top of page

Privacy Policy

The Law Firm of Joseph Shepherd Miller and Affiliates (collectively, "JSM Law," the "Firm," "we," "us," or "our") is committed to protecting the privacy of visitors to our website, clients and potential clients, suppliers, job applicants, and any individuals whose personal information we collect (each, "you").

 

Privacy Statement: This document outlines how we collect, use, and process your personal information and your rights regarding this data.

 

Definition of Personal Information: "Personal information" refers to data that identifies or can identify you. For California residents, it includes information related to or linked with you, as defined by the California Consumer Privacy Act (CCPA).

 

Data Controller: JSM Law ensures compliance with applicable data protection laws, including the European Union Global Data Protection Regulation (“GDPR”) and CCPA. All Firm personnel must adhere to the privacy practices detailed in this Privacy Statement.


Contact Information: For questions or comments about this Privacy Statement, email jmiller@jsmillerlaw.com or write to Data Protection, The Law Firm of Joseph Shepherd Miller, 1255 22nd St., NW #57370, Washington, D.C. 20037.

​

​

Information Collection

 

You are not required to provide personal information on public areas of our website. However, you may do so by completing forms like job applications or newsletter sign-ups. We may collect:

 

  • Identification Data: Name, gender, title, job title, address.

  • Contact Information: Phone numbers, email addresses, social media handles.

  • Financial Data: Bank account information, invoicing details.

  • Event Registration or Mailing List Data: Dietary requirements, preferences, interests, subscriptions, downloads.

  • Job Applicant Data: Identification data, contact information, résumés, and other data provided by you or third parties.

  •  Legal and Regulatory Compliance Data: Passport or other identification data, date of birth, home address, due diligence data.

  • Other Service Data: Personal information relevant to the provision or receipt of services, in relation to any of your employees, customers or vendors, and client feedback.

  • Cookie and Device Data: Information about your website visit, including IP address, device identifier, browser type and version, operating system, network, location, and time zone setting.

 

We may supplement the information you provide with data from other sources such as our staff, clients, professional advisers, partners, agents, third parties, and publicly available sources.

​

Sources of Personal Information Collected 

 

We collect personal information from the following sources:

 

  • Directly from you: Such as when you complete forms. 

  • Indirectly from you: Observing your actions on our website and from publicly available sources.

  • Third parties.

Information Usage 

 

We may use your personal information for each or all of the following purposes, based on these legal grounds:

 

Provision of legal services: We use personal information you submit via the website or during our engagement, such as identification data, contact details, and other service data. This may involve sharing information with third parties like expert witnesses and professional advisers, and using third-party and cloud-hosted tools. This processing is necessary to perform our contract with you.

 

Administration of client and vendor relationships: We use identification data, contact details, financial data, and other service data for things like invoice processing, updating client records, and managing vendor relationships. This processing is necessary to perform our contract with you.

 

Addressing client inquiries/feedback: We use identification data, contact details, and other service data to perform our contract with you and to maintain our relationship with you.

 

Sending relevant marketing messages and inviting you to events/seminars: We use identification data, contact details, cookie and device data, and mailing list data to send emails and postal communications about our events, seminars, or services. This processing is necessary for our legitimate interest in marketing.

 

Improving our website: We use cookie and device data to enhance our website's functionality and user experience. This processing is necessary for our legitimate interest in maintaining and improving our online presence.

 

Keeping our website and IT systems secure: We use identification data, contact details, financial data, cookie and device data, and other service data. This processing is necessary to perform our contract with you and for our legitimate interest in preventing illegal activities.


Complying with legal or regulatory inquiries/requests: We use identification data, contact details, financial data, cookie and device data, and legal and regulatory compliance data for purposes like anti-money laundering, fraud detection, statutory returns, and fulfilling ethical obligations. This processing is necessary to comply with legal requirements the Firm is bound by.


Recruitment: We collect and process personal information about job applicants for screening, evaluating candidates, record-keeping, analyzing hiring processes, and conducting background checks (where permitted by law). If you are hired, this data will be transferred to our employee records. This processing is necessary for recruitment and compliance with legal, regulatory, and corporate governance requirements.

Information Sharing

We may share your personal information with the following recipients:

​

  • Other entities within JSM Law: To provide legal services and administer services agreed upon by the Firm.

​

  • Professional advisers, partners, and agents: To provide local legal services and manage our relationship with you.

​

  • Vendors: To process your personal information on our behalf, following our written instructions, for services such as IT, financial institutions, CRM databases, cloud-hosted platforms, business analytics, and event venues. We ensure these vendors process your information securely and confidentially.

​

  • Law enforcement, regulatory, or government agencies: In response to inquiries, subpoenas, court orders, or legal/regulatory procedures, and to protect the Firm’s legal rights, property, or safety, or to defend against legal claims.

​

  • Third parties connected with business transfers: In the event of a reorganization, restructuring, merger, acquisition, or transfer of assets, provided the receiving party agrees to handle your information according to this Privacy Statement.

​

We are not responsible for the data policies, procedures, or content of any linked websites. We recommend checking the privacy and security policies of each website you visit.

Marketing Choices

We may send you direct marketing messages via email alerts and post, provided we have a lawful basis. To stop receiving these communications, you can opt-out anytime by clicking the unsubscribe link in the message or contacting us at jm@jsmillerlaw.com.

Your Rights

If you are in the European Economic Area (EEA) or the United Kingdom (UK), you have the following rights:  

 

  • Access. You can request a copy of your personal information that we are processing. Additional copies may incur a reasonable fee. 

  • Rectification. You can ask us to correct any incomplete or inaccurate personal information we hold about you. 

  • Deletion. You can request the erasure of your personal information in certain situations, such as when it is no longer needed or if you withdraw your consent (where applicable). 

  • Portability. You can receive your personal information in a structured, commonly used, and machine-readable format and have the right to transmit that data to another party in certain situations. 

  • Objection. You can object at any time to the processing of your personal information for direct marketing purposes. You can also object to our processing of your personal information if the legal ground is necessary for legitimate interests pursued by us or a third party unless we demonstrate compelling legal grounds for the processing.

  • Restriction. You can request that we restrict our processing of your personal information in certain circumstances, such as when you contest its accuracy. 

  • Withdrawal of consent. If we rely on your consent (or explicit consent) for processing your personal information, you can withdraw that consent at any time. Explicit consent is required if we process "special categories of personal data" as defined in the GDPR. 

 

If you are in the EEA, you have the right to lodge a complaint with a local data protection authority like la Commission Nationale de l’Informatique et des Libertés (CNIL) in France. Click here for a list of local authorities in the EEA. In the UK, you can lodge a complaint with the Information Commissioner’s Office here

 

Some rights may be limited where we have an overriding interest or legal obligation to continue processing personal information, or where data is exempt from disclosure due to legal professional privilege or secrecy obligations. 

 

If you are in the EEA or the UK and want to exercise any of these rights, please:

 

  • Email us at jm@jsmillerlaw.com

  • Provide enough information to identify yourself (e.g., name, email address). 

  • Provide proof of your identity and address (a copy of your driver’s license or passport and a recent utility or credit card bill). 

  • Provide the information to which your request relates.

 

If you are a California resident, you have the following rights under the CCPA, subject to certain exceptions:  

 

  • Right to Know. You can request information regarding: (i) the categories of personal information we have collected about you, (ii) the sources from which we collected your personal information, (iii) the business or commercial purposes for which we collected, shared, or sold your personal information, (iv) the categories of third parties to whom we disclose your personal information, and (v) the specific pieces of personal information we collected about you in the 12 months preceding your request. 

 

  • Right to Delete. You can request the deletion of your personal information. However, we may not be able to process your request in certain instances, such as (i) due to a legal obligation, (ii) to detect and protect against security incidents or malicious activities, (iii) to complete a transaction for which your personal information was collected, or (iv) for internal uses that are reasonably aligned with your expectations and context. 

 

  • Right to Correct. You can request the correction of inaccurate personal information we maintain about you, considering the nature of the personal information and the purposes of its processing. 

 

  • Right to Non-Discrimination. You have the right to be free from discrimination by us for exercising your CCPA privacy rights, including protection from retaliation for employees, job applicants, or independent contractors exercising these rights. 

 

To exercise these rights, submit a request by emailing jm@jsmillerlaw.com. The CCPA requires us to verify requests. We may ask you for proof of identity, such as a copy of your driver’s license or passport and a recent utility or credit card bill. If you are a JSM Law employee or have a relationship with us, we verify you directly. Otherwise, we use a service provider to verify by asking questions based on information about you. If using an authorized agent, we may require (i) signed permission, (ii) direct identity verification with us, and (iii) confirmation that you gave the agent permission to submit the request.
 

In the preceding 12 months,  JSM Law has collected the following types of personal information about California residents:  

 

  • Identifiers. Includes your real name, any previous or preferred names, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.

 

  • Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). Includes your name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or other financial information, medical information, or health insurance information. 

 

  • Protected classification characteristics under California or federal law. Includes your age, race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, and genetic information (including familial genetic information). 

 

  • Internet or other electronic network activity. Includes browsing history, search history, and information on your interaction with a website, application, or advertisement. See the Policy on Computer Communications Resources and Social Media Usage for more details. 

​

  • Professional or employment-related information. Includes your resume, interview records, identity documents for work eligibility verification in the United States, Bar information, offer letter, employment dates, position, salary, bonuses, benefits information, attendance records, performance evaluations, and employee relations information (e.g., disciplinary records). 

 

Disclosures for a Business or Commercial Purpose. In the preceding 12 months, JSM Law has disclosed the above categories of personal information to its service providers for specific, limited business purposes, including conducting background checks for job applicants, processing payroll, detecting data security incidents, and troubleshooting software use, among other purposes listed in the Information Usage section of this Privacy Statement.

 

No Sharing/Selling of Personal Information with Third Parties. The Firm does not “sell” or “share” any of your personal information as defined by the CCPA. Therefore, the Firm does not have actual knowledge of selling or sharing personal information of consumers under 16 years of age.


Compliance with Section 7027(m).  JSM Law does not use or disclose sensitive personal information for purposes other than those specified in Section 7027(m) of the CCPA regulations.

California “Shine the Light” Notice

If you are a resident of California, you can request details about our adherence to the Shine the Light law. You may do so by emailing us at jm@jsmillerlaw.com. Note that the CCPA and Shine the Light are distinct laws with different rights, and requests under each must be made separately.

Security

We have implemented both technical and organizational security measures to protect personal information under our custody and control. These measures include restricting access to personal data to staff and authorized service providers who need to know it for the purposes outlined in this Privacy Statement, along with other administrative, technical, and physical safeguards.

 

Although we take reasonable steps to protect your personal information, we cannot guarantee the security of data you have shared online. Note that email is not a secure medium and should not be used for confidential or sensitive information. By providing information online, you accept the inherent security risks of such actions and agree not to hold us responsible for any security breaches unless they result from our negligence or willful misconduct.

Data Transfer

Your personal information may be transferred across our integrated computer networks to one or more JSM Law offices in countries and states that may not have data protection laws similar to those in your jurisdiction. However, all our offices adhere to the same procedures regarding your personal information, as described in this Privacy Statement.

 

To provide our attorneys with access to clients' personal information and for related purposes, it may be necessary to transfer personal data from the UK or the EEA to countries outside the EEA. These purposes include updates to our records, practice management analysis, statutory returns, legal and regulatory compliance, global IT system administration, and other legitimate business interests.

 

For our clients in the UK, the UK GDPR and the Data Protection Act 2018 apply, and the European Commission has issued an adequacy decision allowing data flows between the EEA and the UK to continue safely post-Brexit. When transferring personal data (i) from the EEA to non-EEA countries without a substantially similar adequacy decision by the Information Commissioner’s Office, or (ii) from the UK to countries without recognized adequate protection levels, we implement safeguards like valid data transfer agreements incorporating the European Commission’s standard contractual clauses or as permitted under applicable data protection laws. These measures protect your privacy rights and offer remedies if your data is misused.

Cookies

Our website uses various tracking technologies, including tags, log files, web beacons, and similar tools (collectively, "cookies"). Please refer to our Cookies Policy for more information on the cookies we use and how you can manage or delete them.

Do Not Track

Currently, we do not support “Do Not Track” browser settings.

Information Retention

We store and retain your personal information only as long as necessary for the purposes outlined in this Privacy Statement. When determining the appropriate retention period, we consider our relationship's nature and duration, the type of services provided, and the impact of deleting certain information. The Firm may retain personal data longer if required by law, to protect our legal rights, or for legitimate business purposes, including archiving. Where practical, we will anonymize such data.

Notification of Changes

We may update this Privacy Statement occasionally as our services and privacy practices evolve or as required by law. When significant changes occur, we will notify you by email if feasible. The last update date is listed below, and we encourage you to review this Privacy Statement periodically.

Last updated: July 17, 2024

bottom of page