Fasken is a global law firm which values your privacy and cares about the way your personal information is treated.
As a law firm, we collect, use and disclose information on a daily basis in order to render our services in consultation, litigation and transaction. Confidentiality is important to us, as we put professional secrecy at the heart of our client relationship. We use all information, especially personal information, in accordance with the highest ethical standards.
1. Who we are and what we do?
Fasken Martineau DuMoulin LLP and its affiliated entities, including Fasken Martineau LLP, Bell Dewar Inc. and Fasken Martineau DuMoulin (Pty) Ltd. (“Fasken”, “we”, “us” or “our”) is a global law firm. Unless we notify you otherwise, Fasken is the “data controller” of your personal information, i.e. the organization who alone or jointly determines the purposes for which, and the manner in which, any personal information is, or is likely to be, processed.
2. What personal information do we collect?
We may collect and process different types of personal information in the course of operating our business and providing our services. These include:
• Contact information such as name, email address and telephone number;
• Biographical information such as job title, employer, photograph and video or audio content;
• Marketing, communication preferences and related information such as meal preferences, feedback and survey responses;
• Billing and financial information such as billing address, bank account and payment information;
• Services information such as details of services that we have purchased;
• Recruitment information such as your curriculum vitae, your education and employment history, details of professional memberships and other information relevant to potential recruitment or association to or with Fasken;
• Website usage and other technical information such as details of visits to our websites or information collected through cookies and other tracking technologies;
• Information provided to us by or on behalf of our clients or generated by us in the course of providing our services, which may, where relevant, include special categories of personal information (such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, health or sexual orientation, etc.);
• Identification and other background verification data such as a copy of driver’s licence, passports or utility bills or evidence of beneficial ownership or the source of funds to comply with anti-money laundering laws and collected as part of our client acceptance and ongoing monitoring procedures; and
• Any other personal information provided. Please note that if you provide personal information to us about other people (such as your customers, directors, officers, shareholders or beneficial owners), you must ensure that you have given those individuals an appropriate notice that you are providing their information to us and have obtained their consent to that disclosure.
We do not knowingly collect information from children or other persons who are under 16 years old.
You cannot send us confidential information until we have confirmed in writing that we represent or act for you or your company or organization. Unsolicited emails sent to us from non-clients do not establish a lawyer-client relationship. They may not be privileged and, therefore, are subject to disclosure to third parties.
3. How do we use personal information?
We may use personal information in the following ways. In each case, we identify the grounds that we rely on to use your personal information:
• To provide our legal and other services and to conduct our business – to administer and perform our services, including to carry out our obligations arising from any agreements entered into between you and us. Applicable legal grounds: contract performance, legitimate interests (to enable us to perform our obligations and provide our services), consent;
• To facilitate use of our websites and to ensure content is relevant – to respond to requests for information or enquiries from visitors to our websites and to ensure that content from our websites is presented in the most effective manner for you and for your device. Applicable legal grounds: legitimate interests (to allow us to provide the content and services on the websites), consent, contract performance;
• For marketing and business development purposes – to provide details of new services, legal updates and invitations to seminars and events where an individual has chosen to receive these. Applicable legal grounds: legitimate interests, consent;
• For research and development purposes (including from a security perspective) – analysis in order to better understand our clients’ services and marketing requirements and to better understand our business and develop our services and offerings. Applicable legal grounds: legitimate interests (to allow us to improve our services);
• For recruitment purposes – to enable us to process applications for employment and to assess your suitability for any position for which an individual may apply at Fasken. Applicable legal grounds: legitimate interests (to ensure that we can make the most appropriate recruitment decisions for Fasken), contract performance (in order for us to take steps to enter into a contract with someone who requested it);
• To fulfil our legal, regulatory, or risk management obligations – to comply with our legal obligations (performing client due diligence/“know your client”, anti-bribery, sanctions or reputational risk screening, identifying conflicts of interests); for the prevention of fraud and/or other relevant background checks as may be required by applicable law and regulation and best practice at any given time (if false or inaccurate information is provided and fraud is identified or suspected, details may be passed to fraud prevention agencies and may be recorded by us or by them); to enforce our legal rights, to comply with our legal or regulatory reporting obligations and/or to protect the rights of third parties. Applicable legal grounds: legal obligations, legal claims, legitimate interests (to cooperate with law enforcement and regulatory authorities, to ensure acceptable risk profile and to assist with the prevention of crime and fraud). Where we process special categories of personal information we may also rely on substantial public interest (prevention or detection of crime) or legal claims;
• To ensure that we are paid – to recover any payments due to us and where necessary to enforce such recovery through the engagement of debt collection agencies or taking other legal action (including the commencement and carrying out of legal and court proceedings). Applicable legal grounds: contract performance, legal claims, legitimate interests (to ensure that we are paid for our services);
4. With whom do we share personal information?
Fasken is a global law firm and as such, any personal information that we collect may be shared with and processed by any Fasken entity within our network. We may also share personal information with certain third parties such as:
• Third-party service providers who provide website, application development, hosting, maintenance, and other services to us. These third parties may have access to, or process personal information as part of providing those services for us. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and our contracts with them require them to maintain the confidentiality of such information;
• Law enforcement and governmental entities when required by law. For greater clarity, we may disclose personal information or other information if required to do so by law or in the good faith belief that such action is necessary to comply with applicable laws, in response to a court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies; and
• An acquirer, successor or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.
5. How long and where do we keep personal information?
We will only keep personal information for as long as reasonably necessary to fulfil the relevant purposes set out in this Policy Privacy and in order to comply with our legal and regulatory obligations. If you would like further information regarding the periods for which personal information will be kept, please contact us as set forth in the “How to contact us?” section.
6. How do we protect personal information?
We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain appropriate physical, technical and administrative safeguards to protect personal information against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the personal information in our possession. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information you transmit or provide to us, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or administrative safeguards. If you believe personal information has been compromised, please contact us as set forth in the “How to contact us?” section.
7. What rights does someone have in relation to its personal information?
Under certain circumstances and in accordance with EU/EEA or other applicable data protection laws, an individual has the following rights:
• Access: entitled to ask if we are processing information and, if we are, request access to personal information. This enables the individual to receive a copy of the personal information we hold and certain other information about him or her;
• Correction: entitled to request that any incomplete or inaccurate personal information we hold be corrected;
• Erasure: entitled to ask us to delete or remove personal information in certain circumstances. There are certain exceptions where we may refuse a request for erasure, for example, where the personal information is required for compliance with law or in connection with claims;
• Restriction: entitled to ask us to suspend the processing of certain personal information, for example to establish its accuracy or the reason for processing it;
• Transfer: request the transfer of certain personal information to another party;
• Objection: one may challenge when we are processing personal information based on a legitimate interest (or those of a third party) or for direct marketing purposes. However, we may be entitled to continue processing information;
• Automated decisions: contest any automated decision made where this has a legal or similar significant effect and ask for it to be reconsidered.
• Consent: where we are processing personal information with consent, withdrawal of consent.
Also have a right to make a complaint with a data protection supervisory authority, in particular in the country/province/state where you normally reside, where we are based or where an alleged infringement of data protection law has taken place.
To exercise any of these rights, please contact us as set forth in the “How to contact us?” section.
9. How to contact us?
Fasken Martineau DuMoulin LLP
Attn: Privacy Officer
800, Place Victoria, Suite 3400
Montréal, Québec, H4Z 1E9, Canada