Codex Triage

1. INTRODUCTION

Codex Triage (“we,” “us,” or “our”) is committed to protecting your privacy and ensuring the security of your personal information. This Privacy & Cookie Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (www.codextriage.com) or use our services.

As a legal consultancy with offices in India and UAE serving clients globally, we comply with applicable data protection laws in the jurisdictions where we operate, including but not limited to the Information Technology Act, 2000 (India), the Digital Personal Data Protection Act, 2023 (India), and relevant data protection regulations in the UAE and other jurisdictions.

By accessing our website or engaging our services, you consent to the practices described in this policy.

2. INFORMATION WE COLLECT

2.1 Personal Information

We may collect the following types of personal information:

1. Contact Information: Name, email address, phone number, postal address, and other contact details.
2. Professional Information: Job title, company name, industry, and professional background.
3. Identity Verification Information: When required by law or for legitimate business purposes, we may collect identification documents and information.
4. Client Matter Information: Information related to your legal matters, business operations, and other relevant details necessary to provide our services.
5. Payment Information: Billing address, bank account details, and other financial information necessary for processing payments.
6. Communication Records: Records of communications between you and Codex Triage, including emails, calls, messages, and meeting notes.

2.2 Website Usage Information

When you visit our website, we may automatically collect:

1. Device Information: IP address, browser type, operating system, device type, and other technical information.
2. Usage Data: Pages visited, time spent on pages, links clicked, and other interaction data.
3. Location Information: General location information derived from your IP address.

2.3 Cookies and Similar Technologies

Our website uses cookies and similar technologies to enhance user experience, analyze website performance, and personalize content. See Section 6 for more details on our cookie usage.

3. HOW WE COLLECT INFORMATION

We collect your personal information through:

a) Direct interactions when you:

• Contact us through our website or other channels
• Register for our services
• Subscribe to newsletters or publications
• Respond to surveys or feedback requests
• Participate in events or webinars

b) Automated technologies when you visit our website.

c) Third parties or publicly available sources, including:

• Business partners
• Public records
• Professional networking platforms
• Referrals from existing clients or professional contacts

4. HOW WE USE YOUR INFORMATION

4.1 Providing and Managing Services

We use your information to: a) Provide legal services and fulfill our contractual obligations; b) Communicate with you regarding your matters; c) Process payments and maintain billing records; d) Respond to your inquiries and requests; e) Manage our relationship with you; f) Facilitate Virtual Legal Officer (VLO) services; and g) Maintain records for legal, regulatory, and business purposes.

4.2 Operational and Administrative Purposes

We may use your information for: a) Administering and protecting our business and website; b) Implementing and maintaining security measures; c) Conducting conflict checks; d) Training and quality assurance; e) Business planning and development; and f) Financial management and accounting.

4.3 Marketing and Communications

With your consent where required, we may use your information to: a) Send you updates on legal developments relevant to your industry; b) Invite you to events, webinars, or seminars; c) Share newsletters and publications; d) Inform you about new services or features; and e) Conduct client satisfaction surveys.

4.4 Website Improvement

We use website usage information to: a) Improve website functionality and user experience; b) Analyze website performance and user behaviour; c) Troubleshoot technical issues; and d) Develop and test new features.

5. LEGAL BASIS FOR PROCESSING

We process your personal information based on one or more of the following legal grounds:

1. Performance of Contract: Processing necessary for performing our contract with you or taking steps at your request before entering into a contract.
2. Legitimate Interests: Processing necessary for our legitimate interests or those of a third party, provided these interests are not overridden by your interests or fundamental rights.
3. Legal Obligation: Processing necessary for compliance with legal obligations to which we are subject.
4. Consent: Where you have given consent for specific processing activities.
5. Vital Interests: In rare situations, processing is necessary to protect someone’s life or safety.

6. COOKIES AND SIMILAR TECHNOLOGIES

6.1 What Are Cookies

Cookies are small text files placed on your device when you visit a website. They help the website recognize your device and remember information about your visit.

6.2 Types of Cookies We Use

1. Essential Cookies: Required for the website to function properly. These cannot be disabled.
2. Analytical/Performance Cookies: Help us understand how visitors interact with our website, allowing us to improve functionality and user experience.
3. Functional Cookies: Enable enhanced functionality and personalization, such as remembering your preferences.
4. Targeting Cookies: Used to deliver relevant content and track the effectiveness of our marketing efforts.

6.3 Managing Cookies

Most web browsers allow you to control cookies through their settings. You can generally:

a) View cookies stored on your device b) Allow or block cookies c) Delete cookies d) Set preferences for certain websites

Please note that disabling certain cookies may affect the functionality of our website.

6.4 Third-Party Cookies

Some cookies on our website are set by third-party services we use, such as analytics or social media platforms. These third parties may collect information about your online activities across different websites. We do not control these cookies and suggest you check the privacy policies of these third parties.

7. DATA SHARING AND DISCLOSURE

7.1 Service Providers

We may share your information with trusted third-party service providers who assist us in delivering our services, including: a) IT and cloud service providers b) Professional advisors and consultants c) Payment processors d) Communication service providers e) Document management services f) Marketing and analytics services

All service providers are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.

7.2 Legal and Regulatory Requirements

We may disclose your information when required by law, regulation, or legal process, including: a) In response to court orders or legal proceedings b) To comply with regulatory requirements c) To protect our rights and property d) In connection with an investigation of suspected or actual illegal activity e) In other circumstances required by law

7.3 Business Transfers

If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or use of your information.

7.4 With Your Consent

We may share your information with other parties when we have your consent to do so.

8. INTERNATIONAL DATA TRANSFERS

As a global legal consultancy, we may transfer your personal information to countries outside your country of residence, including between India, UAE, and other jurisdictions where we operate or have clients.

When transferring personal information across borders, we implement appropriate safeguards in compliance with applicable laws, which may include: a) Standard contractual clauses approved by relevant authorities b) Data transfer agreements c) Binding corporate rules d) Obtaining your explicit consent e) Other legally approved mechanisms

You acknowledge that your personal information may be transferred to and processed in countries that may not provide the same level of data protection as your country of residence.

9. DATA SECURITY

We implement appropriate technical and organizational measures to protect your personal information, including: a) Encryption of sensitive information b) Secure access controls c) Regular security assessments d) Staff training on data protection e) Physical security measures for our premises and paper records f) Data minimization practices

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee the absolute security of your information.

10. DATA RETENTION

We retain your personal information for as long as necessary to fulfil the purposes for which we collected it, including: a) Providing our services b) Maintaining business records c) Complying with legal, regulatory, and professional obligations d) Resolving disputes e) Enforcing our agreements

Retention periods vary based on the type of information and applicable legal requirements. When determining appropriate retention periods, we consider: a) The amount, nature, and sensitivity of the personal information b) The potential risk of harm from unauthorized use or disclosure c) The purposes for which we process the information d) Whether we can achieve those purposes through other means e) Applicable legal, regulatory, and professional requirements

11. YOUR RIGHTS AND CHOICES

Depending on your location, you may have the following rights regarding your personal information:

1. Access: Request confirmation of whether we process your personal information and request a copy of the information we hold about you.
2. Correction: Request correction of inaccurate or incomplete personal information.
3. Erasure: Request deletion of your personal information in certain circumstances.
4. Restriction: Request restriction of processing of your personal information in certain circumstances.
5. Data Portability: Receive your personal information in a structured, commonly used, and machine-readable format.
6. Objection: Object to processing of your personal information based on legitimate interests or for direct marketing.
7. Withdraw Consent: Withdraw consent where processing is based on consent.
8. Complain: Lodge a complaint with a supervisory authority.

To exercise these rights, please contact us using the details in Section 15. We may need to verify your identity before responding to your request.

12. MARKETING COMMUNICATIONS

With your consent where required, we may send you marketing communications about our services, events, and legal updates. You can opt out of these communications at any time by: a) Clicking the “unsubscribe” link in our emails b) Contacting us directly using the details in Section 15

Even if you opt out of marketing communications, we may still send you service-related communications where necessary.

13. CHILDREN’S PRIVACY

Our website and services are not directed to children under 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately, and we will take steps to delete such information.

14. CHANGES TO THIS POLICY

We may update this Privacy & Cookie Policy from time to time to reflect changes in our practices or legal requirements. We will post the updated policy on our website with a revised “Last Updated” date. Significant changes will be notified to you directly where required by law.

We encourage you to review this policy periodically to stay informed about our privacy practices.

15. CONTACT US

If you have questions, concerns, or requests regarding this Privacy & Cookie Policy or our data practices, please email us at support@codextriage.com

For urgent matters related to your personal information, please contact our Data Protection Officer at ken@codextriage.com.