PRIVACY AND COOKIES POLICY

Effective Date: October 9, 2018

This privacy policy (the “Policy”) identifies the privacy practices of Harris Bricken McVay Sliwoski LLP (collectively “Harris Bricken”, “we”, or “us”). The Policy specifically identifies privacy practices related to our websites, which are harrisbricken.com, cannalawblog.com, and chinalawblog.com (collectively, the “Websites”), as well as in connection with any services we may provide to you.

Please note that they Policy does not identify or govern the privacy practices of any third party, even if we provide links to a third party’s website in the policy or elsewhere. Any information you provide to a third party will be governed by that third party’s privacy policy and practices.

1. THE INFORMATION THAT HARRIS BRICKEN OBTAINS

Personal Data: “Personal Data” (or “Personal Information”) is any information that can be used to identify, locate or contact natural persons. Personal Data includes, but is not limited to, your name, telephone number, email address, or home or other physical address. It also includes other information that may be associated with your Personal Data, such as your internet connection, the physical equipment you use to access the Websites, and usage details.

Sensitive Personal Data: “Sensitive Personal Data” means Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data that uniquely identifies a natural person, data concerning health, or data concerning a natural person’s sex life or sexual orientation.

Payment Data: “Payment Data” includes any information you may transmit to us to effect payment for any services provided by us. This includes, but is not limited to, your credit or debit card number, card expiration date, CVV code, check payment information, and billing/payment account address.

For purposes of the Policy, we refer to Personal Data, Sensitive Personal Data, and Payment Data collectively as “Data” unless otherwise specified.

2. CONTACT INFORMATION

To ask questions or provide comments about the Policy our privacy practices, or to exercise any rights identified in the Policy, please contact us at:

United States:

555 W. 5th Street, Suite 3110

Los Angeles, CA 90013

Telephone: (424) 273-5500

Email: privacy@harrisbricken.com

Europe:

Calle Balmes 30, 2-2

08007 Barcelona, Spain

Telephone: 933 041 123

Email: privacy@harrisbricken.com

If you are a resident of European and wish to contact a Data Protection Authority (“DPA”) in your resident state, please see the following list: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm.

3. COLLECTION OF DATA

Websites: If you fill out the contact form or blog subscription forms on the Websites, you will be asked to provide us with certain Data, including your email, address, name, or phone number. Please do not submit any confidential or proprietary information, Sensitive Personal Data, or Payment Data through these portals.

In Connection with Our Services: We may request or obtain Data from you to provide legal or other services to you, or to collect payment from you for our services.

Information Provided by Third Parties: We may collect Data about you from various third parties, such as third parties whom we use to provide services to you. From time to time, we may use third-party Data to supplement the Data of yours which we possess.

Children’s Online Data: The Website is not directed at children, and we do not solicit or knowingly collect any personal information from children under the age of thirteen (13) without verifiable parental consent. If we learn that we have obtained Data from a person under the age of thirteen (13), we will delete that Data.

For residents of the European Economic Union, please see our policy below concerning consent by children under the age of sixteen (16).

4. COOKIES AND OTHER AUTOMATED DATA COLLECTION

The Websites use a number of automated data collection methods that help improve your experience on the Website, and help us administer the Websites, analyze their usage, and improve the overall user experience. These methods of automatic collection may include:

Cookies: Cookies are small pieces of data sent to your browser from a web server and stored on your computer’s hard drive. Your web browser may include a function that permits you to refuse the setting of all or some cookies. If you do so, you may not be able to access all or parts of the Websites.

Third-Party Website Cookies: When you use the Websites, you may be directed to third party websites which cookies. Third parties may also use cookies that track your activity online, even when you are on the Websites. We are not responsible for third parties’ use of cookies.

Flash Cookies: Certain features of the Websites may use local stored objects (or “Flash cookies”) to collect and store information. To learn how you can manage your Flash cookie settings, visit Adobe’s website.

Web Beacons: Pages of the Websites and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an e-mail and for other related website statistics.

Google Analytics: The Websites, as well as third parties, may use Google Analytics cookies to collect aggregate information about how users visit the Websites. You can review Google Analytics’ data practices here, and many install a Google Analytics Opt-out Browser Add-on here.

Server Logs: We may track information about your visit to the Websites and store that information in web server logs.

Social Media Plugins: Some of the Websites may use social media plugins to aid social media sharing. These plugins do not track personal information about users. We do not control any of the content from the social media plugins and recommend that you review these third parties’ privacy policies. These plugins include:

  • Stay Connected Links: These links take you to your social media account(s).

  • Share Links: These links appear below each post and allow users to share the post on their social media accounts.

5. DO NOT TRACK SIGNALS

Certain web browsers allow users to provide “do not track” signals to websites. The Websites do not respond to “do not track” signals.

6. USE OR PROCESSING OF DATA

We may use the Data that we collect for the following purposes:

  • Presenting and providing Website content to you, and operating and improving the Website and related services;

  • Communicating with you concerning our services, events, or offerings, and responding to your requests, questions, or comments;

  • Providing legal or other services;

  • Evaluating and assessing applicants for employment;

  • Monitoring and analyzing usage, trends, and activities related to our services;

  • Transmitting notices, updates, technical information, and other messages;

  • Allowing you to participate in interactive features of the Websites;

  • Carrying our obligations and enforcing rights arising from any contracts entered between you and us, including but not limited to billing or collection matters;

  • Notifying you concerning changes in any services we offer, or of modifications to our policies, including the Policy; or

  • For any other purpose with your consent.

7. SHARING OF DATA

We do not sell, rent, or lease your Data to others, with the following exceptions:

  • If Data is “anonymized”, meaning it cannot be used to identify you;

  • To Harris Bricken’s subsidiaries, affiliates, agents, contractors, service providers, partners, and other third parties Harris Bricken uses to support its business;

  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of Harris Bricken’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which Data held by us about the Websites’ users is among the assets transferred;

  • To third parties in connection with continuing legal or other education and credits;

  • To third parties to market their products or services to you if you have given prior consent to these disclosures;

  • To fulfill the purpose for which you provide it;

  • To comply with any enforceable subpoena, government or regulatory request or demand, investigative demand, court order, law or legal process;

  • To enforce or apply our legal rights, including for billing and collection purposes, and to defend against legal claims;

  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of us, our customers, or others, including for the purposes of fraud protection and credit risk reduction;

  • To aid in a substantial corporate transaction, such as the sale of our business, a merger, consolidation, or asset sale, or in the event of a bankruptcy;

  • For any other purpose disclosed by us when you provide the information; or

  • With your prior consent.

8. DATA PROTECTION

We maintain physical, technical, and administrative safeguards to protect your Data from unauthorized access, use, disclosure, alteration or destruction. We regularly update and test our data security technology, restrict access to your Data to our employees with the need access such Data in the course and scope of their employment. We also train employees concerning the privacy and security of your Data.

9. YOUR CALIFORNIA PRIVACY RIGHTS

If you are a California resident, California Civil Code section 1798.83 allows you to request information about our disclosure of your Data to third parties for those third parties’ direct marketing purposes. You can make such requests of us at the following contact information:

555 W. 5th Street, Suite 3110

Los Angeles, CA 90013

Telephone: (424) 273-5500

Email: privacy@harrisbricken.com

Within thirty (30) days of receiving an express written request, we will provide a list of the categories of Data disclosed to third parties for third-party direct marketing purposes during the immediately preceding year, along with the names and addresses of those third parties. This request may be made no more than once per calendar year. We reserve the right not to respond to requests submitted in ways other than those specified above.

If you are a resident of California and do not want us to disclose your Data to third parties for the third parties’ direct marketing purposes, please notify us of such using the contact information provided above, and clearly state your request, name, mailing address, email address, and phone number. Upon receipt of your express written request, we will remove your name from lists we share with other companies as soon as reasonably practicable.

Additionally, if you are a California resident under the age of eighteen (18), and have registered to use the Websites, California Business and Professions Code section 22581 permits you to request and obtain removal of content or information you have publicly posted. You can do so by contacting us at privacy@harrisbricken.com. If you make such a request, please identify where the content or information is posted on the Websites so that we can attempt to remove the post from public view or anonymize the content or information such that you cannot be identified. This removal process cannot ensure complete removal, for example, if content or information remains visible because a third party has copied the posting or reposted the content or information posted by the minor.

10. OTHER PRIVACY RIGHTS

Connecticut Residents: To the extent that we collect Social Security numbers of Connecticut residents, we protect the confidentiality of those Social Security numbers, (2) prohibit unlawful disclosure of those Social Security numbers, and (3) limit access to those Social Security numbers.

Right to Opt Out: You have the right to opt out of receiving future marketing, promotional, or emails from us by following the instructions set forth in any such emails. Even if you opt out of such communications, we may nevertheless transmit non-promotional communications to you, such as communications concerning ongoing representations or business relationships. We may not accommodate a request to change information if it believes that the requested change would violate any law or legal requirement or cause the information to be incorrect.

Exercising Your Rights: You may exercise any of the foregoing rights by contacting us at the address and/or email address identified in the Policy above.

11. RESIDENTS OF THE EUROPEAN ECONOMIC UNION

Pursuant to the European Union’s General Data Protection Regulation (“GDPR”), we are the “Controller” with respect to your Data that we process. If you are a resident of the European Economic Area (“EEA”), you have certain rights and protections under applicable law regarding the processing of your Data, including:

  • Information: You have a right to be informed about our collection and use of your Data.

  • Access: You have the right to access the Data that we hold about you. Access may be denied in certain, limited circumstances, for example, if providing access would reveal a third party’s Data.

  • Rectification: You have the right to seek rectification of inaccurate Data, or the completion of incomplete Data.

  • Erasure: You have the right to erase your Data when that Data is no longer necessary for the purposes for which it was collected, when, among other things, you have withdrawn consent and Harris Bricken has no other legal grounds to continue processing, or when your Data has been unlawfully processed.

  • Restriction: You have the right to restrict Harris Bricken’s processing of your Data in certain circumstances, e.g., when processing is unlawful or when you contest the accuracy of the data.

  • Portability: You have the right to request Harris Bricken provide your Data to You, or to another data controller, in a structured, commonly used, and machine-readable format.

  • Objecting: You have the right, in certain instances, to object to Harris Bricken’s processing of your Data and to ask Harris Bricken to block, erase and restrict your Data.

  • Right to be Informed About Automatic Decisionmaking or Profiling: You have the right to determine whether your Data is being used in automatic-decisionmaking processes or for profiling.

  • Complaints: If you have a concern about our processing of your Data, you have the right to lodge a complaint with the DPA or to seek remedies in a court.

Children’s Consent: If residents of the EEA under the age of sixteen (16) provide consent for us to process their Data, we will process that Data if and to the extent that consent is given or authorized by the holder of parental responsibility over the person under the age of sixteen (16).

Data Transfers: We may transfer your Data to countries which are not recognized by the European Commission as providing an adequate level of data protection. We transfer Data outside the EEA when it is necessary for the services that we provide to you, when you have consented to such a transfer, when it is necessary for Harris Bricken to establish, exercise, or defend legal claims, or based on a derogation specified in Article 49 of the GDPR.

Processors: Harris Bricken is the “Controller” with respect to your Data, meaning Harris Bricken determines the purposes and means of processing your Data. Harris Bricken may engage third parties to process Data, who will act as “Processors” with respect to your data. Harris Bricken may engage these processors to provide the following services:

  • Marketing, accounting, financial, data security, service, or blog providers;

  • Litigation, corporate, incorporation, trustee, business processing, or other service providers;

  • Expert witnesses and consultants; and

  • Information technology (“IT”), telecommunications, email service providers, and data hosting service providers.

Automatic Decision-Making or Profiling: Harris Bricken does not use automatic decision-making or profiling.

12. DATA RETENTION AND STORAGE

Your Data is stored on our servers, and on the servers of the cloud-based database management services we engage, which are located in the United States.

We retain your Data for the duration of your business or other relationship with us, and for a period thereafter to allow you to continue to your business relationship with us in the future, to analyze the data for our own operations, and for historical and archiving purposes.

13. CHANGES TO THE POLICY

We reserve the right to revise the Policy. The Effective Date of this Policy is set forth at the top of this webpage, and this Policy supersedes any and all prior versions. If we materially change the way we collect, use, or disclose your Data, we will notify you prior to said change by email and/or by inserting a prominent notice on the Websites.