Your confidentiality and privacy are important.  M.G. Morris Law, P.C., ("the firm," "we," "us," "our") acts in accordance with applicable data protection and privacy laws when we collect and use information about you and strive to protect this information for you.

​This page ("Privacy Policy") explains how and why we collect, use, share, and store information, including personal information, and covers our interactions with you when we receive or collect information from or about you, including when you visit our website, request or receive professional services, participate in our educational or marketing events, request information from us, (collectively "Services") or when you otherwise provide information to us).

​We are engaged in the practice of law and in providing training that is not the practice of law. Information obtained by us in the course of representing or informing our clients may be subject to or protected in ways not covered by this Privacy Policy, including the attorneys’ professional duty of confidentiality, the attorney-client privilege, the attorney work product doctrine, judicial protective orders, and other legal privileges or protections.

We have offices at 55 Monument Circle, 7th Floor, Indianapolis, Indiana  46204. Should you have any comments or questions about how we collect and use your personal information, communication can be directed to that postal address.

Before accessing, using, or interacting with the services we provide, you should carefully review the terms and conditions of this Privacy Policy. By accepting our Privacy Policy, you are confirming that you have read and understand these terms, including how and why we use your information. If you don’t want us to collect or process your personal information in the ways described in this Privacy Policy, you should immediately terminate your use of the services and not otherwise provide any information. 

We do not knowingly collect information from anyone under the age of 18, nor do we market services to them.

What do we collect?

​We collect information about you and your use of our services through various means, including when you provide information to us and when we automatically collect information about you when you access, use, or interact with us. “Personal information” is information that reveals your specific identity or directly relates to you as an individual. Personal information we collect may include your name, postal address, email address, phone number, IP address, account username and password.

The types of information we may collect about you include:

Client legal information. 

​We collect and receive information from and about our clients when they seek or are provided with legal services from the firm. This might include sensitive personal information about our clients, their employees, donors, volunteers, board members, family members and other third parties. We may also collect or receive information related to underlying legal matters and information about our clients and prospective clients, including financial and business information. We ask that clients and prospective clients only provide us the minimum amount of personal information necessary for us to perform our legal services. You are responsible for obtaining any approvals, authorizations, consents, permissions, and permits that are required in connection with your providing us with any information (including, but not limited to, any information relating to a third party). 

Marketing and event communications.

When you sign-up for or subscribe to our legal alerts, marketing communications, publications, or events, we collect personal information about you which may include your name, email address, and postal address. We use this information to send you updates that may be relevant to you regarding legal and regulatory developments, firm-related events, activities, and news. We process this personal information on the basis of legitimate interests, or where we obtain your affirmative consent, on the basis of that consent.

If you do not want to receive communications from us in the future, please let us know by following the unsubscribe instructions found in any email we send. Please note we may still contact you if necessary to provide important notifications regarding certain services if we have a legal or ethical duty to do so.

Online collection.

We may also collect information from you when you provide it to us via the website. For example, we collect information when you submit online forms for consultation, registrations for events, or educational opportunities via the website. 

​Automatic data collection.

We use automatic data collection and analytics technologies to collect aggregate and user-specific information about your equipment, domain name, patterns of use, communication data and the resources that you access and use, including your IP address, unique identifiers, log files, browsing and navigation patterns. This information is used to improve what we do.

​Cookies, web beacons, links, and other tracking technologies.

We may keep track of how you use and interact with us through the use of cookies, web beacons, links, and other tracking technologies. We do this to help analyze the use of and improve our services. Through these technologies we may automatically collect information about your use and other online activities, including our email correspondences, third-party services, and client applications, and certain online activities after you leave the website. Link information is generally only analyzed on an aggregate basis. Some services may not function properly if you disable cookies. Such data may include analytics information, sites visited before visiting the website, browser type, operating system, and tracking of your interactions with our content and emails.

Analytics information.

We use data analytics to ensure site functionality and improve our services. We use mobile analytics software to allow us to understand the functionality of the site on your mobile device. This software may record information such as how often you use the site, what happens within the site, aggregated usage, performance data, app errors and debugging information, and where the services were downloaded from. We do not link the information we store within the analytics software to any personal information that you submit within the mobile application.

​We collect analytics information either directly or through third parties acting on our behalf.  These data analytics and online advertising providers may combine and use data collected through your use of the site with data they collect over time and across different websites for their own purposes.

Publicly available information.

We may collect information about you or your organization from publicly available sources, such as social media or news sources.

​

What do we do with it?

​Your personal information may be used by M.G. Morris Law, P.C., for any legitimate business purpose consistent with applicable laws and regulations, including, but not limited to, operating the services, conducting business operations, and responding to requests for information.  

​We may use the personal information of any site user under the following circumstances:

• When we need to perform a contract we are about to or have entered into with you;

• When we need to do so to comply with a legal obligation;

• When it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;

• When it is necessary to establish, exercise or defend legal claims;

• If you have already made the information public; or

• If you have given your consent.

​The particular legitimate interests upon which we rely in processing your personal information include the following:

• Carrying out business intake procedures such as to carry out conflict and other business intake searches,

• Providing legal advice to our clients, and

• Marketing our services.

​When you access or use the services, we collect, use, share, and otherwise process your personal information as described in this Privacy Policy. M.G. Morris Law does not sell your personal information. We will not share or otherwise disclose your personal information to third parties without your consent or another valid legal basis permitted by applicable laws and regulations. 

​We will share your information in the following circumstances on the legal basis of the legitimate interests of providing the requested services:

Aggregated non-personal data: We may disclose aggregated, non-personal information received from providing the services, including information that does not identify any individual, without restriction. We may share demographic information with business partners, but it will be aggregated and de-personalized, so that personal information is not revealed.

Within the firm: We may share and process information internally within the firm and with our affiliates. Our personnel may have access to your information as needed to provide and operate the services in the normal course of business. This includes information regarding your use and interaction with the services.

Service Providers and Third Party Vendors: We work with various organizations and individuals to help provide the site to you ("service providers" or “third party vendors”), such as website and data hosting companies and companies providing analytics information. We need to engage such service providers or third party vendors to help us operate, provide, and market the services. These entities may use your information only to perform these tasks on our behalf. Information we share with our service providers or third party vendors may include both information you provide to us and information we collect about you, including personal information and information from data collection tools like cookies, web beacons, and log files. 

​We take reasonable steps to ensure that our service providers and third party vendors are obligated to reasonably protect your information on our behalf. If we become aware that a service provider or third party vendor is using or disclosing information improperly, we will take commercially reasonable steps to end or correct such improper use or disclosure.

We share personal information with our service providers and third party vendors on the basis of our legitimate interests in providing you with the site. Our engagement of service providers and third party vendors is often necessary for us to provide the services to you, particularly where such companies play important roles like helping us keep our services operating and secure. In some other cases, these service providers and third party vendors may not be strictly necessary for us to provide the services, but help us make them better, for example, by helping us conduct research into how we could better serve our clients and site users. In these latter cases, we have a legitimate interest in working with our service providers and third party vendors to improve our services.

Business Transactions: We may purchase other businesses or their assets, sell our business assets, or be involved in a bankruptcy, merger, acquisition, reorganization or sale of assets (a “Business Transaction”). Your information, including personal information, may be among assets sold or transferred as part of a Business Transaction.

Safety and Lawful Requests: We may be required to disclose Services user information pursuant to lawful requests, such as subpoenas or court orders, or in compliance with applicable laws. We generally do not disclose user information unless we have a good faith belief that an information request by law enforcement or private litigants meets applicable legal standards. We may share your information when we believe it is necessary to comply with applicable laws, to protect our interests or property, to prevent fraud or other illegal activity perpetrated through the Services or using the firm's name, or to protect the safety of any person. This may include sharing information with other companies, lawyers, agents, or government agencies. Nothing in this Privacy Policy is intended to limit any legal defenses or objections that you may have to a third party’s, including a government’s, request to disclose your information.

We seek to ensure all individuals are provided with the rights mandated by their governing jurisdiction. Not all of the rights discussed herein will apply to each individual data subject and may not apply to you depending upon your jurisdiction.

California Residents

​Effective on January 1, 2020, the California Consumer Privacy Act (CCPA) provides consumers (California residents) with specific rights regarding their Personal Information. If you reside in California, you may exercise the following rights.

1. Access to specific information and data portability rights

You have the right to request that we disclose to you your Personal Information we have collected about you over the past 12 months from the day of your request. Once we receive and confirm your request, we will disclose to you:

• The categories of Personal Information we collected about you.

• The categories of sources for the Personal Information we collected about you.

• Our business and commercial purposes for collecting or selling that Personal Information.

• The categories of third parties with whom we shared that Personal Information.

• The categories of Personal Information disclosed for a business purpose in the preceding 12 months

• The specific pieces of Personal Information we collected about you.

The CCPA also requires us to disclose information regarding the Personal Information that we collect about consumers.  That information can be found at this link: California Privacy Disclosures.

2. Deletion request rights

You have the right to request that we delete any of the Personal Information data that we collected from or about you and retained, subject to certain Exceptions (as listed below). Once we receive and confirm your request, we will delete your Personal Information from our records unless an Exception applies.

We may deny your deletion request if retaining the information is necessary for us or our Service Provider(s):

• to complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;

• to detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;

• to debug products to identify and repair errors that impair existing intended functionality;

• to exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;

• to enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;

• to comply with a legal obligation; or

• to make other internal and lawful uses of that information that are compatible with the context in which you provided it.
  (each an “Exception” and collectively, “Exceptions”).

3. Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

• deny you goods or services.

• charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.

• provide you a different level or quality of goods or services.

• suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

4. Exercising Access, Data Portability, and Deletion Rights

To exercise your rights described above, please submit a request to us by mailing us at 55 Monument Circle, Indianapolis, Indiana 46032.

Only you, or someone legally authorized to act on your behalf, may make a request related to your Personal Information. You may also make a request on behalf of your minor child. We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.

You may only make a request for access or data portability twice within a 12-month period. The  request must:

• provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative; and

• describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

Making a request does not require you to create an account with us. Also, we will only use Personal Information provided in a request to verify the requestor’s identity or authority to make the request.

5. Your Authorized Agent

You have the right to designate an authorized agent to make a request under the CCPA on your behalf.

6. Response Timing and Format

We will confirm that we received your request within ten (10) ten day and will respond within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

Any disclosures we provide will only cover the 12-month period preceding our receipt of the request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

7. Contact Us

If you have questions about this Privacy Notice, your rights under the CCPA or our practices, please contact us.

​

EU Residents

​As referenced through this Privacy Notice, those residing in the EU may benefit from a number of rights in relation to your information that we process. Some rights apply only in certain limited cases, depending on your location. If you would like to manage, change, limit, or delete your Personal Information, you can do so by contacting us. Upon request, the Firm will provide you with information about whether we hold any of your Personal Information. In certain cases where we process your information, you may also have a right to restrict or limit the ways in which we use your Personal Information. In certain circumstances, you also have the right to request the deletion of your Personal Information, and to obtain a copy of your Personal Information in an easily accessible format.

To the extent that such rights are mandated by the laws applicable to the individual data subject, such as all data subjects residing in the European Union (“EU”), the following rights may apply: 

1. the right to access (GDPR, Article 15); 

2. the right to rectification (GDPR, Article 16); 

3. the right to erasure (GDPR, Article 17); 

4. the right to restrict processing (GDPR, Articles 18);

5. the right of object (GDPR, Article 21); 

6. and if applicable, the right to data portability (GDPR, Article 20). 

7. You may also have a right to lodge a complaint with an appropriate data privacy regulatory authority (GDPR, Article 77)

We generally process Personal Information of those residing in the EU on the legal basis of our Firm's legitimate interests in performing the function or service you requested. Where appropriate, we may rely on alternate legal bases, such as your consent to certain types of processing. Where we process your Personal Information on the basis of consent, we will clearly obtain your opt-in consent. Where given, you may withdraw your consent at any time by contacting us. 

If we process your information based on our legitimate interests as explained in this Privacy Notice, or in the public interest, you can object to this processing in certain circumstances. In such cases, we will cease processing your information unless we have compelling legitimate grounds to continue processing or where it is needed for legal reasons. Where we use your data for direct marketing purposes, you can always object using the unsubscribe link in such communications or changing your account settings.

Where you have provided consent to certain data processing, you have the right to withdraw that consent at any time by contacting us. A withdrawal of consent will not affect the validity of our use of your Personal Information up until the point you have withdrawn your consent.

We welcome you to contact us regarding the information we have collected about you, including regarding the nature and accuracy of the data that has been collected about you, to request an update, modification, or deletion of your information, to opt-out of certain Services uses of your information, or to withdraw any consent you may have granted to the Firm. Please note that the rights available to you for access to your information may vary depending upon your jurisdiction. We seek to ensure all individuals are provided with the rights afforded by their governing jurisdiction. 

Please note requests to delete or remove your information do not necessarily ensure complete or comprehensive removal of the content or information posted, and removed information may persist in backup copies. If you delete or opt-out of the collection and use of certain information certain features of the Services may no longer be available to you.

We retain the information we receive about you for as long as necessary to fulfill the purposes for which the information was collected, pursuant to contractual or legal obligations, or as otherwise required by law. In addition, we may delete your Personal Information from our systems in accordance with our data retention policies. We may retain your information and content for a commercially reasonable time for backup, archival, and audit purposes.

​We take commercially reasonable efforts to secure and protect the privacy, accuracy, and reliability of your information. We implement security measures as we deem appropriate and consistent with industry standards. We will protect your information from loss, misuse and unauthorized access, alteration, destruction and disclosure as required by the Rules of Professional Conduct (or other rules) applicable to our attorneys and all laws and regulations applicable to us; provided, however, that, except as provided in the immediately following sentence, we will, at a minimum, use commercially reasonable efforts to protect Personal Information from loss, misuse and unauthorized access, alteration, destruction and disclosure. 

Certain Personal Information posted by you to the Services may be accessible to the general public, and we are not responsible for protecting such Personal Information from loss, misuse or unauthorized access, alteration, destruction or disclosure. For example, if you participate in a public forum on the Services, any information disclosed by you when doing so may be available to the general public. Also, since no transmission of information over the Internet or electronic storage of information is completely secure, it is possible that your information could be lost, misused or accessed, altered, destroyed or disclosed without authorization, even if we use such reasonable efforts. In providing information to us, you must assume the risk that your information could be lost, misused or accessed, altered, destroyed or disclosed without authorization. Accordingly, any information you transfer to or from Services is provided at your own risk.

​

Transfer and Storage.

Please note information we collect about you may be transferred, processed and/or accessed by us in the United States, or another country where we, or our Service Providers operate. Please be aware your Personal Information may be transferred to, and maintained on, computers located outside of your state or country where privacy laws may differ from and may not be as protective as those where you live. If you are located outside the United States and choose to allow us to collect information about you, please be aware that we may transfer your Personal Information to the United States and process and store it there.

If you are located in the  European Economic Area (“EEA”) or other regions with laws governing data collection and use that may differ from U.S. law, please note that we may transfer information to a country or jurisdiction that does not have the same data protection laws as your jurisdiction, as disclosed in this Privacy Notice. It may also be processed by staff operating outside the EEA who work for us or for one of Service Providers, also as disclosed.

Electronic Communications.

​Whether or not you have previously sent us an e-mail message, you consent to our sending you e-mail messages and other electronic communications (a) in connection with your use of the Services, (b) in the ordinary course of business, or (c) for any other legitimate business purpose (including, but not limited to, marketing). Since we endeavor to send e-mail messages and other electronic communications only to individuals desiring to receive them, you can unsubscribe to such e-mail messages or other electronic communications at any time by contacting us using the contact information provided in this Privacy Notice or by following the directions contained in such e-mail messages or other electronic communications.

​

Third Party Services.

​The Services may contain links to, or be accessible from, websites provided by third parties (individually a “Third-Party Services”).  Your use of a Third-Party Services will be subject to its terms of use and other provisions, and you are responsible for complying with such terms and other provisions.  This Privacy Notice does not cover the privacy policies or practices of any Third-Party Services, and we are not responsible for any information you submit to, or otherwise collected by, any Third-Party Services.  We are only responsible for information obtained by it (a) through your authorized use of the Services or (b) from other sources in the ordinary course of its business.  You should consult each Third-Party Services for its Privacy Notice or practice before submitting any information to, or otherwise using, such Third-Party Services.

​

Changes to this Privacy Policy.

​The firm may modify this Privacy Policy from time to time. The most current version of this Privacy Policy will govern our use of your information and will be located at www.mgmorrislaw.com. We will notify you of material changes to this policy by posting a notice to our website. The latest version of this Privacy Policy will always be the one posted at www.mgmorrislaw.com.