Privacy legislation in Canada defines "personal information" broadly as any information about an identifiable individual. In general, personal information does not include business contact information, including your name, title or position, business, telephone or facsimile number.
Osler is responsible under applicable privacy legislation for the personal information in our possession or control. This includes personal information we receive directly, such as from individual clients or other individuals, and personal information we receive indirectly from clients or others. We have established policies and procedures with the objective of protecting personal information and have appointed a Privacy Officer to oversee privacy matters for our firm. Our Privacy Officer can be reached at firstname.lastname@example.org.
What Personal Information Do We Collect?
The types of personal information we may collect about you include your name and home contact information, billing and account information, information relevant to a client's legal matters and other information incidental to the provision of legal advice and services by our firm. Examples of the types of personal information we may collect include personal information about directors, officers and employees of a client or other party, witnesses, beneficiaries, family members, adverse parties or parties-in-interest, and information about shareholders, security-holders, investors, potential investors or buyers, business partners, targets, competitors or customers of clients, individuals, clients, pension plan members, or other parties who are individuals.
We may also collect information about your online interactions through our osler.com website and our other web-enabled extranet services (collectively, the “Sites”), our email communications, and our online ads. We may collect this information for the purposes of (i) tailoring content that we may send or show you, (ii) to authenticate you, enable access to information, and otherwise administer the Sites, and (iii) for analytical purposes to better understand digital interactions with our firm.
Our Purposes for Collecting, Using or Disclosing Personal Information
Osler collects, uses and discloses personal information for the primary purpose of providing our clients with professional legal services and representation, including for the following purposes:
- to establish and manage client relationships, provide legal advice, perform legal services, fulfil legal duties, and avoid legal conflicts of interest;
- to share personal information with third parties for the purpose of providing legal services in the context of legal proceedings, including conducting litigation, arbitrations, mediations or other proceedings. Such third parties may include opposing parties, parties in interest, opposing, foreign and other counsel and advisors, witnesses, courts, adjudicators, arbitrators, other decision-makers and experts;
- to represent clients in the context of business transactions involving the exchange or disclosure of personal information, including by purchase, sale, lease, merger, amalgamation, arrangement or any other type of acquisition, disposition, public offering, securitization, investment, financing or other transaction;
- to establish and maintain commercial relationships with clients, suppliers and other third parties, including to issue invoices, administer accounts, collect and process payments, evaluate credit standing, and to fulfil contractual obligations;
- to contact and communicate with clients and other individuals for the purpose of conducting market research, and evaluating client service and satisfaction;
- to distribute our publications and invitations to events to individuals who subscribe to our mailing lists;
- to maintain, develop and manage our document management, knowledge-management and precedent systems and databases;
- to consider the admission of individuals as employees and members of the firm;
- to develop and manage our business and operations;
- to detect and protect against error, negligence, breach of contract, fraud, theft and other illegal activity, and where necessary to meet our insurance requirements; and
- as permitted by, and to comply with, applicable legal or regulatory requirements or provisions.
Publications and Seminar Programs
Our publications program uses the contact information of those who subscribe through our Sites or by invitation from firm members. Our seminar and marketing programs draw on a contact database of primarily business contacts that may also include individuals. We provide an opportunity to any contact to unsubscribe from our publications program or opt-out of contact for seminar, client events or marketing purposes on an ongoing basis by accessing our web page, or e-mailing to email@example.com.
- On-line Communications - In order to provide our Site users with publications, information or requested services, visitors may voluntarily submit personal information to us for such purposes as subscribing to or downloading publications, participating in a seminar or other event, participating in surveys or asking a question. We use the personal information you provide only for the purpose for which you have provided it. If a subscriber or visitor has subscribed or attended a seminar or other event in the past, we may combine the information with information submitted on the Sites. We provide an on-going opportunity to unsubscribe or opt-out of contact by the firm by accessing our
- Sites, or by e-mail to firstname.lastname@example.org).
- E-Mail Communications - We may send e-mail communications to subscribers or other individuals in our contact database to advise of legal developments, distribute publications or to advise of events or seminars. Each e-mail includes an opt-out feature and instructions on how to un-subscribe if you do not wish to receive future e-mails from Osler for these purposes.
To the extent we enter into arrangements with service providers, agents and contractors to store, handle or process personal information on our behalf, such as for data processing, document storage software support and office services, our policy will be to require such parties by contractual or other means to provide comparable privacy protection while the information is processed or handled by them.
We will obtain a client's consent to the collection, use and disclosure of personal information about the client, and the consent of other individuals where required by applicable privacy legislation. We assume that an individual has consented to our reasonable collection and use of personal information consistent with the purposes for which the information was given, when the individual initiates contact with us or voluntarily provides personal information to us. We also assume that clients who retain us, or individuals involved in proceedings or matters opposite or adverse to our clients, consent to the reasonable collection, use and disclosure of their personal information by our professionals and agents for purposes of our representation or provision of legal advice to our clients and the conduct of the transactions or proceedings involving our clients.
We do not collect, use or disclose personal information without consent unless authorized or required by law to do so, such as in the following circumstances:
- if a client provides personal information about third parties to us for purposes of our legal representation or advice to the client;
- where a court order or subpoena is issued, or under applicable rules of production, a regulatory or other body with jurisdiction to compel production so requires;
- when the information is publicly available within the meaning of applicable privacy legislation, such as in professional or other directories, in public registries, publicly-filed court records or information appearing in published form;
- if we are investigating the breach of an agreement, a legal duty or contravention of a law and obtaining consent would compromise the investigation or the accuracy of the information;
- if we are required to disclose personal information to a lawful authority;
- as otherwise authorized by law.
As practicing lawyers, we are subject to professional and ethical obligations and we do not disclose personal information subject to solicitor-client privilege unless the privilege is lawfully waived or we are required by law to do so.
We obtain the electronic or oral consent of individuals who subscribe to our publications program or who indicate an interest to members of the firm in receiving such materials. We provide an opt-out opportunity to individuals from our publications, seminar and other events on an ongoing basis (see Publications and Seminar Programs above)
Limited Collection, Use and Disclosure
We collect personal information by fair and lawful means and, wherever appropriate, directly from the individual. Wherever possible, we limit the amount of personal information we collect, use or disclose to that necessary and appropriate to provide our legal services, advice and representation and to operate our firm business. We limit the personal information we collect and use for client relationship and development purposes and for our publication and seminar programs to contact information and information about preferences provided by the individual.
We keep records of the work performed and services provided by us in accordance with applicable regulatory requirements and professional standards. These records may include personal information. Our records are stored with safeguards against inappropriate or unauthorized access (see Safeguards).
Accuracy of Information
In order to provide clients or subscribers with a professional level of service and to maintain appropriate contact preferences, we may ask you to update your personal information, contact information or preferences from time to time, and we provide an ongoing opt-out opportunity by link or hard copy with all publications, invitations and notices. Clients are encouraged to contact their lawyer to update the personal information we maintain in our client files.
We protect personal information in our files and document management systems from loss, misuse, unauthorized access and alteration by using physically secure facilities, password protection, standard security practices and tools and well-defined internal policies and practices.
Openness About Privacy Practices
Access to Your Personal Information
Individual clients may review any personal information concerning themselves we have on file in our offices by contacting their lawyer. Individuals who are not clients may request access to personal information we hold about them by written request to:
Osler, Hoskin & Harcourt LLP
100 King Street West
1 First Canadian Place
Suite 6200, P.O. Box 50
Toronto ON M5X 1B8
We will provide access to such personal information, subject to exceptions stipulated or required by applicable privacy legislation. Examples of such exceptions include information protected by solicitor-client privilege; information generated in the course of a formal dispute resolution process; information about another individual where disclosure would reveal confidential commercial information; or information disclosed to the police or other lawful authorities where we are required to withhold disclosure. If you are concerned about the access we have provided or wish to advise us of inaccuracies in the information, you may contact our Privacy Officer at email@example.com or, in the case of clients, their lawyer.
Osler will respond to complaints from individuals or questions about our compliance with this policy and with applicable privacy laws. We will investigate and attempt to resolve all complaints. To challenge our compliance with this policy please contact our Privacy Officer at the co-ordinates listed above.
If you have any questions or concerns about your privacy and our role in protecting it, please contact our Privacy Officer at the co-ordinates listed or your lawyer.