PRIVACY POLICY

TJ TOOHEY LAW, a Professional Corporation (“TJT”, “we,” “our,” or “us”) respects the sensitive nature of any personal information that is provided to us by you or about you.  We have created this Privacy Policy to demonstrate our commitment to the privacy of that information, including information provided by those who visit our website https://tjtooheylaw.com (the “Site”) or provide information to us to obtain information about our services (“Services”), or contact us.  This Privacy Policy describes our information collection, storage and disclosure practices regarding how we collect and use Personal Information through the Site, when you visit us in purpose or when you submit information to us via e-mail or mail.  This policy supplements our Terms of Service that describe how the Site works in general, including security measures we use to protect our systems and the information described in this Policy.

Residents of the European Economic Area (“EEA”), which includes the member states of the European Union (“EU”), the United Kingdom and Switzerland, should consult the sections of this policy relating to the “Rights of EEA Residents” and “International Data Transfers” for provisions that may apply to them.

California residents and residents of other states with comparable privacy laws should consult the section titled “Your California and other State Privacy Rights” for rights that apply to them.

We reserve the right to change this Privacy Policy at any time.  In the event we make changes to this Privacy Policy, such policy will be re-posted in the “Privacy” section of our Site with the date such modifications were made indicated on the top of the page or we may contact you to inform you about the revisions with a link to the revised Privacy Policy.  All changes are effective on the date listed at the top of this page and will apply to all information that we have about you.  Your continued use of the Site or Services after any change is posted indicates your acceptance of the changes and your continued consent to our processing of your Personal Information.  If at any point you do not agree to any portion of this Privacy Policy then in effect you should immediately stop using the Site and Services.  Because this Privacy Policy contains legal obligations, we encourage you to review this Privacy Policy carefully.  If you have any questions concerning this Privacy Policy or our information collection, storage and disclosure practices, please contact us at tim@tjtooheylaw.com or mail us at 718 West Babcock Apt. 410, Bozeman, Montana 59715.

We collect Personal Information about you when you visit the Site or provide us directly such information, including when you visit our offices and facilities or submit forms or materials to us by mail or e-mail.  We collect such information for commercial or operational purposes to provide the Services.  “Personal Information” is information that may be used to directly or indirectly identify you, including your name, email address, physical address, phone number or other information about you.  The majority of such Personal Information is collected by us to provide you with information about the Services through our Site, to provide our Services, to respond to requests that we contact you or for you to apply for employment through a third party.  If you provide us with Personal Information directly, some of this Personal Information will be required if you wish to partake in the Services.  

 In general, the type of Personal Information we collect includes, but is not limited to:

We and our e-commerce providers use that data to: (i) enable you to be contacted by us about the Services; (ii) to provide or Services; (iii) for us to conduct analytics and for other internal purposes; (iv) guard against potential fraud; or (v) communicate with you or to provide answers to inquiries or questions.

The collection of Personal Information necessary to provide you with the Services may be governed by privacy policies of third parties.  We do not control the privacy policies of such third parties. 

As you use the Site, we generate technical data about which features you have used, how you have used them and the devices you use to access our Services.  We may send one or more “cookies” to your computer.  Cookies are small text files placed on your web browser when you visit our Site that store information on your computer, such as your Site preferences.  We use cookies when you sign in to keep track of your personal session.  We also use cookies to track your activity on the Site as a unique person.  For security purposes, all of this information is stored in encrypted form.  This data may be used for analytical purposes, including advertising campaigns.

You can set your web browser to inform you when cookies are set, or to prevent cookies from being set altogether.  Please note, however, that if you decline to use cookies, you may experience reduced functionality and slower site response times.  

We or our service providers, which may include Google Analytics, may also collect web surfing data related to your use of the Site.   Such information may include: your Internet Protocol (IP) address, browser type, and internet service provider (ISP); your operating system; which of our web pages you access and how frequently you access them; referral or exit pages; and the dates and times that you visit the Site.  This data may be collected using cookies, web beacons, page tags or similar tools.  As with cookies, the web surfing information is anonymous transactional data that is not associated with any users as individuals.

Web surfing data and similar information may be aggregated for administrative purposes.  We may, for example, use this aggregated information in the administration of the Site to improve its usability and to evaluate the success of particular marketing and advertising campaigns, search engine optimization strategies, and other marketing activities.  We also use it to help optimize the Site based on the needs of our users.

We do not collect “Sensitive Personal Information” as defined by the California Consumer Privacy Act (“CCPA”) or other privacy laws other than is necessary for our business purposes. 

We do not sell, share, trade or license Personal Information for marketing purposes.  We do, however, work with a number of trusted partners who perform vital functions as part of our operations.  See above section on “Use of Third Party Providers.”  We do not share your Personal Information unless it is necessary to fulfill our responsibilities, including providing the Services to you. 

We may engage third parties to help us carry out certain other internal functions such as account processing, client services, or other data collection relevant to our business.  Personal Information is shared with these third parties only to the extent necessary for us to process the transactions you initiate or perform other specific services.  Our partners are legally required to keep your Personal Information private and secure.

We may share your Personal Information with law enforcement or other government agencies as required by law, to comply with law or applicable regulations, or for the purposes of limiting fraud. We reserve the right to disclose your Personal Information when we believe that disclosure is necessary to protect our rights or to comply with a judicial proceeding, court order or legal process. We further reserve the right to disclose any of your Personal Information that we believe, in good faith, appropriate or necessary to take precautions against liability, to investigate and defend against any third-party claims or allegations, to assist government enforcement agencies, to protect the security or integrity of the Site or our services, or to protect the rights, property or personal safety of us, our users, or others.

We may share your Personal Information in connection with a corporate reorganization or transaction, such as a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.

This section of this Privacy Policy is applicable to residents of the European Economic Area (“EEA”).  The EEA consists of the member states of the European Union, i.e., Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden and Iceland, Liechtenstein, and Norway.  This section also applies to residents of Switzerland and residents of the United Kingdom.  Residents of the EEA, the United Kingdom and Switzerland are referred to here as “EEA, United Kingdom and Swiss Residents.”

Although websites are accessible anywhere in the world, we are physically located and operate our facilities in California and Montana and provide our Services in the United States.  Our Site is therefore primarily directed to residents of the United States.  Notwithstanding the foregoing, it is possible that EEA, United Kingdom and Swiss Residents may provide Personal Information to us.

All  processing of Personal Information of EEA Residents is performed by usin accordance with the General Data Protection Regulation (2016/679) of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of Personal Information and on the free movement of such data (“GDPR”).  Residents of the United Kingdom and Switzerland are governed by privacy laws similar to the GDPR.

Under the GDPR and similar United Kingdom and Swiss privacy laws, we are a controller or processor of the Personal Information of EEA, United Kingdom and Swiss residents.  Our purpose for processing Personal Information from such residents is to respond to inquiries or for us to provide the Services to individuals who may be such residents. The legal basis for collecting Personal Information is your consent and to fulfill our contractual obligations to you.  You may withdraw consent by contacting us. 

If you are a resident of the EEA, United Kingdom or Switzerland and believe that we have Personal Information about you, and you wish to access, correct, object to processing, request restriction of processing, withdraw consent, or request the transfer to a third party of the Personal Information that we have about you or have any questions relating to the processing of your Personal Information, please contact us with the subject line “GDPR Data.”  

If you are resident outside the United States, including in the EEA, your data will be processed in the United States if its provided to us.  By providing information about you to enable Site services, you consent to the processing of such data in the United States.  The transfer of this information to the United States is necessary for the performance of the Site.

Please note that the United States does not have data protection laws equivalent to those in the EEA and other jurisdictions.

If you provided your Personal Information directly to us, we may send you email notifications and other communications from time to time,  Some notifications are communications relating to us and our Services.  You may “opt-out” from receiving such communications by following the “Unsubscribe” instructions provided in the email. 

We also send out notices that are required for legal or security purposes.  For example, certain notifications are sent for your own protection.  In other cases, these notifications involve changes to various legal agreements, such as this Privacy Policy.  Generally, you may not opt out of such emails.

If you contacted us directly we may send you communications regarding our Services in response to your inquiries.  Generally, you may not opt out of such emails. 

If you have provided us directly with your Personal Information and want us to delete your Personal Information, please contact us with your request.  We will take steps to delete your information as soon as we can, but some information may remain in archived/backup copies for our records or as otherwise required by law.

We retain the Personal Information we receive as described in this Privacy Policy for as long as you use the Services or as necessary to fulfill the purpose(s) for which it was collected, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.  How long we need information for those purposes varies by category or within categories.  These retention determinations consider the amount, nature and sensitivity of the Personal Information and the degree to which the Personal Information is needed to provide our Services.

If you follow any links that direct you away from the Site, including links to social media sites such as LinkedIn, among others, this Privacy Policy will not apply to your activity on the other sites you visit. We do not control the privacy policies or the privacy practices of any third party. 

We take commercially reasonable steps to protect Personal Information against unauthorized disclosure or loss.  However, no data transmission over the Internet can be guaranteed to be 100% secure.  Therefore, while we strive to protect Personal Information we cannot ensure or warrant the security of any information transmitted to us and used for the Services.  You engage in such transmissions at your own risk.

If you believe your Personal Information is being improperly used by us or any third party, please immediately notify us via email.

The Services are restricted to the use of adults over the age of majority in their place of residence.  We do not intentionally process information of individuals under the age of 18.  Consequently, we do not knowingly collect personal identifying information about or from any person we know is a child under the age of 18.  If we learn that we have collected Personal Information from a child under age 18 we will delete that information as quickly as possible.  If you are a parent or guardian of a child under 18 years of age and you believe your child has provided us with Personal Information, please contact us.

The following section pertains to the rights of individuals or households in California (“California consumers”).  If you reside in a United States jurisdiction that has enacted a data privacy law, we extend the same rights CCPA grants to California consumers, except where we specify otherwise.

Under certain circumstances, California Civil Code Section 1798.83 states that, upon receipt of a request by a California consumer, a business may be required to provide detailed information regarding how that business has shared that customer’s Personal Information with third parties for direct marketing purposes. However, the foregoing does not apply to businesses like ours that do not disclose Personal Information to third parties for direct marketing purposes without prior approval or give customers a free mechanism to opt out of having their Personal Information disclosed to third parties for their direct marketing purposes.

The CCPA (California Civil Code Section 1798.100 et seq.) provides California consumers with additional rights regarding Personal Information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly with a particular consumer or household. The categories of Personal Information we collect are generally described above but differ for individual consumers depending on the Services used by such consumers. 

Under the CCPA, qualifying California consumers may have the following rights:

Right to Know, Access, Correct and Delete.

A California consumer has the right to request that we disclose, correct, and delete Personal Information we collect, and use.

When we receive a request to know or delete from a California consumer, we will confirm receipt of the request within 10 business days and provide information about how we will process the request, including our verification process. We will respond to such requests within 45 days.

Under certain circumstances, we will not provide such information, including where the disclosure creates a substantial, articulable and unreasonable risk to the security of that Personal Information, customers’ accounts with us, or the security of our systems or networks. We also will not disclose California consumers’ social security numbers, driver’s license numbers or other government-issued identification numbers, financial account numbers, any health insurance or medical identification numbers, or account passwords and security questions and answers.

Because we do not collect Sensitive Personal Information or sell or share any Personal Information, the Site is not presently configured to honor any global opt-out preference signal sent from California IP addresses to the Site through browser or device-level settings, provided the signal complies with CCPA’s requirements.

If you are a California consumer and would like to make any requests under the CCPA, please direct them as follows:

Timothy J. Toohey, a PC

718 West Babcock, Suite 410

Bozeman, Montana 59715

If we receive any request we will use a two-step process for online requests where the California consumer must first, clearly submit the request and then second, separately confirm the request.

In submitting a request, a California consumer must provide sufficient information to identify the consumer, such as name, email address, home or work address, or other such information that is on record with us so that we can match such information to the Personal Information that we maintain. Do not provide social security numbers, driver’s license numbers, account numbers, credit or debit card numbers, medical information or health information with requests. If requests are unclear or submitted through means other than as outlined above, we will provide the California consumer with specific directions on how to submit the request or remedy any deficiencies. If we cannot verify the identity of the requestor, we may deny the request.

Although some browsers currently offer a “do not track (‘DNT’) option,” no common industry standard for DNT exists. We therefore do not currently commit to responding to browsers’ DNT signals.

Your Rights and Obligations 

We ask that you keep the Personal Information that you directly provide to us current and that you correct any information you have provided to us by contacting us.  You represent and warrant that all Personal Information you provide to us is true and correct and relates to you and not to any other person.