Privacy Notice

Effective Date: April 3, 2024

Ritter Gallagher (the “Firm,” “we,” “us” or “our”) respects your privacy and is committed to protecting it through the practices described in this Privacy Notice (or “Notice”). This Privacy Notice explains how we collect, use, store, disclose and otherwise process Personal Information, also referred to as “personal data,” about current, former and prospective clients; visitors to our website www.rittergallagher.com (the “Website”); visitors to our Firm-hosted events; attendees of our webinars or other online presentations; and any other individuals about whom we collect Personal Information.

Terms that are capitalized in this Notice are defined within. Please read this Privacy Notice carefully to understand our policies and practices. The Notice may change from time to time (see the Changes to This Privacy Notice section below for more information). Please check the Website periodically for updates.

Table of Contents

  1. Personal Information We Collect & How We Collect It

  2. How We Use Personal Information

  3. Disclosures of Personal Information

  4. Your Privacy Rights and Choices

  5. Data Security and Retention

  6. Children’s Privacy

  7. Changes to this Privacy Notice

  8. Contact Us

1. Personal Information We Collect & How We Collect It

“Personal Information” in this Notice means information that identifies, relates to, describes, is reasonably capable of being associated with, or that could reasonably be linked, directly or indirectly, with a particular individual, including Device, Internet and Network Activity Information. “Device, Internet and Network Activity Information” refers to information that we and our Service Providers collect through online interactions with individuals who visit our Website.

We collect Personal Information from clients, prospective clients and other individuals who are interested in the Firm and our legal services. Personal Information obtained from or relating to the Firm’s prospective, current or former clients may be subject to separate or additional terms of any notice, engagement letter or other similar letters or agreements with the client, the American Bar Association’s (ABA) Model Rules of Professional Conduct, and applicable laws and professional principles, in addition to this Notice.

We also receive Personal Information about individuals from our clients in the course of providing our legal services. In addition, we receive Personal Information about individuals from our Service Providers, including technical, billing and accounting firms; data analytics and internet providers; and other third-party sources.

We may collect or receive the following categories of Personal Information in the course of our business, including through your use of the Website, when you contact or request information from us, when you visit us, attend our events, or when we provide legal services to our clients:

  • Identifiers and Contact Information, such as name, email address, company affiliation, business mailing address and phone number(s).

  • Sensitive Personal Information, also referred to as special categories of personal data, which includes information that may be protected under applicable law in certain circumstances including, but not limited to, driver’s license number, Social Security Number (SSN), Tax ID number, passport number, state identification number, other government-issued identifiers, financial information, certain types of insurance information, and health-related information.

  • Financial Information, such as bank account, invoicing and tax information.

  • General Geolocation Data, such as country location.

  • Audio, Electronic and Visual Information, such as a photograph or video recording when you attend a Firm-hosted webinar or other event; audio recording when you call us; and contents of your emails or other written communications that you send to us.

  • Legal Ethics and Regulatory Compliance Information, as required for purposes such as client onboarding procedures, conflict assessments and Know Your Client and other due diligence exercises.

  • Service Information, such as Personal Information necessary for the provision or receipt of legal services, including Personal Information related to your employees, customers, service providers and other third parties.

  • Other Information that you choose to share with us.

We may supplement the information provided directly to us with information that we receive or obtain from other sources, such as from our staff or personnel, clients, professional advisers, partners and agents of Ritter Gallagher, third parties with whom we interact, and other publicly available sources.

We will only process Sensitive Personal Information to provide and support our legal services, comply with our legal obligations and/or to establish, exercise or defend a legal claim. We do not collect or process Sensitive Personal Information other than for internal business or compliance purposes and/or in the course of providing legal advice to our clients. We do not collect, use or disclose this information to infer characteristics about individuals.

Device, Internet and Network Activity Information we collect may include:

Device Data, such as information about your computer, mobile phone, tablet or other device you use to access the Website. Depending on the device used, this device data may include information such as your IP address (or proxy server), device and application identification

numbers, general geolocation, device and/or browser type, hardware model, internet service provider and/or mobile carrier, operating system, mobile platform and system configuration information.

Log and Usage Data, including service-related, diagnostic, usage and performance information our servers automatically collect when you access or use our Website and which we record in log files. Depending on how you interact with us, this log data may include information about your activity on the Website (such as the date/time stamps associated with your usage, pages and files viewed, searches and other actions you take such as which features you use) and device event information (such as system activity, error reports, sometimes called “crash dumps,” and hardware settings).

Cookies and Other Tracking Technologies, such as first- and third-party products and services to gather traffic statistics using cookies, pixels or web beacons. A cookie is a small piece of information stored on your device that helps websites and servers recognize you. The Firm and our Service Providers may also use other technologies such as pixels, or transparent GIF files, for website management.

Examples of cookies and other technologies we may use on our Website include those listed below. We do not deploy cookies or other tracking technologies on our Website for targeted or cross-context behavioral advertising purposes, nor do we allow third-parties to do so.

Essential Cookies. These cookies are necessary for the Website to function properly. They help improve visitor experience, make the site easier for you to use and facilitate provision of requested online services and transmission of communications over a network.

  • Functional Cookies. These cookies are not essential for the Website to function properly, but allows our Website to remember a visitor’s preferences and personalize a visitor’s Website experience.

  • Performance & Analytics Cookies. These cookies are used to gather statistical data on how visitors use the Website, such as which webpages are visited most frequently, so that we can determine how it is performing and make improvements to its functionality and performance.

  • Other Technologies. We may collect many different types of information from other technologies to improve the quality of our Website and the services it provides. For example, we may collect information about the device you use to access our Website, your operating system and/or mobile device type, browser type, domain and other system settings, as well as the language your system uses and the country and time zone where your device is located. We may record the IP address of the device you use to connect to the internet.

We do not currently respond to web browser “do not track” signals. For more information, visit www.allaboutdnt.com.

2. How We Use Personal Information

We use Personal Information for our business purposes, including to provide and improve the Website and other services we make available to you, to provide clients with legal services, respond to your inquiries and requests, to prevent fraud and other criminal activity, for marketing purposes and for other purposes about which we may notify you and obtain your consent. For example, we may use your Personal Information for the following purposes and pursuant to the following legal bases, as permitted or required by law:

  • Provision of Legal Services. We use information voluntarily provided to us before, during and after the course of our engagement, such as identifiers, contact information and other information that we may use in connection with the engagement, in order to perform our contracts with clients for legal services.

  • Administration of Client Relationships. We use identifiers and contact information, financial information and other service-related information to administer our relationship with our clients pursuant to the contracts we have with them, including for the processing of invoices, updating of client records and addressing client inquiries or feedback.

  • Sending Relevant Marketing Messages and Inviting You to Events/Seminars. We may use identifiers, contact information and mailing list data to communicate with you by way of email and social media for our legitimate interest in providing you with information about our events, seminars, content, or services that may be of interest to you.

  • Improving our Website. We may use Device, Network and Internet Activity Information gathered by cookies and other technologies to improve the content and functionality of our Website, and to gather statistics about its use.

  • Keeping our Website and IT Systems and Processes Safe. We use identification data, contact information, and Device, Internet and Network Activity Information for our legitimate interest in ensuring the security and confidentiality of our Website, network and your data, as well as to prevent illegal activities, including fraud, which could harm you and us.

  • Complying with Legal and Ethical Requirements. We use identification data, contact information, and financial information to comply with legal and regulatory requirements, including for Know Your Client or fraud detection purposes, other industry-specific regulatory requirements and fulfillment of the Firm’s legal and ethical obligations.

3. Disclosures of Personal Information

We do not sell Personal Information or share it with third parties for targeted advertising purposes. We may disclose your Personal Information to the following categories of recipients:

  • With our Service Providers and Processors who we utilize to provide or facilitate our legal services to clients and our business. A “Service Provider” or “Processor” is an entity that processes Personal Information on our behalf, and at our direction, in connection with performing certain functions. For example, we may disclose information to our client management database, cloud-hosting and other web-based product providers that help us maintain our Website, applications and systems in order to perform our legal services. These Service Providers are contractually prohibited from selling or sharing, or otherwise utilizing, Personal Information for any purpose other than that which is set forth in our contract with them.

  • With our clients as necessary in the course of our representation;

  • With professional advisors, partners, consultants expert witnesses and agents of the Firm to provide and administer our services;

  • As part of a merger, acquisition or other corporate transaction;

  • With law enforcement or a government agency, regulatory authority or court in response to any subpoena, court order or other legal demand, or to establish or protect our legal rights, property or safety; the rights, property or safety of others; or to defend against legal claims; and

  • With other parties when we have your consent to do so.

4. Your Privacy Rights and Choices

You may have certain rights with respect to your Personal Information, depending on the applicable data protection laws in your jurisdiction. These rights may include:

  • Your Right to Request Access to Your Information/Right of Data Portability. You may have the right to request access to your Personal Information and, where technically feasible, request a copy of your Personal Information. You may also have the right to obtain information about how we process or disclose your Personal Information.

  • Your Right to Correct Inaccurate Information/Right of Rectification. You may have the right to request that we correct any inaccurate or incomplete Personal Information we have about you. Please note that we may not be able to alter certain information depending on legal obligations or exceptions.

  • Your Right to Request that We Delete Your Information/Right of Erasure. You may have the right to request that we delete your Personal Information. Please note that we may not be able to delete certain information depending on legal obligations or exceptions. See the Data Security and Retention section below for more information about why we may retain your information.

  • Your Right to Limit the Use of Sensitive Personal Information. You may have the right to restrict how we use your Sensitive Personal Information. However, we do not process or disclose Sensitive Personal Information for reasons that are impermissible under applicable law.

  • Your Right to Restrict Processing. In some circumstances, you may have the right to obtain restriction of processing of your Personal Information if, for example, you contest the accuracy of the Personal Information in our systems. Please note that this right is subject to exceptions where processing is necessary to establish, exercise or defend legal claims, or where the processing is necessary to protect the rights of another natural or legal person.

  • Your Right to Withdraw Consent. You may have the right to withdraw your prior consent to certain processing of your Personal Information.

  • Your Right to Non-Discrimination. We will not discriminate against you for exercising your privacy rights and choices.

Exercising Your Rights

If you would like to exercise any of these rights, please email us at contact@rittergallagher.com. To protect your Personal Information, we may ask you to provide additional information to verify your identity. You may also have the right to submit a request to exercise your rights through an authorized agent, in which case your agent may be required to present signed written permission to act on your behalf. You may be required to independently verify your identity with us and confirm that you have provided authorization to the agent. You may have the right to submit an appeal if you are not satisfied with the outcome of your request. Please send appeals directly to contact@rittergallagher.com.

Please note that with respect to Personal Information about you that we may have received from our clients, such as about their employees, customers or other third parties, our clients are responsible for facilitating the exercise of the rights listed above.

5. Data Security and Retention

We take reasonable steps to protect the Personal Information provided to us. However, no method of transmission over the internet or method of electronic storage is 100% secure or error free. As such, we make no representation as to the efficacy or appropriateness of the technical, administrative and procedural measures we use to safeguard data.

Except as otherwise permitted or required by applicable law or regulation, we will only retain your Personal Information for as long as necessary to fulfill the purposes for which we collected it; as required to satisfy any legal, accounting or reporting obligations; or as necessary to resolve disputes. The criteria used to determine the applicable retention period for your Personal Information includes the length of time we have an ongoing relationship with you and provide services to you and our clients, and whether there is a legal obligation to which we are subject that requires us to retain your information.

6. Children’s Privacy

We do not intend to directly collect Personal Information from anyone we know to be a child under the age of 18, except as permitted by law in the course of providing our client legal services. If we learn that we have unknowingly directly collected or received Personal Information from a child under 18 other than in the course of representing our clients, we will make reasonable efforts to delete such information from our records. If you believe that we might have any information from or about a child under 18, we ask that a parent or guardian contact us at contact@rittergallagher.com.

7. Changes to this Privacy Notice

Please review the Effective Date at the top of this page to determine when this Privacy Notice was last revised.

From time to time, we may modify this Privacy Notice. If we make changes to this Privacy Notice, we will post the new Privacy Notice on this page with an update to the Notice’s effective date. We encourage you periodically to check this page for updates.

8. Contact Us

If you have any questions about this Privacy Notice or our Personal Information collection practices, please contact us at contact@rittergallagher.com. We endeavor to respond to general privacy inquiries within 30 business days or as otherwise required by law.

Individuals with disabilities who are unable to usefully access our Privacy Notice online may contact us at the above-listed contact information to inquire how they can obtain a copy of our Privacy Notice in another, more easily readable format.