Privacy Policy

SECTION ONE: ABOUT THIS POLICY

HLTech Legal Technology & Consulting BV (“ELTEMATE”), and our affiliated businesses (collectively, “ELTEMATE,” “we,” “our”) are committed to being responsible custodians of the personal information that we collect in the course of operating our business as a global provider of legal technology and other services.

This Privacy Notice (“Notice”) describes how we collect, use, share, or otherwise process personal information as a data controller in the course of operating our business, particularly in association with our marketing and business development practices and the operation of our main website (www.eltemate.com), and our other digital properties that link to this Notice, including our websites, mobile applications, and digital communications (collectively, “Digital Services”).

While we may also process personal information during the performance of our services to a client, such processing is performed on behalf of and at the direction of our client, subject to our client agreements and professional responsibilities, and is not covered by this Notice.

“Personal information” as used in this Notice means information that identifies, relates to, describes, or can reasonably be linked, directly or indirectly, to a specific natural person. It does not include information that is considered anonymous, de-identified, or aggregated by applicable law.

SECTION TWO: THE TYPES OF PERSONAL INFORMATION WE COLLECT

The types of personal information we collect about you depend on your interactions with us and are described below.  Please note that the data elements in the sections below are only considered “personal information” when concerning a natural person (meaning an individual human being).  These data elements are not considered “personal information” when concerning a legal person or entity.

I. Information You Provide to Us

We collect personal information that you provide to us. For example, we may collect personal information when you contact us, request that we send you newsletters, alerts, or other materials, register for a webinar or event, fill out a form, respond to a survey, comment on a blog, or otherwise communicate with us.

Depending on the context of your interactions with us, the categories of personal information we may collect from you include:

  • Unique Identifiers that we can use to identify you as a unique individual, such as your name, telephone number, postal or e-mail address, bar license number, social media identifiers, signature, and government issued identification numbers (such as your social security number or passport number). If you have registered with a Digital Service, we may also collect your account username and password.
  • Demographic Information, which may include sensitive personal information or information about protected classifications, such as your age, gender, race, sexual orientation, marital status, or veteran status.
  • Professional and Educational Information related to your occupation, such as your current or previous employers, your job title, or other information about the organization with which you are affiliated. You might also provide information about your professional qualifications or your education, such as your bar information, degrees, fields of study, the institutions you’ve attended, languages, professional memberships, qualifications, and certifications.
  • Health Information, such as accessibility requirements and dietary restrictions.
  • Geolocation Information, such as your city, state or province, and country. When you access the Digital Services, we may collect precise geolocation information if you permit the Digital Services to access such information so that we may provide you with content based on your location and your proximity to our offices.
  • Audio and Visual Information, such as your voice and likeness as captured in photographs, video, or audio recordings if you attend our events, visit our offices, or leave us a voicemail.
  • User Content, such as comments or other material you post to our social media pages, blogs, or other forums on our Digital Services.
  • Preferences, such as your stated interests, how frequently you wish to receive our newsletters, or other communications.
  • Any other information you choose to provide.
  • You generally can use our Digital Services without providing us with personal information, though we may still collect personal information automatically as described in the next section.
II. Information We May Collect Automatically or Generate

We may automatically collect and generate information from and about you when you interact with us or our Digital Services, which may include the following categories of personal information:

  • Unique Identifiers: We might automatically collect information that uniquely identifies you or the device through which you interact with our Digital Services, such as your name, e-mail address, username, social media identifiers, IP address, and device and mobile advertising identifiers.
  • Device Information: We might automatically collect information pertaining to the device through which you interact with our Digital Services, such as the type of device used to interact with the Digital Services, that device’s operating system and version, your browser type, language settings, IP Addresses, log information, and the type of data viewed.
  • Interaction Information: We might automatically collect information about your interaction with our Digital Services, such as the content you view and features you access on our Digital Services, the pages you view immediately before and after you access our Digital Services, whether and how you interact with content available on our Digital Services, and the search terms you enter on our Digital Services. We might also collect information about the events and materials in which you have indicated interest or for which you have registered.
  • Geolocation Information: We might automatically collect information regarding your location, such as your ZIP or postal code, city, state or province, country, or general geographic location as derived from your device data (such as your IP address).
  • Inferences drawn from your interactions with our Digital Services, the events you choose to attend, or any of the other personal information available to us.
  • We, and our service providers or third parties engaged on our behalf, may use cookies and similar tracking technologies (collectively, “Cookies”) to collect information from and store information on your device when you use, access, or otherwise interact with our Digital Services. For information about how we use Cookies and the choices you may have, please see our Cookies Policy. We do not currently respond to “Do Not Track” signals.
III. Information We Collect from Other Sources

We may obtain personal information from other sources, such as our clients, employees, or business partners, or from business contact databases and enrichment services. We may also receive information about you from social media platforms, such as when you interact with us on those platforms or access our social media content. We may collect information about you from publicly available sources, such as public social media profiles, publications, and other websites or materials available through search engines.

We may collect the following categories of information from these other sources:

  • Unique Identifiers, such as name, telephone number, postal or e-mail address, social media identifiers, and device and mobile advertising identifiers.
  • Professional and Educational Information about your occupation and professional activities, such as professional licenses held, employers, business contact information, or information about your education, such as your degrees, fields of study, institutions attended, languages, professional memberships, qualifications, and certifications.
  • User Content you post or make available online, such as your social media posts or publications.

SECTION THREE:  HOW WE UTILIZE THE INFORMATION WE COLLECT

ELTEMATE processes personal information, as relevant, for the following purposes:

A. Registration and Administration of Client Services

ELTEMATE uses contact details, internal tracking numbers, and financial data to manage the business relationship with our clients.  Certain information, including a business partner’s or client’s name and address, can be used for other purposes in accordance with the agreement entered into between the business partner or client.

  • For ELTEMATE’s business purposes, including internal administration, data analysis, billing, and detecting, preventing, and responding to actual or potential fraud, illegal activities, or intellectual property infringement.
  • To understand how people, use our services, including by generating and analyzing statistics.
  • To manage your online account(s) with our Digital Services and send you technical notices, updates, security alerts, and other administrative messages.
  • To maintain the accuracy of our list of contacts.

B. Customer Service

ELTEMATE uses the information provided by clients to provide support services.  For example, to respond to client inquiries or communications.

  • To manage your online account(s) with our Digital Services and send you technical notices, updates, security alerts, and other administrative messages.

C. Talent Management

ELTEMATE may use personal information for recruitment, hiring, and employment purposes. Where necessary and where permitted by law this may include the processing of sensitive category data such as: health, race/ethnicity, sexual orientation, trade union membership and criminal offences and proceedings. 

D. Other activities, including marketing and business development

As relevant to the relationship, ELTEMATE may: 

  • Advertise, provide, and assess the effectiveness of our events, promotional campaigns, publications, and services.
  • Send you newsletters, legal updates, marketing communications, and other information or materials that may interest you.
  • Invite clients and/or third parties to attend events or take advantage of resources that we think might be relevant or of interest to them. 
  • Use anonymous, de-identified, or aggregate information that does not reasonably identify you for any purpose, as permitted by applicable law.

When we use personal information to send direct marketing messages electronically, we will offer appropriate opt-out options as required by applicable law.

E. Collaboration Tools

As relevant to the situation, ELTEMATE may use different means to communicate to prospective or existing clients or third parties.  This includes the use of secured collaboration tools such as Zoom, MS Teams, or MS Outlook.  

We also use automated cybersecurity systems to review, scan, and analyze collaboration tools for the following purposes: 

  • Cybersecurity
  • Fraud prevention
  • Compliance with legal and regulatory requirements
  • Investigations of potential misconduct
  • Product development and improvement
  • Customer engagement
  • Customer or technical support

F. Analytics and Reporting

To improve our products, services, and enhance user experience, ELTEMATE may process personal information for analytical purposes. This data may also be used for testing purposes, troubleshooting, and to improve the functionality and quality of ELTEMATE’s services. We may also invite clients and business partners to participate in surveys and conduct other market research from time to time.  

Certain business partners may be invited to join a dedicated online platform to interact with ELTEMATE and/or exchange experiences with other business partners.

Please consult the information ELTEMATE provides when you are invited to participate in a survey, market research, or to join an online platform, to understand how your personal information may be treated differently than described in this Notice. 

G. E-Discovery, Security, Fraud Detection, and Prevention

We process the information provided to us, which may include personal information, in order to provide you with legal technology and other services and to operate, troubleshoot, and improve the Digital Services.

We also process personal information in order to investigate, prevent, and detect fraud and other illegal acts. This may include personal information a client or business partner has provided to ELTEMATE.

ELTEMATE may also use personal information to facilitate investigation and enforcement by competent authorities, where necessary. For these purposes, personal information may be shared with law enforcement authorities.

ELTEMATE can also use personal information for risk assessment and security purposes, including the authentication of users, using third-party service providers for third-party risk management. These providers help us to assess the business risk profile of our business partners. They may also provide us with third-party due diligence reports, which, as permitted by applicable law, may include possible information about criminal convictions and offenses of owners or business partners.

H. Legal Compliance 

We may process personal information as we believe reasonably necessary or appropriate to comply with our legal obligations, and to respond to legal processes or requests for information issued by government authorities or other third parties, or to protect your, our, or others’ rights.  We may also use it to enforce our agreement(s) with clients and business partners or solve a complaint or claim involving a client or business associate, as reasonably expected, and in accordance with internal policies and procedures.

If we use automated means to process personal information, which produces legal effects or significantly affects you or other natural persons, we will implement suitable measures to safeguard your or another person’s rights and freedoms. This includes the right to obtain human intervention.

I. Legal Bases for the Processing of Personal Information

ELTEMATE relies on its and its clients’ legitimate interests to process personal information for the purposes of managing its business, providing its services, obtaining services from business partners, preventing fraud and improving its services. When using personal information to serve its or a third party's legitimate interest, ELTEMATE will always balance an individual’s rights and the protection of their information against ELTEMATE and/or the third party’s rights and interests.

For purpose C outlined above, ELTEMATE relies principally on its need to process personal information for the purposes of compliance with relevant laws relating to employment, and for the purposes of managing any contract with the relevant individual.  In the case of the processing of sensitive information, the principal legal basis will be the consent of the individual. 

For purposes E, G, and H, outlined above, ELTEMATE also relies, where applicable, on compliance with legal obligations (such as obligations under statute or lawful requests from law enforcement bodies).

Where needed under applicable law, ELTEMATE will obtain your consent prior to processing personal information, including for marketing purposes or as otherwise required by law.

If you wish to object to the processing set out under purposes A, B, or D to H and are unable to find a way to opt out directly (for example, in your account settings), please contact dpo@ELTEMATE.com

SECTION FOUR: DATA SHARING

ELTEMATE does not sell your personal information. We also do not share personal information that reasonably identifies you with unaffiliated entities for their independent use except when we have your permission, are doing so at your direction, as needed to comply with our legal obligations, as permitted by applicable law, or as otherwise described in this Notice.

We may also disclose the categories of information we collect to the following categories of recipients in furtherance of the purposes described above:

  • Our affiliates: We may share information with our affiliated offices and business entities located in jurisdictions around the world for any of the purposes listed above.
  • Our service providers: We may share information with third parties that perform services on our behalf, such as web-hosting companies, mailing vendors, analytics providers, event hosting services, and information technology providers.
  • Law enforcement, government authorities, or third parties with legal rights: We may share information as may be permitted or required by the laws of any jurisdiction that may apply to us, as provided for under contract, or as we deem reasonably necessary to provide our services. In these circumstances, we strive to take reasonable efforts to notify you before we disclose information that may reasonably identify you or your organization, unless prior notice is prohibited by applicable law or is not possible or reasonable in the circumstances.
  • Parties in connection with a business transaction: We may share information with service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a transaction in which we are acquired by or merged with another company or if we sell, liquidate, or transfer all or a portion of our assets, as well as in relation to any bankruptcy or corporate reorganization.
  • Others:  We may share information with others, with your consent or at your direction, including if we notify you that your information may be shared, and you provide such information or if you use ELTEMATE to interact with a third party. For example, we may share your name and contact information with a business partner who co-sponsors an event you attend or publication you sign up for or with a social media service if you share or like our content.
  • Anonymous, De-Identified, or Aggregated Information:  We may share anonymous, de-identified, or aggregate information that cannot reasonably identify you with others for any purpose, as permitted by applicable law. Please note that any personal information that you post to a profile, blog, comment section, or forum on our Digital Services or social media pages may be available to other users of those forums or, in some cases, made publicly available.
  • Third-Party Services and Content:  Our Digital Services may include integrated content or links to content provided by third parties (such as video materials). This Privacy Notice does not address the privacy, security, or other practices of the third parties that provide such content.
  • Consistent with applicable law, we engage third parties that support the operation of our Digital Services, such as analytics providers. These third parties may track your online activities over time and across different websites and applications. Please see our Cookies Policy for more information about such third-party providers and your choices.

SECTION FIVE: DATA RETENTION AND DESTRUCTION

We will retain personal information for as long as deemed necessary to manage the business relationship with a client or business partner, to provide ELTEMATE services to a client or business partner and to comply with applicable laws (including those regarding document retention), resolve disputes or claims with any parties, and as otherwise necessary to allow us to conduct our business.

All personal information we retain about you as a client or business partner is subject to this Notice, contractual obligations with the client, and our internal retention and destruction guidelines. If you have questions about the specific retention periods for the various types of personal information we process, please contact dpo@eltemate.com

SECTION SIX: PROTECTION AND STORAGE OF THE INFORMATION WE COLLECT

We deploy commercially reasonable administrative, technical, and physical safeguards designed to comply with applicable legal requirements and safeguard the personal information that we collect. This includes, when required or appropriate and feasible, obtaining written assurances from third parties that may access your personal information that they will protect such information with safeguards designed to provide a level of protection similar to those adopted by ELTEMATE.

However, no information system can be 100% secure. We cannot guarantee the absolute security of your information. Moreover, we are not responsible for the security of information you transmit to us over networks that we do not control, including the Internet and wireless networks.

The Digital Services are controlled and operated by ELTEMATE from the Netherlands. We may store the information we collect in the Netherlands or in other countries where we or our service providers have facilities. We may transfer information to countries outside of your country of residence, including the Netherlands, which may have data protection laws and regulations that differ from those in your country.

Any transfers of information originating from within the European Economic Area or the United Kingdom to countries outside the EEA and the UK (other than to territories deemed to have adequate data protection legislation by relevant authorities) will normally be made on the basis of the model clauses approved by the European Commission, which may be found at the Commission's website at https://ec.europa.eu, and/or (as appropriate) on the basis of the standard data protection clauses issued by the UK Information Commissioner, which may be found on the Commissioner’s website at https://ico.org.uk. We retain the information we collect no longer than reasonably necessary to fulfill the purposes for which we collect the information and to comply with our legal obligations.

SECTION SEVEN: YOUR CHOICES AND RIGHTS

Marketing Communications. If you no longer wish to receive marketing communications from us, you can let us know by contacting us using the information available in the How to Contact Us section below. Our digital marketing communications may provide unsubscribe or opt-out mechanisms that allow you to modify your communications preferences. Please note that if you opt-out of marketing communications, we may still contact you with non-promotional communications, such as those about ongoing business relations or administrative messages.

Cookies. For information about the choices you may have in regard to our use of Cookies, please see our Cookies Policy.

Geolocation Data. If you have previously consented to sharing precise geolocation information with our Digital Services, you can choose to stop the collection of this information at any time by changing the preferences on your browser or mobile device settings.

Push Notifications/Alerts. If you have permitted one of our mobile applications to send you push notifications or alerts, you can deactivate these messages at any time in the notification settings on your mobile device.

Privacy Rights. ELTEMATE operates in jurisdictions that impose varying obligations and that grant individuals differing levels of protection, particularly with respect to personal information. Depending on applicable law, you may have certain rights with respect to your personal information, including, for example, the rights to:

  • Request access to certain personal information of yours that we process.
  • Update or correct your personal information if you believe it is incomplete or inaccurate.
  • Erase or delete your personal information, subject to certain exceptions under local law.
  • Object to our processing of your personal information, if we rely on a legitimate interest, or otherwise restrict our processing activities.
  • Restrict certain transfers of your personal information to third parties.
  • Withdraw your consent to processing, where we base our processing of your personal information on consent.
  • Not be denied goods or services for exercising your rights under applicable law.
  • Complain to your local supervisory authority.

You can exercise your rights (if applicable) by submitting a request through our Contact Us page or emailing our Data Protection Officer at dpo@eltemate.com

SECTION EIGHT: SPECIFIC STATE LAW OBLIGATIONS WITHIN THE UNITED STATES

I. California Residents

This section applies to the personal information of California residents and supplements the other sections of this Notice.

Right to Know About Personal Information Collected or Disclosed and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you upon request:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or sharing your personal information.
  • The categories of third parties to whom we disclose personal information.
  • The specific pieces of personal information we collected about you.
  • If we share your personal information, or disclose it for a business purpose, we will also disclose:
    • The categories of personal information that we shared; and
    • The categories of personal information that we disclosed for a business purpose.

Right to Deletion

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and notify our service providers and/or contractors to delete) your personal information from our records, unless an exception applies. We will also notify all third parties with whom we have shared your personal information to delete it to the extent required by law.

Right to Correction

You have the right to request that we correct any inaccurate personal information that we maintain about you, considering the nature of the personal information and the purposes of the processing of the personal information. Once we receive and confirm your verifiable consumer request, we will use commercially reasonably efforts to correct the inaccurate information.

Exercising Access, Data Portability, Deletion, and Correction Rights

To exercise these rights, please submit a verifiable consumer request to us by email to dpo@eltemate.com.  You will be asked to provide certain personal information when submitting your request including your relationship with us, first and last name, email address, telephone number, and postal address in order for us to determine if your information is in our systems.

We will verify and respond to your request consistent with applicable law. We may need to request additional personal information from you in order to protect against fraudulent or spoofed requests. If you want to make a request as an authorized agent on behalf of a California resident, you may use the submission method noted above. As part of our verification process, we may request that you provide us with the documentation specified under applicable law.

Right to Opt-out of Sales or Sharing of Personal Information

You have the right to direct us to not sell or, beginning 1 January 2023, share (i.e., disclose to a third party for cross-context behavioral advertising, whether or not for monetary of other valuable consideration) your personal information at any time (the “right to opt-out”). To exercise the right to opt-out, you (or your authorized representative) can contact us by email dpo@eltemate.com

Right to Limit the Use and Disclosure of Sensitive Personal Information

You have the right to direct that we limit the use of any sensitive personal information that we might collect about you to that which is necessary for the purposes specified under applicable law.

Once we receive and confirm your verifiable consumer request, we will cease using or disclosing your sensitive personal information for any purpose other than those permitted by applicable law, unless you later provide consent for the use or disclosure of your sensitive personal information for additional purposes.
You (or your authorized representative) may exercise your right to limit the use or disclosure of your sensitive personal information, please contact us by email dpo@eltemate.com

Right to Non-Discrimination

We will not discriminate against you for exercising any of your rights as set forth in this Notice. Unless permitted by the law, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
    Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may offer you certain financial incentives permitted by the law that can result in different prices, rates, or quality levels. 

Rights Under California’s “Shine the Light” Law

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Digital Services that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact dpo@eltemate.com.

II. Colorado Residents 

This section applies to the personal information of Colorado residents and supplements the other sections of this Notice. This section does not address or apply to our handling of publicly available information lawfully made available by state or federal government records or other personal information that is exempt under the Colorado Privacy Act.

Beginning 1 July 2023, and subject to certain exceptions, Colorado residents have the right to make the following requests at no charge: 

  • Access: You may request that we confirm whether we process your personal information and that we provide you access to such personal information.
  • Data Portability: You may request that data provided in response to an Access request be in a portable and, to the extent technically feasible, readily usable format.
  • Correction: You may request that we correct inaccuracies in the personal information that we process.
  • Deletion: You may request deletion of your personal information.
  • Opt Out: You may request that we not process your personal information for the purposes of targeted advertising, sales, or profiling in furtherance of decisions that produce legal or similarly significant effects, as those terms are defined by Colorado law. 

Exercising Your Rights. You may submit requests to exercise your rights by contacting dpo@eltemate.com. Beginning 1 July 2023, you can appeal a refusal to act on your request by sending an email to the aforementioned email address.

III. Virginia Residents 

This section applies to the personal information of Virginia residents and supplements the other sections of this Notice. This section does not address or apply to our handling of publicly available information lawfully made available by state or federal government records or other personal information that is exempt under the Virginia Consumer Data Protection Act.

Beginning 1 January 2023, and subject to certain exceptions, Virginia residents have the right to make the following requests at no charge: 

  • Access: You may request that we confirm whether we process your personal information and that we provide you access to such personal information.
  • Data Portability: You may request that information provided in response to an Access request be in a portable and, to the extent technically feasible, readily usable format.
  • Correction: You may request that we correct inaccuracies in the personal information that we process.
  • Deletion: You may request deletion of your personal information.
  • Opt-out: You may request that we not process your personal information for the purposes of targeted advertising, sales, or profiling in furtherance of decisions that produce legal or similarly significant effects, as those terms are defined by Virginia law. 

Exercising Your Rights. You may submit requests to exercise your rights by sending an email to dpo@eltemate.com or through our website. Beginning 1 January 2023, you can appeal a refusal to act on your request by sending an email to the aforementioned email address.

SECTION NINE: CHILDREN UNDER THE AGE OF 13

We do not knowingly collect any personal information from children under the age of 13 without parental consent, unless permitted by law. If we learn that a child under the age of 13 has provided us with personal information, we will delete that information in accordance with applicable laws.

SECTION TEN:  CHANGES TO OUR PRIVACY NOTICE 

We reserve the right to amend this Notice at our discretion and at any time. The Notice will be reviewed at least once every 12 months and will reflect the date it was last updated.

SECTION ELEVEN: HOW TO CONTACT US

If you have questions, requests, or concerns about how we process your personal information, or would like to exercise any of the rights you have under this Notice, contact our data protection officer at dpo@eltemate.com. You can also contact your local data protection authority.

We address privacy specific questions, requests, and concerns that are reported to us using internal policies and procedures based on applicable privacy laws, regulations, and guidance. We revisit and enhance these policies and procedures regularly, also considering client or business partner feedback.

Last Updated: 14 October 2022