Last Updated: November 4th, 2022
- through our websites (“Websites”);
- through the software applications made available by us for use on or through computers and mobile devices (“Apps”);
- through SharePoint sites made available to our clients and third parties (“SharePoint Sites”);
- through services we provide to our individual, corporate, and institutional clients (“Client Services”); and
- through any other offline business interactions, you may have with us (“Offline Interactions”).
Collectively, we refer to the Websites, the Apps, Our Social Media, Emails, SharePoint Sites, Client Services and Offline Interactions as the “Services.”
COLLECTION OF PERSONAL INFORMATION
“Personal Information” is information that identifies you as an individual or relates to an identifiable individual, including but not limited to:
- Postal address (including personal, business, billing, and shipping addresses);
- Telephone number;
- Email address (personal and business); and
- Job title and employer;
We and our service providers collect Personal Information in a variety of ways, including:
- Through the Services
- We collect Personal Information through the Services, for example, when you sign up for a newsletter, request Services, register for a seminar, use Services that can be accessed only by authenticated users who have logged in, participate in a contractual arrangement for Client Services, provide information in conjunction with our Client Services, or when you interact with us at an event, call our reception desk or otherwise visit one of our offices.
- From Other Sources
- We receive your Personal Information from other sources, for example:
- publicly available databases;
- joint marketing partners and event sponsors when they share the information with us;
- partner Client Services organizations (such as nonprofits);
- entities to which we provide Client Services, which may include your employer; and
- social media platforms.
USE OF PERSONAL INFORMATION
We and our service providers use Personal Information for legitimate business purposes, including:
- Providing the functionality of the Services and fulfilling your requests.
- To provide the Services’ functionality to you, such as arranging access to your registered account, and providing you with related client service.
- To respond to your inquiries and fulfill your requests, when you contact us via one of our online contact forms or otherwise (e.g., when you send us questions, suggestions, compliments, or complaints, or when you request other information about our Services).
- To send administrative information to you, such as information regarding the Services and changes to our terms, conditions, and policies.
- To allow you to send Services-related content to another person through the Services if you choose to do so.
We will engage in these activities to manage our contractual relationship with you and/or to comply with a legal obligation.
- Providing you with our newsletter and/or other marketing materials and facilitating social sharing
- To send you our newsletters, publications, legal updates, and mailings related to our seminars or events that we think may be of interest to you.
- To fulfill your event registration requests and provide services, including the provision of seminars and other events.
- To send you information about our services and other news about our firm.
We will engage in this activity with your consent or where we have a legitimate interest.
- Aggregating and/or anonymizing Personal Information.
- We may aggregate and/or anonymize Personal Information so that it will no longer be considered Personal Information. We do so to generate other data for our use, which we may use and disclose for any purpose.
- Accomplishing our business purposes.
- For data analysis, for example, to improve the efficiency of our Services.
- For audits, to verify that our internal processes function as intended and are compliant with legal, regulatory, or contractual requirements.
- For fraud and security monitoring purposes, for example, to detect and prevent cyberattacks or attempts to commit identity theft.
- To meet our legal and regulatory obligations.
- For enhancing, improving, or modifying our current products and services.
- For identifying usage trends, for example, understanding which parts of our Services are of most interest to users.
- For determining the effectiveness of our promotional campaigns, so that we can adapt our campaigns to the needs and interests of our users.
- For operating and expanding our business activities, for example, understanding which parts of our Services are of most interest to our users so we can focus our energies on meeting our users’ interests.
We engage in these activities to manage our contractual relationship with you, to comply with a legal obligation, and/or because we have a legitimate interest.
- Providing Client Services.
- To validate authorized signatories when concluding agreements and transactions.
- To contact individuals (including employees of institutional clients) in connection with providing Client Services.
- To respond to inquiries and fulfill requests from our clients, administer their file(s), provide legal services, and manage our relationships.
We engage in these activities to manage our contractual relationship with you, to comply with a legal obligation, and/or because we have a legitimate interest.
DISCLOSURE OF PERSONAL INFORMATION
We disclose Personal Information:
- Farm Design is the party responsible for the management of the jointly-used Personal Information.
- To our third-party service providers, to facilitate services they provide to us.
- These can include providers of services such as website hosting, Services-related consulting and monitoring, data analysis, information technology and related infrastructure provision, customer service, email delivery, auditing, and other services related to meeting our clients’ legal needs.
- By using the Services, you may elect to disclose Personal Information
- On message boards, chat, profile pages, blogs and other services to which you are able to post information and content (including, without limitation, Our Social Media), or through which you are able to send messages through the Services. Please note that any information you post or disclose through these services will become public and may be available to other users and the general public.
We also use and disclose your Personal Information as necessary or appropriate, especially when we have a legal obligation or legitimate interest to do so:
- To comply with applicable law and regulations.
- This can include laws outside your country of residence.
- To cooperate with public and government authorities.
- For example, when we respond to a request or provide information we believe is important.
- These can include authorities outside your country of residence.
- To cooperate with law enforcement.
- For example, when we respond to law enforcement requests and orders or provide information we believe is important.
- For other legal reasons.
- To enforce our terms and conditions; and
- To protect our rights, privacy, safety, or property, and/or that of our affiliates, you or others.
- In connection with a sale or business transaction.
- We have a legitimate interest in disclosing or transferring your Personal Information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings) Such third parties may include, for example, an acquiring entity and its advisors.
“Other Information” is any information that does not reveal your specific identity or does not relate to an identifiable individual, such as:
- Browser and device information;
- App usage data;
- Information collected through cookies, pixel tags and other technologies;
- Demographic information and other information provided by you that does not reveal your specific identity; and
- Information that has been aggregated in a manner such that it no longer reveals your specific identity.
If we are required to treat Other Information as Personal Information under applicable law, then we may use and disclose it for the purposes for which we use and disclose Personal Information as detailed in this Policy.
We and our service providers may collect Other Information in a variety of ways, including:
- Through your browser or device:
- Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Mac), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version and the name and version of the Services (such as the App) you are using. We use this information to ensure that the Services function properly.
- Through your use of the App
- When you download and use the App, we and our service providers may track and collect App usage data, such as the date and time the App on your device accesses our servers and what information and files have been downloaded to the App based on your device number.
- Using cookies
- Using pixel tags and other similar technologies
- Pixel tags (also known as web beacons and clear GIFs) may be used to, among other things, track the actions of users of the Services (including email recipients), measure the success of our marketing campaigns, and compile statistics about usage of the Services and response rates.
- To opt out of being tracked by cookies across all websites visit http://tools.google.com/dlpage/gaoptout.
- IP Address
- Your IP address is automatically assigned to your computer by your Internet Service Provider. An IP address may be identified and logged automatically in our server log files whenever a user accesses the Services, along with the time of the visit and the page(s) that were visited. Collecting IP addresses is standard practice and is done automatically by many websites, applications, and other services. We use IP addresses for purposes such as calculating usage levels, diagnosing server problems, and administering the Services. We may also derive your approximate location from your IP address.
We may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. In some instances, we may combine Other Information with Personal Information. If we do, we will treat the combined information as Personal Information as long as it is combined.
We seek to use reasonable organizational, technical, and administrative measures to protect Personal Information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contacting Us” section below.
CHOICES AND ACCESS
You have choices regarding marketing-related communications. If you no longer want to receive marketing-related emails from us on a going-forward basis, you may opt-out by following the unsubscribe instructions in any such message or by contacting us by email at email@example.com . We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages, from which you cannot opt-out.
If you would like to request to review, correct, update, suppress/delete, or object to or restrict processing of Personal Information that you have previously provided to us, or if you would like to request to receive an electronic copy of your Personal Information for purposes of transmitting it to another company, please feel free to contact us. We will respond to your request consistent with applicable law. If you are a California resident, please refer to the “Additional Information Regarding California” section at the end of this Policy for more information about the requests you may make under the CCPA.
In your request, please make clear what Personal Information you would like to have changed, whether you would like to have your Personal Information suppressed from our database or otherwise let us know what limitations you would like to put on our use of your Personal Information. For your protection, we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.
We retain Personal Information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law. The criteria used to determine our retention periods include:
- The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you have an account with us or keep using the Services);
- The length of time we have an ongoing relationship with you as our client and provide you with Client Services;
- Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions or communications for a certain period of time before we can delete them); or
- Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation, or regulatory investigations).
THIRD PARTY SERVICES
This includes any third party operating any website or service to which the Services link. The inclusion of a link on the Services does not imply endorsement of the linked site or service by us or by our affiliates.
In addition, we are not responsible for the information collection, use, disclosure or security policies or practices of other organizations, such as Facebook, Apple, Google, Microsoft, RIM or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including with respect to any Personal Information you disclose to other organizations through or in connection with the Apps or our Social Media.
SPECIAL NOTIFICATION ABOUT WEBINARS
Webinars offered as a service to users of the Services (“Webinars”) are hosted by unaffiliated third-party vendors, and not by us.
Our third-party vendors require users to provide Personal Information. This Personal Information includes name and email address. Users seeking continuing legal education credit also may be asked to provide their State Bar number(s). Please note that this Personal Information is collected by our vendors and not by us. We encourage you to read the privacy statements of our vendors, which control how such vendors handle Personal Information provided by you to register for the Webinars.
USE OF SERVICES BY MINORS
The Services are not directed to individuals under the age of eighteen (18), and we do not knowingly collect Personal Information from individuals under 18.
Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers. By using the Services, you understand that your information will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.
Some countries outside of the European Economic Area (the “EEA”) are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these “specified countries” is available here). The UK recognizes the EEA and the specified countries as providing an adequate level of data protection according to UK standards. For transfers from the EEA or the UK to countries not considered adequate by the European Commission or the UK government (as applicable), we have put in place adequate measures, such as standard contractual clauses adopted by the relevant authority, to protect your Personal Information. You may obtain a copy of these measures by clicking here.
We ask that you not send us, and you not disclose, any sensitive Personal Information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership) on or through the Services or otherwise to us.
You can reach us at firstname.lastname@example.org or at:
Farm Design, 26 E Colorado Blvd. Suite 11, Pasadena CA 91105
Attn: Privacy - Data Compliance
Because email communications are not always secure, please do not include credit card or other sensitive information in your emails to us.
ADDITIONAL INFORMATION REGARDING THE EEA AND THE UK
You may lodge a complaint with a data protection authority for your country or region, or where an alleged infringement of applicable data protection law occurs. A list of EEA data protection authorities is available at: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm. Information regarding the UK data protection authority is available at: https://ico.org.uk/.
ADDITIONAL INFORMATION REGARDING CALIFORNIA
California Consumer Privacy Act
Pursuant to the California Consumer Privacy Act of 2018 (“CCPA”), we are providing the following additional details regarding the categories of Personal Information about California residents that we collect, use, and disclose about California residents and households.
Sources of Personal Information
Categories of Personal Information Collected and Disclosed
The following chart details which categories of Personal Information about California residents we plan to collect, as well as which categories of Personal Information we have collected and disclosed for our operational business purposes in the preceding 12 months:
Use of Personal Information
Also as described above, we may use this Personal Information to operate, manage, and maintain our business, to provide our services, for vendor and employment management, and to accomplish our business purposes and objectives, including, for example, using Personal Information to: provide Client Services; personalize, advertise, and market our services and provide you with content and events of interest; conduct research, analytics, and data analysis; host conferences and events; maintain our facilities and infrastructure; undertake quality and safety assurance measures; conduct risk and security control and monitoring; detect and prevent fraud; perform accounting, audit, and other internal functions, such as internal investigations; comply with law, legal process, and internal policies; maintain records; facilitate corporate transactions; and exercise and defend legal claims.
Under the CCPA, if a business sells Personal Information, it must allow California residents to opt out of the sale of their Personal Information. However, we do not “sell” and have not “sold” Personal Information in the preceding 12 months for purposes of the CCPA. For example, and without limiting the foregoing, we do not "sell" the Personal Information of minors under 16 years of age.
Individual Rights and Requests
If you are a California resident, you may request that we:
- Disclose to you the following information covering the 12 months preceding your request:
• The categories of Personal Information we collected about you and the categories of sources from which we collected such Personal Information;
• The specific pieces of Personal Information we collected about you;
• The business or commercial purpose for collecting Personal Information about you; and
• The categories of Personal Information about you that we shared or disclosed, and the categories of third parties with whom we shared or to whom we disclosed such Personal Information.
- Delete Personal Information we collected from you.
We will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request. For your protection, we may need to request additional information from you (such as your name, email address, mailing address, and relationship with us) in order to verify your identity and protect against fraudulent requests. If you make a deletion request, we may ask you to verify your request before we delete your Personal Information.
You have the right to be free from unlawful discrimination for exercising your rights under the CCPA.
If you want to make a request as an authorized agent on behalf of a California resident, you may use the submission methods noted above. As part of our verification process, we may request that you provide, as applicable, proof concerning your status as an authorized agent, which also may include:
- Proof of your registration with the California Secretary of State to conduct business in California; and/or
- A power of attorney from the California resident pursuant to Probate Code sections 4121-4130.
If you are making a request on behalf of a California resident and have not provided us with a power of attorney from the resident pursuant to Probate Code sections 4121-4130, we may also require the resident to:
- Verify the resident’s own identity directly with us; or
- Directly confirm with us that the resident provided you permission to submit the request.
California “Shine the Light” Disclosures
We will provide a list of the categories of Personal Information disclosed to third parties (i.e., our affiliates) for their direct marketing purposes during the immediately preceding calendar year, along with the names and addresses of these third parties. This request may be made no more than once per calendar year. We will respond to your request in accordance with applicable law and we reserve our right not to respond to requests submitted other than to the email or mailing addresses specified in this section.