III. Types of Data We Collect
We collect information (whether online, by phone, or by paper) that enables the ABA to identify or contact you (“Personal Data”) to carry out its business purposes. ABA Sites collect this information for a variety of business reasons, including but not limited to, applying for membership, registering for an ABA event or program, purchasing ABA products or services, or otherwise interacting with the ABA.
The types of Personal Data we collect include, but are not limited to:
- General data (e.g., names, dates of birth, home and business addresses, email addresses, Internet protocol addresses and mobile/landline business/personal telephone numbers that are provided by our members/customers)
- Professional data (e.g., bar pass date and state(s))
- Government-issued identification numbers (e.g., social security numbers, national identification numbers and tax identification numbers), for example from employees and independent contractors, but not from members unless the ABA makes payments to members, such as honoraria or royalties for publishing rights
- Other identification information (e.g., photographs)
- Financial information (e.g., credit and debit card numbers, credit reports, passwords and PIN numbers) for product sales or employment purposes
- Sensitive Personal Data (e.g., racial or ethnic origin, sexual orientation and disability data) for diversity or accessibility purposes
The ABA also receives Personal Data from third parties for the ABA’s use in marketing to potential new members, such as lists of new state bar admittees from various state bar entities.
We collect information (whether online, by phone, or by paper) that does not directly identify you as you interact with our Sites (“Non-Personal Data”). The types of Non-Personal Data we collect includes, but is not limited to:
- Site usage (e.g., browsing history, search terms, number of clicks, referring/exit pages, date/time stamp, time on Site)
- Products and services viewed, including advertisements for such products and services
- Computer type, operating system and platform type
- Internet service provider
- Your industry and business (e.g., company size and location, job functions and seniority levels)
IV. How We Use Your Data
In addition to the uses described above, we use your Personal Data, sometimes combined with Non-Personal Data, in a variety of ways including, but not limited to the below, in order to:
- Identify you when you visit our Sites
- Provide service communications such as bill reminders, order confirmations, program registrations and customer service messages
- Provide products, information and services you request or that we think you may be interested in
- Respond to your emails or online requests for products, services, or information
- Deliver and process surveys
- Personalize and improve the usability of the Sites
- Fulfill and/or deliver ABA products and services
- Tailor content, advertising and marketing to you
- Publish membership directories, membership lists and registration lists on the Sites and in print and digital media to allow lawyers and the public to find you; such directories and lists will not include credit card information or personal identification numbers such as social security numbers, as set forth in the “Contact Information” section below
We use Non-Personal Data to improve the usability of our Sites and for other business reasons. We or other third-party companies also use the Non-Personal Data to provide advertisements and targeted advertisements to you (ads based on the Non-Personal Data). We do not provide Personal Data to third parties with whom we share your Non-Personal Data. Please note that, when you select an advertising link or other link that takes you to sites not operated by the ABA, you may be subject to the privacy policies of these third-party sites.
V. How We Share Your Data
We share your Personal Data, sometimes combined with Non-Personal Data, in a variety of ways including, but not limited to the below:
- Share data with third parties to fulfill service requests and to perform business functions (e.g., the ABA contracts with third parties to provide services on our behalf such as data hosting services; packaging, mailing and delivering services; customer support and consulting services; and event registration services).
- Share data with third parties as required by law or to protect the ABA in the good-faith belief that such action is necessary to: (a) conform to legal requirements or comply with legal process served on the ABA; (b) protect and defend the ABA’s rights or property; or (c) protect the personal safety of ABA personnel or members of the public in appropriate circumstances.
- Share data with third parties if the ABA and/or its assets (or a portion of its assets) are sold, assigned, transferred, or merged, or if the ABA undergoes some other change including a change to its corporate form as part of a bankruptcy proceeding or otherwise; information may be transferred as part of that transaction or change.
- Share data with third parties to offer you products and services that may be of interest to you professionally or personally (e.g., membership renewal notices, products and services, business software solutions, or member product discounts). Users can request their information to be removed from such lists by contacting us, as set forth in the “Contact Information” section below.
- Share data with social media sites such as Facebook, LinkedIn, Twitter and others who may contact you with “targeted ads” relating to legal and other services.
- Share data with third parties under other unanticipated situations, but only with your consent.
- Share your email address, but only as permitted by the ABA Email Policy, as follows:
ABA does not sell or rent your email addresses to any party outside of the ABA. Except in certain circumstances for the purpose of conducting ABA business, your email addresses are not shared, without prior consent, with corporate sponsors, advertisers, member benefits providers, insurance providers (with the exception of USI Affinity for use in promoting ABA Insurance) or any third-party selling products and services on the Association’s behalf.
VI. How You Can Manage the Processing of Your Data
You can manage your profile and email preferences, including “opting out” of email by contacting us using the information in the “Contact Information” section below. If you prefer to receive hard copy mailings only from the ABA, you can contact us and request to have your name and address removed from the list we provide to third parties. For California residents, please consult the “California Privacy Rights” section for additional considerations.
Our processing of your data is based upon your consent, contract performance (e.g., your purchase of products or membership sign-up/renewal), legitimate business interest (e.g., direct marketing of goods and services), or compliance with law. You have the right to object to our processing of your data or to restrict our processing of your data. In addition, if you have consented to the processing of your Personal Data, you have the right to withdraw your consent at any time.
VII. California Privacy Rights
VIII. Canada Anti-Spam Law
The ABA complies with the Canada Anti-Spam Law. Non-ABA members or associates who provide us a Canadian mailing address will not receive unauthorized Commercial Electronic Messages (as defined under the Canada Anti-Spam Law) unless these individuals have “opted-in” to receive Commercial Electronic Messages.
We do not knowingly collect Personal Data from or market to children under the age of 13.
X. How We Protect Personal Data
XI. User ID and Password
Certain areas of the Sites require the use of a user ID, email address, or password as an additional security measure that helps protect your Personal Data. To help you protect your privacy, these Sites have tools to help you log in and log out.
XII. Linking to Other Internet Sites
XIII. How You Can Access, Change and Delete Your Personal Data
XIV. Cookies and Other Web Devices
XV. Transmission of Data to Other Countries
Your Personal Data is processed in the United States, where privacy laws may be less stringent than the laws in your country and where the government, courts, or law enforcement may be able to access your data. By submitting your Personal Data to us, you agree to the transfer, storage and processing of your Personal Data in the United States.
XVI. Right to Complain to Supervisory Authority
You, as the data subject, have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you believe that the processing of your personal data does not comply with legal requirements.
XVII. Breach Notification
In the event we determine the occurrence of a data security incident, we will notify you by email, US mail, telephone, or other means as permitted by law
XVIII. Contact Information
If you have questions, comments, or complaints concerning our privacy practices or if you wish to change, access, or remove your Personal Data, please contact us as indicated below. We will attempt, where practical, to respond to your requests and to provide you with additional privacy related information.
Effective Date: June 29, 2023