Privacy Statement

Privacy Statement

Ethio Legal Shield LLP (ELS) and Affiliates (collectively, “ELS,” the “Firm,” “we,” “us,” or “our”) is committed to safeguarding the privacy of visitors to our website, contacts for our clients and prospective clients, contacts for suppliers of goods and services to the Firm, candidates for employment or engagement, and any other individuals about whom the Firm obtains personal information (each, “you”). Please read the following statement, which sets out the principles governing the Firm’s use of personal information that we may obtain about you, to understand how the Firm collects, uses, and otherwise processes your personal information as well as the rights that you have in relation to our processing of that information (the “Privacy Statement”). In this Privacy Statement, “personal information” means information that (either in isolation or in combination with other information held by the Firm) enables you to be identified or recognized.  With respect to visitors of our website, references to “personal information” in this Privacy Statement means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household, subject to certain exceptions set forth in the relevant legal provisions. 

ELS is the data controller in relation to any personal information that the Firm processes about you and is responsible for ensuring that such processing complies with applicable data protection laws. Your privacy is important to us. Please be aware that Firm personnel are required to comply with the Firm’s data privacy practices as set out in this Privacy Statement and other data privacy-related Firm policies.

If you have any comments or questions in connection with this Privacy Statement, or for further information on our processing activities and your rights in relation to your personal information, please contact us via email at admin@ethiolegalshield.com.

Information Collection

Although you are not required to provide any personal information on the public areas of our website, you may choose to do so by completing the job application forms or the newsletter sign-up form. Should you do so, we may, for example, keep a record of your name, email address, and any other information you voluntarily provide to us.

Additionally, we may collect the following categories of personal information from you in the course of business, including through your use of the website, when you contact or request information from us, when we provide services to you or receive services from you:

  • Identification data, such as name, gender, title, job title, or address.
  • Contact information, including your phone number(s), email address and social media account or handle where appropriate.
  • Financial data, such as bank account information and invoicing details.
  • Event registration or mailing list data, such as dietary requirements (which may reveal information about your health or religious beliefs), preferences and interests, subscriptions, downloads, and usernames/passwords.
  • Job applicant data, such as identification data and contact information, resumé and other data provided by you or third parties (e.g., recruiters) on our website, online recruitment portal (where applicable) or offline in connection with job openings, which may be subject to additional local requirements based on the country for which the position is advertised.
  • Legal and regulatory compliance data as required for purposes such as know your client, anti-money laundering, and market abuse regulations requirements, or as part of our client onboarding process, which may include passport or other identification data, date of birth, home address, and other due diligence data.
  • Other service data, such as personal information relevant to the provision or receipt of services, in relation to any of your employees, customers or vendors, and client feedback.
  • Cookie and device data, such as information about your visit of our website, Internet Protocol address, device identifier, browser type and version, operating system and network, location and time zone setting.

We may supplement the information that you provide to us with information that we receive or obtain from other sources, such as from our staff or personnel, clients, professional advisers, partners, and agents of ELS, third parties with whom we interact, and publicly available sources.

Sources of Personal Information Collected. We obtain categories of personal information listed below from the following categories of sources:

  • Directly from you, such as when you complete forms.
  • Indirectly from you, such as observing your actions on our website, and from publicly available sources.
  • Third parties.

Information Usage

We may use your personal information for the following purposes and, for each purpose, based on the following legal grounds:

  • Provision of legal services – We use personal information that you voluntarily submit to us on the website or during the course of our engagement, regardless of the media used, such as identification data, contact details, and other service data that we may process in connection with the provision of services. The Firm’s work for you may also involve providing such information to third parties, such as expert witnesses and other professional advisers in order to represent your interests most effectively. This processing is necessary for us to perform our contract with you.
  • Administration of client and vendor relationships – We use identification data, contact details, financial data, and other service data, including for the processing of invoices, the updating of client records, and the management of our vendor relationships. This processing is necessary to perform our contract with you.
  • Addressing client inquiries/feedback – We use identification data, contact details, and other service data for this purpose. This process is necessary to perform our contract with you. It may also be necessary for our legitimate interests to establish or maintain a relationship with you; it is also in your interest to receive a response from us when you contact us.
  • Sending relevant marketing messages and inviting you to events/seminars – We use identification data, contact details, cookie and device data, and mailing list data to communicate with you by way of email alerts and post to provide you with information about our events, seminars, or services that may be of interest to you. This processing is necessary for our legitimate interest to send you tailored marketing messages, client newsletters, and invitations to relevant events and seminars.
  • Improving our website – We use cookie and device data to improve the functionality and user-friendliness of our website. This processing is necessary for our legitimate interests to constantly monitor and improve our online presence and services to you.
  • Keeping our website and IT systems and processes safe – We use identification data, contact details, financial data, cookie and device data, and other service data. This processing is necessary to perform our contract with you and to ensure the security and confidentiality of your data. It is also necessary for our legitimate interests to prevent illegal activities, including fraud, which could harm you and us.
  • Complying with legal or regulatory inquiries/requests – We use identification data, contact details, financial data, cookie and device data, and legal and regulatory compliance data (including for anti-money laundering or fraud detection purposes, statutory returns and fulfillment of the Firm’s ethical obligations). This processing is necessary for the purpose of complying with legal requirements that apply to the Firm.
  • Recruitment – Personal information about job applicants is collected and processed for purposes of screening, identifying, and evaluating candidates for positions; record-keeping related to hiring processes; analyzing the hiring process and outcomes; and conducting background checks, where and to the extent permitted by applicable law, which may also be subject to relevant local recruitment privacy policy. If you are hired by the Firm, this data will be transferred to our employee record files for the purpose of your employment. This processing is necessary in order to take steps at the request of the job applicant in the context of recruitment prior to entering into a contract. In addition, job applicant data and legal and regulatory compliance data may be used as necessary to comply with legal, regulatory, and corporate governance requirements.

Information Sharing

We may share your personal information with the following categories of recipients:

  • Other entities within ELS to provide legal services to you and to administer any service provided to you that the Firm agrees to undertake;
  • Professional advisers, partners, and agents of ELS to provide you with local legal services, as required, and to administer our relationship with you;
  • Vendors that will process your personal information on our behalf and under our written instructions to carry out their services during the course of our business, such as IT service providers, financial institutions, customer relationship management databases and other cloud-based solutions, third party companies providing us with business analytics and statistics to assist with our marketing campaigns, and third party venues in which we may host events and seminars. We contract with such vendors to ensure that they only process your personal information under our instructions and ensure the security and confidentiality of your personal information by implementing the appropriate technical and organizational measures for such processing;
  • Any law enforcement, regulatory, or government agency requesting personal information in connection with any inquiry, subpoena, court order, or other legal or regulatory procedures, with which we would need to comply. We may also share personal information to establish or protect the Firm’s legal rights, property, or safety, or the rights, property, or safety of others, or to defend against legal claims; and
  • Any third party connected with business transfers; we may transfer your personal information to third parties in connection with a reorganization, restructuring, merger, acquisition, or transfer of assets of the Firm, provided that the receiving party agrees to treat your personal information in a manner consistent with this Privacy Statement.

We are not responsible for the data policies or procedures or content of any linked websites. We recommend that you check the privacy and security policies of each website you visit.

Marketing Choices

We may send you direct marketing messages including by way of email alerts and post provided that we have a lawful ground to do so. If you no longer wish to receive our email alerts, to be part of a mailing list, or to receive any marketing communications, you can opt-out of such communications at any time by clicking on the unsubscribe link in the relevant communication or contacting us at admin@ethiolegalshield.com .

Your Rights

You have the following rights:

  • Access. You have the right to request a copy of the personal information that we are processing about you. If you require additional copies, we may need to charge a reasonable fee;
  • Rectification. You have the right to require the correction of any mistake in the personal information, whether incomplete or inaccurate, that we hold about you;
  • Deletion. You have the right to require the erasure of personal information concerning you in certain situations, such as where we no longer need it or if you withdraw your consent (where applicable). Please note that in certain instances we may not be able to process your request, such as (i) due to the existence of a legal obligation, (ii) to detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities, (iii) in order to complete a transaction for which your personal information was collected, or (iv) to enable solely internal uses that are reasonably aligned with your expectations and context.
  • Portability. You have the right to receive the personal information concerning you that you have provided to us, in a structured, commonly used, and machine-readable format and have the right to transmit that data to a third party in certain situations;
  • Objection. You have the right to (i) object at any time to the processing of your personal information for direct marketing purposes and (ii) object to our processing of your personal information where the legal ground of such processing is necessary for legitimate interests pursued by us or by a third party. We will then abide by your request unless we can demonstrate compelling legal grounds for the processing;
  • Restriction. You have the right to request that we restrict our processing of your personal information in certain circumstances, such as when you contest the accuracy of that personal information; and
  • Withdrawal of consent. If we rely on your consent (or explicit consent) as our legal basis for processing your personal information, you have the right to withdraw that consent at any time. “Explicit consent” would be required if the Firm relies on consent as the condition to lawfully process “special categories of personal data”.

Please note that some of these rights may be limited where we have an overriding interest or legal obligation to continue to process the personal information or where data may be exempt from disclosure due to reasons of legal professional privilege or professional secrecy obligations.

If you would like to exercise any of those rights, please:

  • Email us at admin@ethiolegalshield.com;
  • Provide enough information to identify yourself (e.g., name, email address, etc.);
  • Provide proof of your identity and address (a copy of your driver’s license or passport, national id and a recent utility or credit card bill); and
  • Provide the information to which your request relates.

If you wish to exercise these rights, you must submit a request by emailing admin@ethiolegalshield.com with subject that reads “URGENT: PRIVACY ISSUE” or by calling our office number provided on the website (during normal business hours, Monday through Friday, except public holidays).  We may need to verify requests we receive when one is seeking to exercise certain of the rights listed above.  We may ask you to provide certain information as proof of your identity such as a copy of your driver’s license or passport, national id and a recent utility or credit card bill in order for us to verify your request.  If you are a ELS employee or otherwise have a relationship with us, we verify you by directly confirming with you, otherwise we verify through a service provider that uses information about you to ask questions the answers to which will help us determine if you are who you say you are.  If you have an authorized agent submit a request, the Firm may require you to (i) provide the authorized agent signed permission to do so, (ii) verify your own identity directly with the Firm, and (iii) directly confirm with the Firm that you provided the authorized agent permission to submit the request.

Disclosures for a Business or Commercial Purpose.  In the preceding 12 months, ELS may have disclosed the categories of personal information listed above to its service providers for specific, limited business purposes, including for conducting background checks for job applicants, processing payroll, detecting data security incidents and troubleshooting software use, among other purposes listed in the Information Usage section of this Privacy Statement, which can be found above.

No Sharing/Selling of Personal Information with Third Parties. The Firm does not “sell” or “share” any of your personal information that is collected.

Security

We have implemented technical and organizational security measures in an effort to safeguard the personal information in our custody and control. Such measures include, for example, limiting access to personal information only to staff and authorized service providers on a need-to-know basis for the purposes described in this Privacy Statement, as well as other administrative, technical, and physical safeguards.

We endeavor to take all reasonable steps to protect your personal information, but cannot guarantee the security of any data you disclose online. Please note that email is not a secure medium and should not be used to send confidential or sensitive information. By providing information online, you accept the inherent security risks of providing information over the Internet and will not hold us responsible for any breach of security, unless it is due to our negligence or willful default.

Data Transfer

ELS is a law firm comprised of multiple offices and plans to have affiliated entities. Details regarding our offices and affiliated entities can be found at our website (whenever applicable). Your personal information may be transferred to or shared across our integrated computer networks with one or more of ELS’s offices and our affiliated offices in Ethiopia and other countries that may not be subject to data protection laws similar to those prevailing in the jurisdiction in which such information is provided to or received by us. However, all of our offices adhere to the same procedures with respect to your personal information, including this Privacy Statement.

It is necessary to transfer personal information from and to other jurisdictions in order to provide our attorneys with access to clients’ personal information to enable them to provide legal services, wherever they are located, and for related purposes as set out in this Privacy Statement, including updates and enhancements to our records, analysis to help us manage our practice, statutory returns, legal and regulatory compliance, the administration and management of the Firm’s global IT systems, and our other legitimate business interests.

While our offices are in Ethiopia, not all of our offices are in countries that have the same data protection laws as Ethiopia. That said, with regard to all our offices, data flow and transfer will continue and remain safe.  When we transfer personal information, we have implemented adequate safeguards to appropriately protect such transfer of personal information as permitted under applicable data protection laws.  These safeguards are designed to protect your privacy rights and provide you with remedies in the unlikely event that your personal information is misused. 

Cookies

Our website uses certain tags, log files, web beacons, and similar tracking technologies from third parties (collectively, “cookies”), of which you should be aware. Please see our Cookie Policy to find out more about the cookies we use and how to manage and delete cookies.

Do Not Track

Please note that we do not support “Do Not Track” browser settings at this time.

Information Retention

Your personal information is only stored and retained for as long as necessary for the purposes set out in this Privacy Statement.  In determining the appropriate retention period, we consider the nature and duration of our relationship with you, the type of services provided, and the impact on our services if certain information is deleted.  In all cases, the Firm may retain personal information for additional time as required by applicable law; to establish, exercise or defend our legal rights; or, for other legitimate business purposes, including archiving and historical purposes.  We will maintain such data in an anonymized form where practical. 

Notification of Changes

We may occasionally update this Privacy Statement as our services and privacy practices change, or as required by applicable legal or regulatory requirements. Where it is practicable, we will notify you by email of any significant changes. However, the last update date is posted below, and we encourage you to review this Privacy Statement periodically to be informed of how we use your personal information.

Last Updated: December 25, 2023