LEX On Demand PRIVACY POLICY


Statement of Policy

LEX On Demand respects the privacy and confidentiality of personal information provided to LEX by its clients, employees and all others who entrust it with personal information. Accordingly, LEX On Demand adheres to the set of data protection principles developed by the United States Department of Commerce (DOC) in collaboration with the European Commission, as reflected within the Frequently Asked Questions (FAQ) issued by the Department of Commerce (DOC) on July 21, 2000, and within other documentation provided by DOC (commonly referred to as “The Safe Harbor Principles”)

This policy applies only to personal data that LEX On Demand has received from the European Union (EU). Personal data refers to data that is (a) transferred to the United States from the EU; (b) is about, or relates to, an identified or identifiable individual; (c) can be linked to that individual, and (d) is recorded. Personal data may include, among other things, an individual’s name, address, phone number, e-mail address, or social security number, health insurance policy number or other like information. However, the term “personal data” does not include data that pertains to a specific individual, but from which that individual cannot reasonably be identified. Personal data also includes “sensitive personal data”, which is defined herein as a subset of personal data that pertains to an individual’s medical or health condition, racial or ethnic origin, political opinions, religion, union membership, sexual orientation or actual or alleged criminal activity.

Scope of Business of LEX On Demand

LEX On Demand provides electronic discovery consulting and technical services to client law firms as well as directly to business organizations who are parties to various types of legal and commercial proceedings. All data collected in the course of LEX On Demand’s activities are kept under strict privacy and confidentiality protocols since much of this information may constitute evidence in litigation and other sensitive proceedings. Indeed, it is LEX On Demand’s practice (and the customary business practice in the industry in which LEX On Demand conducts business) to enter into, with each client, a comprehensive Confidentiality and Non-Disclosure Agreement as to data received in every engagement undertaken. Moreover, each of LEX On Demand’s employees has executed a Confidentiality and Non-Disclosure Agreement pertaining to all information that comes into their possession in the course of their employment.

The facility in which LEX on Demand processes (*processing by LEX On Demand consists, typically, of the extraction and formatting of the data for review in a document review system) and stores data maintains extensive physical security features and the network infrastructure upon which data is stored is secured by some of the most advanced data security and disaster recovery technology found in the marketplace.

Much of the data processed and hosted by LEX does not constitute “personal data” as that term is defined above. However, personal data will, on occasion, enter into the possession of LEX, the bulk of it contained within the email accounts of individuals in the employ of parties to litigation.

Safe Harbor Privacy Principles

LEX On Demand has adopted the seven Safe Harbor Principles published by the U.S. Department of Commerce as to notice, choice, onward transfer (transfer to third parties), access, security, data integrity and enforcement with respect to personal data transferred to the United States from the European Union.

These Principles, as adhered to by LEX on Demand, are described below:
  1. Notice:
    Under most circumstances, LEX On Demand does not collect personal data for processing directly from the party in possession, but receives the data for processing from counsel under an agreement to hold such data under strict rules of confidentiality and privacy. Therefore, when LEX On Demand receives personal data from the EU for processing purposes and does not control the collection of the personal data, LEX On Demand does not, typically, provide notification to the individuals to which such personal data relates (but, again, is mandated by the client to hold the data in the strictest confidence). In such event, LEX on Demand reserves the right to process personal data in the course of providing services to its clients without the knowledge of the individuals involved. LEX On Demand never uses data for a purpose other than the purpose for which it was provided to LEX On Demand. Neither does LEX On Demand ever share information with third parties other than when lawfully directed by the client law firm or originating organization (that is, the owner of the data.) When specifically authorized by counsel or client to do so, LEX On Demand will inform effected individuals about the purposes for which it collects and uses personal information about them, how to contact the organization with any inquires or complaints, the types of third parties to which it may disclose the information and any choices and means that LEX On Demand may offer individuals for limiting the data’s use and disclosure.
  2. Choice:
    Since LEX On Demand does not share personal information with third parties, unless required by law or lawfully directed by the client law firm or originating organization to do so, nor does it ever use the data for a purpose incompatible with the purpose for which it was originally collected, there is no need to offer individuals the opportunity to opt out from having data disclosed. However, should the need ever arise, LEX On Demand will provide individuals with reasonable notice and mechanisms to exercise their choice to opt-out from having personal data so disclosed.
  3. Onward Transfer (Transfer to Third Parties)
    As mentioned above, LEX On Demand does not share personal information with third parties, unless required by law or lawfully directed by the client law firm or originating organization to do so. However, should the need ever arise, prior to disclosing personal information to third parties, LEX On Demand will utilize the notice and choice principles noted above. Moreover, where the need arises, LEX On Demand will obtain assurances from third parties that they will safeguard the personal data consistent with this policy or any other EU adequacy finding, or as an alternative, LEX On Demand will enter into a written agreement with such third party to provide at least the same level of personal data protection as is maintained by LEX On Demand.
  4. Security
    LEX On Demand takes reasonable precautions to protect personal information from loss, misuse, unauthorized access, disclosure, tampering, alteration and destruction.
  5. Data Integrity
    LEX On Demand uses personal information only in a manner that is compatible with the purpose for which it was collected or subsequently authorized by the individual. LEX On Demand takes reasonable steps to ensure that personal information is reliable for its intended use, accurate, complete and current.
  6. Access
    Since, under typical circumstances, the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or the rights of persons other than the individuals would be violated or seriously compromised, individuals cannot be provided access to personal information about them in order to correct amend, or delete the information when inaccurate. However, where appropriate to do so, LEX On Demand will grant individuals reasonable access to personal data that it holds about them and LEX On Demand will take reasonable steps to permit individuals to correct, amend or delete information that is demonstrated to be inaccurate or incomplete.
  7. Enforcement
    LEX On Demand utilizes the self-assessment approach to assure its compliance with our privacy statement, and will self-certify annually with the U.S. Department of Commerce as being in full compliance with the Principles. LEX On Demand periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented, and inconformity with the Principles. LEX On Demand has initiated internal auditing measures to monitor its compliance with the Principles. We encourage interested persons to raise any concerns with us using the contact information below. LEX On Demand will assure compliance with the Principles. It will investigate and attempt to resolve complaints and/or disputes regarding violation of this privacy policy directly with the individual. All complaints/disputes should be addressed to Helen Campbell, Chief Operating Officer, LEX On Demand, 1912 Woodford Road, Vienna, VA 22182. If the matter cannot be settled, LEX On Demand agrees to cooperate with the dispute resolution system set forth below.

    If for any reason a complaint and/or dispute cannot be resolved through internal mechanisms, the complaint and/or dispute can be submitted for mediation to BBBOnline, EU Safe Harbor Program, Council of Better Business Bureau, Inc., 4200 Wilson Blvd., Suite 800, Arlington, VA 22203.

Amendments to this Privacy Policy

LEX On Demand may amend this Safe Harbor Policy, from time to time, by posting a revised policy on its website at www.Lexondemand.com. LEX On Demand will only amend this Safe Harbor Policy in a manner consistent with the requirements of the Safe Harbor Principles as set forth above. This Policy is effective as of April 1, 2008.


Home | Privacy Policy | Contact us
Email: info@lexondemand.com
© 2008 Lex On Demand. All rights reserved.