Last Updated: June 30, 2023

Morrison & Foerster LLP and its affiliates want you to be familiar with how we collect, use and disclose information. This Privacy Policy describes our practices in connection with information that we collect online and offline:

  • through our websites (“Websites”);
  • through the software applications made available by us for use on or through computers and mobile devices (“Apps”);
  • through social media properties (“Our Social Media”) from which you are accessing this Privacy Policy;
  • through HTML-formatted email messages that we send to you that link to this Privacy Policy (“Emails”);
  • through SharePoint sites made available to our clients and third parties (“SharePoint Sites”);
  • through services we provide to our corporate and institutional clients (“Client Services”); and
  • through any other offline business interactions you may have with us (“Offline Interactions).

COLLECTION OF PERSONAL INFORMATION

Collectively, we refer to the Websites, the Apps, Our Social Media, Emails, SharePoint Sites, Client Services and Offline Interactions as the “Services.”

Personal Information” is information that identifies you as an individual or relates to an identifiable individual.

  • Name
  • Postal address (including personal, business, billing and shipping addresses)
  • Telephone number
  • Email address (personal and business)
  • Job title and employer

We and our service providers collect Personal Information in a variety of ways, including:

  • Through the Services
    • We collect Personal Information through the Services, for example, when you sign up for a newsletter, request Services, register for a seminar, use Services that can be accessed only by authenticated users who have logged in, participate in a contractual arrangement for Client Services, provide information in conjunction with our Client Services, or when you interact with us at an event, call our reception desk or otherwise visit one of our offices.
  • From Other Sources
    • We receive your Personal Information from other sources, for example:
      • publically available databases;
      • joint marketing partners and event sponsors, when they share the information with us;
      • partner Client Services organizations (such as Pro Bono groups and nonprofits);
      • entities to which we provide Client Services, which may include your employer;
      • social media platforms.

We need to collect Personal Information in order to provide the requested Services to you. If you do not provide the information requested, we may not be able to provide the Services. If you disclose any Personal Information relating to other people to us or to our service providers in connection with the Services, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.

[Back to Top/Main Menu]

USE OF PERSONAL INFORMATION

We and our service providers use Personal Information for legitimate business purposes, including:

  • Providing the functionality of the Services and fulfilling your requests.
    • To provide the Services’ functionality to you, such as arranging access to your registered account, and providing you with related client service.
    • To respond to your inquiries and fulfill your requests, when you contact us via one of our online contact forms or otherwise (e.g., when you send us questions, suggestions, compliments or complaints, or when you request other information about our Services).
    • To send administrative information to you, such as information regarding the Services and changes to our terms, conditions and policies.
    • To allow you to send Services-related content to another person through the Services if you choose to do so.

We will engage in these activities to manage our contractual relationship with you and/or to comply with a legal obligation.

  • Providing you with our newsletter and/or other marketing materials and facilitating social sharing
    • To send you our newsletters, publications, legal updates, and mailings related to our seminars or events that we think may be of interest to you.
    • To fulfill your event registration requests and provide services, including the provision of seminars and other events.
    • To send you information about our services and other news about our firm.

We will engage in this activity with your consent or where we have a legitimate interest.

  • Aggregating and/or anonymizing Personal Information.
    • We may aggregate and/or anonymize Personal Information so that it will no longer be considered Personal Information. We do so to generate other data for our use, which we may use and disclose for any purpose.
  • Accomplishing our business purposes.
    • For data analysis, for example, to improve the efficiency of our Services.
    • For audits, to verify that our internal processes function as intended and are compliant with legal, regulatory or contractual requirements.
    • For fraud and security monitoring purposes, for example, to detect and prevent cyberattacks or attempts to commit identity theft.
    • To meet our legal and regulatory obligations.
    • For enhancing, improving, or modifying our current products and services.
    • For identifying usage trends, for example, understanding which parts of our Services are of most interest to users.
    • For determining the effectiveness of our promotional campaigns, so that we can adapt our campaigns to the needs and interests of our users.
    • For operating and expanding our business activities, for example, understanding which parts of our Services are of most interest to our users so we can focus our energies on meeting our users’ interests.

We engage in these activities to manage our contractual relationship with you, to comply with a legal obligation, and/or because we have a legitimate interest.

  • Providing Client Services.
    • To validate authorized signatories when concluding agreements and transactions.
    • To contact individuals (including employees of institutional clients) in connection with providing Client Services.
    • To respond to inquiries and fulfill requests from our clients, administer their file(s), provide legal services and manage our relationships.

We engage in these activities to manage our contractual relationship with you, to comply with a legal obligation, and/or because we have a legitimate interest.

[Back to Top/Main Menu]

DISCLOSURE OF PERSONAL INFORMATION

We disclose Personal Information:

  • To our affiliates for the purposes described in this Privacy Policy.
    • You can consult the list and location of our affiliates here [Affiliates]. Subject to local requirements, this information may be used to provide legal and related services offered by our other legal entities and for all the purposes outlined in this Privacy Policy.
    • Morrison & Foerster LLP is the party responsible for the management of the jointly-used Personal Information.
  • To our third party service providers, to facilitate services they provide to us.
    • These can include providers of services such as website hosting, Services-related consulting and monitoring, data analysis, information technology and related infrastructure provision, customer service, email delivery, auditing, and other services related to meeting our clients’ legal needs.
  • By using the Services, you may elect to disclose Personal Information
    • On message boards, chat, profile pages, blogs and other services to which you are able to post information and content (including, without limitation, our Social Media), or through which you are able to send messages through the Services.  Please note that any information you post or disclose through these services will become public and may be available to other users and the general public.

We also use and disclose your Personal Information as necessary or appropriate, especially when we have a legal obligation or legitimate interest to do so:

  • To comply with applicable law and regulations.
    • This can include laws outside your country of residence.
  • To cooperate with public and government authorities.
    • For example, when we respond to a request or provide information we believe is important.
    • These can include authorities outside your country of residence.
  • To cooperate with law enforcement.
    • For example, when we respond to law enforcement requests and orders or provide information we believe is important.
  • For other legal reasons.
    • To enforce our terms and conditions; and
    • To protect our rights, privacy, safety or property, and/or that of our affiliates, you or others.
  • In connection with a sale or business transaction.
    • We have a legitimate interest in disclosing or transferring your Personal Information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings) Such third parties may include, for example, an acquiring entity and its advisors.

[Back to Top/Main Menu]

OTHER INFORMATION

Other Information” is any information that does not reveal your specific identity or does not directly relate to an identifiable individual

  • Browser and device information
  • App usage data
  • Information collected through cookies, pixel tags and other technologies
  • Demographic information and other information provided by you that does not reveal your specific identity
  • Information that has been aggregated in a manner such that it no longer reveals your specific identity

If we are required to treat Other Information as Personal Information under applicable law, then we may use and disclose it for the purposes for which we use and disclose Personal Information as detailed in this Policy.

We and our service providers may collect Other Information in a variety of ways, including: 

  • Through your browser or device:
    • Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Mac), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version and the name and version of the Services (such as the App) you are using.  We use this information to ensure that the Services function properly.
  • Through your use of the App
    • When you download and use the App, we and our service providers may track and collect App usage data, such as the date and time the App on your device accesses our servers and what information and files have been downloaded to the App based on your device number.
  • Using cookies
    • Cookies are pieces of information stored directly on the computer that you are using.  Cookies allow us to collect information such as browser type, time spent on the Services, pages visited, language preferences and other traffic data.  We do not currently respond to browser do-not-track signals. To learn more about how we use cookies, or to opt out of the collection and use of cookies, please see our Cookies Policy by clicking here.
  • Using pixel tags and other similar technologies
    • Pixel tags (also known as web beacons and clear GIFs) may be used to, among other things, track the actions of users of the Services (including email recipients), measure the success of our marketing campaigns, and compile statistics about usage of the Services and response rates.
    • Analytics.
      • We use Google Analytics, which uses cookies and similar technologies to collect and analyze information about use of the Services and report on activities and trends.  This service may also collect information regarding the use of other websites, apps and online resources. You can learn about Google’s and YouTube’s practices by going to www.google.com/policies/privacy/partners/, and opt out of them by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout. To view Google’s and YouTube’s privacy policy, please click here.
      • We use SiteImprove, which uses cookies to collect information about how visitors use the Site. We use this information to compile reports and to help us improve the Site. The cookies collect information in an anonymous form, including the number of visitors to the Site, where visitors have come to the Site from and the pages they visited.
      • To opt out of being tracked by cookies across all websites visit http://tools.google.com/dlpage/gaoptout.
  • IP Address
    • Your IP address is automatically assigned to your computer by your Internet Service Provider.  An IP address may be identified and logged automatically in our server log files whenever a user accesses the Services, along with the time of the visit and the page(s) that were visited.  Collecting IP addresses is standard practice and is done automatically by many websites, applications and other services.  We use IP addresses for purposes such as calculating usage levels, diagnosing server problems and administering the Services.  We may also derive your approximate location from your IP address.

We may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law.  In some instances, we may combine Other Information with Personal Information. If we do, we will treat the combined information as Personal Information as long as it is combined.

[Back to Top/Main Menu]

SECURITY

We seek to use reasonable organizational, technical and administrative measures to protect Personal Information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure.  If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contacting Us” section below.

[Back to Top/Main Menu]

CHOICES AND ACCESS

You have choices regarding marketing-related communications. If you no longer want to receive marketing-related emails from us on a going-forward basis, you may opt-out by following the unsubscribe instructions in any such message or by contacting us by email at MoFoNews@MoFo.com. We will try to comply with your request(s) as soon as reasonably practicable.  Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages, from which you cannot opt-out.

If you would like to request to review, correct, update, suppress/delete, or object to or restrict processing of Personal Information that you have previously provided to us, or if you would like to request to receive an electronic copy of your Personal Information for purposes of transmitting it to another company, please use our online form which you can find here, or feel free to contact us in accordance with the Contacting Us section below.  We will respond to your request consistent with applicable law. If you are a California resident, please refer to the “Additional Information Regarding California” section at the end of this Policy for more information about the requests you may make under the CCPA.

In your request, please make clear what Personal Information you would like to have changed, whether you would like to have your Personal Information suppressed from our database or otherwise let us know what limitations you would like to put on our use of your Personal Information.  For your protection, we may need to verify your identity before implementing your request.  We will try to comply with your request as soon as reasonably practicable. 

Please note, however, that certain Personal Information may be exempt from requests pursuant to applicable data protection laws or other laws and regulations, such as for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion.

RETENTION PERIOD

We retain Personal Information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law.  The criteria used to determine our retention periods include:

  • The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you have an account with us or keep using the Services);
  • The length of time we have an ongoing relationship with you as our client and provide you with Client Services;
  • Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions or communications for a certain period of time before we can delete them); or
  • Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations). 

[Back to Top/Main Menu]

THIRD PARTY SERVICES

This Privacy Policy does not address, and we are not responsible for, the privacy, information or other practices of any third parties.

This includes any third party operating any website or service to which the Services link.  The inclusion of a link on the Services does not imply endorsement of the linked site or service by us or by our affiliates.

In addition, we are not responsible for the information collection, use, disclosure or security policies or practices of other organizations, such as Facebook, Apple, Google, Microsoft, RIM or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including with respect to any Personal Information you disclose to other organizations through or in connection with the Apps or our Social Media.

[Back to Top/Main Menu]

SPECIAL NOTIFICATION ABOUT WEBINARS

Webinars offered as a service to users of the Services (“Webinars”) are hosted by unaffiliated third party vendors, and not by us.

Our third-party vendors require users to provide Personal Information. This Personal Information includes name and email address. Users seeking continuing legal education credit also may be asked to provide their State Bar number(s). Please note that this Personal Information is collected by our vendors and not by us. We encourage you to read the privacy statements of our vendors, which control how such vendors handle Personal Information provided by you to register for the Webinars.

Additionally, our third-party vendors provide us with Personal Information about users of our Webinars. We use this Personal Information to track attendance, to facilitate future communication with such users, and for other purposes set forth in this Privacy Policy.

[Back to Top/Main Menu]

USE OF SERVICES BY MINORS

The Services are not directed to individuals under the age of eighteen (18), and we do not knowingly collect Personal Information from individuals under 18.

[Back to Top/Main Menu]

CROSS-BORDER TRANSFER

Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers. By using the Services you understand that your information will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country.  In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.

Some countries outside of the European Economic Area (the “EEA”) are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these “specified countries” is available here). The UK recognizes the EEA and the specified countries as providing an adequate level of data protection according to UK standards. For transfers from the EEA or the UK to countries not considered adequate by the European Commission or the UK government (as applicable), we have put in place adequate measures, such as standard contractual clauses adopted by the relevant authority, to protect your Personal Information. You may obtain a copy of these measures by clicking here.

[Back to Top/Main Menu]

SENSITIVE INFORMATION

We ask that you not send us, and you not disclose, any sensitive Personal Information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Services or otherwise to us.

[Back to Top/Main Menu]

UPDATES TO THIS PRIVACY POLICY

The “LAST UPDATED” legend at the top of this Privacy Policy indicates when this Privacy Policy was last revised.  Any changes will become effective when we post the revised Privacy Policy on the Services.  

[Back to Top/Main Menu]

CONTACTING US

Morrison & Foerster LLP, located at 425 Market Street. 32nd Floor, San Francisco, CA USA 94105, is the company responsible for collection, use and disclosure of your Personal Information under this Privacy Policy.

If you have any questions about this Privacy Policy, please contact us.

You can reach us at Compliance@MoFo.com or at:

Morrison Foerster, Human Resources - Data Compliance, 425 Market Street, 32nd Floor, San Francisco, CA 94105

Because email communications are not always secure, please do not include credit card or other sensitive information in your emails to us.

[Back to Top/Main Menu]

AFFILIATES

For purposes of this Privacy Policy, these entities are considered to be “affiliates” of Morrison & Foerster LLP:

  • Morrison & Foerster (UK) LLP
  • MoFo Secretaries, Limited
  • Morrison & Foerster, a Hong Kong general partnership
  • MoFo China Corporate Services Limited
  • MoFo China Notices Limited
  • Morrison & Foerster Gaikokuho Jimu Bengoshi Jimusho
  • Morrison & Foerster Asia Services, LLP
  • Morrison Foerster Horitsu Jimusho
  • Morrison & Foerster (Singapore) LLP, a Singapore limited liability partnership
  • Morrison & Foerster (International) LLP

[Back to Top/Main Menu]

ADDITIONAL INFORMATION REGARDING THE EEA AND THE UK

You may lodge a complaint with a data protection authority for your country or region, or where an alleged infringement of applicable data protection law occurs. A list of EEA data protection authorities is available at: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm. Information regarding the UK data protection authority is available at: https://ico.org.uk/.

[Back to Top/Main Menu]

ADDITIONAL INFORMATION REGARDING CALIFORNIA

California Consumer Privacy Act

Pursuant to the California Consumer Privacy Act of 2018, as amended by the Consumer Privacy Rights Act of 2020, (collectively, the “CCPA”), we are providing the following additional details regarding the categories of Personal Information about California residents that we collect, use, and disclose. This section supplements the information provided above in this Privacy Policy.

Categories of Personal Information Collected and Disclosed

The following chart details which categories of Personal Information about California residents we collect, as well as which categories of Personal Information we have collected and disclosed for our operational business purposes in the preceding 12 months:

Category of Information Collected

Disclosed

Identifiers such as name, postal address, online/device identifier, IP address, email address and social media account.

To affiliates and service providers.

Personal information as defined in the California customer records law, such as name, signature, contact information, and social media account handle and other information you may share or make public on social networks.

To affiliates and service providers.

Characteristics of protected classifications under California or federal law, which we may collect in order to provide you with our Client Services, such as age.

To affiliates and service providers.

Commercial information, such as Client Services transaction history, financial details and payment information.

To affiliates and service providers.

Internet or other electronic network activity information, such as browsing history and interactions with our Websites, applications, systems, and emails.

To affiliates and service providers.

Geolocation data, such as device location and IP location.

To affiliates and service providers.

Audio, electronic, visual and similar information, such as call recordings and CCTV footage created for safety and security purposes, and audio and video recordings of events, conferences and meetings.

To affiliates and service providers.

Professional or employment-related information, such as employer name and role/title.

To affiliates and service providers.

Education information subject to the federal Family Educational Rights and Privacy Act, such as student records.

To affiliates and service providers.

Sensitive Personal Information. Personal Information that reveals an individual’s Social Security, driver’s license, state identification card, government-issued ID or passport number.

To affiliates and service providers.

We retain each category of Personal Information, including Sensitive Personal Information, as described above under “Retention Period”.

We do not “sell” Personal Information, including Sensitive Personal Information, and we do not “share” Personal Information, including Sensitive Personal Information, for purposes of cross-context behavioral advertising, as defined under the CCPA. We have not engaged in such activities in the preceding 12 months. Without limiting the foregoing, we do not sell or “share” Personal Information, including Sensitive Personal Information, of minors under 16 years of age.

We collect, use and disclose Personal Information for the purposes described above under “Use of Personal Information”.

Purposes for the Collection, Use and Disclosure of Sensitive Personal Information

We collect, use and disclose Sensitive Personal Information for purposes of performing services for our business, providing goods or performing services as requested or reasonably expected by you, ensuring safety, security and integrity, countering wrong or unlawful actions, short term transient use, servicing accounts, providing customer service, verifying customer information, processing payments, activities relating to quality and safety control or product improvement, and other collection and processing that is not for the purpose of inferring characteristics about an individual. We do not use Sensitive Personal Information for additional purposes.

Individual Rights and Requests

You may, subject to applicable law, make the following requests:

1. You may request that we disclose to you the following information:

a. The categories of Personal Information we collected about you and the categories of sources from which we collected such Personal Information;

b. The business or commercial purpose for collecting Personal Information about you; and

c. The categories of Personal Information about you that we disclosed, and the categories of third parties to whom we disclosed such Personal Information (if applicable).

2. You may request that we correct inaccuracies in your Personal Information.

3. You may request that we delete Personal Information we collected from you.

4. You may request to receive the specific pieces of your Personal Information, including a copy in a portable format.

To make a request, please use our online form which you can find here, or feel free to contact us in accordance with the Contacting Us section above or by calling toll-free at 1-866-734-0477.

We will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request. For your protection, we may need to request information such as your name, email address, mailing address, and relationship with us in order to verify your identity and protect against fraudulent requests. If you make a deletion request, we may ask you to verify your request before we delete your Personal Information.

You have the right to be free from unlawful discrimination for exercising your rights under the CCPA.

Authorized Agents

If an agent would like to make a request on your behalf as permitted by applicable law, the agent may use the submission methods noted in the section entitled “Individual Rights and Requests.” As part of our verification process, we may request that the agent provide, as applicable, proof concerning their status as an authorized agent. In addition, we may require that you verify your identity as described in the section entitled “Individual Rights or Requests” or confirm that you provided the agent permission to submit the request.

De-Identified Information

Where we maintain or use de-identified information, we will continue to maintain and use that information only in a de-identified form and will not attempt to re-identify the information.

California “Shine the Light” Disclosures

As noted above in Disclosure of Personal Information, we may disclose Personal Information to affiliates of Morrison & Foerster LLP, which may use this information for all purposes outlined in this Privacy Policy. Because separate legal entities are considered “third parties” for purposes of California Civil Code Section 1798.83, and certain communications from our affiliates might be viewed as promoting their legal services. If you would like to learn more about this, please email us at Compliance@MoFo.com.

We will provide a list of the categories of Personal Information disclosed to third parties (i.e., our affiliates) for their direct marketing purposes during the immediately preceding calendar year, along with the names and addresses of these third parties. This request may be made no more than once per calendar year. We will respond to your request in accordance with applicable law.

[Back to Top/Main Menu]