Field LLP is committed to protecting the privacy of personal information provided to us by our employees, clients, and other third parties. As part of our commitment, we are compliant with a number of federal, provincial and international privacy laws.
When clients retain us to provide legal services, they are consenting to the collection, use, and disclosure of their personal information for the purpose of enabling us to act for them in relation to the particular legal matter for which we have been retained. Personal information includes any information that can be used to identify an individual. Examples include names, phone numbers, financial and employment information. The contact details of an employee of an organization are not usually considered to be personal information in privacy legislation when those details are publicly available and used for business communications.
Through a standard form of retainer letter or via our website, we inform our clients about our Privacy Policy, which outlines the purposes for which their personal information may be collected, used or disclosed.
We also provide a copy of our Privacy Policy to our employees, including those who work under contract, students and volunteers. The provisions of our Privacy Policy apply to the employees of both Field LLP and Field Management Services LP as a condition of their employment.
Collection of Personal Information
In order to provide high quality legal services, we need to collect a broad range of personal information from our clients, prospective clients, and other parties. Sometimes, the collection of this information is required by legislation or by order of a Court or tribunal. We collect personal information in a variety of ways: in writing, in person, on the telephone, through our website, and by other electronic communication.
Most of the personal information we collect is obtained from clients when they instruct us, and subsequently as we act for them in a legal matter. However, due to the nature of legal work, it is not always possible to collect information from an individual directly. For instance, if we are acting for a child or a dependent adult in a matter, we may need to collect information from their guardian or trustee.
Field LLP also collects personal data in the course of its charitable endeavours, for the purposes of marketing and administering the Field Law Community Fund and supporting community and charitable initiatives.
Use and Disclosure of Personal Information
The personal information we collect is used for the purpose of advancing our clients’ legal interests. We may disclose personal information to other third parties in certain circumstances to properly assess and deal with a legal matter. We may also be required to transfer personal information internationally in the course of business.
Disclosure of personal information may take place in situations permitted by the applicable privacy legislation. The disclosure may be required by law or by order of a Court or tribunal. We may also disclose personal information to others, such as lawyers representing other parties, consultants or expert witnesses asked to provide advice or services on behalf of our clients. Such disclosures are subject to the rules of the various Courts or tribunals in which our clients’ cases proceed.
Field LLP does not use personal information to make automated decisions.
Consent
Within reasonable legal limits, we collect, use and disclose personal information only with the consent of the person involved. In certain circumstances, privacy legislation authorizes the collection, use or disclosure of personal information without the consent of the individual, such as to respond to emergencies or where obtaining consent would be similarly unnecessary or inappropriate.
Field LLP has an active marketing department. In our marketing materials and our professional presentations, we refer to the types of services we provide; however, we will not disclose our clients’ names or personal information for marketing purposes without notifying those clients and obtaining their prior consent. We do however use trusted third party software applications to disseminate electronic mail communications.
Field LLP also operates a website. Field LLP reserves the right to store information on a visitor’s computer in the form of a “cookie” or similar file for purposes of recording the individuals who visit our site and log the following information for statistical purposes: internet address, domain name, date and time of visit to the website, pages and documents downloaded, previous website visited and type of browser used. This information is only used for statistical and website development purposes. If you visit our website, you do so voluntarily and are deemed to consent to our collection of your personal information as specified in this paragraph.
Subject to reasonable and lawful conditions, an individual may withdraw or vary consent for our collection, use, and disclosure of his or her personal information at any time with prior written notice to us. Where appropriate to do so, Field LLP will take all reasonable steps, including technical measures to delete personal information as applicable.
Security of Personal Information
Our staff and lawyers are trained to appreciate the importance of privacy and confidentiality of personal information.
In order to provide reasonable security for personal information which is in electronic form, we have implemented administrative and technological safeguards to prevent unauthorized access to the firm’s network and data storage systems.
Retention of Personal Information
Privacy legislation dictates that Field LLP cannot retain personal information any longer than is reasonably necessary. When our legal services to a client are concluded, we close the file. We may, in our sole discretion, destroy or duplicate materials before closing a file. Personal information will be retained only as long as necessary for Field LLP to discharge its duties as a provider of legal services.
Individuals situated in the European Union have a right to have their personal details erased from our systems, upon request and in limited circumstances. Where legally permissible, we will take reasonable steps, including technical measures to erase the personal information held by Field LLP.
Individuals situated in the European Union also have a right to request that their personal information is ported to another service provider upon request. Where legally permissible, Field LLP will take reasonable steps, including technical measures to port the personal information held by Field LLP.
Access to Information and Corrections
Individuals have a right of access to records containing personal information about them, subject to certain legal restrictions, including the privilege which is inherent in the relationship between a lawyer and a client.
All access requests are to be in writing and shall set out in sufficient detail the scope of the request. Access requests for personal information are to be directed to the firm’s Privacy and Data Protection Officer, as named by Field LLP and identified in this Privacy Policy.
The Privacy and Data Protection Officer will assist the individual with the access request and respond in a timely manner, advising whether access to the requested records will be granted, and if so, how access will be given. If any part of an access request is refused, reasons for the refusal will be provided. The Privacy and Data Protection Officer will also inform the applicant that he or she may seek a review of the decision from the appropriate supervisory authority.
If there is an error or omission in personal information in our custody or control, for which a request for correction has been received, we will, subject to legal limitations, correct the information as soon as reasonably possible or annotate it with the correction that was requested but not made.
Responding to Personal Data Breaches
A ‘personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed. In the event of a personal data breach, in certain circumstances we are legally obliged to report the breach to the appropriate Information and Privacy Commissioner. In accordance with privacy legislation, we will also notify the individuals directly affected by the breach, as appropriate in the circumstances.
Personal Employee Information
Personal employee information is information relating to an individual who is an employee (including those who work under contract, students and volunteers) or a potential employee and which is collected, used, or disclosed for the purposes of establishing, managing or terminating an employment relationship, and managing a post-employment relationship. Managing an employment and post-employment relationship may include determining appropriate levels of compensation, evaluating performance and administering payroll and benefits.
The personal information collected by Field LLP relating to our employees and partners are primarily for internal use. At times, Field LLP will disclose personal employee information to third parties, like payroll administrators and benefit suppliers when necessary for the administration of payroll and benefits. We take reasonable contractual steps to ensure that third parties to whom we may disclose personal information provide a level of personal information protection comparable to our firm. We will retain our employees’ personal information for at least three (3) years after they leave our employment.
More Information
For further information about our Privacy Policy, or to report a suspected privacy breach please contact our Privacy and Data Protection Officer:
Kelly Nicholson
Partner / Field Law Privacy and Data Protection Officer
403-260-8515
knicholson@fieldlaw.com
The Office of the Information and Privacy Commissioner of Alberta oversees the administration and enforcement of Alberta’s privacy legislation. You may visit their website at: http://www.oipc.ab.ca/.