4.1 To minimise the risk of unauthorised access to Your Personal Data, We use some of Your Personal Data to authenticate Your identity when You use the CloudLegal Site to access the CloudLegal Services.
4.2 We have a legitimate interest in sharing Your Personal Data with Our CloudLegal Service Providers who We engage to provide some of Our business and daily operational functions on Our behalf to ensure the CloudLegal Services. Consequently, We need to disclose Your Personal Data to them for the sole purpose of fulfilling the CloudLegal Services only (including making improvements to the CloudLegal Services) and not for the purposes of those CloudLegal Service Providers sending Marketing Communications to You. We limit the Personal Data that We share to the minimum required to provide the service and the CloudLegal Service Provider will only be able to use Personal Data for the specific purposes for which it was shared. We do not need Your express consent for this as We rely on legitimate interests under Article 6(1)(f) GDPR in addition to the fact that the “processing is necessary for the performance of a contract” under Article 6(1)(b) GDPR.
4.3 Disclosure of Your Personal Data in Compliance with Laws or by way of a Legal/Statutory Obligation
You should be aware that We may release Your Personal Data when We believe it is necessary to comply with laws or regulations, to assist law enforcement, to enforce the terms under which You transact or communicate with CloudLegal, or to protect the rights, property or safety of CloudLegal, a CloudLegal Member or other third parties. We may need to process Personal Data about You to comply with a legal or statutory obligation including but not limited to:
(a) accounting, auditing, compliance and administration practices; and,
(b) the maintenance of amendments to consents and to create suppression lists to ensure CloudLegal Members who object to processing are excluded from the relevant processing activity in the future.
4.4 Transfer of Your Personal Data
From time to time, We may transfer Your Personal Data to a related company, agent or contractor (also known as CloudLegal Service Providers) in order to improve Our CloudLegal Services or to assist our security, credit risk or fraud protection activities and as permitted by Data Protection Legislation from time to time.
Hosting: Your Personal Data will only be stored by Our third party hosting party (Krystal) within the United Kingdom. You are deemed to consent to this by using the CloudLegal Services. Should We need to transfer Your Personal Data outside of the UK or EEA in the future, it will be in compliance with the GDPR requirements for external transfer and all details will be added to Our Privacy Statement.
Direct Marketing: We use MailChimp, a US-hosted third party provider, to send out our Marketing Communications who are certified as adhering to the EU-US Privacy Shield. For more information, please see MailChimp’s privacy notice.
4.5 Transfer of Personal Data in the Event of the Sale of CloudLegal Limited or its Assets
In the event that CloudLegal is sold or transfers some of its assets to another party, Your Personal Data could be one of the transferred assets. If Your Personal Data is transferred, its use will remain subject to this Privacy Statement. Your Personal Data will be passed on to a successor in the event of a liquidation or administration.
4.6 Other Websites and their Privacy Policies and Cookie Policies
The CloudLegal Site may contain links to other websites or applications. CloudLegal is not responsible for the privacy practices or the content of such websites or applications or for the privacy policies, cookie policies and practices of other third parties, so You should be careful to read and understand those policies independently.