The website's fine print
Your confidentiality and privacy are important. M.G. Morris Law, P.C., ("the firm," "we," "us," "our") acts in accordance with applicable data protection and privacy laws when we collect and use information about you and strive to protect this information for you.
We have offices at 55 Monument Circle, 7th Floor, Indianapolis, Indiana 46204. Should you have any comments or questions about how we collect and use your personal information, communication can be directed to that postal address.
We do not knowingly collect information from anyone under the age of 18, nor do we market services to them.
What do we collect?
We collect information about you and your use of our services through various means, including when you provide information to us and when we automatically collect information about you when you access, use, or interact with us. “Personal information” is information that reveals your specific identity or directly relates to you as an individual. Personal information we collect may include your name, postal address, email address, phone number, IP address, account username and password.
The types of information we may collect about you include:
Client legal information.
We collect and receive information from and about our clients when they seek or are provided with legal services from the firm. This might include sensitive personal information about our clients, their employees, donors, volunteers, board members, family members and other third parties. We may also collect or receive information related to underlying legal matters and information about our clients and prospective clients, including financial and business information. We ask that clients and prospective clients only provide us the minimum amount of personal information necessary for us to perform our legal services. You are responsible for obtaining any approvals, authorizations, consents, permissions, and permits that are required in connection with your providing us with any information (including, but not limited to, any information relating to a third party).
Marketing and event communications.
When you sign-up for or subscribe to our legal alerts, marketing communications, publications, or events, we collect personal information about you which may include your name, email address, and postal address. We use this information to send you updates that may be relevant to you regarding legal and regulatory developments, firm-related events, activities, and news. We process this personal information on the basis of legitimate interests, or where we obtain your affirmative consent, on the basis of that consent.
If you do not want to receive communications from us in the future, please let us know by following the unsubscribe instructions found in any email we send. Please note we may still contact you if necessary to provide important notifications regarding certain services if we have a legal or ethical duty to do so.
We may also collect information from you when you provide it to us via the website. For example, we collect information when you submit online forms for consultation, registrations for events, or educational opportunities via the website.
Automatic data collection.
We use automatic data collection and analytics technologies to collect aggregate and user-specific information about your equipment, domain name, patterns of use, communication data and the resources that you access and use, including your IP address, unique identifiers, log files, browsing and navigation patterns. This information is used to improve what we do.
Cookies, web beacons, links, and other tracking technologies.
We use data analytics to ensure site functionality and improve our services. We use mobile analytics software to allow us to understand the functionality of the site on your mobile device. This software may record information such as how often you use the site, what happens within the site, aggregated usage, performance data, app errors and debugging information, and where the services were downloaded from. We do not link the information we store within the analytics software to any personal information that you submit within the mobile application.
We collect analytics information either directly or through third parties acting on our behalf. These data analytics and online advertising providers may combine and use data collected through your use of the site with data they collect over time and across different websites for their own purposes.
Publicly available information.
We may collect information about you or your organization from publicly available sources, such as social media or news sources.
What do we do with it?
Your personal information may be used by M.G. Morris Law, P.C., for any legitimate business purpose consistent with applicable laws and regulations, including, but not limited to, operating the services, conducting business operations, and responding to requests for information.
We may use the personal information of any site user under the following circumstances:
when we need to perform a contract we are about to or have entered into with you;
when we need to do so to comply with a legal obligation;
when it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
when it is necessary to establish, exercise or defend legal claims;
if you have already made the information public; or
if you have given your consent.
The particular legitimate interests upon which we rely in processing your personal information include the following:
carrying out business intake procedures such as to carry out conflict and other business intake searches,
providing legal advice to our clients, and
marketing our services.
We will share your information in the following circumstances on the legal basis of the legitimate interests of providing the requested services:
Aggregated non-personal data: We may disclose aggregated, non-personal information received from providing the services, including information that does not identify any individual, without restriction. We may share demographic information with business partners, but it will be aggregated and de-personalized, so that personal information is not revealed.
Within the firm: We may share and process information internally within the firm and with our affiliates. Our personnel may have access to your information as needed to provide and operate the services in the normal course of business. This includes information regarding your use and interaction with the services.
Service Providers and Third Party Vendors: We work with various organizations and individuals to help provide the site to you ("service providers" or “third party vendors”), such as website and data hosting companies and companies providing analytics information. We need to engage such service providers or third party vendors to help us operate, provide, and market the services. These entities may use your information only to perform these tasks on our behalf. Information we share with our service providers or third party vendors may include both information you provide to us and information we collect about you, including personal information and information from data collection tools like cookies, web beacons, and log files.
We take reasonable steps to ensure that our service providers and third party vendors are obligated to reasonably protect your information on our behalf. If we become aware that a service provider or third party vendor is using or disclosing information improperly, we will take commercially reasonable steps to end or correct such improper use or disclosure.
We share personal information with our service providers and third party vendors on the basis of our legitimate interests in providing you with the site. Our engagement of service providers and third party vendors is often necessary for us to provide the services to you, particularly where such companies play important roles like helping us keep our services operating and secure. In some other cases, these service providers and third party vendors may not be strictly necessary for us to provide the services, but help us make them better, for example, by helping us conduct research into how we could better serve our clients and site users. In these latter cases, we have a legitimate interest in working with our service providers and third party vendors to improve our services.
Business Transactions: We may purchase other businesses or their assets, sell our business assets, or be involved in a bankruptcy, merger, acquisition, reorganization or sale of assets (a “Business Transaction”). Your information, including personal information, may be among assets sold or transferred as part of a Business Transaction.
We seek to ensure all individuals are provided with the rights mandated by their governing jurisdiction. Not all of the rights discussed herein will apply to each individual data subject and may not apply to you depending upon your jurisdiction.
Effective on January 1, 2020, the California Consumer Privacy Act (CCPA) provides consumers (California residents) with specific rights regarding their Personal Information. If you reside in California, you may exercise the following rights.
1. Access to specific information and data portability rights
You have the right to request that we disclose to you your Personal Information we have collected about you over the past 12 months from the day of your request. Once we receive and confirm your request, we will disclose to you:
The categories of Personal Information we collected about you.
The categories of sources for the Personal Information we collected about you.
Our business and commercial purposes for collecting or selling that Personal Information.
The categories of third parties with whom we shared that Personal Information.
The categories of Personal Information disclosed for a business purpose in the preceding 12 months
The specific pieces of Personal Information we collected about you.
The CCPA also requires us to disclose information regarding the Personal Information that we collect about consumers. That information can be found at this link: California Privacy Disclosures.
2. Deletion request rights
You have the right to request that we delete any of the Personal Information data that we collected from or about you and retained, subject to certain Exceptions (as listed below). Once we receive and confirm your request, we will delete your Personal Information from our records unless an Exception applies.
We may deny your deletion request if retaining the information is necessary for us or our Service Provider(s):
to complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
to detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
to debug products to identify and repair errors that impair existing intended functionality;
to exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
to enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
to comply with a legal obligation; or
to make other internal and lawful uses of that information that are compatible with the context in which you provided it.
(each an “Exception” and collectively, “Exceptions”).
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
deny you goods or services.
charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
provide you a different level or quality of goods or services.
suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
4. Exercising Access, Data Portability, and Deletion Rights
To exercise your rights described above, please submit a request to us by mailing us at 55 Monument Circle, Indianapolis, Indiana 46032.
Only you, or someone legally authorized to act on your behalf, may make a request related to your Personal Information. You may also make a request on behalf of your minor child. We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.
You may only make a request for access or data portability twice within a 12-month period. The request must:
provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative; and
describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
Making a request does not require you to create an account with us. Also, we will only use Personal Information provided in a request to verify the requestor’s identity or authority to make the request.
5. Your Authorized Agent
You have the right to designate an authorized agent to make a request under the CCPA on your behalf.
6. Response Timing and Format
We will confirm that we received your request within ten (10) ten day and will respond within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding our receipt of the request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
7. Contact Us
If you have questions about this Privacy Notice, your rights under the CCPA or our practices, please contact us.
As referenced through this Privacy Notice, those residing in the EU may benefit from a number of rights in relation to your information that we process. Some rights apply only in certain limited cases, depending on your location. If you would like to manage, change, limit, or delete your Personal Information, you can do so by contacting us. Upon request, the Firm will provide you with information about whether we hold any of your Personal Information. In certain cases where we process your information, you may also have a right to restrict or limit the ways in which we use your Personal Information. In certain circumstances, you also have the right to request the deletion of your Personal Information, and to obtain a copy of your Personal Information in an easily accessible format.
To the extent that such rights are mandated by the laws applicable to the individual data subject, such as all data subjects residing in the European Union (“EU”), the following rights may apply:
the right to access (GDPR, Article 15);
the right to rectification (GDPR, Article 16);
the right to erasure (GDPR, Article 17);
the right to restrict processing (GDPR, Articles 18);
the right of object (GDPR, Article 21);
and if applicable, the right to data portability (GDPR, Article 20).
You may also have a right to lodge a complaint with an appropriate data privacy regulatory authority (GDPR, Article 77)
We generally process Personal Information of those residing in the EU on the legal basis of our Firm's legitimate interests in performing the function or service you requested. Where appropriate, we may rely on alternate legal bases, such as your consent to certain types of processing. Where we process your Personal Information on the basis of consent, we will clearly obtain your opt-in consent. Where given, you may withdraw your consent at any time by contacting us.
If we process your information based on our legitimate interests as explained in this Privacy Notice, or in the public interest, you can object to this processing in certain circumstances. In such cases, we will cease processing your information unless we have compelling legitimate grounds to continue processing or where it is needed for legal reasons. Where we use your data for direct marketing purposes, you can always object using the unsubscribe link in such communications or changing your account settings.
Where you have provided consent to certain data processing, you have the right to withdraw that consent at any time by contacting us. A withdrawal of consent will not affect the validity of our use of your Personal Information up until the point you have withdrawn your consent.
We welcome you to contact us regarding the information we have collected about you, including regarding the nature and accuracy of the data that has been collected about you, to request an update, modification, or deletion of your information, to opt-out of certain Services uses of your information, or to withdraw any consent you may have granted to the Firm. Please note that the rights available to you for access to your information may vary depending upon your jurisdiction. We seek to ensure all individuals are provided with the rights afforded by their governing jurisdiction.
Please note requests to delete or remove your information do not necessarily ensure complete or comprehensive removal of the content or information posted, and removed information may persist in backup copies. If you delete or opt-out of the collection and use of certain information certain features of the Services may no longer be available to you.
We retain the information we receive about you for as long as necessary to fulfill the purposes for which the information was collected, pursuant to contractual or legal obligations, or as otherwise required by law. In addition, we may delete your Personal Information from our systems in accordance with our data retention policies. We may retain your information and content for a commercially reasonable time for backup, archival, and audit purposes.
We take commercially reasonable efforts to secure and protect the privacy, accuracy, and reliability of your information. We implement security measures as we deem appropriate and consistent with industry standards. We will protect your information from loss, misuse and unauthorized access, alteration, destruction and disclosure as required by the Rules of Professional Conduct (or other rules) applicable to our attorneys and all laws and regulations applicable to us; provided, however, that, except as provided in the immediately following sentence, we will, at a minimum, use commercially reasonable efforts to protect Personal Information from loss, misuse and unauthorized access, alteration, destruction and disclosure.
Certain Personal Information posted by you to the Services may be accessible to the general public, and we are not responsible for protecting such Personal Information from loss, misuse or unauthorized access, alteration, destruction or disclosure. For example, if you participate in a public forum on the Services, any information disclosed by you when doing so may be available to the general public. Also, since no transmission of information over the Internet or electronic storage of information is completely secure, it is possible that your information could be lost, misused or accessed, altered, destroyed or disclosed without authorization, even if we use such reasonable efforts. In providing information to us, you must assume the risk that your information could be lost, misused or accessed, altered, destroyed or disclosed without authorization. Accordingly, any information you transfer to or from Services is provided at your own risk.
Transfer and Storage.
Please note information we collect about you may be transferred, processed and/or accessed by us in the United States, or another country where we, or our Service Providers operate. Please be aware your Personal Information may be transferred to, and maintained on, computers located outside of your state or country where privacy laws may differ from and may not be as protective as those where you live. If you are located outside the United States and choose to allow us to collect information about you, please be aware that we may transfer your Personal Information to the United States and process and store it there.
If you are located in the European Economic Area (“EEA”) or other regions with laws governing data collection and use that may differ from U.S. law, please note that we may transfer information to a country or jurisdiction that does not have the same data protection laws as your jurisdiction, as disclosed in this Privacy Notice. It may also be processed by staff operating outside the EEA who work for us or for one of Service Providers, also as disclosed.
Whether or not you have previously sent us an e-mail message, you consent to our sending you e-mail messages and other electronic communications (a) in connection with your use of the Services, (b) in the ordinary course of business, or (c) for any other legitimate business purpose (including, but not limited to, marketing). Since we endeavor to send e-mail messages and other electronic communications only to individuals desiring to receive them, you can unsubscribe to such e-mail messages or other electronic communications at any time by contacting us using the contact information provided in this Privacy Notice or by following the directions contained in such e-mail messages or other electronic communications.
Third Party Services.
M.G. Morris Law appreciates your visit to our website. Our site is provided for informational purposes only and should not be considered legal advice. Online visitors should not take action upon this information without first seeking professional counsel.
Should you choose to contact an attorney (via e-mail or other means of communication), do not disclose information you regard to be confidential until the attorney verifies that the firm does not represent other persons or entities involved in the matter and that the firm is willing to consider accepting representation. Unless otherwise agreed in advance, all unsolicited inquiries or information received by us will not be regarded as confidential.