Klarquist Sparkman, LLP (“we”, “us” or “Klarquist”) is committed to protecting and respecting your privacy in accordance with laws applicable to our business as a law firm and provider of services, that include legal, technological and other business or personal advice.
For the purpose of the General Data Protection Regulation (Regulation (EU) 2016/679, the “GDPR”) as amended or replaced from time to time (“GDPR”), the data controller is Klarquist Sparkman, LLP, a limited liability partnership, having a primary place of business at One World Trade Center, 121 SW Salmon Street, Suite 1600, Portland, Oregon, 97204. Klarquist is an assumed business name and service mark of Klarquist Sparkman, LLP. Klarquist Partners are identified on our website.
1. Information we collect from you
We will collect and process the following data about you:
1.1. Information you give us.
This is information about you that you give us through our website (“our site”) or by corresponding with us by phone, e-mail or otherwise. It includes information you provide when you register your interest in our services on our site, when you provide instructions or submit inquiries to us, when you use our services, when you make a payment to us and when you report a problem with our site or services. The information you give us may include your name, address, e-mail address and phone number, financial and credit card information, employment-related information and other information relating to the matter in relation to which you are seeking our assistance. If you provide any information about any other individuals such as colleagues or other parties related to a legal matter, you warrant to us that you are entitled to provide that information to us and to authorize us to process it on the same basis as we will process the rest of the data you provide about yourself.
1.2. Information we collect about you.
With regard to each of your visits to our site we may automatically collect the following information:
- to determine and save technical information, including date and time, the Internet protocol (IP) address used to connect from your computer or mobile device to our website, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- to determine and save information about your visit, including the full Uniform Resource Locators (URLs), clickstream to, through and from our site (including date and time), pages you viewed or searched for, page response times, download errors, length of visits to pages and overall time on the website; and
- for any one or more of the reasons set forth in Section 3.1.
1.3. Information we receive from other sources.
This is information we receive about you from sources other than directly from yourself, which may include social media such as LinkedIn, Facebook, Twitter and Instagram. It may also include information that we have been provided by people who think you may be interested in talking to us about our or your services or products. This information may be used by Klarquist for any one or more of the reasons set forth in Sections 3.1 and 3.2.
1.4 Information about individuals under 16 years old
Our website and services, comprising legal, technological and other business or personal advice are not directed to individuals under age 16. We will not knowingly accept or receive personal information of anyone under age 16 unless we have consent from that individual’s parent or legal guardian. If we become aware that we have received the personal data of an individual under age 16 without having obtained appropriate consent, we will delete that information from our systems.
3. Purposes for which we may process the information
We use information held about you in the following ways:
3.1. Information you give to us. We may use this information:
- to provide our services, comprising legal, technological and other business or personal advice; including disclosures to the Patent, Trademark or Copyright offices of any country as required or desirable to obtain intellectual property protection, to a court of law, in an administrative or quasi-judicial proceeding or pursuant to a subpoena,
- to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
- as required by any legal or regulatory obligations;
- to provide you with information about other intellectual property related services we offer and/or services that we believe are related to those that you have already purchased or enquired about;
- to process payments from you;
- to provide you, or permit selected third parties to provide you, with information about services we feel may interest you, so long as, where required by law, you have given the relevant consent;
- to notify you about changes to our services;
- for our own legal and risk management purposes; and
- to assist us in making our website more effective for users, such as you.
Please note that, where you are asked to provide information to us which is of a sort that is necessary to enable us to perform a contract or fulfill a request that you make (e.g., contact, delivery or payment information) it is a requirement for us to enter and perform such a contract or fulfill your request that you provide that information – if you do not do so, we may not be able to perform your contract or fulfill your request.
If the GDPR does not apply to you or to your personal data, we may process your data for any additional lawful purposes.
3.2. Information we collect about you. We may use this information:
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in an effective manner for you, for your computer, and for other users of our site;
- to allow you to participate in interactive features of our service, when you choose to do so;
- as part of our efforts to keep our site safe and secure;
- to measure or understand the effectiveness of advertising we may serve to you and others, and to deliver relevant advertising to you;
- for any of the purposes set forth in Section 3.1.; and
- to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them. (If the GDPR does not apply to you or to your personal data, we may use your data for any additional lawful purposes.)
3.3. Information we receive from other sources.
We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for any one or more of the purposes set out in Sections 3.1. and 3.2.
4. Disclosure of your information
4.1. You acknowledge that while we will never sell your personal data we may share your personal information with:
4.1.1. Any of our attorneys and employees located in the USA as may be necessary to fulfil our business objectives and deliver our services, subject to all requirements of the GDPR.
4.1.2. Selected third parties including sub-contractors for the performance of any contract we enter into with them or you, provided that we comply with GDPR in doing so.
4.2. Additionally, we may disclose your personal information to third parties:
4.2.1. If we outsource any aspect of our business or systems, then we may disclose your personal data to our service provider(s).
4.2.2. In the event that we sell or buy any business or assets, or assist you in buying or selling any business assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
4.2.3. If we or a substantial part of our assets are acquired by a third party, in which case personal data held by us about our customers may be one of the transferred assets.
4.2.4. If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply the terms of any agreement or policy to which we are a party, or to protect the rights, property, or safety of you, of Klarquist, of clients, of our customers, or others. This may include exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
4.2.5. If you or your personal data are not subject to the GDPR, we may disclose or share your data for any additional lawful purpose.
4.2.6. For any one or more of the purposes set forth in Sections 3.1., 3.2., or 3.3. above.
5. Legal Basis for Processing
5.1. Article 6 of the GDPR requires us to have at least one lawful basis for processing personal data that is subject to the GDPR. The grounds applicable to processing the personal data subject to the GDPR that we collect are:
5.1.1. Contract: This basis applies to necessary processing for us to perform a contract that you are party to, to enter into a contract such as an engagement or retainer agreement, or to take steps at your request prior to entering a contract.
5.1.2. Legal Obligation: This basis applies to necessary processing for compliance with a legal obligation to which we are subject. For example, if you have provided your name, address, or citizenship for purposes of preparing and/or filing a patent application or other legal document, we will include such information in the filed document to meet legal requirements for the document filing;
5.1.3. Legitimate Interests: This basis applies to necessary processing for the purposes of our legitimate interests or the legitimate interests of a third party, provided that your fundamental rights and freedoms which require protection of your data do not override such legitimate interests (our legitimate interests comprise the management, marketing and promotion of our business, products and services and the supply of our products and services);
5.1.4. Consent: This basis applies to processing data to which you have consented. For example, to processing account payments. If more than one of the above grounds apply to the processing of data in question, the applicable ground will be the one that is set out first above.
5.2. Special categories of personal data
If you provide us with any special categories of personal data (that is to say information as to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexual orientation or genetic or biometric data) or personal data relating to criminal convictions and offenses, it is a condition of us receiving that information that:
5.2.1. it is necessary for us to process the information for the establishment, exercise or defense of legal claims; or
5.2.2. if that is not necessary, you expressly consent (and you hereby do) to us processing that personal data for the purposes set out in section 3. Accordingly, if you do not want us to process any such categories of personal data, do not provide it to us.
6. Where we store your personal data
6.1. The data that we collect from you will be stored on our servers or those of our service providers located in the USA. It will not be further transferred to and stored at a destination outside the USA unless:
6.1.1. To a processor acting on our behalf which has provided appropriate data protection safeguards of the sort approved by the European Union and provide effective rights and remedies for you (e.g., to an associate attorney outside of the USA for filing documents, such as patent and trademark applications authorized to be filed by you).
6.1.2. To an associated law firm or third party as instructed by you; such as where necessary to obtain intellectual property protection for you.
6.2. Except as provided above, all information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential, and for all use made of your account with such password. You agree to not share a password with anyone.
6.3. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use procedures and security features to try to prevent unauthorized access.
7. Length of data storage
7.1. Our policy is to ensure that personal data is only stored for as long as is necessary for the purposes set out at section 3 above. This may vary according to the type of information and the specific applicable purpose(s). If you would like to know what that means in respect of your personal data, please contact us (see section 8.2 below). In determining how long we retain your information the criteria that we take into consideration include our legal obligations, good industry practice, the guidance of governmental organizations and agencies and the State Bar of Oregon and/or other states, insurance and risk management factors, ethics requirements applicable to attorneys, and also tax, accounting, health and safety, and employment rules.
8. Your rights
8.1. If the GDPR applies to you or to your personal data, you have various rights under GDPR. These may include:
8.1.1. The right to ask us not to process your personal data for direct marketing purposes, even if you have given consent;
8.1.2. If our processing is based on your consent, the right to withdraw any consent you may have given for our processing of your data – if you exercise this right, we will be required to stop such processing if consent is the sole lawful ground on which we are processing that data;
8.1.3. The right to ask us for access to the data we hold about you (see section 9 below for further details);
8.1.4. The right to ask us to rectify any data that we hold about you that is inaccurate or incomplete;
8.1.5. The right to ask us to delete your data in certain circumstances;
8.1.6. The right to ask us to restrict our processing of your data in certain circumstances;
8.1.7. The right to object to our processing of your data in certain circumstances; and
8.1.8. In certain circumstances, the right to require us to give you the data we hold about you in a structured, commonly used and machine-readable format so that you can provide the data to another data controller.
8.2. You can exercise any of the rights set out above, free of charge, by using any applicable methods set out in our communications with you, or by contacting us at email@example.com. In respect of certain of the rights referred to above, your right may be qualified by the GDPR or other laws, such as where we are processing data for in the context of actual or possible legal claims or in relation to legal privilege. We will discuss with you following your request any such qualifications, and any further information that we may need from you in order to fulfil your request. We may ask you to provide further information in order to confirm your identity. Please also note that if you submit unfounded or excessive (for example repetitive) requests to exercise any of these rights, we reserve the right to make a reasonable charge for providing the requested information or taking the requested action, or to decline your request.
8.3. You also have the right to lodge a complaint with the Information Commissioner’s Office (www.ico.org.uk) if you are concerned that we are not respecting your rights under the GDPR. The Information Commissioner’s Office is one of the authorities responsible for overseeing the application of, and enforcing the GDPR.
8.4. If the GDPR does not apply to you or to your personal data, we may, at our option provide you with the above rights under section 8 of this policy, or, alternately, limit your rights to those available under any laws that apply to you or to your personal data.
9. Accessing your data
If the GDPR applies to you, you may have the right to obtain from us:
9.1. Confirmation as to whether we are processing (including holding) personal data about you; and
9.2. If we are processing personal data about you, you may be entitled to be provided with:
9.2.1. Information as to the purposes for which we process the data;
9.2.2. Information as to the categories of the data that we are processing;
9.2.3. Information as to the recipients or categories of recipients to whom the data has or will be disclosed;
9.2.4. Information as to the envisaged period for which we will store the data, or if the basis on which that period will be determined; and
9.2.5. A copy of the data (further copies are available at a reasonable charge, which we will inform you of should you request further copies). Please note that this right is subject to the rights of others in relation to their own personal data, meaning that we cannot disclose data to you if it would involve disclosing data about someone else.
9.3. Please see section 8.2 above as to how to exercise your rights under this section 9. Section 8.2 applies in full to the exercise of these rights.
9.4. If the GDPR does not apply to you or to your personal data, we may, even if you do not qualify under Section 8.1 above, at our option provide you with the above rights of section 9 of this policy, or, alternately, limit your rights to those available under any laws that apply to you or to your personal data.
10. California Consumer Rights
As of January 1, 2020, the California Consumer Privacy Act provides specific rights to those who live in the state of California. If you are a California-based consumer, as that term is defined under California law, this section shall apply in addition to all other applicable rights and information contained in this Notice:
10.1 You have the right to request that we provide you with the categories of personal data and the specific pieces of personal data we have collected and store about you.
10.2 You have the right to request that we delete personal information we, or our service providers, store about you.
10.3 You may request that we not sell your personal information.
10.4 You have the right to designate an authorized agent to make a request on your behalf.
10.5 We will not discriminate or retaliate against you if you elect to exercise any rights under this section of our Privacy Notice.
Please be aware that we are required by law to verify that any request submitted was made by someone with the legal right to access the information. Therefore, before accessing or divulging any personal data pursuant to a data subject access request, we may request that you provide us with additional information so we can verify your identity and/or legal authority.
If you are a California consumer and wish to make a request, or have additional questions based on this section of our Privacy Notice, email us at firstname.lastname@example.org with “Exercise my Rights Under CCPA” in the subject line, complete the Contact Us form available here, or call us at 1-888-595-4767. Your request should include your contact information and anything you believe is relevant. We will provide a response to an access request within the timeframes required by law. If we cannot substantively respond in a timely manner, we will notify you and provide the reason for the delay.
Under certain circumstances, we may not be required or able to fulfill your request, such as when doing so would interfere with our regulatory or legal obligations, where we cannot verify your identity, or if your request involves disproportionate cost or effort. But we will respond to your request within a reasonable time, as required by law, and provide an explanation.
Be sure to check this Notice for updates, as we will review it at least every 12 months and make necessary changes.
11. Other websites
Our site may, from time to time, contain links to and from the websites of third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
12. Changes to this privacy notice
Any changes we make to our privacy notice in the future will be posted on this page. Please check back frequently to see any updates or changes to our privacy notice.
Questions, comments and requests regarding this privacy notice are welcomed and should be addressed to email@example.com.