Stinson Privacy Policy

Our mission at Stinson LLP (Stinson) is to provide the highest quality legal services to our clients. To assist us in our mission, we collect and process certain information you provide us. We work hard to be good stewards of your information. This Privacy Policy is meant to help you understand what information we collect, why we collect it, and how you can update, manage, export, and delete your information.

What do we collect and how?

Anonymous and Aggregated Web Traffic Information

General traffic, site usage, browser information, length-of-stay information, and location data, is collected and stored in log files. This type of information is collected and used on an anonymous, aggregated basis meaning that we do not connect this information to your name or other personal information.

Personal Information (non-financial)

We collect all or some of the following personal information: first and last name, email address, company and other information, in the following contexts:

Alerts and Announcements: We use your contact information to provide you with e-alerts about legal developments and information about Stinson sponsored seminars and events. We always give you the opportunity to opt-out of these communications.

Extranet Site: When you log into our client extranet site to upload documents, we ask you for the Username and Password that have been previously provided to you.

Employment Information: When you apply for a position with the firm under our "Careers" section, you are directed to our third party human capital management processor, ADP. ADP collects your application information and securely transfers it to the firm. Collection of your information on the ADP portal is subject to ADP's privacy policy posted on the portal.

Other Requests: When you report a problem with our website or services we will collect contact information along with a description of your problem. When you contact us via the firm email addresses, we will collect your contact information and any information you include in your email.

Financial Information

When you pay a bill online under our "Online Payments" section, we ask for transaction information including your company name, first and last name, mailing address, phone number, email address, client matter number, invoice number and payment information. If you chose to pay with a bank account, payment information includes accountholder name, address, and phone number along with bank routing number and bank account number. If the account is a corporate bank account, we ask for the name of the person submitting the payment on behalf of the company.

What we do with the info we collect

We process your information for the legitimate interest of communicating with clients, prospective clients, and other users about our legal services and our events and publications related to developments in the law. Processing your information for the purposes described is necessary for us to do what we do and it's in both of our interests. When we use your information based on our legitimate interests, we conduct a balancing test based on the legitimate interest, necessity of processing your information, and how such processing impacts you.

If you have any questions or concerns with us processing your information for this legitimate interest, please email us at privacy@stinson.com.
We'll ask for your consent before using your information for a purpose that extends beyond what you may reasonably expect from a law firm and that has a more significant privacy impact.

We occasionally hire other companies to provide limited services on our behalf, including website development and operation, preparing marketing materials, sending postal mail or email, analyzing website use, job applications, processing payments and processing data. We will only provide those companies the information they need to deliver the service, and they are contractually prohibited from using that information for any other reason.

We also may disclose your information in special cases. For example, when we believe that we must disclose information to bring legal action against someone who may be violating our Terms of Use or causing injury to us, our property, our website, our clients or others. We may disclose visitor information when subpoenaed, if ordered or otherwise required by a court of law, arbitrator, or other similar proceeding, for government investigations, with government agencies if required by law, and when we otherwise believe in good faith that any applicable law requires it.

We may combine with other firms or groups of attorneys. In such transactions, confidential client information generally is one of the transferred business assets. In the event of such a transaction client and site visitor information may be one of the transferred assets and may be disclosed in connection with negotiations relating to a proposed transaction. In that case, the transferred information may become subject to a different privacy policy.

What are Cookies and other collection technologies and how do we use them?

As part of offering and providing customizable and personalized services, we use cookies and other online tracking technologies to store and sometimes track information about you to:

The types of technologies we use include:

Cookies

For information about our use of Cookies, please see our Cookie Policy.

Pixel Tags

We also employ a software technology known as a pixel tag or Web beacon. A pixel tag is a line of code that we place on our website or in e-mails which allows us to analyze our marketing and the general usage patterns of visitors to our website. These help us better manage content on our website by informing us what content or promotions are effective. Unless you consent, we do not collect personally identifiable information from you through the use of pixel tags. You may not disable pixel tags.

IP ADDRESSES AND LOG FILES

We record the IP addresses of visitors to our website. Recording these IP addresses is necessary for the website to function. Our server software keeps access logs, error logs, and security audit logs. This collection is critical in detecting and preventing fraud or unauthorized system access and addressing threats such as a DOS attack. We do not associate this log file information with other information.

Indirect Collection – Social Networking

The website permits you to use a third party social networking platform such as Facebook, Twitter, and Linked-In. This includes use of social media plugins such as Facebook "Like", and Twitter "Tweet". When you use these social networking platforms and plugins, your username and password for the available service or collected from you on these services may be shared with us. When you use social networking platforms and plugins, you share your information with them and their privacy policy applies disclosure of such information. In addition, they may be able to collect information about you, including your activity or may notify your connections on the social networking platform about your use of the website. Such services may allow your activity to be monitored across multiple websites for purposes of delivering more targeted advertising. Please note that their own privacy polices apply and we encourage you to read them. We may add new social networking plugins and buttons to our website from time to time.

Indirect Collection – Analytics

Our website uses Google Analytics, a web analysis service of Google, Inc. ("Google"). Learn more from their Terms of Service and Privacy Policy.

Opt-out: Download the browser plugin "Google Analytics Opt-out Browser Add-on" here.

We use Google Analytics to analyze the use of our website. We do not transfer personal information to Google Analytics.

What choices do you have about your info?

If you have signed up to receive e-alerts and marketing emails from us, you can unsubscribe or change your preferences by clicking on the links attached to the email.

You may also send us an email at privacy@stinson.com to request access to, correct, or delete any personal information that you have provided to us. Please note, we may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

You may have heard about “Do Not Track” (DNT), which is a privacy preference that users can set in their web browsers. Our website does not support DNT codes.

How we protect your information

We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorized way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality.  We use two factor authentication for remote access to our systems. 

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

How long do we keep your information?

We keep your information only so long as we need it to provide the service you've requested of us (e-alerts, event information, etc.) and fulfill the purposes described in this policy. When we no longer need to use your information for the purpose we collected it and there is no need for us to keep it to comply with our legal obligations, we'll either remove it from our systems or depersonalize it so that we can't identify you.

Our policy on children’s information

If you are under 18 years of age you should not provide information to us without the involvement of a parent or guardian. We do not collect online contact information without prior parental consent or parental notification, including an opportunity for the parent to prevent use of the information and participation in the activity. We do not knowingly solicit personal information online from, or market online to, children under the age of 13.

For our friends in the EU

This Privacy Policy includes information applicable to European Union ("EU") residents or users accessing the website in the EU. If you are located in the EU, this Privacy Policy provides you with information regarding your rights under the EU General Data Protection Regulation ("GDPR").

COLLECTION OF PERSONAL DATA

When you visit our website, we collect the personal data described above under "What Do We Collect and How?" In our legal practice, we typically represent corporate entities who are not data subjects under the GDPR. Sometimes, in providing services, we may receive personal information of individuals such as officers, representatives, adverse parties, related parties, vendors, suppliers, professional advisors and government representatives.

LEGAL BASIS FOR PROCESSING YOUR INFORMATION

As discussed above, we process your information for the legitimate interest of communicating with clients, prospective clients, and other users about our legal services and our events and publications related to developments in the law. Processing your information for the purposes described is necessary for us to do what we do and it's in both of our interests. When we use your information based on our legitimate interests, we conduct a balancing test based on the legitimate interest, necessity of processing your information, and how such processing impacts you.

We use personal information collected in the course of providing legal services solely to provide such legal services to our clients. Such processing is necessary for our compliance with legal obligations and our ethical and professional duties as lawyers. Our processing may also be necessary to fulfill a contract we have with you, such as an engagement letter for legal services.

We may also process your information when it is necessary to take action regarding illegal activities, alleged fraud, safety threats, security issues or violations of our Terms of Use or engagement with a client. Such processing is necessary to comply with our legal and client service obligations.

Transfer of Personal Data

The firm and our websites are based in the United States and, regardless of where you access the website, the information collected as part of that use will be transferred to and maintained on servers located in the United States. The European Commission has determined that the US lacks an adequate level of protection for personal information of EU data subjects. The firm is not currently certified under the Privacy Shield. By providing your information, you are consenting to the transfer of your personal data to the U.S.

Although there is risk in transmitting your information to a country that does not have adequate protection, Stinson does take steps to secure your personal data. If you are aware that you will be transferring personal information to us, we will execute a Data Protection Agreement that includes Standard Contract Clauses for the transfer of personal information from the EU to the United States.

Your Choices

The GDPR provides you with certain privacy rights. You may also request to have your information deleted, although we may retain information for backups, prevention of fraud and abuse, satisfaction of legal obligations or other ongoing legitimate interests. You may decline to share certain personal

Right of Access

If you wish to access your personal information, please contact us at the address or number below.

Right to Correction

If the personal information we hold about you is inaccurate or incomplete, you may request to have it corrected. If you are entitled to have information corrected and if we have shared your personal information with others, we will let them know about the rectification where possible. You may also ask us with whom we have shared your information. We will let you know, where possible and lawful, so that you can contact them directly.

Right to Erasure

You may ask us to delete or remove your personal information in some circumstances, such as where we no longer need it or if you withdraw your consent (where applicable). If you are entitled to have your information deleted and if we have shared your personal information with others, we will let them know about the deletion where possible. You may also ask us with whom we have shared your information. We will let you know, where possible and lawful, so that you can contact them directly about erasure.

Right to Object

If you are an EU resident, you have the right to object to our processing that is based on legitimate interests by contacting us at the address or number below. If you are entitled to restriction and if we have shared your personal information with others, we will let them know about the restriction where it is possible for us to do so.

Right to Data Portability

If you are an EU resident, you have the right you have the right, in certain circumstances, to receive a copy of personal information we've obtain from you in a structured, commonly used and machine readable format, and to reuse it elsewhere or to ask us to transfer this to a third party of your choice.

Rights in Relation to Automated Decision-Making and Profiling

If you are an EU resident, you have the right not to be subject to a decision based on automatic processing, including profiling, if it produces a legal effect or similarly significantly affects you, unless such profiling is necessary for entering into, or the performance of, a contract between you and us. We do not engage in automatic processing. Some third party sites to which we link, such as social networks, may engage in automatic processing. See their privacy policy for information on objecting to automatic processing.

Right to Withdraw Consent

If you provide your consent to the processing of your personal information and that consent forms our legal basis for processing, you have the right to withdraw your consent at any time by contacting us at the number below.

Right to Lodge a Complaint

If you are located in the EU and you believe that we have infringed your rights under the GDPR, please contact us by sending an email to privacy@stinson.com or calling us at: 877-317-3502.

You have the right to lodge a complaint with a supervisory authority in your applicable Member State. 

Your California Privacy Rights

The California Civil Code Section 1798.100–199, known as the California Consumer Privacy Act of 2018 ("CCPA"), gives California residents specific rights regarding their personal information which we collect for professional business purposes. To make such a request, please send an email to privacy@stinson.com or mail us at:

Stinson, LLC
Attn:  Privacy
1201 Walnut Street
Kansas City, MO 64106

Please make sure to state that you are a California Resident. When validating a request, we may require additional information to verify your identity and determine the validity of such request for information in compliance with the CCPA.

Scope of Notice

This notice applies to personal information we collect about California residents both online and offline. It applies to California residents who are users of our websites; our clients; event attendees; individuals inquiring about our services; and all other California residents from whom we collect personal information.

As defined in the CCPA, personal information includes any information that identifies, relates to, or could reasonably be linked to a California resident or household.  It includes identifiers, characteristics of protected classes, commercial information, biometrics, internet or electronic information, geolocation data, audio/visual or similar information, employment and educational information, and inferences drawn from any identifiable information. Personal information does not include publically available information from a public government record.  

This notice does not apply to information that is exempt from CCPA disclosure requirements. This includes personal information of individuals acting in their capacity as representatives of our clients, prospect clients, vendors, and other businesses that we conduct business with to the extent the information is collective with respect to a business-to-business transaction or business relationship. This disclosure also does not apply to individuals who are not California residents, any personal information exempted under Cal. Civ. Code Section 1798.145, or any other personal information not contemplated in the CCPA.

Rights of California Residents Under the CCPA

If you are a resident of the State of California, you have the following additional rights under the California Consumer Privacy Act of 2018 (CCPA):

  1. Right to Know — California residents may request that we disclose the following about the personal information we have used or collected over the 12-month period preceding a request:
    • Categories of personal information collected;
    • Specific pieces of personal information not otherwise protected by another form of privacy protection or subject to an exception;
    • Categories of the sources from which we obtain personal information;
    • Purposes for which we use the personal information;
    • Categories of the third parties with whom we share personal information; and
    • Categories of personal information we sell or disclose to third parties.
  2. Right to Opt-Out of Sale — Subject to exceptions, California residents may "opt-out" of allowing us to sell your personal information to third parties.
    • Stinson, LLP does not sell information to third parties (such as advertisers or affiliated companies) for any valuable consideration (such as for marketing purposes). Therefore, we do not maintain a list of third parties with whom we sell personal information. If that changes, we will update our privacy notice. We do contract with third parties to provide employment application software and website analytics. These companies maintain their own privacy policies and information provided to them is subject to such privacy policies and notices.
  3. Right to Delete — Subject to exceptions, California residents may request we delete their personal information.
    • Exceptions include, but are not limited to, information necessary for the following activities:
      • Completing a transaction or service the individual requested;
      • Detecting security incidents or identifying and repairing functionality issues;
      • Complying with state or federal law or another legal obligation; and
      • Solely internal activities aligning with the reasonable expectations of the consumers based on their business relationship with us.
  4. Right to Non-Discrimination — California residents must receive equal service and pricing even if they exercise their privacy rights under the CCPA. However, if California residents opt-out or request deletion of personal information necessary for us to provide a particular good or service, such good or service may not be completed or may be limited.
Categories of Information Collected

We collect the following categories of Personal Information:

Sources of Personal Information

We may collect the above information directly from an individual, automatically through website cookies, and from third parties such as clients, government entities, public record, data aggregators, parties involved in litigation, and other individuals and entities we interact with during the course of our business.

Purposes of Collecting, Using, and Disclosing Personal Information

As stated above, we use your information for the legitimate interest of communicating with clients, prospective clients, and other users about our legal services, events and publications related to developments in the law. We also collect information online which improves the performance, functionality and use of our website as well as for social media purposes through website cookies. We ask for your consent when requesting information outside of what you may reasonably expect from a law firm and that has a more significant privacy impact.

Categories of Information Provided to Third Parties

As stated above, we occasionally hire other companies to provide limited services on our behalf, including website development and operation, preparing marketing materials, sending postal mail or email, analyzing website use, job applications, processing payments and processing data. We will only provide those companies the information they need to deliver the service, and they are contractually prohibited from using that information for any other reason.  Some third-party contractors collect information through the use of website cookies for analytical purposes on our website, this collection practice is outlined in our Cookie Policy. Such information collected is governed by the third-party entities privacy policies.

We also may disclose your information in special cases related to our legal obligations and to protect from the misuse of our websites. We may share your personal information in regard to legal proceedings if stemming from a violation of our Terms of Use or causing injury to us, our property, our website, our clients or others. We may disclose visitor information when subpoenaed, if ordered or otherwise required by a court of law, arbitrator, or other similar proceeding, for government investigations, with government agencies if required by law, and when we otherwise believe in good faith that any applicable law requires it.

How to make a Deletion, Access or Opt-Out request.

If you are a California resident and still wish to request information about how to exercise your third party disclosure choices 2020, you must send a request to privacy@stinson.com, call 877-317-3502, or postal mail to the address below.

Stinson, LLC
Attn:  Privacy
1201 Walnut Street
Kansas City, MO 64106

How we make changes to this policy

We may change this policy from time to time and if we do, we'll post any changes on this page. If you continue to use our website after those changes are in effect, you agree to the new policy. If the changes are significant, we may provide a more prominent notice or get your consent, as required by law.

Contact us

If you have any questions about this policy or need to contact Stinson to exercise your rights as a data subject under the GDPR, please contact Stinson’s Privacy Officer at: privacy@stinson.com or call us at 877-317-3502.

Last Updated: September 25, 2020


Jump to Page

We use cookies on our website to improve functionality and performance, analyze website traffic and enable social media features. For more information, please see our Cookie Policy.