Scott + Scott
Website Privacy and Cookies Policy

 

Introduction

This Privacy and Cookies Policy is applicable to www.scott-scott.com (the “Site”) owned or operated by Scott+Scott Attorneys at Law LLP together with Scott+Scott UK LLP and Scott+Scott Germany LLP (“Scott+Scott”, “we”, “our”, or “us”).

This policy sets out the basis on which any personal information we collect from you, or that you provide to us, through the Sites will be processed by Scott+Scott. This policy also sets out the basis on which we process personal information relating to individuals which we obtain indirectly in connection with the lawsuits we bring on behalf of our clients. Please read this policy carefully to understand our views and practices regarding your personal information and how we will treat it.

Scott+Scott Attorneys at Law LLP, Scott+Scott UK LLP and Scott+Scott Germany LLP are joint controllers of the personal data we process in connection with this Privacy and Cookies Policy. If you would like further information regarding the joint controller arrangement in place between the parties, including the allocation of responsibilities between the parties for adherence to applicable data protection laws, please contact us using the details set out in the “Contacting Us” section below.

This Privacy and Cookies Policy does not apply to our client or employee personal information or candidate recruiting practices. We have separate privacy policies pertaining to those activities. Please let us know if you wish to request further information about our data protection practices in relation to recruitment. Our Client Data Protection Policy is available via our website: www.scott-scott.com.

Contacting Us
Data Protection Principles
Personal information we may collect about you
Disclosure of your information
Cookies
International Transfers
Security
How Long We Keep Your Personal Information
Your Legal Rights
Complaints
Changes to this policy
CT PUBLIC ACT 08-167 and C.G.S. §42-471
Non-Public Personal Information
Confidentiality and Security

 

Contacting Us

If you have any questions about this Privacy and Cookies Policy or your personal information, or to exercise any of your rights as described in this Privacy and Cookies Policy or under data protection laws, you can contact us as follows:

Scott+Scott UK LLP
St. Bartholomew House
90-94 Fleet Street
London
EC4Y 1DH

t: +44 20 3911 5510
e: dpo@scott-scott.com

 

Data Protection Principles

Scott+Scott adheres to the following principles when processing your personal information as data controller:

  • Lawfulness, fairness and transparency: data must be processed lawfully, fairly and in a transparent manner.
  • Purpose limitation: data must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
  • Data minimisation: data must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
  • Accuracy: data must be accurate and, where necessary, kept up to date.
  • Storage limitation: data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal information are processed.
  • Integrity and confidentiality: data must be processed in a manner that ensures appropriate security of the personal information, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage by using appropriate technical or organisational measures.

 

Personal information we may collect about you

Scott+Scott may collect and process the following information about you:

Information you provide to us:

  • You may give us information about you by filling in forms on the Sites or by corresponding with us by phone, e-mail message (or attachment to any e-mail message), or otherwise. You may do this because you want to request additional information about us or ask us to contact you or you may be interested in receiving legal services from us. The categories of personal information you provide may include:
    • first and last name;
    • job title and company name
    • address;
    • phone number;
    • email address;
    • details about your query or instruction; and
    • any other identifier that permits Scott+Scott to make contact with you.

 

Information we collect about you:

  • With regard to each of your visits to the Sites, your web browser software may automatically provide to our web server technical information, such as the Internet protocol (IP) address, address of the website you linked from, the identity of your Internet Service Provider, and the type and version of the browser you are using.
  • In addition, we collect personal information about third parties which are the subject of or relevant to a case or transaction which we are involved in on behalf of our clients or which we are assessing for prospective clients. For example, we collect information about individuals who directly or indirectly represent the other party in respect of legal proceedings on which we are advising our client. Such personal information may include contact information (such as a name, email address, work address and home address), information about a person’s business role (such as a job title) and all other information which is relevant to the specific matter which we are working on for our clients or prospective clients (for example, the dispute or case).

 

Source of the information:

If we are processing personal information which you have not provided to us directly, we may have obtained such information from the following third parties:

  • our clients, prospective clients, litigation funders and other third parties involved in the lawsuits we assess or bring on behalf of our clients;
  • publicly accessible sources, such as company registries and social media platforms.

 

Uses made of the information:

Scott+Scott will only use your personal information if it has a legal basis for doing so. The purpose for which we use and process your information and the legal basis on which we carry out each type of processing is explained in the table below.

Purposes for which we will process the information Legal Basis for the processing
To provide you with the information and services that you request from us. It is in our legitimate interests to respond to your queries and provide any information and materials requested in order to generate and develop business. We consider this use to be proportionate and will not be prejudicial or detrimental to you.
To provide you with information about other services Scott+Scott offers that are similar or related to those that you have enquired about. It is in our legitimate interests to develop our services and grow our business. We consider this use to be proportionate and will not be prejudicial or detrimental to you.
To:

  • administer the Sites and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • improve the Sites in order to ensure that content is presented in the most effective manner for you and for your computer, mobile device or other item or hardware through which you access the Sites; and
  • keep the Sites safe and secure.
For all these categories, it is in our legitimate interests to continually monitor and improve our services and your experience of the website and to ensure network security. We consider this use to be necessary for our legitimate interests and will not be prejudicial or detrimental to you.
To carry out investigations to assess the viability of claims prior to commencing formal legal proceedings. It is necessary in our and our clients’ legitimate interests to assess the viability of claims to ensure we only engage in legal proceedings where it is appropriate to do so.
Use of information about third parties which are the subject of or relevant to a case or transaction which we are involved in on behalf of our clients. We will use such personal information in order to seek, and fulfil, our clients’ instructions. To do this, it is necessary in order to pursue our legitimate interests in carrying out our clients’ instructions and acting in the best interests of our clients.

We do not rely on consent as a legal basis for processing your personal information which we collect from you, or which you give to us, in relation to your visiting the Sites.

 

Disclosure of your information

As joint controllers, the personal information referred to in this policy is shared between the Scott+Scott group members referred to above. Please see the “International Transfers” section below for further details on this.

Scott+Scott may disclose your personal information:

  • to its professional advisers including auditors and insurers;
  • in the event that Scott+Scott sells or buys any business or assets, in which case Scott+Scott may disclose your personal information to the prospective seller or buyer of such business or assets;
  • if Scott+Scott is acquired by a third party, in which case personal information held by Scott+Scott about its clients and contacts will be one of the transferred assets;
  • to third parties involved in the legal proceedings we bring on behalf of our clients, such as the other side in such disputes, barristers, third party experts, courts and other judicial bodies and claims administrators; and
  • if Scott+Scott is under a duty to disclose or share your personal information in order to comply with any legal obligation.

 

Cookies

A “cookie” is a small text file which is placed onto your device (e.g. computer, smartphone or other electronic device) when you use the Site. We use cookies on the Site to help us recognise you and your device and store some information about your preferences or past actions.

For example, we may monitor how many times you visit this Website, which pages you go to, traffic data, location data and the originating domain name of a user’s internet service provider. Some of this data will be aggregated or statistical, which means that we will not be able to identify you individually.

You can set your browser not to accept cookies and the website referred to below tells you how to remove cookies from your browser. However, some of the features on the Site may not function as a result.

The cookies we use:

The table below provides more information about the cookies we use and why:

The cookies we use Name What they do
Google Analytics _ga Used to identify unique users. Expires after 2 years.
_gat Used to throttle the request rate. Expires after 1 minute.
_gid Tracks users as they navigate the website and help improve the website’s usability.
Scott & Scott _privacy_embeds This cookie registers that you have given consent to the cookies on the Site. The cookie expires after 30 days during which time you will not be asked to provide consent again.

Consent to use cookies:

There is a banner notice on the Site which refers to our use of cookies and requests your consent to place cookies on your device. Our cookies are not loaded unless and until you confirm your consent.

How to turn off cookies:

If you do not want to accept cookies, you can change your browser settings so that cookies are not accepted. If you do this, please be aware that you may lose some of the functionality of the Site.

To find out more about cookies, including how to see which cookies have been set and how to manage and delete them, you can visit the third party website: www.allaboutcookies.org.

 

International Transfers

As joint controllers, your personal information may be shared between any of the Scott+Scott group members referred to above, including in the USA. As such, your personal information may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”) or UK. Your information may also be transferred or accessed internationally in the context of a litigation matter which you are involved.

Where personal information is transferred to and stored in a country outside the EEA which is not determined by the European Commission as providing adequate levels of protection for personal information (such as the US), we take steps to provide appropriate safeguards to protect your personal information, including entering into standard contractual clauses approved by the European Commission. Scott+Scott UK LLP, Scott+Scott Attorneys at Law LLP and Scott+Scott Germany LLP are parties to a Data Transfer Agreement which incorporates the standard contractual clauses.

 

Security

We use appropriate technical and organizational security measures to protect personal information both online and offline from unauthorized use, loss, alteration or destruction. We use physical and procedural security measures to protect information from the point of collection to the point of destruction. Where data processing is carried out on our behalf by a third party, we take steps to ensure that appropriate security measures are in place to prevent unauthorized disclosure of personal information.

Despite these precautions, however, the transmission of information via the internet is not completely secure. Although Scott+Scott will do its best to protect your personal information, we cannot guarantee the security of your information transmitted to the Sites and any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.

How Long We Keep Your Personal Information

We will only retain your personal information for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting or reporting requirements.

To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means and the applicable legal requirements.

 

Your Legal Rights

Subject to certain limitations, you have rights under data protection laws in relation to your personal information. These rights include the rights to:

  • Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it. Note that we may refuse to comply with a request for access if the request is manifestly unfounded, excessive or repetitive in nature.
  • Request correction of your personal information. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us. Note that we may refuse to comply with a request for correction if the request is manifestly unfounded, excessive or repetitive in nature.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal information to comply with local law. Note that we may refuse a request for erasure, for example, where the processing is necessary to comply with a legal obligation or necessary for the establishment, exercise or defense of legal claims.
  • Request restriction of processing your personal information. This enables you to ask us to suspend the processing of your personal information in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful, but you do not want us to erase it; (c) where you need us to hold the data, even if we no longer require it, as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it. Note that we may refuse to comply with a request for restriction if the request is manifestly unfounded, excessive or repetitive in nature.
  • Request transfer of your personal information. We will provide to you, or a third party you have chosen, your personal information in a structured, commonly used, machine-readable format. Note that this right only applies where your personal information is processed by us with your consent or for the performance of a contract, and when processing is carried out by automated means.
  • Right to withdraw consent. You can withdraw your consent at any time where we are relying on consent to process your personal information. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.
  • Right to object to direct marketing. You have the right to object where we are processing your personal information for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information that override your rights and freedoms.

If you wish to exercise any of the rights set out above, including withdrawing consent, please contact us and give us specific details regarding which right you choose to exercise.

Save as described in this Privacy and Cookies Policy or provided under data protection laws, there is no charge for the exercise of your legal rights. However, if your requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may either: (a) charge a reasonable fee taking into account the administrative costs of providing the information or taking the action requested; or (b) refuse to act on the request.

Where we have reasonable doubts concerning the identity of the person making the request, we may request additional information necessary to confirm your identity.

 

Complaints

If you have any questions or concerns regarding our Privacy Policy or practices, please contact us as provided in “Contacting Us” above. If you are located in the EEA, you also have the right to complain to your local data protection authority. In the UK, this is the Information Commissioner’s Office (https://ico.org.uk/). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance. If you are in the EEA, you find your local supervisory authority here.

 

Changes to this policy

Scott+Scott reserves the right to change this policy from time to time. Any changes will be posted on this page with an updated revision date.

  • Updated and Effective as of 18 July 2022

 

PRIVACY PROTECTION POLICY TO COMPLY WITH CONNECTICUT PUBLIC ACT 08-167 and C.G.S. §42-471.

Scott+Scott understands its clients’ and employees’ concerns for privacy and the need to ensure the privacy of all personal information. Privacy is important to us and maintaining trust and confidence is a high priority. Lawyers have been and continue to be bound by professional standards of confidentiality. The purpose of this notice is to explain Scott+Scott’s Privacy and Cookies Policy with regard to personal information that we obtain and how the firm keeps that information secure.

 

Non-Public Personal Information

Scott+Scott collects non-public personal information that is provided to it by its clients and employees or obtained by us with its clients’ or employees’ authorization or consent.

 

SCOTT+SCOTT DOES NOT DISCLOSE ANY PERSONAL INFORMATION ABOUT ITS CLIENTS, FORMER CLIENTS OR EMPLOYEES TO ANYONE, EXCEPT AS PERMITTED OR REQUIRED BY LAW AND ANY APPLICABLE STATE ETHICS RULES.

Scott+Scott does not disclose any non-public personal information about current and former clients or employees obtained in the course of representation of those clients or employment of employees, except as expressly or impliedly authorized by those clients or employees to enable the firm to effectuate the purpose of its representation, as set out in this Privacy and Cookies Policy, or as required or permitted by law or applicable provisions of codes of professional responsibility or ethical rules governing the firm’s conduct as an employer. One such implied authorization is to non-lawyer employees of the firm so that they may assist the lawyers in representation. Scott+Scott’s policy specifically means that it protects the confidentiality of its clients’ and employees’ Social Security numbers, prohibits unlawful disclosure of its clients’ and employees’ Social Security numbers and limits access to its clients’ and employees’ Social Security numbers in the same manner as it does all other non-public personal information. Scott+Scott safeguards the data, computer files, and documents containing personal information and destroys, erases, or makes unreadable such data, computer files, and documents prior to disposal.

Scott+Scott makes reasonable efforts to restrict access to non-public personal information about its clients and employees to those employees who need to know that information in order to provide products or services. Scott+Scott makes reasonable efforts to train those employees to protect the privacy of its clients and employees. Scott+Scott maintains physical, electronic, and procedural safeguards that comply with federal and state laws to guard non-public personal information.

 

Confidentiality and Security

Scott+Scott retains records relating to professional services that it provides so that it is better able to assist with its clients’ professional needs and to comply with professional guidelines or requirements of law. In order to guard non-public personal information, Scott+Scott maintains physical, electronic, and procedural safeguards that comply with the firm’s professional standards.