Last Revised 12/08/22
AINS, LLC DBA OPEXUS values the trust you have placed in us and is committed to maintaining the privacy of your personal data. Our policy details the types of personal data we collect from visitors and registered users through our public websites (opexustech.com, discoveropexus.com, discoveropexus.net, discoveropexus.org, opexusforgov.com, opexusgov.com, opexusgov.net, opexusgov.org, opexustech.co, opexustech.net, opexustech.org, ains.com, foiaxpress.com, scanxpress.com), as well as users of OPEXUS SaaS products and services. The OPEXUS practices defined in this policy conform to and are compliant with GDPR and CCPA principles.
OPEXUS gathers and processes personal data for the purpose of providing our marketing and SaaS services to our customers. To fulfill these purposes, OPEXUS may access the personal data to provide the services, to address and correct technical or service-related problems, or in response to contractual and legal requirements.
“Personal data” as used in this Notice means information that identifies, relates to, describes, or can reasonably be linked, directly or indirectly, to a specific natural person. It does not include data that is considered anonymous, de-identified, or aggregated by applicable law.
This Notice covers the following topics:
- The Types of Data We Collect
- How We Use the Data We Collect
- How We May Share the Information We Collect
- Third-Party Services and Content
- Protection and Storage of the Information We Collect
- Your Choices and Rights
- Additional Information for California Residents
- Additional Information for Nevada Residents
- Additional Information for European Economic Area Residents (GDPR)
- How to Contact Us
1. The Types of Data We Collect
The types of personal information we collect about you depend on your interactions with us and are described below.
A. Information You Provide to Us
We collect personal data that you provide to us. For example, we may collect personal information when you contact us, request that we send you newsletters, alerts, or other materials, register for a webinar or event, fill out a form, respond to a survey, apply for an open career position, or otherwise communicate with us.
Depending on the context of your interactions with us, the categories of personal information we may collect from you include:
- How you use our site (e.g. mouse movements and clicks, pages visited, content interaction, time spent)
- Browser details
- Device information (e.g. model, screen resolution, operating system)
- Visitor type (e.g. first time or returning)
- Anonymized IP address
- Location (city/country)
- Provided information such as:
- Unique Identifiers that we can use to identify you as a unique individual, such as your name, telephone number, postal or e-mail address, social media identifiers, signature, and government issued identification numbers (such as your social security number or passport number).
- Demographic Information, which may include sensitive personal information or information about protected classifications, such as your age, gender, race, sexual orientation, marital status, or veteran status.
- Professional and Educational Information related to your occupation, such as your current or previous employers, your job title, or other information about the organization with which you are affiliated. You might also provide information about your professional qualifications or your education, such as your degrees, fields of study, the institutions you’ve attended, languages, professional memberships, qualifications, and certifications.
- Health Information, such as accessibility requirements and dietary restrictions.
- Location Information, such as your city, state or province, and country.
- Audio and Visual Information, such as your voice and likeness as captured in photographs, video, or audio recordings if you attend our events, visit our offices, or leave us a voicemail.
- Preferences, such as your stated interests, how frequently you wish to receive our newsletters, or other communications.
- Any other information you choose to provide or that you provide to us by filling out online forms on our web
You generally can visit our websites without providing us with personal information, though we may still collect personal information automatically as described in the next section.
B. Information We May Collect Automatically or Generate
We may automatically collect and generate information from and about you when you interact with us or our websites, which may include the following categories of personal information:
- Unique Identifiers: We might automatically collect information that uniquely identifies you or the device through which you interact with our websites, such as your name, e-mail address, username, social media identifiers, IP address, and device and mobile advertising identifiers.
- Device Information: We might automatically collect information pertaining to the device through which you interact with our websites, such as the type of device used, that device’s operating system and version, your browser type.
- Interaction Information: We might automatically collect information about your interaction with our websites, such as the content you view and features you access on our web sites, the pages you view immediately before and after you access our websites, whether and how you interact with content available on our websites, and the search terms you enter on our websites. We might also collect information about the events and materials in which you have indicated interest or for which you have registered or requested.
C. Information We Collect from Other Sources
We may obtain personal information from other sources, such as our clients, employees, or business partners, or from business contact databases and enrichment services. We may also receive information about you from social media platforms, such as when you interact with us on those platforms or access our social media content. We may collect information about you from publicly available sources, such as public social media profiles, publications, and other websites or materials available through search engines.
We may collect the following categories of information from these other sources:
- Unique Identifiers, such as name, telephone number, postal or e-mail address, social media identifiers, and device and mobile advertising identifiers.
- Professional and Educational Information about your occupation and professional activities, such as professional licenses held, employers, business contact information, or information about your education, such as your degrees, fields of study, institutions attended, languages, professional memberships, qualifications, and certifications.
- User Content you post or make available online, such as your social media posts or publications.
2. How We Use the Information We Collect
We may use the information we collect for the various purposes, including:
- To respond to your inquiries or communications.
- To operate, troubleshoot, and improve our websites.
- To send you newsletters, legal updates, marketing communications, and other information or materials that may interest you.
- To expand and maintain our list of contacts.
- To understand how people use our services, including by generating and analyzing statistics.
- To advertise, provide, and assess the effectiveness of our events, promotional campaigns, publications, and services.
- As we believe reasonably necessary or appropriate to comply with our legal obligations, to respond to legal process or requests for information issued by government authorities or other third parties, or to protect your, our, or others’ rights.
We may use anonymous, de-identified, or aggregate information that does not reasonably identify you for any purpose, as permitted by applicable law.
3. How We May Share the Information We Collect
We do not sell your personal information, nor have we done so in the past. We also do not share personal information that reasonably identifies you with unaffiliated entities for their independent use except when we have your permission, are doing so at your direction, as needed to comply with our legal obligations, as permitted by applicable law, or as otherwise described in this Notice.
We may also disclose the categories of information we collect to the following categories of recipients in furtherance of the purposes described above:
- Our affiliates: We may share information with our affiliated business entities located in jurisdictions around the world for any of the purposes listed above.
- Our service providers: We may share information with third parties that perform services on our behalf, such as web-hosting companies, mailing vendors, analytics providers, event hosting services, and information technology providers pursuant to your consent, or under a written contract with such service providers for our business purposes.
- Law enforcement, government authorities, or third parties with legal rights: We may share information as may be permitted or required by the laws of any jurisdiction that may apply to us, as provided for under contract, or as we deem reasonably necessary to provide legal services. In these circumstances, we strive to take reasonable efforts to notify you before we disclose information that may reasonably identify you or your organization, unless prior notice is prohibited by applicable law or is not possible or reasonable in the circumstances.
- Parties in connection with a business transaction: We may share information with service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a transaction in which we are acquired by or merged with another company or we sell, liquidate, or transfer all or a portion of our assets, as well as any bankruptcy or corporate reorganization.
- Others with your consent or at your direction. For example, we may share your name and other relevant unique identifiers with a business partner who co-sponsors an event you attend or publication you sign up for or with a social media service if you share or like our content.
We may share anonymous, de-identified, or aggregate information that cannot reasonably identify you with others for any purpose, as permitted by applicable law. Please note that any personal information that you post to a profile, blog, comment section, or forum or social media pages may be available to other users of those forums or, in some cases, made publicly available.
4. Third-Party Services and Content
OPEXUS may share the personal data of website visitors with companies in our corporate family (“our affiliates”) and our vendors that support the delivery and marketing of our services to our customers.
- These third parties may access, process, or store your personal data in the course of providing their services.
- OPEXUS maintains contracts with these third parties restricting their access, use and disclosure of your personal data in compliance with our GDPR and CCPA obligations.
- OPEXUS may be required to share your personal data with public authorities that have enforcement authority over OPEXUS’s compliance with GDPR and law enforcement bodies within the scope of a lawful request.
OPEXUS uses the Google Analytics and AdWords services to advertise to previous visitors of our site. This can include advertisements on the Google search results page or on a site in the Google Display Network.
Our websites may include integrated content or links to content provided by third parties (such as video materials). This Privacy Notice does not address the privacy, security, or other practices of the third parties that provide such content.
5. Protection and Storage of the Information We Collect
We deploy commercially reasonable administrative, technical, and physical safeguards designed to comply with applicable legal requirements and safeguard the information that we collect. This includes, when required or appropriate and feasible, obtaining written assurances from third parties that may access your personal information that they will protect such information with safeguards designed to provide a level of protection equivalent to those adopted by us.
However, no information system can be 100% secure. We cannot guarantee the absolute security of your information. Moreover, we are not responsible for the security of information you transmit to us over networks that we do not control, including the Internet and wireless networks.
The websites are controlled and operated by OPEXUS from the United States. We may store the information we collect in the United States or in other countries where we or our service providers have facilities. We may transfer information to countries outside of your country of residence, including the United States, which may have data protection laws and regulations that differ from those in your country.
We retain the information we collect no longer than as reasonably necessary to fulfill the purposes for which we collect the information and to comply with our legal obligations. If you are located in the European Economic Area, the United Kingdom, or Switzerland, please see the section below related to GDPR compliance for further information.
6. Your Choices and Rights
Marketing Communications. If you no longer wish to receive marketing communications from us, you can let us know by contacting us using the information available in the How to Contact Us section below. Our digital marketing communications may provide unsubscribe or opt-out mechanisms that allow you to modify your communications preferences. Please note that if you opt-out of marketing communications, we may still contact you with non-promotional communications, such as those about ongoing business relations or administrative messages.
Cookies are text files containing small amounts of information that are downloaded to your device when you visit a website. These cookies are sent back to the originating website on each subsequent visit, or to another website that recognizes that cookie. Cookies are useful because they allow OPEXUS to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse OPEXUS’s website, and it also allows us to improve our site.
The cookies used on this website have been categorized based on the ICC UK Cookie Guide. A list of all the cookie types used on this website by category is below:
- Strictly Necessary Cookies: These cookies are essential to enable you to move around the website and use its features, such as accessing secure areas of the website. Without these cookies, services you have asked for cannot be provided.
- Performance Cookies: These cookies collect information about how visitors use a website (for instance, which pages visitors go to most often, and if they get error messages from web pages). These cookies do not collect information that identifies a visitor – all information these cookies collect is aggregated and therefore anonymous. They are only used to improve how a website works.
- Functionality Cookies: These cookies allow the website to remember choices you make (such as your username, language, or the region you are in) and provide enhanced, personalized features. For instance, these cookies can be used to remember changes you have made to text size, fonts, and other parts of web pages that you can customize. They are also used to provide services you have asked for, such as watching a video or commenting on a blog.
- Targeting / Advertising Cookies: These cookies are used to deliver advertisements that are relevant to you and your interests. They are also used to limit the number of times you see an advertisement and measure the effectiveness of the advertising campaign. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website and this information is shared with other organizations such as advertisers. Quite often, targeting or advertising cookies will be linked to site functionality provided by the other organization.
Removal of Cookies
You may refuse to accept cookies by activating the setting on your internet browser that turns off cookie functionality. Please visit your web browser manufacturer’s support page for information on how to disable cookies. Your web browser may also support “private mode” browsing, which will delete cookies at the end of your browsing session.
Privacy Rights. Depending on applicable law, you may have certain rights with respect to your personal information, including, for example, the rights to:
- Request access to certain personal information of yours that we process.
- Update or correct your personal information if you believe it is incomplete or inaccurate.
- Erase or delete your personal information, subject to certain exceptions under local law.
- Object to our processing of your personal information or otherwise restrict our processing activities.
- Restrict certain transfers of your personal information to third parties.
- Withdraw your consent to processing, where we base our processing of your personal information on consent.
- Not be denied goods or services for exercising your rights under applicable law.
- Complain to your local supervisory authority.
For information relating to the GDPR and the UK GDPR, please see the section below related to GDPR compliance. To exercise any of your privacy rights under applicable law, please email us at email@example.com
7. Additional Information to California Residents
A. Disclosures Related to Collection, Use, and Disclosure of Personal Information
Pursuant to the CCPA, we are providing the following additional details regarding the collection, use, and disclosure of personal information about California residents:
- Categories of Personal Information Collected: In the preceding 12 months, we have collected the following categories of personal information: identifiers, characteristics of protected classifications under California or U.S. law, professional and employment-related information, education information, commercial information, internet and electronic network activity, inferences drawn about your preferences, and other categories of personal information that relates to or is reasonably capable of being associated with you. For examples of the data points we collect, please see the section of this Notice, The Types of Information We Collect.
- Business or Commercial Purpose for Collecting and Using Data: We have collected the above categories of personal information for the business purposes described in the The Types of Information We Collect section of this Notice.
- Categories of Sources of Personal Information: We may have collected the above categories of personal information directly from you, automatically about your use of the websites, and from third parties, such as clients of our legal services, government and public entities, public records, industry research databases, parties and related parties in litigation matters, and others. For more detail, please see theTypes of Information We Collect section of this Notice.
- Categories of Personal Information Disclosed: In the preceding 12 months, we have disclosed the following categories of personal information for business or commercial purposes: identifiers, characteristics of protected classifications under California or U.S. law, professional and employment-related information, education information, commercial information, internet and electronic network activity, inferences drawn about your preferences, and other categories of personal information that relates to or is reasonably capable of being associated with you.
- Categories of Third Parties With Whom We Share Personal Information: We may share your personal information with the third parties as described in the How We May Share the Information We Collect section of this Notice.
- Sale of Personal Information (as defined by the CCPA): We do not sell, and in the preceding 60 months have not sold, the personal information we have collected.
B. Your Rights
To the extent provided for by law and subject to applicable exceptions, including but not limited to attorney-client privilege, California residents have the following privacy rights in relation to the personal information we collect:
- The right to know what personal information we have collected and how we have used and disclosed that personal information;
- The right to request deletion of your personal information;
- The right to opt out of the sale of your personal information; and
- The right to be free from discrimination relating to the exercise of any of your privacy rights.
C. Exercising Your Rights
California residents can exercise the above privacy rights by emailing us at firstname.lastname@example.org or calling us at 301-670-2300.
Verification: in order to protect your personal information from unauthorized access or deletion, we may ask you to provide additional personal information for verification. If we cannot verify your identity, we will not provide or delete your personal information.
Authorized Agents: you may submit a request to know or a request to delete your personal information through an authorized agent. If you do so, the agent must present signed written permission to act on your behalf and you may also be required to independently verify your identity with us and confirm that you have provided authorization to the agent.
D. California “Shine the Light” Disclosures
Pursuant to California Civil Code Section 1798.83(c)(2), California law requires us to inform California residents who have provided us with personal information that they may request information from us about our disclosures to third parties for their direct marketing purposes. To request this information, please contact us at email@example.com. In your request, please specify that this is a “California “Shine the Light” Request.” Please allow 60 days for a response.
8. Additional Information for Nevada Residents
We do not sell, rent, or otherwise share your data to any third-party for a business or commercial purpose under any circumstances unless you specifically consent to such disclosure. Pursuant to Section 603A of the Nevada Revised Statutes, residents of Nevada may, at any time, submit a request to an operator of a website in Nevada directing the operator not to make any sale of any personal information the operator has collected or will collect about the consumer. If you are a Nevada resident and want to opt-out of the sale of any personal information, please submit an email request to firstname.lastname@example.org. In your request, please specify that you want to “Opt-Out of Sale of Personal Information in Nevada.” Please allow 60 days for a response.
9. Additional Information for European Economic Area Residents (GDPR)
This section is for people who are located in the European Economic Area (“EEA”), Switzerland or the United Kingdom (“UK”) and supplements our general Privacy Notice. Our processing of personal data of people who are in the EEA is governed by the European Union’s General Data Protection Regulation (the “GDPR”). Our processing of personal data of people who are in the UK is subject to the Data Protection Act 2018, which incorporates the GDPR as the UK GDPR. This Notice refers to the GDPR and the UK GDPR collectively as the “GDPR”. As of the most recent revision date of this Notice, we anticipate that Switzerland’s updated data protection law will go into effect during the second half of 2022. For the sake of administrative efficiency, this Notice applies to people in Switzerland as well as people in the EEA or UK. However, this does not limit any additional right that people in Switzerland may have.
The GDPR requires us to provide certain information to you about your personal data, which we refer to in this Notice as your personal information.
A. Data Controller
The data controller for this website is AINS, LLC DBA OPEXUS (“OPEXUS” for short). For our contact information, see the section in this Notice headed “How to Contact Us”.
B. Purposes of the processing
The foregoing sections of this Notice describe the personal information that we collect, use, share, or otherwise process personal information – and the purposes for that processing — in the course of operating our business.
C. Lawful basis for the processing
Generally, we process personal information provided by visitors through our website or other interactions with us on the basis our legitimate interests in conducting our business as a law firm. Where we ask for your consent, we process personal information on the basis of that consent.
We may also process personal information on other bases permitted by the GDPR and applicable laws, such as when the processing is necessary for us to comply with our legal obligations.
D. Categories of personal information
The categories of personal information that we process are described in the foregoing sections of this Notice.
E. Recipients of your personal information
We use various service providers to manage our website and provide services such as event registration or managing e-mail communications. Our service providers change from time to time. Note that our service providers have entered into contracts with us that restrict what they can do with your personal information. If you would like specific information about our service providers who have received your information, please contact us at email@example.com and we will provide that information to you. We may also disclose your personal information to other categories of third parties as described in Part 3 of this Notice.
F. Information regarding the transfers of personal data outside of the European Economic Area (EEA)
OPEXUS’s main administrative offices are based in the USA and that’s where we process personal information collected through our website. When you provide personal information to us, we request your consent to transfer that personal information to the USA. The USA does not have an adequacy decision from the European Commission, which means that the Commission has not determined that the laws of the USA provide adequate protection for personal information. Although the laws of the USA do not provide legal protection that is equivalent to EU data protection laws, we safeguard your personal information by treating it in accordance with this GDPR Privacy Notice. We take appropriate steps to protect your privacy and implement reasonable security measures to protect your personal information in storage. We use secure transmission methods to collect personal data through our website. We also enter into contracts with our data processors that require them to treat personal information in a manner that is consistent with this Notice.
G. Retention period for personal information
How long we retain personal information varies according to the type of information in question and the purpose for which it is used. We delete personal information within a reasonable period after we no longer need to use it for the purpose for which it was collected (or for any subsequent purpose that is compatible with the original purpose). This does not affect your right to request that we delete your personal data before the end of its retention period. We may archive personal data (which means storing it in inactive files) for a certain period prior to its final deletion, as part of our ordinary business continuity procedures.
H. Your data subject access rights
You have the right to request access to your personal data, to have your personal data corrected, restricted, or deleted, to withdraw any consent that you have given to the processing of your personal data (without affecting the lawfulness of the processing prior to your withdrawal of consent) and to object to our processing of your personal data. You also have the right of data portability in certain circumstances, which means that you can request that we provide you (or a third party you designate) with a transferable copy of personal information that you have provided to us. Your rights may be subject to various limitations under the GDPR. If you wish to exercise any of these rights, or if you have any concerns about our processing of your personal data, please contact us in any of the ways listed in the section “How to Contact Us” in this Notice.
I. The right to lodge a complaint with a supervisory authority
You have the right to file a complaint concerning our processing of your personal data with your national (or in some countries, regional) data protection authority. The EU Commission has a list here: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm. The data protection authority for the United Kingdom is the Information Commissioner’s Office (www.ico.org.uk). The federal data protection authority for Switzerland is the Federal Data Protection and Information Commissioner: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/task.html.
J. Absence of statutory or contractual requirement or other obligation to provide any
Users of our website are under no statutory or contractual requirement or other obligation to provide personal information to us, but it will not be possible to receive communications from us or register for our events without doing so.
10. How to Contact Us
We welcome your inquiries and comments. Please note that we may not be able to treat the information you send us as confidential or privileged. If you would like to contact us with questions about our privacy or data protection practices, please contact ua via email at firstname.lastname@example.org.
11. Changes to this Privacy Notice
We may update this Notice periodically and will revise the date at the top of this Notice to reflect the date when such update occurred. If we make any material changes in the way we collect, use, and/or share the personal information that you have provided, we will endeavor to provide you with notice before such changes take effect, such as by posting prominent notice on the websites.