February 22, 2022
By communicating with us and using our services, including the access of our Website from another jurisdiction, you consent to the transfer of your personal information into the United States. You also agree to abide by U.S. federal and state law, as the case may be, concerning your use of our Website and any related agreements. Any persons accessing our Website from any jurisdiction with laws or regulations governing the use of the Internet, including personal data collection, use and disclosure, different from those of the United States may only use the Website in a manner lawful in their jurisdiction. It is the sole responsibility of the user to determine whether or not use of the Website is lawful in the particular jurisdiction where the user may be found. If your use of the Website would be unlawful in your jurisdiction, we recommend that you do not use the Website, and we disclaim any and all liability stemming from your unlawful use of the Website.
TYPES OF DATA COLLECTED
DRRT may gather or collect from you two types of data in connection with your use of our services or Website, namely “Non-Personally Identifying Information” and “Personally Identifying Information.”
“Non-Personally Identifying Information” is information that, without the aid of additional information, cannot be directly associated with a specific natural person.
“Personally Identifying Information” is any information that without additional information can be, directly or indirectly, associated with a particular natural person, such as a name, an identification number, location data, an online identifier or information specific identifying the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
COLLECTION, USE AND DISCLOSURE OF NON-PERSONALLY IDENTIFYING INFORMATION
Collection and Use of “Non-Personally Identifying Information”. Like most website operators, we gather from users of the Website Non-Personally Identifying Information of the sort that Web browsers, depending on their settings, may make available. That information includes the user’s Internet Protocol (IP) address, operating system, browser type and the locations of the websites the user views right before arriving at, while navigating and immediately after leaving the Website. Although such information is not Personally Identifying Information, it may be possible for us to determine from an IP address a user’s Internet service provider and the geographic location of the visitor’s point of connectivity as well as other statistical usage data. We analyze Non-Personally Identifying Information gathered from users of the Website to help us better understand how the Website is being used. By identifying patterns and trends in usage, we are able to better design the Website to improve users’ experiences, both in terms of content and ease of use.
A “Web Beacon” is an object that is embedded in a web page or email that is usually invisible to the user and allows website operators to check whether a user has viewed a particular web page or an email. We may use Web Beacons on the Website and in emails to count users who have visited particular pages, viewed emails and to deliver co-branded services. Web Beacons are not used to access users’ Personally Identifying Information. They are a technique we may use to compile aggregated statistics about Website usage. Web Beacons collect only a limited set of information, including a Web Cookie number, time and date of a page or email view, and a description of the page or email on which the Web Beacon resides. You may not decline Web Beacons. However, they can be rendered ineffective by declining all Cookies or modifying your browser setting to notify you each time a Cookie is tendered, permitting you to accept or decline Cookies on an individual basis.
We may use third-party vendors, including Google, who use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) together to inform, optimize and serve ads based on your past activity on the Website, including Google Analytics. The information collected may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity. If you do not want any information to be collected and used by Google Analytics, you can install an opt-out in your web browser (https://tools.google.com/dlpage/gaoptout/). We may partner with selected third parties to allow tracking technology on the Website, which will enable them to collect data about how you interact with the Website and our services over time. This information may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity.
Aggregated and Non-Personally Identifying Information
We may share aggregated and Non-Personally Identifying Information we collect under any of the above circumstances, including, without limitation, sharing it with third parties and our affiliate companies. We may combine Non-Personally Identifying Information we collect with additional Non-Personally Identifying Information collected from other sources. We also may share aggregated information with third parties for the purpose of conducting general business analysis. This information does not contain any Personally Identifying Information, and may be used to develop website content and services that we hope you and other users will find of interest and to target content.
Mobile Device Additional Terms
• Mobile Device. If you use a mobile device to access the Website or download any of our applications, we may collect device information (such as your mobile device ID, model and manufacturer), operating system, version information and IP address.
• Geo-Location Information. Unless we have received your prior consent, we do not access or track any location-based information from your mobile device at any time while downloading or using our mobile application or our services, except that it may be possible for us to determine from an IP address the geographic location of your point of connectivity, in which case we may gather and use such general location data.
• Mobile Analytics. We use mobile analytics software to allow us to better understand the functionality of our mobile software on your phone. This software may record information, such as how often you use the application, the events that occur within the application, aggregated usage, performance data and where the application was downloaded from. We do not link the information we store within the analytics software to any Personally Identifying Information you submit within the mobile application.
We may use hyperlinks on the Website, which will redirect you to a social network if you click on the respective link. However, when you click on a social plug-in, such as Facebook’s “Like” button, Twitter’s “tweet” button or the Google+, that particular social network’s plugin will be activated and your browser will directly connect to that provider’s servers. These third-party services may collect and share information about a user. If you do not use these buttons, none of your data will be sent to the respective social network’s plugin provider. For example, when you click on Facebook’s “Like” button on the Website, Facebook will receive your IP address, the browser version and screen resolution, and the operating system of the device you have used to access the Website. Settings regarding privacy protection can be found on the websites of these social networks and are not within our control.
COLLECTION, USE AND DISCLOSURE OF PERSONALLY IDENTIFYING INFORMATION
As defined above, Personally Identifying Information is information that can be directly associated with a specific person without further information. We may collect a range of Personally Identifying Information from and about people we are in contact with, including Website users. Much of the Personally Identifying Information collected by us is information provided to us by clients, potential clients, business partners, vendors or Website users when: (1) registering for and using our services; (2) participating in polls, surveys or responding to offers; (3) communicating with us; (4) creating a public profile; or (5) signing up to receive newsletters. That information may include each user’s name, address, email address and telephone number. Clients, potential clients, and users of the Website are under no obligation to provide us with Personally Identifying Information of any kind, with the caveat that their refusal to do so may prevent them from benefitting from our services or using certain Website features.
BY USING OUR SERVICES OR REGISTERING WITH OR USING THE WEBSITE, YOU CONSENT TO THE USE AND DISCLOSURE OF YOUR PERSONALLY IDENTIFYING INFORMATION AS DESCRIBED IN THIS “COLLECTION, USE AND DISCLOSURE OF PERSONALLY IDENTIFYING INFORMATION” SECTION.
We may occasionally use your name and email address to send you notifications regarding new services offered by DRRT or other information that we think you may find valuable. Generally, you may opt-out of such emails by following the unsubscribe link in the email communications, by going to your account settings (if applicable) or contacting us using the contact information below.
Since DRRT is a global provider of legal services, we may share users’ information with our offices and co-counsel throughout the world. Additionally, we will disclose Personally Identifying Information under the following circumstances:
Changing and/or Erasing Personally Identifying Information; Account Termination
You may at any time review or change your Personally Identifying Information by going to your account settings (if applicable) or contacting us by using the contact information listed below. Upon your request, we will deactivate or delete your account on our Website and/or Personally Identifying Information from our active databases. Such information will be deactivated or deleted as soon as practicable based on your account activity and in accordance with applicable law. We reserve the right to retain in our files some Personally Identifying Information to prevent fraud, to assist with any legal investigations, and to comply with any other legal or contractual requirements as is permitted by law. Therefore, you should not expect that all of your Personally Identifying Information will be completely removed from our databases in response to your requests.
INFORMATION BY THIRD PARTIES
Our website does not create an attorney-client relationship between you and DRRT. An attorney-client relationship cannot be formed by reading the information on this website. The only way the attorney-client relationship is formed is to become our client by specific and explicit agreement with an individual attorney at DRRT. By providing information about our firm on our Website, we are not soliciting clients nor do we propose any type of transaction. You should not act or rely on any information contained on our Website without seeking the advice of an attorney. The determination and need for legal services as well as the choice of a lawyer is an extremely important decision and should not be based solely upon advertisements or self-proclaimed expertise. The website is intended for informational purposes only. None of the information contained in this website is intended to constitute, nor does it constitute legal advice.
We take the security of your Personally Identifying Information seriously and use reasonable electronic, personnel and physical measures to protect it from loss, theft, alteration or misuse. However, please be advised that even the best security measures cannot fully eliminate all risks. We cannot guarantee that only authorized persons will view your information. We are not responsible for third-party circumvention of any privacy settings or security measures.
We are dedicated to protecting all information. However, you are responsible for maintaining the confidentiality of your Personally Identifying Information by keeping your password to our Website confidential and sending all sensitive Personally Identifiable Information, such as identification documents, identification numbers, etc. to us via password encrypted electronic mail. You should change your password immediately if you believe someone has gained unauthorized access to it or your account. If you lose control of your account, you should notify us immediately.
DRRT PRIVACY & DATA PROTECTION POLICY
European Union General Data Protection Regulation
As a global provider of legal services, DRRT complies with the European Union’s General Data Protection Regulation (“GDPR”) and the UK Data Protection Act of 2018 (“DPA”). The GDPR is applicable if you are a citizen of a European Union member state, you are using DRRT’s website or services from Europe, or you are in contact with DRRT’s offices in Frankfurt or Paris. The DPA is applicable if you are a citizen of the United Kingdom, you are using DRRT’s website or services from the UK, or you are in contact with DRRT’s office in London. Under both the GDPR and the DPA, DRRT will control and be responsible for the collection and processing of your personal data as both a data controller and processor.
Pursuant to the GDPR and the DPA, we process your Personally Identifiable Information for specific, explicit and legitimate business purposes. “Legitimate interests” means the interests of our law firm in conducting and managing our business, cases, and clients, to enable us to provide to our clients the excellent legal representation and services and most secure experience possible. Our legitimate interests include some or all of the following:
• To provide legal services to our clients, including, but not limited to, collecting, analyzing, and storing corporate documents, powers of attorney, affidavits, custodian confirmations, trade data, and other documentation, corresponding with clients regarding case proceedings, strategy, etc., coordinating and corresponding with co-counsel and other third-parties including claims administrators and custodians, and performing other duties required of our representation.
• Where the processing enables us to enhance, modify, personalize, or otherwise improve our services/ communications for the benefit of our clients;
• To identify and prevent fraud;
• To enhance the security of our network and information systems;
• To better understand how our clients interact with our website;
To provide communications which we think will be of interest to you, including case updates, alerts for potential case, notifications of upcoming conferences, roundtables, and other events, etc.
Outside of the legitimate interests listed above, DRRT will only process Personally Identifiable Information for another purpose:
• Where it has obtained the data subject’s prior consent;
• Where necessary for the establishment, exercise or defense of legal claims in the context of specific administrative, regulatory or judicial proceedings; or
• Where necessary in order to protect the vital interests of the data subject or of another natural person.
In compliance with the GDPR and the DPA, DRRT will take the following measures when processing Personally Identifiable Information:
• DRRT will process the personal data lawfully, fairly, and in a transparent manner;
• DRRT will only collect data for specified, explicit, and legitimate purposes and not further process in a manner that is incompatible with those purposes;
• DRRT will take every reasonable step to keep up to date Personally Identifiable Information that is inaccurate, will be erased or rectified without delay;
• DRRT will only keep Personally Identifiable Information in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed. DRRT has in place appropriate organizational measures to ensure compliance with this obligation, including erasure and/or anonymization of the data and all back-ups once the data is no longer relevant for any of the above enumerated processing purposes;
• DRRT will receive, transmit, and process the Personally Identifiable Information a manner that ensures appropriate security including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures. In the event of a personal data breach concerning Personally Identifiable Information processed by DRRT, DRRT shall take appropriate measures to address the personal data breach, including measures to mitigate its possible adverse effects. In case of a data breach that is likely to result in a risk or high risk to the rights and freedoms of natural persons, DRRT shall without undue delay notify both the data exporter and the individuals concerned of the data breach and the competent supervisory authority including i) a description of the nature of the breach (including, where possible, categories and approximate number of data subjects and personal data records concerned), ii) its likely consequences, iii) the measures taken or proposed to address the breach, and iv) the details of a contact point from whom more information can be obtained.
• Where the transfer involves personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, or biometric data for the purpose of uniquely identifying a natural person, data concerning health or a person’s sex life or sexual orientation, or data relating to criminal convictions or offences (hereinafter “sensitive data”), DRRT shall apply specific restrictions and/or additional safeguards adapted to the specific nature of the data and the risks involved. This may include restricting the personnel permitted to access the personal data, additional security measures (such as pseudonymization) and/or additional restrictions with respect to further disclosure.
• Where DRRT intends to onward transfer the Personally Identifiable Information to any third party/ies, as appropriate with a view to providing meaningful information, DRRT will inform the data subject of the purpose of such onward transfer and the ground therefore. DRRT will only transfer Personally Identifiable Information to a third party where the third party is or agrees to be bound by the GDPR and/or the DPA.
• DRRT shall ensure that any person acting under its authority, processes the Personally Identifiable Information only on its instructions.
Whenever we process Personally Identifiable Information for these purposes we will ensure that we always keep your rights in high regard and take account of these rights. You have the right to object to this processing if you wish, and if you wish to do so please contact our Data Protection Officer using the contact information listed below. Please bear in mind that if you object this may affect our ability to carry out the above tasks for your benefit. Further we may process your data based on your express consent, or pursuant to a contractual or legal obligation to do so.
Under the GDPR and the DPA, you have the following rights, which apply in certain circumstances and subject to certain restrictions, in relation to your personal data:
• The right to access your personal data;
• The right to request the rectification and/or erasure of your personal data;
• The right to restrict the use of your personal data;
• The right to object to the processing of your personal data;
• Where our processing of personal data is based on you having provided your consent or the processing is necessary for the performance of a contract with you, you have the right to receive your personal data, which you provided to us, in a structured, commonly used and machine-readable format or to require us to transmit that data to another controller; and
• Where our processing of your personal data is based on you having provided consent, the right to withdraw your consent to the processing at any time.
Pursuant to these rights, when we process personal information, we make sure to consider the balance any potential impact on the individual (both positive and negative), and their rights under relevant data protection laws, including the GDPR and the DPA. We will not use any personal data for activities where our interests are overridden by the impact on the individual (unless we have consent, a contractual obligation, or are otherwise required or permitted to by law).
DRRT, where relevant with the assistance of the data exporter, shall deal with any enquiries and requests it receives from a data subject relating to the processing of his/her Personally Identifiable Information and the exercise of his/her rights under the GDPR and/or the DPA without undue delay and at the latest within one month of the receipt of the enquiry or request. In particular, upon request by the data subject DRRT shall, free of charge: (i) provide confirmation to the data subject as to whether personal data concerning him/her is being processed and, where this is the case, a copy of the data relating to him/her; if personal data has been or will be onward transferred, provide information on recipients or categories of recipients, as appropriate with a view to providing meaningful information, to which the personal data has been or will be onward transferred, the purpose of such onward transfers and the grounds; and provide information on the right to lodge a complaint with a supervisory authority; (ii) rectify inaccurate or incomplete data concerning the data subject; (iii) erase Personally Identifiable Data concerning the data subject if such data is being or has been processed in violation of any GDPR or DPA clauses ensuring third-party beneficiary rights, or if the data subject withdraws the consent on which the processing is based.
In order for us to legal services to our clients, DRRT may gather or collect Personally Identifying Information from you such as your name, email address, location data, phone number, identification number etc.
In compliance with the Privacy Shield Principles, EU and Swiss individuals have the right to access their Personally Identifying Information that DRRT has collected. Furthermore, the requirements set forth by the GDPR, DRRT commits to resolve complaints about our collection or use of your Personally Identifying Information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy and/or the information we have collected should first contact DRRT at:
Attn: Diana Oliveira
340 West Flagler Street, 2nd Floor
Miami, Florida 33130, USA
Phone: +1 (305) 760-8002
DRRT has further committed to refer unresolved EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield complaints to the American Arbitration Association’s International Center of Dispute Resolution (“ICDR”), an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit http://go.adr.org/privacyshield.html for more information or to file a complaint. The services of the ICDR are provided at no cost to you. An individual may, under certain conditions, invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms, for more information, please see Annex I at: https://www.privacyshield.gov/article?id=ANNEX-I-introduction
DRRT has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU and Switzerland in the context of the employment relationship.
DRRT is committed to protecting the privacy of our clients. DRRT will use Personally Identifying Information or data we collect or receive only in a lawful manner and will not contact any individual without prior consent.
DRRT will never collect sensitive information about any individuals without their explicit consent and hold any personal information received or collected securely in accordance with the DRRT Privacy & Data Protection Policy as well as the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield.
DRRT does not transfer, sell, trade, or rent Personally-Identifying Information to others outside of DRRT, except in the following instances: (i) permission is given for DRRT to do so; (ii) when the sharing is with DRRT’s co-counsel or funding partners who are bound by contract to keep the information confidential; and (iii) when required to disclose the information pursuant to a court order. In rare instances, DRRT may have to share Personally-Identifying Information a with law enforcement agencies, regulatory or other government agencies, or to other third parties, in each case to comply with legal, regulatory, or national security obligations or requests. Further, DRRT is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). In the context of an onward transfer DRRT has responsibility for the processing of Personally-Identifying Information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. DRRT shall remain liable under the Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless the organization proves that it is not responsible for the event giving rise to the damage.
While we may use technology to track patterns or behavior of visitors to our Website, it is not our current policy to do so. This could include using a “cookie” which would be stored on a visitor’s browser to allow a future identification of such visitor, but any visitor can “disable cookies” to prevent this.
The Children’s Online Privacy Protection Act (COPPA) protects the online privacy of children under 13 years of age. We do not knowingly collect or maintain Personally Identifying Information from anyone under the age of 13, unless or except as permitted by law. Any person who provides Personally Identifying Information through the Website represents to us that he or she is 13 years of age or older. If we learn that Personally Identifying Information has been collected from a user under 13 years of age on or through the Website, then we will take the appropriate steps to delete the information. If you are the parent or legal guardian of a child under 13 who has become a member of the Website or has otherwise transferred Personally Identifying Information to the Website, please contact us using our contact information below to have that child’s account terminated and information deleted.
Most web browsers and some mobile operating systems include a Do-Not-Track (DNT) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. Our Website currently does respond to DNT browser signals or mechanisms.
LIMITATION OF LIABILITY
We are not responsible for any damages or injury, including but not limited to special, indirect, incidental or consequential damages, that result from your use of (or inability to use) this site, including any damages or injury caused by any failure of performance, error, omission, interruption, defect, delay in operation, computer virus, line failure, or other computer malfunction. You understand and agree that your use of this site is predicated upon your waiver of any right to sue us or its affiliates directly or to participate in a suit for any losses or damages resulting from your use of this site.
You agree that your use of this site and any disputes relating to any of them shall be governed in all respects by the laws of the State of Florida, United States. Any dispute relating to the above shall be resolved by arbitration, as the sole and exclusive legal recourse. The arbitration site shall be Miami, Florida, USA and the arbitration site’s procedural rules shall apply. The arbitration proceeding shall be conducted in the English language. All parties agree that the resulting arbitral award shall be the sole and exclusive remedy. The arbitral award may, in the arbitrator’s sole discretion, include reasonable attorney’s fees incurred in the proceeding.
Attn: Diana Oliveira, Data Protection Officer
340 West Flagler Street, 2nd Floor
Miami, Florida 33130, USA
Phone: +1 (305) 760-8002
You may also contact our European Local Representative as required under Art. 27 GDPR as follows:
Attn: Christian Wefers, Director, Head of European Offices
Neue Mainzer Straße 75
60311 Frankfurt a. M., Germany
Phone: +49 (69) 153-258-962