above. We collect this information from the sources described in the section entitled “How we collect personal information” above, use this information as described in the section entitled “How we use personal information” above, and share this information with third parties as described in the section entitled “Sharing personal information” above.
We do not sell your personal information.
Right to request deletion of personal information
Each California resident has the right to request the deletion of their personal information that we collect or maintain (a “Request to Delete”), subject to certain exceptions set forth in the CCPA. To make such a Request to Delete, you can either call us at our toll-free number (1-866-258-7068) or emails us here at CCPA@norris-law.com.
Process for verifying requests of California residents
In order to protect your privacy and security, prior to completing any Request to Know or Request to Delete that you may submit, we must verify your identity. We will verify your identity by asking you to provide certain data that we have already collected from you to confirm that they match our records. In certain instances, additional verification steps may be required.
California residents have the right to designate an authorized agent to make a request under the CCPA on their behalf. Prior to completing a request made by such an authorized agent, we require that you provide your authorized agent with written permission to submit such a request and require that you or your authorized agent provide us with a copy of such written permission. Additionally, we require that you verify your identity pursuant to the procedure described above.
We retain personal information of different types, or relating to different categories of people, for different periods, considering its business purpose. For example, information about individuals who have applied for employment with us will be retained for a shorter period than information about individuals who have worked for us.
The periods for which we retain information are based on the requirements of applicable data protection laws and the purpose for which the information is collected and used. We consider legal and regulatory provisions which require information to be retained for a minimum period. We also consider the limitation periods for taking legal action and good practice in the legal industry.
If you have any questions on the matters covered in this policy, please contact our Data Protection Officer, Michael Blumel.
This policy was last updated on July 2, 2021.