Privacy Policy
Effective Date: January 1, 2022
1. Who and what is covered by the Privacy Policy?
DCM & Associados – Sociedade de Advogados, S.P., R.L., with the tax number 516887807, registered before the Portuguese Bar Association under the no. 23/22, is part of a global community of law firms lead by Littler and acts under the trade name of DCM | Littler (hereinafter mentioned as a whole “DCM Lawyers”, “DCM | Littler”, or “us”, “we”, and “our”) respects and values your privacy and we are dedicated to sharing our methods and approach to how we collect, use, share, and protect your personal information in this policy (“Privacy Policy”).
DCM | Littler is part of a global community of law firms called “Littler Global”, which is a Swiss verein. The lead law firm for Littler Global is Littler Mendelson P.C., which is a law firm headquartered and based in the United States of America.
In operating our business, the entity with which an individual’s relationship is with acts as the data controller in relation to the data of individuals associated with our current, past and prospective corporate clients, our individual clients and other contacts of the firm such as lawyers, attorneys-at-law, suppliers, co-counsel, potential recruits and other lawyers to whom we make or receive referrals.
This Privacy Policy describes how DCM | Littler handles personal information:
a) From visitors to our website or web-based applications (“Websites”);
b) Through software applications made available by us for use on or through computers and mobile devices (“Apps”), if any;
c) Contacts at our clients and/or prospective clients;
d) Contacts for suppliers of goods and services to DCM | Littler;
e) From any other individual about whom DCM | Littler obtains personal information in the provision of legal services to our clients (“Client Services”)
f) From those who apply to work for us;
The items outlined above are collectively called “Services”. Littler Global firms may have their own Privacy Policies that govern their collection and use of personal information in the provision of their services.
Our Privacy Policy along with our Terms of Use and Cookies Policy describe why and how we process your personal data when we perform our activities, including through your use of our website https://dcm-lawyers.com (“Website”), when you contact or request in- formation from us, when you engage our legal or other services or as a result of your relationship with one or more of our staff and clients.
How we use Cookies will be described in the Cookies Policy.
Please read our Privacy Policy, Terms of Use and Cookies Policy carefully. By using our services or our Website, you consent to our collection and use of your information as described in these documents.
This Privacy Policy may change from time to time (see section titled “Changes to this Privacy Policy”) and your ongoing use of our services or this Website will be deemed your acceptance of such changes, so please check this Privacy Policy regularly for updates.
2. What personal data do we collect about you?
For the purposes of this Privacy Policy, Personal Information is information that relates to an identified or identifiable person, whether alone or in combination with other information. DCM | Littler collects the following types of Personal Information:
Depending on how you interact with us and/or our Website, we may collect several types of information about you, including:
a) Contact information, such as address, email, phone number, and other related information requested in our relationship or on our online forms.
b) Business contact information, such as your name (including name prefix or title), the company you work for, your title or position and your relationship to a person.
c) Your status as a client of DCM | Littler, now or in the past, or of another firm and identification and background information provided by you or collected as part of our business acceptance processes.
d) Accounting/financial information, such as payment-related information.
e) Technical information, such as information from your visits to our Website or applications or in relation to materials and communications we send to you electronically.
f) Details of your visits to our Website, including, but not limited to, traffic data, location data, logs and other communication data, and the resources you use, as well as information about your computer and internet connection, including your IP address, operating system and browser type, for system administration and to report aggregate information.
g) Information you provide to us for the purpose of attending meetings and events, including access and dietary requirements.
h) Details of transactions you carry out through our Website and of the fulfilment of your orders.
i) Records and copies of your correspondence, if you contact us.
j) Information we receive from third parties, for example, our business partners, suppliers and vendors that provide services such as webinars, videos, training materials, books and other services.
k) Any other information relating to you which you may provide to us.
However, some personal data must remain strictly confidential subject to professional secrecy obligations that bind lawyers and are covered by specific rules (see section entitled “Professional secrecy”).
3. Professional secrecy
DCM | Littler (the team as a whole, its individual lawyers and its employees) is bound by statutory obligations governing professional secrecy.
Such professional secrecy covers all confidential information that our lawyers receive or discover in the execution of their tasks (identity of the client, all types of correspondence and annexes, all information about the client or about other persons or par- ties, etc.).
Confidential information that is covered by professional secrecy, may only be disclosed to courts, arbitral courts and third parties, to the extent that the disclosure of this information is relevant, is in the interest of the client, is not legally prohibited and if the client agrees with the disclosure.
This Privacy Policy does not apply to the processing of personal data which must remain strictly confidential subject to the obligations of professional secrecy of lawyers, as described above.
4. How do we obtain your personal data?
We may obtain your personal data through the channels set out below:
a) Direct interactions: the personal data we hold in our database were provided to us by you (e.g. by speaking to us in person or over the telephone, whilst visiting our offices, by filling in forms on our Website, by corresponding with us by email or post, by giving us your business card, registering for an event, etc.).
b) Website, cookies and marketing: when you use our Website or review the publications or marketing material we send you.
c) Third-party sources: (i) we receive Technical Data from analytics provider such as Google based outside the EU (see section titled “third-parties cookies”); (ii) we may also receive your data from third-parties when we provide our client services or other parties send us your personal data to enable the provision of those service or when you provide your personal data to a third-party for the purpose of sharing it with us, for instance recruitment agencies and consultants may provide your personal data to us for recruitment activities; (iii) we may receive personal data when we interact with governmental or regulatory bodies or other authorities in relation to you or on your behalf.
d) Publicly available sources: we may collect or receive information about you from other sources, such as keeping the contact details we already hold for you accurate and up to date using publicly available sources.
DCM | Littler needs to collect Personal Information in order to provide the requested Services to you or to provide Services to our clients. If you do not provide the information requested, we may not be able to provide the Services. Where DCM | Littler receives Personal Information from its clients about employees or other individuals, the client is responsible for ensuring that any such Personal Information is transferred to us in compliance with applicable data protection laws and regulations.
5. What are your personal data used for?
The purposes for which DCM | Littler uses Personal Information, and the legal basis for such use are as follows:
a) The provision of legal advice/services and response to inquiries. We engage in this activity to fulfil our ethical, legal and contractual obligations with our clients.
b) Management of our business operations and administration of our client relationships. We engage in this activity to fulfil our ethical, legal and contractual obligations with clients and suppliers.
c) Enhancing the functionality of our Websites. We engage in this activity because we have a legitimate interest in monitoring how our Website and Apps are used to help us provide better services to our Website and App users.
d) Fraud and security monitoring purposes. We engage in this activity because we have a legitimate interest to detect and prevent fraud, crimes and other misuses of our Websites and networks.
e) Data analysis, to improve the efficiency of our Services and identify trends. We engage in this activity to manage our relationships with clients, to comply with legal obligations, and/or because we have other legitimate interests.
f) Auditing internal process for proper functioning. We engage in this activity to manage our relationships with clients, to comply with legal obligations, and/or because we have other legitimate interests.
g) To provide relevant communication materials. We engage in this activity because we have a legitimate interest or because we have obtained consent.
h) Compliance with legal and regulatory obligations. We engage in this activity to manage our relationships with clients, to comply with legal obligations, and/or because we have other legitimate interests.
i) To evaluate and consider individuals for employment and manage on-boarding procedures. We engage in this activity because we have a legitimate interest and/or to comply with our legal obligations.
DCM | Littler may aggregate and/or anonymize Personal Information so it is no longer considered Personal Information. We do this to generate other data for our use, which we may use and disclose for any purpose.
a) Legal and other services
We collect, create, hold and use personal data in the course of and in connection with the services we provide to our clients. We will process identification and background information as part of our business acceptance, finance, administration and communication processes, including anti-money laundering, conflict, reputational and financial checks. We will also process personal data provided to us by or on behalf of our clients for the purposes of the work we do for them.
We will also collect and process personal data about you in relation to your attendance at our offices or at an event or seminar organized by DCM | Littler. We will only process and use special categories of personal information about your dietary or access requirements in order to cater for your needs and to meet any other legal or regulatory obligations we may have. We may share your information with service providers involved in organizing or hosting the relevant event.
b) Communications
Your personal data may be used for communications purposes related to the services provided by DCM | Littler.
If you are a client, we send our updates and invitations in the context of our existing client relationship, which is in our legitimate interest. Given the existing client relationship, we consider that it is included in our service and that you are happy with this service we deliver to you to keep you updated.
If you are not a client or not related to it, we will send our updates and invitations based on your consent.
We will not use your personal data to send you communications material if you have requested not to receive such. If you request that we stop processing your personal data for marketing purposes, we shall acquiesce.
You can make such a request via the forms and links provided for that purpose in the communications material we send you or by contacting us at info@dcmlittler.com. Alternatively, you may make any such request through your usual contact at DCM | Littler.
We never share your personal data with any organizations outside DCM | Littler for communications purposes.
6. Who we share your personal data with and in what countries?
We may share your personal information with certain trusted third-parties in accordance with contractual arrangements in place with them, including:
a) Our professional advisers and auditors.
b) Suppliers to whom we outsource certain support services such as word processing, translation, photocopying and document review.
c) IT service providers to DCM | Littler.
d) Third-parties engaged in the course of the services we provide to clients and with their prior consent, such as barristers, local counsel and technology service providers like data room and case management services.
e) Third parties involved in hosting or organizing events or seminars.
f) Where necessary, or for the reasons set out in this Privacy Policy, personal information may also be shared with regulatory authorities, courts, tribunals, government agencies and law enforcement agencies. While it is unlikely, we may be required to disclose your information to comply with legal or regulatory requirements. We will use reasonable endeavors to notify you before we do this, unless we are legally restricted from doing so.
7. How do we protect your personal data?
We have implemented technical and organizational security measures to protect your personal data from accidental loss and from unauthorized access, use, alteration and disclosure. These measures include:
a) Training relevant staff to ensure they are aware of our privacy obligations when handling personal data.
b) Administrative and technical controls to restrict access to personal data on a ‘need to know’ basis (passwords).
c) Technological security measures, including fire walls, encryption and antivirus software.
d) Login access blocks in case of loss or theft of devices.
e) Physical security measures, such as security badges to access our premises.
f) Allowing limited access to those who we believe reasonably need to come into contact with the personal data in order to carry out their jobs.
Unfortunately, the transmission of personal data – especially via the internet (including by email) – is never completely secure. Although we try to protect your personal information, we cannot guarantee the security of your personal information transmitted to us or by us. Any transmission of personal information is at your own risk.
8. Information relating to minors
The nature of our services is not intended for individuals under the age of 16.
9. Cross-border data transfers
We may transfer Personal Information to jurisdictions as necessary for the purposes described above, including to jurisdictions that may not provide the same level of protection as your country of residence. By using our Services, you understand that your information will be transferred to the United States or to other countries in which Littler or Littler Global firms may exist.
In order to provide our services, we may need to transfer your personal information to locations outside Portugal or where you are viewing our Website for the purposes set out in this Privacy Policy. This may entail a transfer of your information from a location within the European Economic Area (the “EEA”) to outside the EEA, or from outside the EEA to a location within the EEA. The level of protection in countries outside the EEA may be less than that offered within the EEA. Where this is the case, we will implement appropriate measures to ensure that your personal data remains protected and secure in accordance with applicable data protection laws. In particular, DCM | Littler has put in place adequate measures, such as the standard contractual clauses adopted by the European Commission, to protect Personal Information.
10. What are your rights regarding your personal data and how do you exercise your rights?
You have several rights concerning the personal data we hold about you. You may thus:
a) Obtain confirmation that we are processing your personal data and request a copy of the personal data we hold about you.
b) Ask that we update the personal data we hold about you, or correct such personal data that you think is incorrect or incomplete.
c) Ask that we delete personal data that we hold about you, or restrict the way in which we use such personal data if you believe that there is no (longer a) lawful ground for us to process it.
d) Insofar the data processing is based on consent, you have the right to withdraw this consent, without prejudice to the legitimacy of the processing based on this consent prior to its withdrawal.
e) Receive a copy of the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit such personal data to another party (to the extent the processing is based on consent or a contract).
f) Object to our processing of your personal data for which we use legitimate interest as a legal basis, in which case we will cease the processing unless we have compelling legitimate grounds for the processing.
g) Object at any time to the processing of personal data for direct marketing/communication purposes. If you do not want to continue receiving any direct marketing material from us, you can contact us or click on the unsubscribe function (see section entitled “Communications”). In that event, the personal data shall no longer be processed for such purposes.
h) Avail of the right to file a claim with the supervisory authority; i.e. Portuguese Data Protection Authority (https://www.cnpd.pt).
In your request, please make clear what you are seeking in your request, including what Personal Information is subject to your request. For your protection, we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.
11. Retention Period
The retention periods of your personal data depend on the category of the data. Those periods are based on the requirements of applicable data protection laws and the purpose for which the information is collected and used, taking into account legal and regulatory requirements to retain the information for a minimum period, limitation periods for taking legal action, good practice and DCM | Littler business purposes.
As a general rule:
a) Your personal data will not be retained longer than what is necessary for the purposes described above.
b) Personal data obtained through our Website are stored for a period of five years,
c) Personal data obtained from (a contact person of) a client is stored for a period of 10 years as from the end of contractual relationship,
d) Personal data obtained from a candidate is stored for a period of two years,
We may however retain your personal data for another period, depending on one of the following periods: (i) as long as is necessary for our daily business; (ii) any retention period that is required by law; or (iii) the end of the period during which litigation or investigations might arise.
12. Third party websites
The Website and Apps may contain links to unaffiliated third parties, such as Facebook, Twitter, and LinkedIn. This Privacy Policy does not apply to such third-party sites. When you click a link to visit a third-party website, you will be subject to their website’s privacy practices. We encourage you to review the privacy and security practices of any linked third-party website before providing any Personal Information on that website.
13. Contact Us
If you have any questions regarding this Privacy Policy or this Site, please contact us at privacy@dcmlittler.com.
14. Changes to this privacy policy
DCM | Littler reserves the right to amend this Privacy Policy at any time, for any reason, without notice, other than the posting of the amended Privacy Policy on its Website. You should check our Website regularly to view our current Privacy Policy that is in effect and any updates that may have been made to it. The provisions contained herein supersede all previous notices or policies regarding our privacy practices that govern this Website. With regard to the most current version, the date this Privacy Policy was last revised is identified at the bottom of this web page. Your continued use of our Services following these changes means that you accept the revised Privacy Policy.
15. Additional information regarding the EEA
You can lodge a complaint with the data protection authority for your country or region, or where the alleged infringement of applicable data protection law occurs. However, before doing so, we encourage you to contact us directly to give us an opportunity to work directly with you to resolve any concerns about your privacy.