To the extent permitted by the Privacy Shield Principles, LO2 reserves the right to process personal information in its capacity and role of providing document review, contract management, legal research, compliance services and other legal support services to our clients.
LO2 does not sell, rent or disclose to third parties any personal data derived from the services rendered for our clients, except when one or more of the following conditions are true:
- LO2 has the individual’s permission to make the disclosure;
- The disclosure is required by law or professional standards;
- The information in question is publicly available;
- The disclosure is reasonably necessary for the establishment or defense of legal claims;
- The disclosure is to another LO2 entity or to persons or entities providing services on LO2’s or the individual’s behalf (“transferee”), consistent with the purpose for which the information was obtained, if the transferee, with respect to the information in question: (1) is subject to laws providing an adequate level of privacy protection; (2) has agreed in writing to provide an adequate level of privacy protection; or (3) Subscribes to the Privacy Shield Principles.
LO2 gathers data on individuals in a variety of ways both online and offline in the course of its business. This occurs principally when LO2 gathers information from its customers in order to bill to the customers the services performed by LO2 for such customers. LO2 may also obtain from its customers data on individuals described in documents or communications that LO2 processes for its customers.
LO2 shall inform an individual of the purpose for which it collects and uses personal information and the types of non-agent third parties to which LO2 discloses or may disclose that information. LO2 shall provide individuals with the choice and means for limiting the use and disclosure of their personal information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal information to LO2, or as soon as practicable thereafter, and in any event before LO2 uses or discloses the Information for a purpose other than for which it was originally collected.
“Sensitive Personal Information” means personal information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, trade union membership or that concerns an individual’s health.
LO2 will offer individuals the opportunity to opt out from use of their personal information as follows: (1) disclosure to a third party or (2) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. For Sensitive Personal Information, LO2 will give individuals the opportunity to affirmatively opt out from consent to disclosure of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. LO2 shall treat Sensitive Personal Information received from an individual the same way the individual would treat and identify it as Sensitive Personal Information.
To prevent unauthorized access or disclosure, to maintain data accuracy, and to ensure the appropriate use and confidentiality of information, either for its own purposes or on behalf of its clients, customers and business partners, LO2 has put in place and rigorously enforces appropriate physical, electronic, and managerial procedures to safeguard and secure the information that LO2 processes.
LO2 shall allow individuals to access their personal information and allow individuals to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individuals in the case in question or where the rights of persons other than the individuals would be violated. The individual seeking access to or to amend such information will need to provide sufficient identifying information, such as name, address, birth date, and other identifying information that LO2 may request as a security precaution.
Any claim that is unresolved by LO2’s internal process will be resolved by cooperating with the European Data Protection Authorities for further investigation.