The material posted on or provided by the Service is for general information only, and should not be taken as legal advice. Your interaction with the Service does not give rise to a lawyer-client, advisory, or fiduciary relationship or privilege. If you have a specific problem, please contact one of our lawyers.
We assume no liability or responsibility for any errors or omissions in any content provided through the Service. Links to third party websites are provided as a convenience only, and are not an endorsement of their content or a representation as to their accuracy. Use of the Service is at your own risk and, subject to this Fine Print, the Service is provided on an “as is” and “as available” basis without any representations or warranties of any kind, express or implied.
Any communications or information exchanged through the Service or third party websites may not be confidential, and use of such communication mediums are at your own risk.
The use of the Service and the interpretation of this Fine Print will be governed by the laws of British Columbia and the laws of Canada applicable therein. You consent and submit to the exclusive jurisdiction of the courts of British Columbia sitting at Vancouver in any action or proceeding related to the Service.
Copyright © 2014 Miller Titerle + Company LLP. All rights reserved. The Service contains information, communication, software, program code, images, sounds, music, graphics, photos, videos and other materials and services (collectively, “Content”). You agree that the Content is protected by Canadian and international intellectual and industrial property rights, including copyrights, trademarks, and other proprietary rights. Your use of the Content or Service existing now or in the future will be in accordance with such rights and this Fine Print.
Please read the following carefully to understand our practices regarding your personal information. This Policy complies with the Personal Information Protection Act (British Columbia) (“PIPA”) and the Personal Information Protection and Electronic Documents Act (Canada) (“PIPEDA”) as applicable (collectively, “Acts”).
We may collect and use Personal Information and Non-Personal Information from you when you access or use the Service. In this section, we will describe the type of information that may be collected and how that information may be used.
“Personal Information” means personally identifiable information that specifically identifies someone as an individual and includes the items listed below.
When you sign an engagement letter to retain us as your lawyers, you will have the option of paying for your retainer and invoices through the Service. We use LawPay Canada (“LawPay”) to process all online payments. Any Personal Information you provide, including billing information, is provided directly to LawPay. We will receive and store the confirmation of your payment from LawPay, which will include:
We use this information to track our billing process and provide you with the Service. We will not receive or store your banking information or credit card numbers.
We may collect Personal Information about you as part of your use of the Service.
When you choose to contact us through the Service, we may collect, store and use the Personal Information that you provide us, such as your name, email address, phone number and other information you choose to provide in the content of your message, so we can respond to your inquiry.
We may also use Personal Information that we collect to help provide you with better service. Among other things, the Personal Information we collect enables us to improve our services, communicate with you and fulfill your requests for products, services and information.
“Non-Personal Information” means: (1) information that does not directly identify you; and (2) “aggregate” and “de-personalized” information, which is data we collect about the use of the Service from which personally identifiable information has been removed.
When you access or use the Service, we (or a third party provider) may use “cookies” and other technologies such as pixel tags, locally shared objects, clear GIFs and web beacons, to track what you view and interact with on the Service. We treat information collected by cookies and similar technologies as Non-Personal Information.
A “cookie” is a small bit of record-keeping information that is sent to your computer. The cookies that we use do not include Personal Information and may be used to:
Most browsers are initially set up to accept cookies, but you can disable cookies or set your browser to indicate when a cookie is being sent. However, disabling cookies may affect your ability to use the Service.
Our servers may log Non-Personal Information about your use of the Service, such as: (1) your search activity, pages viewed, date and time of activity; and (2) any information provided by your computers or mobile devices in connection with your use of the Service, such as browser type, browser language, IP address, mobile carrier, unique device identifier, location, and requested and referring URLs.
We may use and disclose to our affiliated companies, contractors, trusted partners or persons the collected Non-Personal Information for the purpose of auditing, researching and analyzing usage of the Service, ensuring the technical functionality of the Service and further developing the Service and our other products.
We use Google Analytics to collect user information, which allows us to better know our audience characteristics and behaviour, measure cross-device and cross-platform use, conduct data analysis and testing, and manage our data effectively.
However, we will not upload information to Google Analytics that allows Google to personally identify you (such as certain names, social security or social insurance numbers, email addresses, or any similar data), or data that permanently identifies a particular device (such as your mobile phone’s unique device identifier if such an identifier cannot be reset), even in hashed form.
We will never sell, share, transfer or rent your Personal Information for secondary purposes.
In certain circumstances, we may share any or all information we have collected, including Personal Information. For example:
a) we might share your Personal Information during due diligence or in preparation for or after a sale, merger, consolidation, change in control, transfer of substantial assets, reorganization or liquidation;
b) your Personal Information may be transferred to anyone who is helping us make our website and the Service available and functional, like technical agents, payment processing vendors, other subcontractors, and our affiliates and consultants, subject to obligations consistent with this Fine Print;
c) as in any transaction, if you use the Service to provide your credit card information to LawPay for payments, your credit card company will be provided with all relevant information about LawPay, item(s) purchased, cost and other information necessary to process the transaction;
d) if we are required to disclose or share your Personal Information under a legal obligation, in order to enforce or apply our contractual agreements or without your consent pursuant to any of the exceptions in the Acts; and
e) we may share anonymous information (meaning information that does not identify you personally) with or to business partners.
We may also disclose Personal Information to our service providers for the purpose of processing Personal Information on our behalf or assisting in the operation of the Service. We require that these parties agree to process such Personal Information based on our instructions and in compliance with this Policy and any other appropriate confidentiality and security measures.
If we propose to collect, use or disclose Personal Information for any purpose other than those described in this Policy, we will obtain your consent.
You may choose to withdraw your consent to the collection, use or disclosure of your Personal Information as outlined in this Policy at any time. If you withdraw consent, then we may no longer be able to provide you with full or any access to the Service.
Users are also given the opportunity to “opt-out” of having their Personal Information used for specific purposes, such as receiving newsletters or other information from us.
Withdrawals of consent will not have an effect on personal or other data that we have used or disclosed in accordance with this Policy prior to such withdrawals.
We may make available third party links through hyperlinks or otherwise enable you to access third party products or services from the Service that are not affiliated with or controlled by us. We are not responsible for those parties, the content of their products or services, or the use of information you provide to them. Providing links or otherwise enabling access to third party products or services does not constitute sponsorship of or affiliation with those people or companies. You recognize and agree that we are not liable for any third parties use of your Personal Information and you should review the privacy policies of these third parties.
We take commercially reasonable steps as necessary to ensure that your data is treated securely in accordance with this Policy and the Acts. However, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, we cannot guarantee or warrant the security of any information you transmit through use of the Service and you do so at your own risk.
Your Personal Information may be transferred to and maintained on servers or databases located in Canada and the U.S. in accordance with the Acts, as applicable. You consent to such processing and storage.
We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of Personal Information. We use physical, electronic and/or procedural safeguards to protect our systems and all Personal Information under our control against unauthorized access and use. We only use third party server hosts with certified facilities that contain the industry standard physical, operational and digital security and restriction protocols. All safety and security measures are reasonable and appropriate to the sensitivity level of the information collected.
We will take reasonable steps to ensure that the Personal Information collected by us or on our behalf is accurate and complete, as required pursuant to the Acts.
We will allow you to access your Personal Information in our custody or control, and you may request that we:
If we are satisfied on reasonable grounds that your request to update or correct your information should be implemented, we will correct your Personal Information on our primary system as soon as reasonably possible. We may retain an archived copy of your records as required or authorized by law.
By providing your email address to us or communicating with us via email, you are deemed to expressly consent to receiving email communications from us in conjunction with the Service that we provide to you.
We retain Personal Information collected pursuant to this Policy only as long as is reasonably required to fulfill the purposes for which it was collected, or as required or authorized by law.
We reserve the right to modify this Policy at any time. We may provide you with notice of such modifications, by sending you an email message or otherwise bringing it to your attention in the Service. Your continued use of the Service will signify your acceptance of the modifications to this Policy. If you disagree with any changes to this Policy, you will need to stop using the Service.
If you have any questions relating to this Policy or our privacy practices, please write to us at: firstname.lastname@example.org.
Using web-based cloud computing services, tools and applications (“Cloud Services”) benefits our clients in a number of ways, including lower costs, higher performance and more efficient delivery of legal services. At Miller Titerle + Company (“MT+Co.”), we recognize that the nature of the legal industry requires not only excellent service but also constant and rigorous protection of client data, whether offline or online. We take security and protection of personal information very seriously.
Our policy on cloud computing (“Cloud Policy”) is meant to ensure that client data is protected to the greatest extent reasonably possible, while also enabling us to provide the efficient, responsive service clients have come to expect from MT+Co. This Cloud Policy is based upon the Law Society of British Columbia’s cloud computing due diligence guidelines (“Law Society Guidelines”) and represents best practice in the legal industry.
This Cloud Policy applies to all team members at MT+Co. and pertains to all client data, no exceptions.
This Cloud Policy concerns all external Cloud Services, including cloud-based email, document storage, project management software, Software-as-a-Service (SaaS), Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), etc. Personal accounts are excluded. MT+Co team members may not store client data on personal accounts.
This Cloud Policy applies to all clients, excluding those that constitute a “public body” for the purposes of the Freedom of Information and Protection of Privacy Act (“FOIPPA”). FOIPPA requires that personal information in the custody of any public body be stored and accessed within Canada, unless consented to by the individual to whom the personal information pertains. Any lawyer acting for a client constituting such public body is therefore barred by this Cloud Policy from using any Cloud Service outside the i-worx OfficeOneLive Desktop (as all i-worx data is accessed and stored in British Columbia).
In order to determine whether a client constitutes a public body, see the definition of “public body” in Schedule I of the FOIPPA.
It is imperative that all MT+Co. team members NOT open cloud accounts or enter into cloud service contracts for client-related matters without first completing the security screening (set out below). This is necessary to protect the integrity and confidentiality of client and firm data, and the security of the MT+Co. network.
Each MT+Co team member must review this Cloud Policy and certify that he or she acknowledges and understands the purpose and following procedures.
Our Cloud Policy comprises two screening stages. First, each Cloud Service undergoes an initial comprehensive security screening before any team member uses it in conjunction with client data. Second, each Cloud Service is then subject to periodic security monitoring for ongoing use.
Stage I: Initial Comprehensive Security Screening. Before initial use of any Cloud Service, we run the Cloud Service through a series of securities questions and input results into our Cloud Computing Policy spreadsheet (“CCP Spreadsheet”, document ID: ADMIN_Policy Review – Cloud Computing – 2014-06-16 (00085612)). In doing so, we consider security factors at two levels:
a) High-level priority considerations: requirements that are carefully measured and must be satisfied in every case, including the following three Law Society requirements:
i. Ownership of client data must not transfer to the Cloud Service or any third party.
ii. MT+Co. must ascertain where the data will be stored.
iii. Client information must be protected to maintain confidentiality and privilege.
b) Low-level considerations: additional issues into which MT+Co. reasonably inquires, in accordance with best practices in the industry. See the CCP Spreadsheet for detailed considerations.
Stage II: Ongoing Security Monitoring. To ensure the protection of client data is ongoing, we review Terms of Service of each Cloud Service and track security breaches through a monitoring process. We use GoogleAlerts to keep apprised of security breaches for each Cloud Service we use, alerting us to security issues weekly.
In the Event of a Security Breach:
The MT+Co team member dedicated to cloud computing security (“Cloud Computing Security Officer” or “CCSO”) is responsible for the GoogleAlerts notifications. If a security breach is flagged by GoogleAlerts, the CCSO reviews the details of the breach to assess whether further action is required:
1. If the breach does not put client or lawyer data at risk, MT+Co will continue to use the Cloud Service.
2. If the breach potentially puts client or lawyer data at risk, the CCSO will work with the lawyer(s) using the Cloud Service to remove sensitive client data to ensure reasonable security. The lawyer(s) will temporarily refrain from using the service and wait for the CCSO to confirm security. The CCSO will gather as much information about the security breach as reasonably possible and will make an assessment. If the breach is determined not to put client or lawyer data at risk, the Cloud Service will remain in use.
3. If the breach does put client or lawyer data at risk, the CCSO and lawyer(s) using the Cloud Service will work to remove all data from the Cloud Service, will close any accounts with the Cloud Service, and will discontinue use of the Cloud service permanently.
Annual Review of Law Society of British Columbia Cloud Computing Guidelines:
The Law Society Guidelines have been foundational to this Cloud Policy. As Canadian lawyers’ use of cloud computing evolves, we expect the Law Society Guidelines to become more refined and comprehensive. Once per year, a lawyer or law student reviews the Law Society Guidelines to determine whether any amendments have been made. If so, that lawyer or law student will summarize the amendments in the CCP Spreadsheet, and will notify the CCSO. If the CCSO believes the amendments to have altered the ethical or allowable use of Cloud Services in the legal industry, the CCSO will reassess each Cloud Service used by MT+Co in light of the new guidelines, and will follow the procedure above (as explained in “In the Event of a Security Breach”) to determine whether to discontinue use.
Bi-Annual Terms of Service Review:
Approximately every six months, a lawyer or law student reviews the Terms of Service and Privacy Policies of each Cloud Service used at MT+Co to determine whether any amendments have been made. Any updates to the Cloud Service’s terms and policies are added to the CCP Spreadsheet. If any amendments constitute cause for concern, the lawyer or law student completing the review will bring the concern to the attention of the CCSO, who will follow the procedure above (as explained in “In the Event of a Security Breach”) to determine whether to discontinue use.
Note: this list will be updated from time to time without notification.
1. i-worx OfficeOneLive Desktop