MILLER CANFIELD PRIVACY POLICY
The security of your personal data is our priority. This Privacy Policy explains how we collect, retain, and use personal data in accordance with applicable regulations, including the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (referred to as “GDPR”).
Information regarding the use of cookies on our website can be found here
Information regarding the processing of job applicants’ data can be found here here
Who we are
We are an international law firm operating under the name Miller, Canfield, W. Babicki, A. Chełchowski i Wspólnicy Sp. k. (referred to as “we” or “Miller Canfield”). We are data controller for data collected through our website at www.millercanfield.pl, and the data of other persons of the following categories:
- Miller Canfield clients, their representatives, employees, and collaborators
- senders and receipients of electronic correspondence or telephone conversations unrelated to Miller Canfield clients
- recipients of the “Polish Law Review”newsletter.
How to Contact Us:
If you have any questions or wish to exercise your rights, you can contact us by post at the following address: Miller, Canfield, W. Babicki, A. Chełchowski i Wspólnicy Sp. k. at Batorego 28-32, 81-366 Gdynia or by email at: kontakt@millercanfield.com.
How We Collect Personal Data
We collect personal data:
- directly from you when you interact with us,
- indirectly (from sources other than the individual whose data is being collected). This may include data received from representatives or individuals associated with the organization you are associated with, our service providers, other entities within the Miller Canfield group, courts and administrative bodies. We may also obtain data from publicly available sources.
When we collect personal data directly from you, it is your decision whether to provide it. However, not providing data may hinder or prevent you from using our services, contacting us, or cooperating with us or our contractor that you are associated with.
Type of Data We Use
When we receive personal data indirectly (from sources other than the individual to whom the data pertains), the types of data we process are as listed below (depending on the categories of individuals involved).
Miller Canfield Clients, Their Representatives, Employees, and Collaborators:
We may process data received from the contracting party with whom you are associated. This can include your name, surname, business contact details, such as email address and phone number, your position, correspondence content and the name of the contracting party you are associated with. For individual clients, additional data may include PESEL (personal identification number), NIP (tax identification number), REGON (business registry number), information related to legal assistance we provide, and payment and settlement details. For suppliers of goods or services, additional data beyond the above may include order history and details.
Recipients of “Polish Law Review” Newsletter
Your data received from our contracting party for communication through our “Polish Law Review” newsletter may include your business email address, your name, surname, and the name of the company you are associated with.
We also process any personal data received directly from the individuals to whom the data pertains.
Information regarding the use of cookies on our website can be found here
How We Use Personal Data and the Legal Bases for Processing
Depending on the category of data subjects to which you belong, we may process your personal data for the following purposes and based on the following legal grounds:
Miller Canfield Clients, Their Representatives, Employees, and Collaborators
We can process your personal data:
- to fulfil Miller Canfield’s obligations arising from applicable legal provisions, including tax, accounting, anti-money laundering regulations, and regulations related to professional organizations which we are subject to (Article 6(1)(c) of the GDPR);
- to perform the contract concluded with you as our client or supplier (Article 6(1)(b) of the GDPR);
- to pursue our legitimate interests (Article 6(1)(f) of the GDPR), which includes:
- entering into and performing contracts with our clients, with whom you are associated, administering and managing relationships with you and our clients
- ordering and receiving services or goods for our clients
- the possibility to communicate with you, presenting offers, receiving orders, and providing answers to inquiries
- pursuing claims or defending against claims, in accordance with general regulations, including the Civil Code
- ensuring network and information security
- improving the use of our services, inviting you to participate in our training sessions, conferences, and providing other information about our activities and possible forms of cooperation with us
Legitimate interest – balance test: Our legitimate interest indicated in points (c) i.-iii. above, consists in the necessity of the processing for entering into and ensuring proper performance of the contract with our contractor, communicating and maintaining the relationship with you and such contractor, and consequently conducting our business. We have assessed this interest as overriding your rights and freedoms in view of the narrow scope of the processed data, its professional nature, alignment with your expectations, and very often public availability of the data.
Our legitimate interest indicated in point (c) iv. above, is to enable us to pursue or defend against claims in connection with the performance of a contract with our contractor with whom you are associated. We have assessed this interest as overriding your rights and freedoms in view of the narrow scope of the data processed, its professional nature and very often its public availability.
Our legitimate interest identified in (c) v. above, is to ensure the security of Miller Canfield’s network and information. We have assessed this interest as overriding your rights and freedoms in view of the need to ensure the security of data and information processed by us, and therefore, the importance of the aforementioned purpose and the processing carried out also in your interest.
Our legitimate interest indicated in (c) vi. above, is to conduct and develop our business. We have assessed this interest as overriding your rights and freedoms primarily due to the small scope of the data and its business nature.
Senders and Recipients of Email Correspondence or Phone Calls Not Related to Miller Canfield’s Client
We may process your personal data for the purpose of pursuing our legitimate interest (Article 6(1)(f)), which includes:
- the possibility of contacting you via electronic communication or by phone, including responses to your inquiries
- establishing cooperation with you or entities associated with you and maintaining relationships within business activities
- pursuing claims or defending against claims, in accordance with general regulations, including the Civil Code
- ensuring IT security.
Legitimate interest – balance test: Our legitimate interest indicated in points (a) and (b) above, is to enable us to conduct our business. We have assessed this interest as overriding your rights and freedoms in view of the narrow scope of the processed data, its professional nature, and the processing initiated by you and at your request.
Our legitimate interest indicated in point (c) above, is to enable to pursue or defend against claims. We have assessed this interest as overriding your rights and freedoms in view of the narrow scope of the data processed, its professional nature, and the importance of the opposing interest.
Our legitimate interest identified in point (d) above, is to ensure IT security. We have assessed this interest as overriding your rights and freedoms in view of the need to ensure the security of data and information processed by us, and therefore, the importance of the aforementioned purpose and the processing carried out also in your interest.
Recipients of Polish “Law Review” Newsletter
We may process your personal data for the purpose of pursuing our legitimate interest (Article 6(1)(f) of the GDPR) which includes:
- the possibility of communicating with you through the “Polish Law Review” newsletter primarily containing information about the latest changes in Polish and European law, current court rulings and significant legal events,
- pursuing claims or defending against claims in accordance with general regulations, including the Civil Code.
Legitimate interest – balance test: Our legitimate interest indicated in point (a) above, consists in the necessity of processing to ensure the delivery of our newsletter in connection with the legal services we provide or the potential legal services for you or a contractor with whom you are associated, in a situation where you have expressed a wish to receive such information. We have assessed this interest as overriding your rights and freedoms in view of the narrow scope of the processed data, its professional nature, and alignment with your expectations.
Our legitimate interest indicated in point (b) above, is to enable to pursue or defend against claims. We have assessed this interest as overriding your rights and freedoms in view of the narrow scope of the data processed, its professional nature, and the importance of the opposing interest.
Objection
In cases where the legal basis for the processing of your personal data is our legitimate interest, subject to applicable regulations, you may object to the processing of your personal data at any time due to your specific situation, using the contact details provided above.
Information regarding the use of cookies on our website can be found here
Recipients of Data and Transferring Data Outside the EEA
Depending on the circumstances, we may disclose your personal data to the following entities:
- self-government professional bodies to which we are obliged to make disclosures
- courts, prosecutors, or other public authorities in connection with proceedings we conduct, when we have a legal basis for it and such transfer is necessary for the specific, clear, and legally justified purposes
- service providers we use for our business operations, such as companies providing IT, accounting, tax, postal and courier services, document archiving and disposal, banks, and insurers
- our partner: Miller Canfield Paddock and Stone PLC based in Detroit, USA
Transferring data outside the EEA: We transfer your personal data to our partner, Miller Canfield Paddock and Stone PLC, based in Detroit, USA, that provides IT support services to us and supplies us with software that we use to store email correspondence and other documents related to servicing our contractors. The transfer of data outside the European Economic Area (“EEA”) is based on appropriate legal safeguards, including standard contractual clauses for the protection of personal data approved by the European Commission, along with supplementary data protection measures. You can obtain a copy of the relevant legal safeguards, excluding information that constitutes business secrets, using the contact details provided above.
Personal Data Security
We are committed to protecting your personal data and have implemented appropriate technical, physical, and organizational security measures. The Miller Canfiled group holds, among other certifications, the SOC II certificate. Nevertheless, it is important to remember that transmitting information to us over the Internet always carries some risk.
Retention Period of Personal Data
We do not retain your personal data longer than is necessary to achieve the purpose for which we collected it, comply with legal, regulatory, or reporting obligations, or pursue or defend against legal claims. The retention period may depend on the category of data subject to which you belong.
Miller Canfield Clients, Their Representatives, Employees, and Collaborators
We retain your personal data for the duration of the cooperation with you or a contractor with whom you are associated, and for the period of limitations of claims related to such cooperation, and until the expiration of data retention obligations under legal regulations, especially tax and accounting, or as long as necessary to ensure the continuity of the business operations.
Senders and Recipients of Email Correspondence or Phone Calls Not Related to Miller Canfield’s Contractors
As a rule, we will keep e-mail correspondence from persons not related to our contractors for a period of 12 months counted from the end of a given calendar year. We will retain other materials containing personal data until the completion of the task for which the personal data was collected. We will keep selected materials until the expiration of the statute of limitations for potential claims or for the time necessary to defend our rights.
Recipients of Polish “Law Review” Newsletter
We will cease using your personal data for the purpose of sending the “Polish Law Review” newsletter once you have communicated in any way your wish to opt-out of receiving our newsletter. Where applicable, we may also retain your personal data until the expiration of the statute of limitations for potential claims or for the time necessary to defend our rights.
Your Rights Regarding Personal Data
Subject to applicable law, in addition to the right to object as mentioned above, you have the right to:
- access your data and receive a copy,
- request rectification of personal data,
- request deletion of personal data,
- demand restriction of personal data processing,
- demand data portability in case the legal basis for processing is a contract or consent,
- file a complaint to the President of the Office for Personal Data Protection (to the address of the Office for Personal Data Protection, at Stawki 2, 00-193 Warszawa).