You do not have any legal obligation to provide any information to CaseMatch, however, we may require certain information in order to provide any services and products. If you choose not to provide us with certain information, then we may not be able to provide you with some or all of the services.
2. How do we collect personal data throughout our services?
We collect Personal Data through your use of our website and/or services. In other words, when you are using the website and/or services we are aware of it and gather, collect and record the information relating to such usage, either independently or through the help of third-party services as detailed below. This includes technical information and behavioral information such as:
* the User’s Internet protocol (IP) address used to connect your computer to the Internet;
* your uniform resource locators (URL);
* operating system;
* type of browser;
* browser plug-in types and versions;
* screen resolution;
* Flash version;
* time zone setting;
* the User’s ‘clickstream’ on the website;
* the period of time the User visited the website;
* methods used to browse away from a page;
* any phone number used to call our User service number.
We likewise place cookies on your browsing devices (see section ‘
Cookies’ below), though you may block these.
We collect Personal Data required to provide services when you register interest and/or open an account. In addition, we collect your Personal Data, when you provide us such information by entering it manually or automatically, or through your use of our website, facilities and services, or in connection with site visits, in the course of preparing a contract, or otherwise in engaging with us.
3. Purposes of processing of personal data we collect
We will use Personal Data to provide and improve our services to our users and others and meet our contractual, ethical and legal obligations, including for example:
* to present our website and its contents to you;
* to provide you with our services, including lawyer matching services;
* administering your account with CaseMatch including to identify and authenticate you;
* to provide you with the information, products and services that you request from CaseMatch;
* verifying and carry out financial transactions in relation to payments you make in connection with the products;
* communicating with you for the purpose of providing you with technical assistance and other related information about the products;
* to allow you to participate in interactive features on our website;
* to carry out and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
* replying to your queries, troubleshooting problems, detecting and protecting against error, fraud or other criminal activity;
* compliance and audit purposes, such as meeting our reporting obligations in our various jurisdictions, and for crime prevention and prosecution in so far as it relates to our staff, users, facilities etc;
* if necessary, we will use personal data to enforce our terms, policies and legal agreements, to comply with court orders and warrants and assist law enforcement agencies as required by law, to collect debts, to prevent fraud, infringements, identity thefts and any other service misuse, and to take any action in any legal dispute and proceeding;
* for security purposes and to identify and authenticate your access to the parts of the facilities;
4. Data sharing
We may transfer personal data within our group, and to third party service providers in the circumstances and for purposes as follows:
4.1. Affiliates and Subsidiaries: This includes any member of our group, which means the CaseMatch parent company and subsidiaries – whether wholly or partially owned by CaseMatch, including other services we offer to our clients, including third parties. Transfers of personal data to affiliates located outside the European Economic Area (EEA) will be conducted in accordance with the appropriate safeguards, such as Standard Contractual Clauses (SCCs), in line with GDPR requirements.
4.2. Third Party Service Providers:
We transfer personal data to third parties in a variety of circumstances for the provisions of our services to you. We endeavor to ensure that these third parties use your information only to the extent necessary to perform their functions, and to have a contract in place with them to govern their processing on our behalf. We will ensure that third-party service providers adhere to data protection obligations as required by law and conduct regular audits to assess their compliance with privacy standards. These third parties assist us in providing the services we offer, processing transactions, fulfilling requests for information, receiving and sending communications, analyzing data, providing IT and other support services or in other tasks, from time to time. These third parties also include analytics and search engine providers that assist us in the improvement and optimization of our website, services, and our marketing.
We periodically add and remove third party providers. At present our third-party providers to whom we may transfer personal data include also the following:
* Google;
* contracted developers;
* designers and consultants, our lawyers, accountants, local payroll service providers, other standard business service providers;
* other industry standard business software and partners.
4.3. Change of Control:
In addition, we will disclose your personal data to third parties if some or all of our companies or assets are acquired by a third party including by way of a merger, share acquisition, asset purchase or any similar transaction, in which case personal data may be one of the transferred assets.
4.4. Legal obligation:
We will transfer personal data to third parties if we are under a legal duty to disclose or share your personal data in order to comply with any legal or audit or compliance obligation, in the course of any legal or regulatory proceeding or investigation, or in order to enforce or apply our terms and other agreements with you or with a third party; or to assert or protect the rights, property, or safety of CaseMatch, our users, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction and to prevent cybercrime.
4.5. User Contributions:
You also may provide information to be published or displayed (hereinafter, “
posted“) on public areas of the Site, or transmitted to other users of the Site or third parties (collectively, “
User Contributions“). Your User Contributions are posted on and transmitted to others at your own risk. Although we limit access to certain pages/you may set certain privacy settings for such information by logging into your account profile, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Site with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.
For avoidance of doubt, CaseMatch may transfer and disclose non-personal data to third parties at its own discretion.
5. Where do we store your data?
We keep Personal Data in servers which are controlled by CaseMatch through reputable cloud-service providers in the US. In compliance with GDPR, if we transfer your personal data outside the EEA, we will implement adequate safeguards to protect your data, including but not limited to SCCs, or obtaining your explicit consent when required.
6. International data transfers
We may transfer your personal data outside of the EEA to be accessed from Israel or stored in the US, and as follows:
* store or backup the information;
* enable us to provide you with the services and products and fulfill our contract with you;
* fulfill any legal, audit, ethical or compliance obligations which require us to make that transfer;
* facilitate the operation of our group businesses, where it is in our legitimate interests and we have concluded these are not overridden by your rights;
* to serve our users across multiple jurisdictions;
* to operate our subsidiaries and affiliates in an efficient and optimal manner if relevant.
7. Data retention
CaseMatch retains personal data for as long as required to provide the services, or for other reasons. Our users decide when to delete data they control.In accordance with applicable privacy laws, we will only retain personal data for as long as is necessary for the purposes outlined in this policy or as required by law. Specifically:User account information: retained for the duration of the active account and for 30 days after account closure. Transaction data: retained for 7 years to comply with applicable laws. Usage logs: retained for 90 days for security and performance analysis. Marketing communications data: retained for 2 years from the last interaction unless the user opts out earlier. CaseMatch will retain personal data it processes only for as long as required in our view, to provide the services and as necessary to comply with our legal and other obligations, to resolve disputes and to enforce agreements. We will also retain personal data to meet any audit, compliance and business best-practices.
Data with respect to which CaseMatch is the Processor may be deleted only on action and/or instruction of the Controller, except where such data must be retained by us, in our judgment, as above. Data that is no longer retained may be anonymized or deleted. Likewise, some metadata and statistical information concerning the use of our services are not subject to the deletion procedures in this policy and may be retained by CaseMatch. We will not be able to identify you from this data. Some data may also be retained on our third-party service providers’ servers until deleted in accordance with their privacy policy and their retention policy.
8. Cookies and external links
When you access or use our services or website, CaseMatch may use industry standard technologies such as cookies, pixels and similar technologies, which store certain information on your computer or browsing device and which will allow us to identify the computer or device and, in some cases, to identify them with the user, and to enable automatic activation of certain features, and make your user experience more convenient and effortless.
We use different types of cookies:
*
Strictly Necessary Cookies: required for the operation of our website and services under our terms with you; this includes for example, cookies that enable you to log into secure areas of our services.
*
Analytical and Performance Monitoring Cookies: allow us to recognize and count the number of visitors and to see how visitors move around our website and services when they are using it.
*
Functionality Cookies: used to recognize you when you return to our Site. This enables us to personalize content to your preferences, including for example, your choice of language or region. You may control these in your browser settings.
Our services and website may, from time to time, contain links to external sites. We are not responsible for the operation, privacy policies and practices or the content of such sites.
9. Information security
We take great care in implementing, enforcing and maintaining the security of the personal data we process, whether as Processor or as Controller. CaseMatch implements, enforces and maintains security measures, technologies and policies to prevent the unauthorized or accidental access to or destruction, loss, modification, use or disclosure of personal data. We likewise take steps to monitor compliance of such policies on an ongoing basis. Where we deem it necessary in light of the nature of the data in question and the risks to data subjects, we may encrypt data. Likewise, we take industry standard steps to ensure our website and services are safe.
Note however, that no data security measures provide absolute information security, and we cannot guarantee – and you cannot expect – that unauthorized access, leaks, viruses and other data security breaches will never occur.
Within CaseMatch, we endeavor to limit access to personal data to those of our personnel who:
(i) require access in order for CaseMatch to fulfill its obligations, including also under its agreements, and as described in this Privacy Policy, and
(ii) have been appropriately and periodically trained with respect to the requirements applicable to the processing, care and handling of the Personal Data, and
(iii) are under confidentiality obligations as may be required under applicable law.
10. Data subject rights
Data subjects have rights, and we respect them.We enable privacy rights under generally accepted data protection laws, including the GDPR as follows:
* Rights to data portability;
* Rights to access data;
* Right to rectify data;
* Right to object to processing;
* Right to erase data.
Data subjects in the EU have the right to lodge a complaint, with a data protection supervisory authority in the place of their habitual residence.
If, for any reason, a data subject wishes to modify, delete or retrieve their Personal Data, they may do so, where applicable, by contacting CaseMatch as detailed below.
Note that we will have to undertake a process to identify a data subject exercising their rights. CaseMatch keeps details of such rights exercised for its own compliance and audit requirements. Please note that Personal Data may be either deleted or retained in an aggregated manner without being linked to any identifiers or Personal Data, depending on technical commercial capability. Such information will continue to be used by CaseMatch.
Note, that data subject rights cannot be exercised in a manner inconsistent with the rights of CaseMatch employees and staff, with CaseMatch proprietary rights, and third-party rights.
11. Minors
We do not knowingly collect or solicit information or data from children under the age of 16 or knowingly allow children under the age of 16 to register for CaseMatch services. If you are under 16, do not register or attempt to register for any of the CaseMatch Service or provide any information about yourself to us without parental consent, as required under applicable law. If we learn that we have collected or have been provided Personal Data from a child under the age of 16, we will delete that Personal Data as soon as reasonably practicable without any liability to CaseMatch. If you believe that we might have collected or been provided information from a minor under the age of 16, please contact us as detailed below as soon as possible.
12. For California Users:
12.1 We do not sell your personal information:
We do not sell any information that identifies you, such as your name or contact information. However, we may allow Ad Networks such as Facebook and Google to collect your electronic activity while on our website. Ad Networks may also collect IP addresses and information about your device and browser (such as the name and model number of your device) through cookies and similar tracking technologies on our website. They use this information to advertise to you after you leave our website. This is called “retargeted advertising.” Under the CCPA’s broad definition of what it means to “sell” personal information, this form of advertising may be considered a “sale” of your information. If you do not want us to provide this information to our advertisers, you may opt-out here:
https://optout.aboutads.info/
12.2 Request Verification:
Before we can respond to any CCPA requests, we will need to verify that you are who you say you are. Verification is important for preventing fraudulent requests and identity theft.The verification process depends on which type of request you make. For requests to access specific information or requests to delete information, we may require a higher level of verification. Typically, identity verification will require you to confirm certain information about yourself based on the information we have already collected. For example, we may ask you to reply from the email address we have on file for you that is associated with your name. If we cannot verify your identity, we cannot fulfill requests to exercise any rights accorded to you by CCPA.
13. Changes to this Privacy Policy
The terms of this Privacy Policy will govern the use of the services, website, and any information collected in connection with them. CaseMatch may amend or update this Privacy Policy from time to time. Changes to this Privacy Policy are effective as of the stated “Last Revised” date and your continued use of our services will constitute your active acceptance of the changes to and terms of the Privacy Policy.
14. How to contact us?
If you have any questions or concerns, please contact us at help@CaseMatch.ai. We shall respond to all inquiries within 30 days of actual receipt and following verifying your identity.
