MESSAGE REGARDING ARMSTRONG TEASDALE’S GLOBAL PRIVACY POLICY
For more than a century, Armstrong Teasdale LLP and its subsidiaries, referred to collectively herein as Armstrong Teasdale, have forged long-term relationships with clients and other business partners, large and small, around the globe. In these unprecedented times, Armstrong Teasdale appreciates that data privacy and the protection of Personal Information are of paramount concern to all. Our lawyers work together daily to guide clients through virtually every challenge, from day-to-day operational decisions to some of the most complex legal matters. As we foster these relationships and deliver excellent service to our clients, Armstrong Teasdale wants you to know that we are committed to safeguarding and protecting your privacy in connection with processing your Personal Information and data. This global privacy policy explains how we process your Personal Information and data, how we collect your Personal Information, and how you may exercise your privacy rights regarding the same.
Regardless of whether you are engaging Armstrong Teasdale LLP or are just a visitor to atllp.com, Armstrong Teasdale wants you to have a clear picture about how we intend to treat your Personal Information and how it will be processed and managed by us.
The type of Personal Information we collect and how we process it will vary depending on the type of relationship we have with you and the context of that relationship. In particular, please note that as a regulated law firm serving diverse sectors worldwide, we are required to undertake checks of all our employees and business professionals, as well as screen other third parties (including our clients, affiliated parties and suppliers) to comply with legal obligations. This screening may involve the collection of legal and regulatory records where appropriate and permissible. We also monitor (and at times record) electronic communications to manage our normal business operations. We also use cookies and similar technologies on our website and in our marketing communications to help us: remember and recognize your preferences, provide critical website functionality, control how often you'll see our advertisements online, show you relevant messages and offerings, and make your online Armstrong Teasdale experience better and more consistent. We have put in place policies and procedures to ensure that the Personal Information that we process in this regard is properly protected and in compliance with the latest data privacy laws and regulations. These policies and procedures are indicative of the same levels of tradition, teamwork and excellent client service that we aspire to deliver to you every day.
We are always here to address any questions regarding this global privacy policy or any of our related privacy policies, procedures and practices. You will always be able to locate this global privacy policy whenever necessary, as it is prominently displayed on our website, but if you have any additional questions, you are encouraged to contact one of our Privacy Managers at [email protected].
Last Updated: Feb. 5, 2021
Sincerely,
Richard W. Engel, Jr.
Armstrong Teasdale LLP
GLOBAL PRIVACY POLICY OVERVIEW
Scope
Our Global Privacy Policy (“Privacy Policy”) applies to all clients and business partners of Armstrong Teasdale LLP and all visitors to our website and application. For additional corporate information, see the “How to Contact Us” section below.
Personal Information
Armstrong Teasdale receives your Personal Information and data (including Personal Information and data that you provide to us about other persons) (together, “Personal Information”) voluntarily from you and in our trusted communications and interactions with you. We also may automatically collect your Personal Information on our website using cookies and similar technologies (“cookies”). For more information about our use of cookies, please visit our Cookie Policy. We also occasionally receive Personal Information about you from verification services, public sources and commercial sources.
Uses
We primarily use Personal Information in connection with our representation of our clients in various legal matters and to respond to inquiries regarding the same. We also use Personal Information to market to our clients, communicate with our clients and business partners, manage our normal business operations and comply with our legal obligations.
We explicitly do not sell Personal Information to outside parties, including, but not limited to, marketers. We do, however, provide Personal Information to our data management solutions vendors for legitimate business purposes.
We will keep your Personal Information for as long as we have an active relationship with you. Once our relationship with you has come to an end, we will only retain your Personal Information for business record auditing, statutory record retention, defense or maintenance of a legal claim or complaint handling purposes. We will delete your Personal Information when it is no longer required for these purposes.
Nonetheless, you have the right to review and correct Personal Information that we have received from you. You also have the right to request that Personal Information collected be erased before the end of our usual data/information retention periods, although this right is not absolute and may be limited under certain circumstances.
Information Security
We are also concerned with the security of your Personal Information and take great care in implementing appropriate physical, technical and administrative controls to protect your Personal Information. Unfortunately, no information transmission over the internet, or maintenance and processing of Personal Information, can be guaranteed to be 100% secure.
Choices
We only market other services to you with your consent, based on your marketing preferences. You may create or change your privacy preferences in connection with our marketing efforts by clicking “Subscribe” on our Site, located on the footer of each page, or contacting one of our Privacy Managers at [email protected] and provide us with the details of your request. We will respond in a timely manner to your request. Additionally, if you wish to discontinue any further promotional communications, please click ”Subscribe” on our Site, located on the footer of each page, or email us at [email protected] and initiate your request. You can also stop receiving promotional messages from us by clicking on the unsubscribe link provided at the bottom of any such promotional email communication you receive and following associated directions.
You also may amend your cookie preferences for any website through your browser settings. However, in addition to marketing and analytics features, please remember that we also use cookies to enable and improve certain functions of our website. If you choose to switch off or disable certain essential cookies, it is likely to affect how our website works on your computer, smartphone or device. Our website offers the opportunity to change your cookie preferences at any time by clicking the persistent cookie icon on every page or accessing the link through our Cookie Policy.
Your Rights
It is important that the Personal Information we hold about you is accurate and current. Depending on your jurisdiction, under certain circumstances, you may have additional rights with respect to your Personal Information, including (as applicable) the right to access, correct, erase, object to, port or restrict the processing of your Personal Information that we have received from you. If you would like to change or update your information or wish to exercise one of these rights (where applicable), please contact us via the contact information provided in the “How to Contact Us” section of our Privacy Policy. We will timely respond to your request.
California Residents
If you are a California resident, you have certain rights regarding your Personal Information under the California Consumer Protection Act (“CCPA”) and other applicable laws. More information about rights for California residents can be found in our Privacy Policy. Please send any written requests and questions about your rights to [email protected] or call us at 800.243.5070. You can designate an agent to exercise your rights for you. Please note that we may take reasonable steps to verify your identity before implementing your rights request, including asking you to provide identification, if necessary.
Effective Date and Updates
We reserve the right to revise or update our policies and in particular our Privacy Policy at any time, consistent with applicable law or regulation. The “Effective Date” at the top of our Privacy Policy reflects the date of the most recent revisions. The most current version of the Privacy Policy can be reviewed by clicking on the “Privacy Policy” link located at the bottom of each of our pages associated with the website. We encourage you to periodically review this link for the latest information on our privacy practices. Any update to our Privacy Policy will become effective when we post the revised Privacy Policy on our website. Keep in mind that your continued use of our website means that you accept the privacy practices summarized in our Privacy Policy and consent to all actions taken that are consistent with the provisions of this Privacy Policy.
Links to Other Websites
Our website may contain links to websites, plug-ins and applications operated by others whose privacy practices are different from Armstrong Teasdale’s. Our Privacy Policy does not apply to any information collected from you through such links or that you may provide on the websites you reach by utilizing those links. Armstrong Teasdale is not responsible for the content or privacy practices of websites linked to our website or any other Armstrong Teasdale-sponsored websites that are not designed and developed by Armstrong Teasdale or its agents. You are encouraged to use common sense when using any website and review the privacy practices of each website you elect to visit before submitting your Personal Information.
Please be advised that if you disclose Personal Information through discussion forums, message boards, chat rooms or blogs whose access is provided by Armstrong Teasdale, this information may be collected and used by others. We do not monitor these public spaces and take no responsibility for the security or confidentiality of any information posted thereon.
Children under the Age of Sixteen
Our website is not intended for use by children under the age of sixteen, as our legal services are generally not provided to children under the age of sixteen. We may have the occasion to collect and process the Personal Information of children below the age of sixteen for the reasons described in the “Personal Information We Collect and How We Use It” section of our Privacy Policy in which case we will always ensure that consent is given or authorized by the holder of parental responsibility over that child. We do not knowingly collect Personal Information from anyone under the age of sixteen without parental consent. If you become aware that we inadvertently have collected Personal Information from a child under the age of sixteen without parental consent, please let us know so we can take appropriate action, including deleting this information.
We encourage you to review our Privacy Policy in its entirety. Should you have any questions or concerns about our privacy practices and/or our policies, procedures and statements, please do not hesitate to contact one of our Privacy Managers at [email protected] or write to us at:
Company No: PL0012449
Attn: Privacy Manager
7700 Forsyth, Suite 1800
St. Louis, Missouri 63105
United States
[email protected]
GLOBAL PRIVACY POLICY
This Privacy Policy applies to the processing of Personal Information of all clients, contacts, vendors, suppliers and agents of Armstrong Teasdale and all visitors to www.atllp.com (“Site”) (regardless of where you visit it from) or our mobile application (“App”), except as specified herein. Armstrong Teasdale LLP is the controller and is responsible for the Site. When we refer to “AT”, “we”, “us” or “our”, we are referring to the relevant Armstrong Teasdale entity responsible for processing your data. When we use the term “Personal Information” in this Privacy Policy, we mean information and data that identifies, or can be used on its own or combined with other pieces of information, to identify an individual. This can be, for example, aname, street address, email address, or telephone number(s). It does not include information and data that cannot be linked back to an identifiable individual, even in combination with data from alternative sources (anonymous data).
Where you are providing Personal Information to us on behalf of another individual or individuals (for example, on behalf of an organization when providing employee details), in doing so, you are confirming that: (a) you are authorized by each such individual to disclose such Personal Information to us for the purposes detailed herein; and (b) you have explained, provided notice and provided copies of this Privacy Policy to all data subjects on whose behalf you are providing information.
It is important that you read this Privacy Policy together with any other privacy notice we may provide on specific occasions when we are collecting or processing Personal Information about you so that you are fully aware of how and why we are using your Personal Information. This Privacy Policy supplements these other notices and is not intended to override them.
Our Privacy Policy is provided in a layered format so you can click through to the specific sections set forth below.
Contents
- Personal Information We Collect and How We Use It
- Information We Collect by Automated Means
- How We Share Personal Information
- Links to Other Websites
- How We Protect Personal Information
- International Transfers of Personal Information
- How Long is Personal Information Retained
- Your Rights with Respect to Your Personal Information
- Children
- California Residents
- Updates to Our Privacy Policy
- How to Contact Us
Personal Information We Collect and How We Use It
We may collect Personal Information from individuals through our Site or by other means (such as via email, mail, phone, business partners’ contact information and other third parties, such as commercial data vendors and public databases). The principal ways you may provide the information and the types of information you may submit, as well as the ways we may use the information, are listed below.
Business Purposes – On our Site you may be able to register using your Personal Information to gain access to information related to your relationship with us or the services we offer. We use these details to provide you with access to information about your relationship with us and to facilitate your use of the Site or our App. We may also obtain your Personal Information from third parties where such information is provided to us in connection with the relevant purposes set out in this Privacy Policy, as well as from public sources about you or your business. It is in our legitimate business interests to use this Personal Information so that we can manage our business relationships and carry out marketing and sales activities.
Careers – Individuals apply for jobs with Armstrong Teasdale through our Site, third-party job posting sites, job fairs or directly to our various business locations. The Personal Information job seekers provide through this process is often maintained by third-party service providers. This Personal Information may be maintained in locations within the United States, accessible to our recruiting team and shared with our corporate divisions and entities on a need-to-know basis for the purpose of evaluating job seekers for permanent and temporary positions within Armstrong Teasdale. The Personal Information submitted by job seekers, such as name, contact details and any other information relevant to the application, is used to evaluate their qualifications for employment and to contact them regarding possible employment opportunities. It is in our legitimate business interests to use this Personal Information in the selection process and to communicate with you, and it is necessary to provide us with this Personal Information so that we can assess and evaluate your application. In addition, please note that as a regulated law firm, we are required to undertake screening of all our employees and business professionals. This screening may involve the collection of legal and regulatory records where appropriate and permissible. We also provide employee Personal Information to service providers for human resource purposes. It is in our legitimate business interests to use this Personal Information so that we can manage our employment relationships and carry out our human resource functions.
Contact – You may contact us with questions, requests, or comments through the persistent “Contact Us” widget on our Site or via the contact information provided in the “How to Contact Us” section of this Privacy Policy. When you do so, we may ask you for your Personal Information to verify your identity or to track the inquiry internally to ensure we appropriately respond to your questions, requests or comments.
Contractual Obligations – If you are a client, vendor, supplier or an independent contractor, we may ask you to provide Personal Information such as your name, contact details or business and financial details to establish and administer your account, process payments and for compliance with internal and legal requirements. It is in our legitimate business interests to use your Personal Information for this purpose so that we can comply with our contractual obligations to you.
Feedback – You may be able to submit feedback on our Site. If you choose to give us your feedback, we may ask you for your Personal Information. We may also ask you about your experience using our Site. It is in our legitimate business interests to use the Personal Information you provide to enhance our Site, evaluate the quality of our services or to communicate with you about our services.
Information Technology Security – We may collect Personal Information when detecting and defending against security threats in accordance with our legitimate business interests and our legal obligations. We use various IT tools to detect and defend against online security threats (e.g., attacks, viruses, malware, spam, phishing, malicious web content), to promote business continuity of our information systems and assets and to maintain optimal performance of our IT systems. To ensure physical security of our facilities, we may, where permitted under local law, utilize video surveillance systems and/or location tracking while you are on our property.
Other Uses of Information – We may use the Personal Information for internal general business purposes in accordance with our legitimate business interests. These purposes include administration of our Site, data analytics, fraud prevention and compliance with our legal obligations, standards, policies and procedures, i.e., due diligence checks and sanctioned and embargoed screening of third parties (including our clients, affiliated parties, vendors and agents), where necessary. We may obtain your explicit consent to collect and use certain types of Personal Information when we are required to do so by law.
Sensitive Information – In certain limited circumstances we will need to collect sensitive or special category Personal Information (“Sensitive Information”) from you, such as (where appropriate and permissible) details about your race or ethnicity, religious beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data. Such information may be collected from you or, in those jurisdictions where it is permissible, from third parties. You may also inadvertently disclose Sensitive Information to us. We will only request Sensitive Information where necessary and legally permitted to do so, and we have in place enhanced safeguards to protect such Sensitive Information, whether obtained via request or inadvertent disclosure.
Failure to Provide Information - Where we need to collect Personal Information by law, or under the terms of a contract we have with you and you fail to provide that Personal Information when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with legal services). In this case, we may have to cancel the contract you have with us, but in such event, we will notify you if this is the case at that time.
Change of Purpose - We will only use your Personal Information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us via the contact information provided in the “How to Contact Us” section of this Privacy Policy. If we need to use your Personal Information for an unrelated purpose, we will notify you and explain the legal basis which allows us to do so. We may also process your Personal Information without your knowledge or consent, in compliance with the above rules, where such processing is required or permitted by law.
Information We Collect by Automated Means
When you visit and interact with our Site and our App, we may collect “Other Information” that does not inherently reveal your specific identity, in order to learn how to best tailor our Site for our visitors’ needs. Examples of what Other Information we may collect and how we and third-party service providers may collect this information include:
Aggregated Information – We also collect, use and share aggregated information, such as statistical or demographic data for any purpose. Aggregated information may be derived from your Personal Information but is not considered Personal Information under applicable law as aggregated information does not personally identify you or any other user (for example, we may aggregate user information to calculate the percentage of our users who come from a particular region of the world). However, if we combine or connect aggregated information with your Personal Information so that it can directly or indirectly identify you, we treat the combined data as Personal Information which will be used strictly in accordance with this Privacy Policy.
Browser and Device Information – Certain information is collected by most browsers or automatically through your device, such as your computer type, operating system, name and version, device manufacturer and model, internet browser type and version and the name and version of the online services you are using. We use this information to ensure that our Site and App function properly.
Cookies – Cookies are pieces of information stored directly on the computer or mobile device that you are using. Cookies allow us to collect information such as browser type, time spent online, pages visited, referring URL and other aggregated Site traffic data. We and our service providers use the information for security purposes, to facilitate navigation, to display information more effectively, to collect statistical information and to personalize your experience while online. For more information about our use of cookies and similar technologies, please visit our Cookie Policy.
IP Address – Your IP address is a number that is automatically assigned to the computer that you are using by your Internet Service Provider (ISP). An IP address may be identified and logged automatically in our server log files whenever a user accesses the online services, along with the time of the visit and the page(s) that were visited. Collecting IP addresses is standard practice and is done automatically by many websites, applications and other services. We use IP addresses for purposes such as calculating usage levels, diagnosing server problems and administering our online services. We may also derive your approximate location from your IP address to understand from what regions of the world our visitors come.
Pixel Tags or Similar Technologies – Pixel tags (also known as web beacons and clear GIFs) may be used in connection with some online services to, among other things, track the actions of users of the online services (including email recipients), measure the success of our marketing campaigns and compile statistics about usage of the online services and response rates. We also use Google Analytics, which uses cookies and similar technologies to collect and analyze information about use of our services and report on activities and trends. These services may collect information regarding the use of other websites, apps and online resources. You can learn about Google’s practices by going to www.google.com/policies/privacy/partners/, and opt out by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.
We do not use your Personal Information to make automated decisions.
How We Share Personal Information
We do not sell or otherwise disclose your Personal Information except as described in this Privacy Policy. We may also share your information as disclosed at the time you provide it and in the following circumstances:
Business Transfers – We may disclose your Personal Information, usage information and other information about you to parties acquiring part or all of our assets, as well as to lawyers and consultants. If we transfer your information to an acquirer, we will use reasonable efforts to direct the acquirer to use your information in a manner that is consistent with this Privacy Policy. Also, if any bankruptcy or reorganization proceeding is brought against us, your Personal Information may be considered a company asset that may be acquired by or transferred to third parties.
Business Units, Practice Groups and Offices throughout the Globe – We may share the information you provide (such as information about your service requests, inquiries, applications or use of our Site or App) with our other business units, practice groups and offices for the provision of legal services, marketing, recruitment and internal reporting purposes. We do this to run our business more efficiently and to have a better understanding of our business relationships across the business units, practice groups and offices.
Third-Party Service Providers – In order to carry out your requests, to make various features and services available to you, to respond to your inquiries and for other purposes described in the “Personal Information We Collect and How We Use It” section of this Privacy Policy, we may share your Personal Information or usage information with third parties that perform functions on our behalf, such as companies or individuals that: host or operate our Site; analyze data; provide client service; manage payments; or other third parties that participate in or administer our marketing promotions or assist with risk management, compliance, legal and audit functions. These service providers are not authorized by us to use or disclose the information except as necessary to perform services on our behalf or to comply with legal requirements.
Law Enforcement Agencies, Courts, Regulators, Government Authorities or Other Third Parties – We may transfer and disclose your information to third parties (i) to comply with a legal obligation, (ii) when we believe in good faith that the law requires it, (iii) at the request of governmental authorities conducting an investigation, (iv) to verify or enforce our policies, procedures, Terms of Use and other agreements, or to protect the rights, property or safety of Armstrong Teasdale, our clients, employees, business partners or others, (v) to respond to an emergency, (vi) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity, or (vii) otherwise to protect the rights, property, safety or security of third parties, users of our services, visitors to our Site or App or the public.
Sharing With Your Consent – The provision of our legal services may present you with the opportunity to opt in to receive information or marketing offers from third parties or to otherwise consent to the sharing of your information with third parties. If you agree to have your Personal Information shared, your Personal Information will be disclosed to the third party and will be subject to the privacy policy and practices of that third party.
Non-Personal Information – We may share non-Personal Information, such as aggregate user statistics, demographic information and usage information with third parties.
Our Site, App and communications may provide links to other websites, plug-ins and applications, including those of social networks or business partners that may make use of our logo. To the extent that any linked products or services are not provided by Armstrong Teasdale, we are not responsible for the products or services, or any of the content found on these websites or applications. If you provide information on and use third-party products, services, or websites or applications, the privacy policy and terms of service on those websites and applications are applicable. We encourage you to read the privacy policies of websites and applications that you visit before submitting your Personal Information, as these third parties have their own privacy practices which may be different from those of Armstrong Teasdale. Also, please be advised that if you disclose Personal Information or Sensitive Information through public forums or message boards, this information may be collected and used by others. We do not monitor these public spaces and take no responsibility for the content, security or confidentiality of any information posted thereon.
How We Protect Personal Information
In proportion to the sensitivity of the information, we maintain reasonable physical, technical and administrative safeguards and appropriate security measures to protect Personal Information from loss, misuse, unauthorized access, disclosure, alteration or destruction. However, we cannot absolutely guarantee the security of Personal Information, as no electronic data transmission or processing of Personal Information is completely secure. If an incident is reported affecting your Personal Information, we will investigate and comply with all required reporting obligations.
International Transfers of Personal Information
Armstrong Teasdale is a global organization - headquartered in the United States – that does business in many countries, including the United Kingdom. We may share your Personal Information among Armstrong Teasdale business units, practice groups and offices, with our service providers and with other business partners that may be located in countries outside of your own (including in the United States). Although the data protection laws of these various countries may differ from those in your own country, we have put in place appropriate safeguards (such as contractual commitments, which may include the standard contractual clauses approved from time to time by the European Commission) to ensure that your Personal Information is handled as described in this Privacy Policy and in accordance with the law. For more information on the appropriate safeguards in place, or if you want further information on the specific mechanism used by us when transferring your Personal Information out of the United Kingdom, please contact us via the contact information provided in the “How to Contact Us” section of this Privacy Policy.
How Long is Personal Information Retained
We will keep your Personal Information for as long as needed to meet the purposes described in the “Personal Information We Collect and How We Use It” section of this Privacy Policy. Once our relationship with you has come to an end, we will retain your Personal Information only for a period of time that enables us to:
- maintain business records for analysis and/or audit purposes;
- comply with record retention requirements under the law;
- defend or bring any existing or potential legal claims; and
- address any complaints regarding our services.
To determine the appropriate retention period for Personal Information, we consider the amount, nature and sensitivity of the Personal Information; the potential risk of harm from unauthorized use or disclosure of your Personal Information; the purposes for which we process your Personal Information; and whether we can achieve those purposes through other means while still meeting any applicable legal requirements.
Under the laws of the U.K., we have to keep basic information about our clients for at least six (6) years after they cease being clients for tax reasons.
In some circumstances, we may anonymize your Personal Information in which case we may use this information indefinitely without further notice to you.
Please note that you may have the right to request that Personal Information collected from you be erased and forgotten before the end of our information retention periods, although this right is not absolute and may be limited under certain circumstances.
Your Rights with Respect to Your Personal Information
In addition to the erasure right addressed above, you have the right to access, correct, object to, port or restrict the processing of your Personal Information that we have received from you. It is important that the Personal Information we hold about you is accurate and current. We encourage you to contact us to update or correct your information if it changes or if you believe the Personal Information we hold about you is inaccurate. Please note that we will likely require additional information from you in order to verify your identity and respond to your change or update requests. If you would like to change or update your information, please contact us via the contact information provided in the “How to Contact Us” section of this Privacy Policy. We will timely respond to your request.
You will not have to pay a fee to access your Personal Information (or to exercise any of these rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. We will respond to all legitimate requests within one month, unless your request is particularly complex or you have made a number of requests. In that case, we will notify you and keep you updated.
Additionally, you have the right to withdraw consent to the processing of your Personal Information, where we only rely on consent as the lawful basis for processing such Personal Information. Further, you are advised that you may not be able to withdraw consent, request that we erase your Personal Information and/or request the we only process for reduced purposes where the Personal Information is necessary for the purpose(s) detailed in the “Personal Information We Collect and How We Use It” section of this Privacy Policy or where another legal justification for processing applies. Where you do legitimately wish to withdraw or restrict your consent, or otherwise object to how we are processing your Personal Information, it may result in us being unable to provide services to you if the fulfillment of these services requires the processing of such Personal Information. If you wish to exercise any of the rights set out in this paragraph, please contact us via the contact information provided in the “How to Contact Us” section of this Privacy Policy.
You also may have the right to make a complaint at any time to your relevant data protection authority. We would, however, appreciate the chance to address your concerns before you approach your data protection authority, so please contact us via the contact information provided in the “How to Contact Us” section of this Privacy Policy.
Our Site and App are not intended for use by children under the age of sixteen, as our legal services generally are not directed to children under the age of sixteen. We may have the occasion to collect and process the Personal Information of children below the age of sixteen for the purposes of the provision of our legal services for the reasons described in the “Personal Information We Collect and How We Use It” section of this Privacy Policy. However, we do not knowingly collect Personal Information from anyone under sixteen without parental consent. If you become aware that we have collected Personal Information from a child under the age of sixteen without parental consent, please let us know so we can take appropriate action.
If you are a California resident and have provided us with your Personal Information, you may ask us to refrain from sharing your Personal Information with third parties, including our other business units, practice groups and offices if they are separate legal entities, for direct marketing purposes. Please tell us your preference by contacting us via the contact information in the “How to Contact Us” section of this Privacy Policy. In addition, California residents have access, deletion, knowledge, opt-out and portability rights described in more detail below. In the event of any conflict between this section on California Residents and the rest of this Privacy Policy, this section on California Residents shall prevail.
Personal Information
For purposes of this section on California residents only, “Personal Information” means “information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.” Cal. Civ. Code § 1798.140(o)(1). Personal Information does not include:
- publicly available information from federal, state or local government records;
- de-identified or aggregated consumer information; and
- information excluded from the CCPA’s scope.
Categories, Purposes and Disclosure of Data Collected
The categories and purposes of collection of Personal Information are described in the “Personal Information We Collect and How We Use It” section above and reflect how we intend to and how we have collected and used information in the twelve months prior to the effective date. We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated or incompatible purposes without providing you notice. You can find further details about the information that we collect from California residents in the chart below. Please note that while a category may be marked, that does not necessarily mean that we have information in that category about you. Please also note that nothing in this disclosure should be construed to concede that we are a “business” as that term is defined under the CCPA.
Categories and Purpose of Personal Information Collected from California Residents
Category |
Examples |
Collected |
A. Identifiers. |
A real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, Social Security number, driver's license number, passport number or other similar identifiers. |
YES |
B. Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). |
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number or any other financial information, medical information or health insurance information. Some Personal Information included in this category may overlap with other categories. |
YES |
C. Protected classification characteristics under California or federal law. |
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status or genetic information (including familial genetic information). |
YES |
D. Commercial information. |
Records of personal property, products or services purchased, obtained or considered, or other purchasing or consuming histories or tendencies. |
YES |
E. Biometric information. |
Genetic, physiological, behavioral and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, voiceprints, iris or retina scans, keystroke, gait or other physical patterns and sleep, health or exercise data. |
NO |
F. Internet or other similar network activity. |
Browsing history, search history, information on a consumer's interaction with a website, application or advertisement. |
YES |
G. Geolocation data. |
Physical location or movements. |
NO |
H. Sensory data. |
Audio, electronic, visual, thermal, olfactory or similar information. |
NO |
I. Professional or employment-related information. |
Current or past job history or performance evaluations. |
YES |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). |
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information or student disciplinary records. |
NO |
K. Inferences drawn from other Personal Information. |
Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities and aptitudes. |
YES |
Sharing Personal Information
We may disclose your Personal Information to a third party for a business purpose. When we disclose Personal Information for a business purpose (which we have done in the preceding twelve months), we enter a contract that describes the purpose and prohibits the recipient from (1) selling the Personal Information; (2) retaining, using or disclosing the Personal Information for any purpose other than for the specific business purpose specified in the contract; and (3) retaining, using or disclosing the information outside of the direct business relationship with us.
We intend to disclose, and in the preceding twelve months have disclosed, the following categories of Personal Information for a business purpose:
Category A: Identifiers
Category B: California Customer Records Personal Information categories
Category C: Protected classification characteristics under California or federal law
Category D: Commercial information
Category F: Internet or similar network activity
Category I: Current or past job history or performance evaluations
Category K: Inferences drawn from other Personal Information
We disclose your Personal Information for a business purpose to the following categories of third parties:
- our business units, practice groups and offices;
- service providers; and
- third parties to whom you or your agents authorize us to disclose your Personal Information in connection with services we provide to you.
In the preceding twelve months, we have not “sold” any Personal Information in the typical sense of the word. Further, we have not disclosed to other third parties any Personal Information for monetary or other valuable consideration within the twelve months preceding the date of this Global Privacy Policy.
Rights to Access, Knowledge and Portability
You have the right to request that we disclose certain information to you about our collection and use of your Personal Information. Once we receive and confirm your verifiable consumer request, we will disclose to you, as it pertains to the twelve months prior to the request:
- the categories of Personal Information we collected about you;
- the categories of sources for the Personal Information we collected about you;
- our legitimate business or commercial purpose for collecting or selling that Personal Information;
- the categories of third parties with whom we share that Personal Information;
- the specific pieces of Personal Information we collected about you (also called a data portability request); and
- if we sold or disclosed your Personal Information for a legitimate business purpose, two separate lists disclosing:
- sales – identifying the Personal Information categories that each category of recipient purchased; and
- disclosures for a business purpose – identifying the Personal Information categories that each category of recipient obtained.
Rights to Deletion
You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service providers to:
- Complete the transaction for which we collected the Personal Information, provide a service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act.
- Engage in public or peer-reviewed scientific, historical or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Opt Out of the Sale of Personal Information
California residents have the right to opt out of the sale (or disclosure for other valuable consideration) of Personal Information about them or their household, such as (though not limited to) their name, postal or email address, and other personally identifying information.
This right is subject to certain exemptions. For example, the law does not apply to information that has been aggregated and/or de-identified such that it could not reasonably be used to identify you. It also does not apply to information that we share with third-party service providers in order for them to perform certain business functions for us. We explicitly do not sell Personal Information to outside parties, including, but not limited to, marketers. If you would, nonetheless, like to opt out, you may use the “Do Not Sell My Information” button located on our Site, or by writing us at [email protected].
Exercising Access, Data Portability and Deletion Rights
To exercise the access, data portability, deletion and the opt-out rights described above, please submit a verifiable consumer request to us by either by calling us at 800.243.5070 or by writing us at [email protected].
Only you or (a) a natural person that you authorize to act on your behalf or (b) a business entity registered with the California Secretary of State that you authorize to act on your behalf may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child. To authorize an agent to submit a request on your behalf, we will require that you provide written evidence that you have granted the authorized agent permission to make such a request, and we will verify your identity.
You may only make a verifiable consumer request for access or data portability twice within a twelve-month period. The verifiable consumer request must:
- provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative; and
- describe your request with sufficient detail that allows us to properly understand, evaluate and respond to it.
We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.
Nondiscrimination
We will not discriminate against you for exercising any of your CCPA rights.
Response Timing and Format
We will confirm receipt of a verifiable consumer request within ten days of receipt and provide information regarding how we will process the request. We endeavor to respond to a verifiable consumer request within forty-five days of its receipt. If we require more time (up to ninety days), we will inform you of the reason and extension period in writing. Any disclosures we provide will only cover the twelve-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Updates to Our Global Privacy Policy
We may modify or update this Privacy Policy from time to time. We will always indicate at the top of this policy when it was most recently updated. If we substantially change this Privacy Policy, we will notify you of the changes. Any changes will be effective immediately upon the posting unless otherwise indicated. Where changes to this Privacy Policy will have a fundamental impact on the nature of processing or otherwise have a substantial impact on you, we will give you sufficient advance notice so that you have the opportunity to exercise your rights.
Should you have any questions or concerns about our privacy practices and/or our policies, procedures and statements, please do not hesitate to contact one of our Privacy Managers at [email protected] or write to us at:
Company No: PL0012449
Attn: Privacy Manager
7700 Forsyth, Suite 1800
St. Louis, Missouri 63105
United States
[email protected]