When you use or access the Everlaw website or service, or otherwise communicate with us, such as at our offices or events, we may collect, use, share and process information relating to you. Our privacy policies explain how we will collect, use, and maintain your personal information. They also describe your choices as well as your rights regarding the correction and removal of your personal information.

Privacy Policy

Last updated: 4/30/2018

Overview

This Privacy Policy explains how information is collected, used, stored, and disclosed by Everlaw. It applies to information collected when you use or access our public websites (everlaw.com, everlaw.com.au, and everlaw.ca) or software product ("Product") (collectively, the "Everlaw Service"), attend an Everlaw event, or otherwise interact with us.

If you use the Everlaw Service as part of an entity or organization that has an agreement with Everlaw (like your employer), the terms of that organization’s contract for the Everlaw Service prevail for any conflicting or inconsistent provisions.

Please read the following carefully to understand how we will collect, use, and maintain your personal information. It also describes your choices regarding the correction and removal of your personal information.

Changing our policy

We may change this Privacy Policy from time to time. If we make any changes, we will notify you by revising the "Last Updated" date at the top of this Privacy Policy and, in some cases, we may provide you with additional notice (such as adding a statement to our homepage or sending you an email notification).

If there are material changes to this Privacy Policy, we will notify you directly by email or by means of a notice on the homepage prior to the change becoming effective. We encourage you to review our Privacy Policy whenever you access the Everlaw Service to stay informed about our information practices and the ways that you can help protect your privacy.If you disagree with any changes to this Privacy Policy and do not wish your information to be subject to the revised Privacy Policy, you will need to deactivate your account with us by contacting privacy@everlaw.com and stop using the Everlaw Service. Your use of the Everlaw Service shall constitute your consent to the present Privacy Policy.

What information we collect

We may collect certain user information, including personal information and/or sensitive personal information, in order to improve our product and processes, engage with customers, comply with legal obligations, monitor the privacy, security and operations of the product, and conduct staff administration.

Information You Provide To Us. We collect information you provide directly to us including when you use the Everlaw Service.

Information We Collect Automatically When You Use the Everlaw Service. When you access or use the Everlaw Service, we may automatically collect information about you, including:

Updating Your Information and Deactivating Your Account. You can update, correct, or modify your account information at any time by logging into your Everlaw Product account. If you need help accessing, modifying, or deactivating your account within the Product, please email support@everlaw.com.

A Note about Do Not Track (“DNT”). Some browsers offer a “do not track” (“DNT”) option. Because no common industry or legal standard for DNT has been adopted by industry groups, technology companies, or regulators, we do not respond to DNT signals. We will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.

How we use information collected

We may use the information collected through the Everlaw Service for the purpose of providing the Everlaw Service, related functionality and services, and engage with you about our product and offerings. The following are examples of how we use the information that we collect:

What information we share or disclose to others

We will not share personal information about you or any Content with any third parties except as described in this Privacy Policy, or as defined in an agreement with us in connection with the Everlaw Service (including a Data Processing Addendum, as applicable). Information that may be shared, pursuant to any applicable agreements, includes:

Aggregated and/or Anonymized Data. We may also share aggregated and/or anonymized information with third parties that does not directly identify you. For example, in an ongoing effort to better understand and serve the users of the Everlaw Service, we may conduct research on customer demographics, interests and behavior based on the personal information, interviews, and other data provided to us. This research may be compiled and analysed on an aggregate basis, and we may share this aggregated data with our agents and business partners. This aggregated information does not identify you personally. We may also disclose aggregated user statistics in order to describe the Everlaw Service to current and prospective business partners, and to other third parties for other lawful purposes.

Links to third-party websites

We may place links on the Everlaw Service, including the Everlaw Blog. When you click on a link from our website to a third-party website, your activity and use is governed by that website’s policies; not by those of Everlaw. We encourage you to review their privacy and user policies.

How we store information

By using and accessing the Everlaw Service, you understand and agree to the storage of data and any other personal information in the region of which data and information is stored on Everlaw’s server, or as defined in an agreement with us (including a Data Processing Addendum, as applicable).

How we secure information

We have adopted reasonable physical, technical and organizational safeguards against accidental, unauthorized or unlawful destruction, loss, alteration, disclosure, access, use or processing of information we collect. We also choose to undergo security testing by an independent third-party auditor.

Everlaw has a SOC 2 Type II certification in Security, Availability, and Confidentiality, demonstrating that our system is designed and operates effectively to keep our customers’ data secure. We have also been audited for compliance with HIPAA Privacy and Security Rules, providing independent assurance of compliance.

You may access your Product account information and our Product only through the use of an individual user ID and password. To protect the confidentiality of personal information, you must keep your password confidential and not disclose it to any other person. Please advise us immediately if you believe your password has been compromised in any way. In addition, always log out and close your browser when you finish your session. Please note that we will never ask you to disclose your password to us.If you have any questions about the security of your information and data, you can contact us at security@everlaw.com.

Our global data privacy and protection practices

Everlaw updated our internal governance structure in light of the General Data Protection Regulation (“GDPR”), including policies, procedures, staff training, security measures, and this Privacy Policy.

Currently, Everlaw uses Standard Contractual Clauses, under Directive 95/46/EC of the European Parliament and of the Council (“Directive”), as the basis for Everlaw’s approach to global data privacy protection. These Standard Contractual Clauses provide appropriate safeguards with respect to the protection of the privacy and fundamental rights and freedoms of individuals and the exercise of the corresponding rights.If you or your organization is required under the GDPR to enter into a contract or other binding legal act under EU or Member State law with your data processors, and Everlaw is acting as a processor for you, as the controller, as those terms are defined by GDPR, you need to review and accept Everlaw’s Data Processing Agreement by contacting privacy@everlaw.com.

Your choices

For all requests surrounding your information or questions about your choices per this Privacy Policy, please contact us at privacy@everlaw.com, and we will respond promptly.

California residents

Under California law, California residents who have an established business relationship with Everlaw may choose to opt out of Everlaw’s disclosure of personal information about them to third parties for direct marketing purposes. If you choose to opt out at any time after granting approval, email privacy@everlaw.com. In accordance with California Civil Code Section 1789.3, California resident users are entitled to know that they may file grievances and complaints with the California Department of Consumer Affairs, 400 R Street, STE 1080, Sacramento, CA 95814; or by phone at (916) 445-1254 or (800) 952-5210; or by email to dca@dca.ca.gov.

Our policy toward children

In compliance with COPPA, the Children’s Online Privacy Protection Act, the Everlaw Service is not directed to individuals under 13. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us at privacy@everlaw.com. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such information. Please note, if you are under the age of 13, you may not use our website, products, or services.

Contact us

If you have any questions about this Privacy Policy, please contact privacy@everlaw.com or:

Everlaw
Attn: Lisa Hawke, VP Security and Compliance
2101 Webster Street, Suite 1500
Oakland, California 94612
United States
contact@everlaw.com
1 (844) EVERLAW

EU & UK Privacy Notice

Last updated: 4/30/2018

Overview

This Privacy Notice explains how information is collected, used, stored, and disclosed by Everlaw. It applies to information collected when you use or access our public websites (everlaw.eu and everlaw.co.uk) or software product (“Product”) (collectively, the "Everlaw Service"), attend an Everlaw event, or otherwise interact with us.

If you use the Everlaw Service as part of an entity or organisation that has an agreement with Everlaw (like your employer), the terms of that organisation’s contract for the Everlaw Service prevail for any conflicting or inconsistent provisions.

Please read the following carefully to understand how we will collect, use, and maintain your personal information. It also describes your rights regarding the correction and removal of your personal information.

Changing our notice

We may change this Privacy Notice from time to time. If we make any changes, we will notify you by revising the "Last Updated" date at the top of this Privacy Notice and, in some cases, we may provide you with additional notice (such as adding a statement to our homepage or sending you an email notification).

If there are material changes to this Privacy Notice, we will notify you directly by email or by means of a notice on the homepage prior to the change becoming effective. We encourage you to review our Privacy Notice whenever you access the Everlaw Service to stay informed about our information practices and the ways that you can help protect your privacy.If you disagree with any changes to this Privacy Notice and do not wish your information to be subject to the revised Privacy Notice, you will need to deactivate your account with us by contacting privacy@everlaw.com and stop using the Everlaw Service. Your use of the Everlaw Service shall constitute your consent to the present Privacy Notice.

What information we collect

We may collect certain user information, including personal data, after obtaining your consent or through contractual provisions governing our relationship with you.

Information You Provide To Us. We collect information you provide directly to us including when you use the Everlaw Service. This information includes personal data.

Information We Collect Automatically When You Use the Everlaw Service. When you access or use the Everlaw Service, we may automatically collect information, including personal data, about you, including:

Updating Your Information and Deactivating Your Account. You can update, correct, or modify your account information at any time by logging into your Everlaw Product account. If you need help accessing, modifying, or deactivating your account within the Product, please email support@everlaw.com. A Note about Do Not Track (“DNT”). Some browsers offer a “do not track” (“DNT”) option. Because no common industry or legal standard for DNT has been adopted by industry groups, technology companies, or regulators, we do not respond to DNT signals. We will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.

How we use information collected

We use the information collected through the Everlaw Service as part of our processing of personal data in order to facilitate provision of the Everlaw Service and engage with you about our product and offerings. The following are examples of how we use the information that we collect:

What information we share or disclose to others

We will not share personal data about you or any Content with any third parties except as described in this Privacy Notice, or as defined in an agreement with us in connection with the Everlaw Service (including a Data Processing Addendum, as applicable). Information that may be shared, pursuant to any applicable agreements, includes:

Aggregated and/or Anonymised Data. We may also share aggregated and/or anonymised information with third parties that does not directly identify you. For example, in an ongoing effort to better understand and serve the users of the Everlaw Service, we may conduct research on customer demographics, interests and behavior based on the personal information, interviews, and other data provided to us. This research may be compiled and analysed on an aggregate basis, and we may share this aggregated data with our agents and business partners. This aggregated information does not identify you personally. We may also disclose aggregated user statistics in order to describe the Everlaw Service to current and prospective business partners, and to other third parties for other lawful purposes.

Links to third-party websites

We may place links on the Everlaw Service, including the Everlaw Blog. When you click on a link from our website to a third-party website, your activity and use is governed by that website’s policies; not by those of Everlaw. We encourage you to review their privacy and user policies.

How we store information

By using and accessing the Everlaw Service, you understand and agree to the storage of information and any other personal data in the region of which data and information is stored on Everlaw’s server, or as defined in an agreement with us (including a Data Processing Addendum, as applicable).

How we secure information

We have adopted reasonable physical, technical and organisational safeguards against accidental, unauthorised or unlawful destruction, loss, alteration, disclosure, access, use or processing of information we collect. We also choose to undergo security testing by an independent third-party auditor.

You may access your Product account information and our Product only through the use of an individual user ID and password. To protect the confidentiality of personal data and information, you must keep your password confidential and not disclose it to any other person. Please advise us immediately if you believe your password has been compromised in any way. In addition, always log out and close your browser when you finish your session. Please note that we will never ask you to disclose your password to us.If you have any questions about the security of your personal information, you can contact us at security@everlaw.com.

Our global data privacy and protection practices

Everlaw updated our internal governance structure in light of the General Data Protection Regulation (“GDPR”), including policies, procedures, staff training, security measures, and this Privacy Notice.

Currently, Everlaw uses Standard Contractual Clauses, under Directive 95/46/EC of the European Parliament and of the Council (“Directive”), as the basis for Everlaw’s approach to global data privacy protection. These Standard Contractual Clauses provide appropriate safeguards with respect to the protection of the privacy and fundamental rights and freedoms of individuals and the exercise of the corresponding rights.If you or your organisation is required under the GDPR to enter into a contract or other binding legal act under EU or Member State law with your data processors, and Everlaw is acting as a processor for you, as a controller, as those terms are defined by GDPR, you need to review and accept Everlaw’s Data Processing Agreement by contacting privacy@everlaw.com.

Your rights

For all requests surrounding your personal data or questions about your rights per this Privacy Notice, please contact us at privacy@everlaw.com, and we will respond promptly.

Lodging a Complaint with a Supervisory Authority. You have the right to submit a complaint to an EU supervisory authority if you believe that your personal data has been processed in a manner that is not compliant with the GDPR. You also have the right to submit a complaint to an EU supervisory authority if Everlaw is unable to comply with your right of data portability or does not respond to your request within a timely manner.

Data protection officer

Effective from 25 May 2018, Everlaw will appoint a Data Protection Officer if and when required by GDPR Article 37 and by the Data Protection Laws. The Privacy team, including any appointed Data Protection Officer, may be reached at privacy@everlaw.com or via the contact information provided below.

Contact us

If you have any questions about this Privacy Policy, please contact privacy@everlaw.com or:

Everlaw
Attn: Lisa Hawke, VP Security and Compliance
2101 Webster Street, Suite 1500
Oakland, California 94612
United States
contact@everlaw.com
1 (844) EVERLAW