III. Types of Data We Collect
We collect information (whether online, by phone, or by paper) that enables the ABA to identify or contact you (“Personal Data”) to carry out its business purposes. ABA Sites collect this information for a variety of business reasons, including but not limited to, applying for membership, registering for an ABA event or program, purchasing ABA products or services, or otherwise interacting with the ABA.
The types of Personal Data we collect include, but are not limited to:
- General data (e.g., names, dates of birth, home and business addresses, email addresses, Internet protocol addresses and mobile/landline business/personal telephone numbers that are provided by our members/customers)
- Professional data (e.g., bar pass date and state(s))
- Government-issued identification numbers (e.g., social security numbers, national identification numbers and tax identification numbers), for example from employees and independent contractors, but not from members unless the ABA makes payments to members, such as honoraria or royalties for publishing rights
- Other identification information (e.g., photographs)
- Financial information (e.g., credit and debit card numbers, credit reports, passwords and PIN numbers) for product sales or employment purposes
- Sensitive Personal Data (e.g., racial or ethnic origin, sexual orientation and disability data) for diversity or accessibility purposes
The ABA also receives Personal Data from third parties for the ABA’s use in marketing to potential new members, such as lists of new state bar admittees from various state bar entities.
We collect information (whether online, by phone, or by paper) that does not directly identify you as you interact with our Sites (“Non-Personal Data”). The types of Non-Personal Data we collect includes, but is not limited to:
- Site usage (e.g., browsing history, search terms, number of clicks, referring/exit pages, date/time stamp, time on Site)
- Products and services viewed, including advertisements for such products and services
- Computer type, operating system and platform type
- Internet service provider
- Your industry and business (e.g., company size and location, job functions and seniority levels)
IV. How We Use Your Data
- Identify you when you visit our Sites
- Provide service communications such as bill reminders, order confirmations, program registrations and customer service messages
- Provide products, information and services you request or that we think you may be interested in
- Respond to your emails or online requests for products, services, or information
- Deliver and process surveys
- Personalize and improve the usability of the Sites
- Fulfill and/or deliver ABA products and services
- Tailor content, advertising and marketing to you
- Publish membership directories, membership lists and registration lists on the Sites and in print and digital media to allow lawyers and the public to find you; such directories and lists will not include credit card information or personal identification numbers such as social security numbers, as set forth in the “Contact Information” section below
We use Non-Personal Data to improve the usability of our Sites and for other business reasons. We or other third-party companies also use the Non-Personal Data to provide advertisements and targeted advertisements to you (ads based on the Non-Personal Data). We do not provide Personal Data to third parties with whom we share your Non-Personal Data. Please note that, when you select an advertising link or other link that takes you to sites not operated by the ABA, you may be subject to the privacy policies of these third-party sites.
V. How We Share Your Data
We share your Personal Data, sometimes combined with Non-Personal Data, in a variety of ways including, but not limited to the below:
- Share data with third parties to fulfill service requests and to perform business functions (e.g., the ABA contracts with third parties to provide services on our behalf such as data hosting services; packaging, mailing and delivering services; customer support and consulting services; and event registration services).
- Share data with third parties as required by law or to protect the ABA in the good-faith belief that such action is necessary to: (a) conform to legal requirements or comply with legal process served on the ABA; (b) protect and defend the ABA’s rights or property; or (c) protect the personal safety of ABA personnel or members of the public in appropriate circumstances.
- Share data with third parties if the ABA and/or its assets (or a portion of its assets) are sold, assigned, transferred, or merged, or if the ABA undergoes some other change including a change to its corporate form as part of a bankruptcy proceeding or otherwise; information may be transferred as part of that transaction or change.
- Share data with third parties to offer you products and services that may be of interest to you professionally or personally (e.g., membership renewal notices, products and services, business software solutions, or member product discounts). These third parties may include social media sites such as Facebook, LinkedIn, Twitter and others who may contact you with “targeted ads” relating to legal and other services. Users can request their information to be removed from such lists by contacting us, as set forth in the “Contact Information” section below.
- Share data with third parties under other unanticipated situations, but only with your consent.
- Share your email address, but only as permitted by the ABA Email Policy, as follows:
Your email address will be used only by the ABA, its entities and ABA vendors performing member services, or offering products on ABA’s behalf. ABA does not sell or rent email addresses to anyone outside the ABA, nor does the ABA share email addresses to unrelated third-parties, affiliates, or ABA members. Please understand, however, that in such cases, your email address may be visible to other attorneys, others who have interest in the legal profession and ABA events, as well as the public through ABA membership directories, membership lists and registration lists. The ABA also shares your email address with third parties to enable the ABA to take security measures to help protect against unauthorized access to or unauthorized alteration, disclosure, or destruction of data. Finally, the ABA shares email addresses with third parties as necessary for the ABA to perform certain services on our behalf, such as packaging, mailing and delivering products and processing event registrations and to respond to your service requests.
VI. How You Can Manage the Processing of Your Data
You can manage your profile and email preferences, including “opting out” of email by contacting us using the information in the “Contact Information” section below. If you prefer to receive hard copy mailings only from the ABA, you can contact us and request to have your name and address removed from the list we provide to third parties. For California residents, please consult the “California Privacy Rights” section for additional considerations.
Our processing of your data is based upon your consent, contract performance (e.g., your purchase of products or membership sign-up/renewal), legitimate business interest (e.g., direct marketing of goods and services), or compliance with law. You have the right to object to our processing of your data or to restrict our processing of your data. In addition, if you have consented to the processing of your Personal Data, you have the right to withdraw your consent at any time.
VII. California Privacy Rights
VIII. Canada Anti-Spam Law
The ABA complies with the Canada Anti-Spam Law. Non-ABA members or associates who provide us a Canadian mailing address will not receive unauthorized Commercial Electronic Messages (as defined under the Canada Anti-Spam Law) unless these individuals have “opted-in” to receive Commercial Electronic Messages.
We do not knowingly collect Personal Data from or market to children under the age of 13.
X. How We Protect Personal Data
XI. User ID and Password
Certain areas of the Sites require the use of a user ID, email address, or password as an additional security measure that helps protect your Personal Data. To help you protect your privacy, these Sites have tools to help you log in and log out.
XII. Linking to Other Internet Sites
XIII. How You Can Access, Change and Delete Your Personal Data
XIV. Cookies and Other Web Devices
XV. Transmission of Data to Other Countries
Your Personal Data is processed in the United States, where privacy laws may be less stringent than the laws in your country and where the government, courts, or law enforcement may be able to access your data. By submitting your Personal Data to us, you agree to the transfer, storage and processing of your Personal Data in the United States.
XVI. Right to Complain to Supervisory Authority
You, as the data subject, have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you believe that the processing of your personal data does not comply with legal requirements.
XVII. Breach Notification
In the event we determine the occurrence of a data security incident, we will notify you by email, US mail, telephone, or other means as permitted by law
XVIII. Contact Information
If you have questions, comments, or complaints concerning our privacy practices or if you wish to change, access, or remove your Personal Data, please contact us as indicated below. We will attempt, where practical, to respond to your requests and to provide you with additional privacy related information.
Effective Date: October 25, 2019