6. Disclosures of your personal information

We may share your personal data with third parties for the fulfilment of the Purpose/Use stated in section 6 above.

We may disclose aggregated information about our clients, users, and information that does not identify any individual, without restriction.

Datum may also disclose personal information to organizations that we use to support our business and perform services for us. Personal Information will only be provided to such organizations if they agree by way of contract to provide appropriate protection for such information. We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Personal Information may also be subject to transfer to another organization in the event of corporate transaction such as a merger, or change of ownership. This will occur only if the parties have entered into an agreement under which the collection, use and disclosure of the information is restricted to those purposes that relate to the business transaction, including determining whether or not to proceed with the business transaction, and is used by the parties to carry out and complete the business transaction.

We may also disclose your personal information in the following circumstances:

• To comply with any court order, law, or legal process, including to respond to any government or regulatory request

• To enforce or apply our Engagement Terms and other agreements, including for billing and collection purposes;

• If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Datum Law Corporation, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

  
  

• Storage  and Cross-Border transfers of your personal information

Datum provides legal services across multiple jurisdictions and personal information may be stored outside the jurisdication in which you live.  Datum may utilize service providers and systems that may be located in Canada, UK and EEA and the USA. In such cases, personal information may be subject to the local laws of the jurisdictions within which it is collected, used, disclosed and/or stored, and may be accessed by governmental and law enforcement authorities in those jurisdictions.Where we transfer personal data across-borders, we ensure we have implemented appropriate safeguards to require that personal information remains protected as required by applicable law, including implementing the EC and UK standard contractual clauses as may be appropriate. 

8. Retention

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for  at least 6 years after they cease being customers for tax, professional obligation purposes.

In some circumstances you can ask us to delete your data: see below for your rights  in relation to your personal information.

9. Security 

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

10. Your legal rights

Your local privacy laws may grant you rights with respect to your personal information, and we will not knowingly discriminate against you because you have exercised any of your privacy rights. These rights differ based on the local laws that apply to you but could include one or more of the following: 

• Request access to your personal information (commonly known as a "subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.

• Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

• Request erasure of your personal information in certain circumstances. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal information to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

• Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) as the legal basis for that particular use of your data (including carrying out profiling based on our legitimate interests). In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your right to object.

• You also have the absolute right to object any time to the processing of your personal data for direct marketing purposes (see Opting-out of Marketing in section 23 for details of how to object to receiving direct marketing communications). 

• Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

• Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. 

• Request restriction of processing of your personal information. This enables you to ask us to suspend the processing of your personal information in one of the following scenarios:

• If you want us to establish the data's accuracy;

• Where our use of the data is unlawful but you do not want us to erase it;

• Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or

• You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

• Residents of certain U.S. states may also have the right to opt out of the use of their personal information for profiling or targeted advertising, including online behavioral advertising, and to opt out of the sale or sharing of their personal information.

NOTE: These rights are not absolutely guaranteed and there are several exceptions where we may not have an obligation to fulfill your request. We are only required to honor these rights to the extent we act are responsible for that data, and the requested rights have been granted and apply to you under applicable data protection laws. Please consult your local data protection laws to determine what rights may be available to you and when access to these rights is limited.

If you wish to exercise any of the rights set out above, please reach out to us at the details provided below (refer to secion 14 “Contact Details”).

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. 

11. Direct marketing 

We strive to provide you with choices regarding certain personal information uses, particularly around marketing and advertising. We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing). 

You will receive marketing communications from us if you have requested information from us or purchased goods or services from us and you have not opted out of receiving that marketing.

Third-party marketing 

We will get your express consent before we share your personal data with any third party for marketing purposes. 

Opting out of marketing

You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time. 

If you opt out of receiving marketing communications, you will still receive service-related communications that are essential for administrative or customer service purposes for example relating to the services requested,  appointment reminders, checking that your contact details are correct.

12. Information we collect through automated technologies or interactions 

As you navigate through and interact with our website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

• Details of your visits to our website, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Website.

• Information about your computer and internet connection, including your IP address, operating system, and browser type.

We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking).  

The information we collect automatically may include personal information. It helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to:

• Estimate our audience size and usage patterns.

• Store information about your preferences, allowing us to customize our Website according to your individual interests.

• Speed up your searches.

• Recognize you when you return to our Website.

The technologies we use for this automatic data collection may include:

• Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our website. 

• Web Beacons. Pages of our website and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit Datum, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies.

Different web browsers may use different methods for managing cookies. Please follow the instructions below, from the web browser manufacturers directly, to configure your browser settings*.

• Microsoft Edge

• Google Chrome

• Apple Safari

• Mozilla Firefox

* These links are to third party sites, over which we have no control – no liability can be claimed if they are inaccurate.

Third-Party Use of Cookies and Other Tracking Technologies

Some content or applications, including advertisements, on the website may be served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our website. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.

We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. 

13. Contact Details

If you have any questions about this privacy notice or about the use of your personal information or you want to exercise your privacy rights, please contact our Privacy Officer in the following ways:

• Email address: Sukhi@datum.law

• Postal address:  Unit 200 - 15055 54A Street, Surrey, BC, V3S5X7

14. Complaints

We would always appreciate the opportunity to answer any questions or resolve any complaints directly via the contact points above.  

You may appeal an adverse decision on your requests by emailing or writing to us, and you have the right to lodge a complaint to your local regulator or attorney general if you are not satisfied with our responses to your requests or how we manage your personal information. However, we encourage you to contact us first so we can address your concerns directly.

Contacting the relevant regulatory authority

If you are a UK customer, you can find out more at this link.  If you are based within the EU, you can find out more here. 

For Canadian privacy commissioner contact details see the below list:

• Alberta: www.oipc.ab.ca

• British Columbia: www.oipc.bc.ca

• Manitoba: www.ombudsman.mb.ca

• New Brunswick: https://oic-bci.ca/

• Newfoundland and Labrador: www.oipc.nl.ca

• Northwest Territories: https://atipp-nt.ca/

• Nova Scotia: https://oipc.novascotia.ca/

• Nunavut: https://atipp-nu.ca/

• Ontario: www.ipc.on.ca

• Prince Edward Island: https://www.assembly.pe.ca/

• Québec: www.cai.gouv.qc.ca

• Saskatchewan: https://oipc.sk.ca/

• Yukon: https://www.ombudsman.yk.ca/

• Federal: https://www.priv.gc.ca/

15. Changes to Our Privacy Notice

It is our policy to post any changes we make to our privacy notice on this page. If we make material changes to how we treat our users' personal information, we will notify you through a notice on the website home page or by email using your Contact . The date the privacy notice was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our website and this privacy notice to check for any changes.