PRIVACY NOTICE OF THE LAW OFFICES OF MICHAEL IRA ASEN, P.C.
Effective Date: January 1, 2020
Last Modified: September 1, 2020
I.
Personal Information
THIS WEBSITE DOES NOT COLLECT ANY PERSONAL INFORMATION, AS DEFINED BY THE CALIFORNIA CONSUMER PROTECTION ACT OF 2018 (“CCPA”), OF ANY CONSUMER OR RESIDENT OF ANY U.S. STATE, TERRITORY OR THE DISTRICT OF COLUMBIA, INCLUDING CALIFORNIA.
THIS COMPANY DOES NOT SELL ANY PERSONAL INFORMATION OF ANY CONSUMER OR RESIDENT OF ANY U.S. STATE, TERRITORY OR THE DISTRICT OF COLUMBIA, INCLUDING CALIFORNIA.
All Personal Information is obtained from our client or may be an address updated by our service providers. Personal Information obtained from our client may include a name, address, date of birth, phone number and narrative of events, along with other non-personal or internal information.
From time to time, we may receive updated address information from service providers to help us correct or supplement our records. We do not allow any service provider to use your Personal Information for any purpose other than providing a service to us. We do not allow any service provider to share or sell your Personal Information for any purpose. The categories of Personal Information we may share with a service provider are a name, address and date of birth.
Any Personal Information submitted when making a payment on this website is for a one-time transient use and we do not retain any Personal Information submitted, which includes but not limited to, credit card, debit card or electronic check information.
II.
Security of Personal Information
We will use commercially reasonable security measures for our computer systems and information storage facilities which safeguard against the unauthorized destruction, loss, alteration of or access to Personal Information whether such Personal Information is (a) on our systems or stored at at our facilities; (b) in transit or being disposed of; or (c) in hard copy or electronic format. All electronic Personal Information will reside behind an appropriate and secure firewall and will be encrypted using a cryptographic algorithm employing a key length of at least 128 bits or higher standard when transmitting over networks outside our clients’ systems or facilities including in any portable device (i.e., laptop, CDs, DVDs, USB, flash drives).
We also protect your information offline. Only employees who need the information to perform a specific job are granted access to Personal Information.
III.
PCI Compliance
In fulfilling our obligations to our clients, we may have access to credit, debit or other cardholder payment information, including portions thereof. While, we do not host nor store said data we acknowledge that we will comply with the most current PCI Data Security Standard (PCI DSS) in connection with creating, implementing and monitoring secure measures to limit access to cardholder data.
IV.
California Privacy Rights
If you are a California resident you have the right to request information from us regarding the Personal Information we collect about you and the manner in which we share certain categories of your Personal Information with service providers. California law provides that you have the right to submit a request to us at our designated address or email address as found below and receive the following information:
- The categories of information we may collect, such as an updated address or phone number and the categories of information we may disclose to service providers; and
- The names and addresses of service providers that received such information, or if the nature of their business cannot be determined from the name, then examples of the services.
- Provide access to and/or a copy of certain Personal Information we hold about you; and
- Delete certain information we have about you.
Regulations by the California Attorney General prohibit us from disclosing specific pieces of Personal Information if the disclosure creates a substantial, articulable and unreasonable risk to the security of that information or the security of our systems or networks. These regulations further prohibit us from disclosing in response to a consumer’s request a Social Security number, driver’s license number, other government issued identification number, financial account number, any health insurance or medical identification number, an account password or security questions and answers.
Before we respond to a any request involving Personal Information, the CCPA requires that we confirm the identity of the person making the request, and if the request is made on behalf of another person, his or her authority to make the request on the other person’s behalf. We are not obligated to provide or delete any information pursuant to your request if we are unable to adequately verify your identity or the identity of the person making a request on your behalf. Accordingly, we will take reasonable steps to verify your identity before responding to any request, which may include, at a minimum, depending on the sensitivity of the Personal Information you are requesting and the type of request you are making, verify your name, email address and other information. If we cannot verify your identity, we will not not be able to respond to or take action upon such a request.
You are also permitted to designate an authorized agent to submit certain requests on your behalf. In order for an authorized agent to be verified, you must provide the authorized agent with signed written permission to make such requests or a power of attorney. We may also follow up with you to verify your identity before processing the authorized agent’s request.
Should a request be made, we will confirm receipt of the request within ten (10) days of its receipt. We will endeavor to respond to requests within forty-five days of receipt. If we require more time (up to an additional forty-five (45) days), we will inform you of the reason for the extension in writing.
We will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the twelve (12) month period preceding receipt of the request. The response we provide will also explain any reasons we cannot comply with a request, if applicable. We will select a format to provide your Personal Information that is readily useable and should allow you to transmit the Personal Information from one entity to another entity without hinderance.
We do not charge a fee to process or respond to your request and we cannot and will not discriminate against any person, including with respect to the quality or cost of our services, on the basis of any request with respect to your Personal Information.
You have the right to request we delete any of your Personal Information that we have collected from you and retained, subject to certain exceptions. Once we have verified your deletion request, we will delete (and direct our service providers to delete) the Personal Information identified in your request, except for Personal Information that is exempted by statute or regulation.
Please note that certain information may be exempt from any delete request under California law. The CCPA provides that we are not required to comply with a delete request if the information is necessary for us to, among other reasons:
- Comply with a legal obligation.
- Exercise free speech, to ensure the rights of others to exercise their rights to free speech, or to exercise any other right provided by law.
Furthermore, we are not obligated under the CCPA to respond to any request where compliance or disclosure would violate an evidentiary privilege under California law, or conflict with federal or state law.
Although we do not sell Personal Information, you still have the right to opt-out of the sale of your Personal Information by contacting us as described below.
If there is a discrepancy between any of the provisions of this Privacy Notice and the requirements of the CCPA involving an individual who is a California resident, the CCPA shall govern our obligations and responses.
If you choose to make a request by email, please provide your full name, preferred email address, your phone number and our internal file number, if known. Your email should also describe your request with sufficient detail that allows us to properly understand, evaluate and respond to it. DO NOT SEND YOUR SOCIAL SECURITY NUMBER, CREDIT CARD NUMBER, PASSPORT NUMBER OR OTHER IDENTIFICATION NUMBER.
You are entitled to receive a copy of this information in a standardized format and the information will not be specific to you individually. You may make such a request or express any questions or concerns regarding this Privacy Notice or concerns regarding same by writing to us at 1400 Old Country Rd., Ste 210, Westbury, NY 11590, emailing us at Privacy@asenlaw.com or calling (877) 490-4400.
IV.
Changes to Privacy Notice
This Privacy Notice is effective as of the date first written above and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.
We reserve the right to update or change our Privacy Notice at any time and you should check this Privacy Notice periodically. Your continued use of this website after we post any modifications to the Privacy Notice on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Notice.
If you have concerns or questions regarding our privacy practices or this Privacy Notice you may contact us at (877) 490-4400.