Privacy Policy

Privacy Policy & Terms of Use

Introduction

Welcome to Khalifeh & Partners (referred to hereafter as "The Firm"). We value your privacy and are committed to protecting your personal data.

This Privacy Policy explains how we collect, store, and use your personal information while ensuring compliance with the Personal Data Protection Law No. 24 of 2023 (the “PDPL”) in Jordan.

Our goal is to provide you with clear and accessible information about:

  1. Collection of Your Personal Data
  2. Uses of Your Personal Data
  3. Sharing of Your Personal Data
  4. Protection of Your Personal Data
  5. Your Rights
  6. Queries and Complaints

We take your privacy seriously and ensure that your personal data is handled responsibly and securely. For detailed information on our privacy practices, please read the sections below. If you have any questions or concerns, please do not hesitate to contact us.

 

1- Collection of Your Personal Data

We collect personal information necessary for the provision of legal services and maintaining client relationships. This includes information such as your name, contact details, job title, employer information, and any other data relevant to the legal services we provide.

We obtain your personal information through various means, including:

  1. Direct Interactions: When you engage with us directly, such as during consultations, meetings, or correspondence.
  2. Website: When you visit our website, we may collect information through cookies or similar technologies to improve your browsing experience and analyze website traffic.
  3. Communication: When you communicate with us via email, phone, or other means, we may collect information provided during these interactions.
  4. Third Parties: We may receive personal data from third parties, such as other legal professionals, government agencies, or publicly available sources, when necessary for the provision of legal services.

Providing the necessary data ensures seamless access to our services and maximizes the benefits of the legal advice and representation we offer. Therefore, we encourage our clients to provide accurate and complete information, facilitating the smooth and effective provision of legal services.

2- Uses of Your Personal Data

The Firm utilizes your personal information for various purposes to provide legal services effectively and maintain client relationships. This section outlines how we use your personal data, the basis for its use, and how long we retain this information:

  1. Legal Services: Your personal data is used to facilitate the provision of legal advice, representation, and other related services. This includes analyzing your legal needs, preparing legal documents, and communicating with you about your matter.
  2. Client Management: We may use your personal information for client management purposes, such as maintaining records of our interactions with you, managing billing and payments, and updating our internal databases.
  3. Communication: Your contact information allows us to communicate with you effectively regarding your legal matters, updates in the law, and other relevant information.
  4. Compliance: We may use your personal data to comply with legal and regulatory obligations, such as anti-money laundering (AML) and know-your-customer (KYC) requirements.

Basis for Using Your Personal Information:

  1. Contractual Necessity: We may use your personal data to fulfill our contractual obligations with you, such as providing legal services as per our engagement agreement.
  2. Legal Obligations: In certain circumstances, we may process your personal information to comply with legal obligations imposed on us, such as record-keeping requirements or reporting obligations.
  3. Legitimate Interests: We may process your personal data based on our legitimate interests as a law firm, provided that such processing does not override your rights and interests.

Retention of Your Personal Information:

We retain your personal data for so long as you are a client and as long as required by The Firm thereafter subject to applicable laws (“Retention Period”). Once the Retention Period expires and there is no legitimate reason to retain your personal data, we will securely delete or anonymize it.

3- Sharing of Your Personal Data

We are committed to maintaining the confidentiality and security of your personal information. This section outlines who we share your personal data with and under what circumstances:

  1. Within The Firm: Your personal data may be shared internally within our firm among our legal and administrative staff to facilitate the provision of legal services. All staff members are bound by confidentiality agreements and data protection policies to ensure the security of your information.
  2. Service Providers: We may share your personal data with third-party service providers who assist us in our operations, such as IT service providers, document management companies, and other professional advisors. These service providers are contractually obligated to protect your personal information and use it only for the purposes for which it was shared.
  3. Legal Authorities: In certain circumstances, we may be required to disclose your personal data to regulatory authorities, law enforcement agencies, or other governmental bodies to comply with legal obligations, court orders, or regulatory requirements.
  4. Other Legal Professionals: We may share your personal data with other legal professionals, such as experts, or consultants, who are involved in your case. These professionals are also bound by confidentiality and data protection obligations.
  5. Third Parties in Business Transactions: In the event of a merger, acquisition, or other business transaction, we may share your personal data with third parties involved in the transaction. We will ensure that any such third parties are bound by appropriate confidentiality and data protection obligations.
  6. Consent: We may share your personal data with other third parties if we have obtained your explicit consent to do so. You have the right to withdraw your consent at any time, and we will cease sharing your data with the third parties specified.
4- Protection of Your Personal Data

Safeguarding your personal data is of utmost importance to us. We implement a variety of security measures to ensure that your personal information is protected from unauthorized access, use, disclosure, alteration, or destruction. This section details how we protect your personal information:

Technical Measures:

  1. Encryption: We use encryption protocols to protect sensitive data during transmission and storage. This ensures that your personal information is secure and inaccessible to unauthorized parties.
  2. Firewalls and Anti-Virus Software: We employ advanced firewall systems and anti-virus software to protect our network and systems from cyber threats and malicious attacks.
  3. Secure Access Controls: Access to our systems and databases is restricted to authorized personnel only. We use secure access controls, including strong passwords and multi-factor authentication, to prevent unauthorized access.

Organizational Measures:

  1. Confidentiality Agreements: All employees, contractors, and third-party service providers who handle your personal data are required to sign confidentiality agreements and adhere to our data protection policies.
  2. Data Protection Training: We provide regular training to our staff on data protection best practices, ensuring that they are aware of their responsibilities and the importance of safeguarding your personal information.
  3. Data Protection Officer (DPO): We have a Data Protection Officer who is responsible for overseeing our data protection strategy and ensuring compliance with applicable data protection laws.

Physical Measures:

  1. Secure Premises: Our offices are equipped with security systems, including surveillance cameras and access controls, to prevent unauthorized entry and protect physical documents containing personal data.
  2. Secure Storage: Physical documents containing personal information are stored in locked cabinets or secure storage areas with restricted access.

Data Minimization and Retention:

  1. Data Minimization: We only collect and process personal data that is necessary for the purposes outlined in this Privacy Policy. We regularly review our data collection practices to ensure compliance with the principle of data minimization.
  2. Data Retention: We retain your personal data for so long as you are a client and as long as required by The Firm thereafter subject to applicable laws. Once the Retention Period expires and there is no legitimate reason to retain your personal data, we will securely delete or anonymize it.

Incident Response:

  1. Data Breach Response Plan: We have established a data breach response plan to address any potential data breaches promptly. This plan includes procedures for identifying, containing, investigating, and mitigating data breaches, as well as notifying affected individuals and relevant authorities, if required.
5- Your Rights

We are committed to ensuring that you have control over your personal information. Under applicable data protection laws, you have several rights regarding your personal data. This section outlines your rights and how you can exercise them:

  1. Right to Access: You have the right to request access to the personal data we hold about you. This includes information on how we use your data and with whom it has been shared. To exercise this right, please contact us using the contact details provided at the end of this Privacy Policy.
  2. Right to Rectification: If you believe that any of the personal data we hold about you is inaccurate or incomplete, you have the right to request its correction or completion. Please contact us with details of the required changes, and we will promptly update your information.
  3. Right to Erasure: In certain circumstances, you have the right to request the deletion of your personal data. This is also known as the "right to be forgotten." This right may apply, for example, if your personal data is no longer necessary for the purposes for which it was collected or if you withdraw your consent. To request the erasure of your data, please contact us, and we will assess your request in accordance with applicable laws.
  4. Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal data under certain conditions. This means that we will continue to store your data but will not process it further. This right may apply if you contest the accuracy of your data or object to its processing. To request a restriction, please contact us with details of your request.
  5. Right to Data Portability: You have the right to receive a copy of your personal data in a structured, commonly used, and machine-readable format. You also have the right to request that we transfer this data to another controller, where technically feasible. This right applies to personal data that you have provided to us and that is processed based on your consent or a contract with you. To request data portability, please contact us.
  6. Right to Object: You have the right to object to the processing of your personal data in certain circumstances. This includes the right to object to processing for direct marketing purposes. If you object, we will cease processing your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms. To exercise this right, please contact us with details of your objection.
  7. Right to Withdraw Consent: If we are processing your personal data based on your consent, you have the right to withdraw your consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal. To withdraw your consent, please contact us.
  8. Right to Lodge a Complaint: If you have concerns about our handling of your personal data, you have the right to lodge a complaint with a supervisory authority. In Jordan, this would be the relevant data protection authority. We encourage you to contact us first so that we can address your concerns directly.
6- Queries and Complaints

We are dedicated to ensuring that your personal data is handled with the utmost care and transparency. If you have any questions, concerns, or complaints regarding our Privacy Policy or our data protection practices, we encourage you to contact us. Your feedback is important to us, and we are here to assist you.

Khalifeh & Partners
Email: d.abunuwar@khalifehlaw.com
Phone: +962 6 566 4750
Postal Address: Khalifeh & Partners Lawyers
Khalifeh Complex, Ibn Arabi St. 3, Amman- Jordan

If you believe that we have not addressed your concerns adequately or if you are not satisfied with our response, you have the right to lodge a complaint with the relevant supervisory authority in Jordan, which is the Personal Data Protection Council in accordance with Article 17 of the PDPL.

Steps to Lodge a Complaint:
Initial Contact: We encourage you to contact us first with any complaints or concerns so that we can address the issue directly and promptly.
Formal Complaint: If you wish to lodge a formal complaint, please provide detailed information about your concern, including any relevant documentation or evidence.
Response: We will investigate your complaint and respond to you within a reasonable timeframe, in accordance with applicable data protection laws.

Data Protection Officer:
For specific queries or concerns related to data protection, you may also contact our Data Protection Officer (DPO) directly:

DPO Email: aibrahim@indexit.net

We are committed to maintaining the highest standards of data protection and privacy, and we appreciate your cooperation in helping us achieve this goal.