Privacy Policy For Legal Consultants
Last updated: January 23, 2026
This Privacy Policy (“Privacy Policy”) describes how Cicero Technologies, Inc. d/b/a Eudia Group and its affiliates including Eudia FDL U.S., Inc. and Johnson Hana International Limited (collectively, “Eudia,” “us,” “we,” or “our”) collects, uses, and discloses your personal information in connection with our website located at www.johnsonhana.com, www.eudia.com and any other websites we own and operate that link to this Privacy Policy (collectively, the “Site”), our social media pages, and our email, text, and other electronic communications, and the choices you have with respect to your personal information.
This Privacy Policy applies solely to individuals who: (a) provide legal consulting services for Eudia as part of Eudia’s delivery services; or (b) are candidates for such engagements; or (c) have applied for such roles (“Candidates”, “Consultants” or “you”) in the context of our management of Candidates and Consultants in relation to the recruitment and HR processes. This Privacy Policy does not apply to other interactions with Eudia. In particular, this Privacy Policy does not apply to any processing of personal information of Consultants where you use Eudia Technology as part of your role to deliver AI-augmented services on behalf of Eudia. Please see our general privacy policy here which applies to processing of Consultants’ personal information where using Eudia Technology as an end user.
We want you to understand how we collect, use, store, and share your personal information. We also want you understand what rights you may invoke to help you to protect your privacy. In this regard, it is important that you read and understand this Privacy Notice. Please note that we reserve the right to update this Privacy Notice as required. We will notify you of changes by posting the new Privacy Policy on this page and changing the “Last Updated” date at the top of this page. In some cases, such as where required by law, we may notify you about any updates by sending you an email, posting a notice on the Site about the update, or using other reasonable means. We encourage you to review this Privacy Policy periodically for any updates.
This Privacy Policy covers the following topics:
COLLECTION OF PERSONAL INFORMATION
SOURCES OF PERSONAL INFORMATION
USE OF PERSONAL INFORMATION
DISCLOSURE OF PERSONAL INFORMATION
TRANSFER OF PERSONAL INFORMATION
SECURITY
RETENTION OF PERSONAL INFORMATION
YOUR CHOICES
CHILDREN
LINKS TO OTHER WEBSITES AND SERVICES
NOTICE TO EU-BASED AND UK-BASED CONSULTANTS
NOTICE TO CALIFORNIA RESIDENTS
CONTACT US
CONTACT US
Questions, comments or requests can be submitted to our data protection representatives.
By email to: privacyeurope@eudia.com
By mail to: FAO Legal Department, Dargan House, 21-23 Fenian Street, Dublin 2, Ireland
COLLECTION OF PERSONAL INFORMATION
Categories of Personal Information Collected. We collect personal information about you in different contexts depending on how you use the Platform. The categories we collect and some examples of the personal information within those categories are described in the table below:
SOURCES OF PERSONAL INFORMATION
Personal Information You Provide. We collect personal information when you provide it to us, such as when you contact us, register on the Site, complete a contact form, engage in our recruitment and hiring process, join our talent community, or otherwise interact with us.
It is important that the personal information you provide us is up to date and accurate. If personal information we hold on you is inaccurate or incomplete, please contact us and we will update the information.
Personal Information Obtained from Third Parties. We may receive personal information from third parties, such as your nominated referees, our service providers, and data analytics partners, other publicly available sources and social media platforms such as LinkedIn.
References/Referrals. You may provide referee details to us or have the opportunity to refer colleagues or other contacts to us and share their contact information. Please do not provide us with another person’s contact information unless you have their permission to do so.
Automatically Collected Personal Information. When you visit or interact with the Site or engage with us, your personal information may also be collected automatically. We, our service providers, and our advertising partners may automatically log information about you, your computer, or your device, and your activity over time on our Sites.
On-premises Collection. Please note that where working from any of our premises or off-site locations CCTV and Visitor Sign-In may be used for security purposes.
USE OF PERSONAL INFORMATION
Eudia may use personal information for the purposes set forth below and as otherwise described in this Privacy Policy or at the time of collection.
Business Operations including use of AI. We may use your information for any of the purposes set out in section Purpose and Legal Basis for processing below. As part of this we also use our proprietary AI tools. Eudia is committed to using our augmented intelligence approach of deploying our own trusted AI systems to empower our talent teams to work more efficiently by streamlining administrative steps and surfacing relevant information while always preserving their tenured experience and human judgment in decision making. In practice, our AI tools help us review job applications, CVs, resumes and to generate summaries and Candidate profiles for review by relevant stakeholders. Our team reviews these outputs for accuracy and appropriateness and we do not rely on AI tools for the sole basis for hiring decisions.
For Research and Development. We may use your information to: (i) improve the Site and our business; and (ii) understand and analyze the interaction and engagement trends and preferences of our Candidates.
As part of these activities, we may create aggregated or de-identified data from personal information we collect. We make personal information into de-identified data by removing information that makes the data personally identifiable to you.
Compliance, Fraud Prevention and Safety. We may use your personal information and disclose it to law enforcement, government authorities, and private parties as we believe necessary or appropriate to: (a) protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); (b) audit our internal processes for compliance with legal and contractual requirements and internal policies; (c) prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft. We will use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
With Your Consent. In some cases, we may specifically ask you for your consent to collect, use, or share your personal information, such as when required by law.
DISCLOSURE OF PERSONAL INFORMATION
We may disclose your personal information to the entities and individuals listed below or as otherwise described in this Privacy Policy or at the point of collection.
Related Companies. We may share personal information with our affiliated entities, including parents, subsidiaries, or other related companies. This may include for the purpose of availing of Eudia AI technology as part of our talent search, recruitment and hiring processes as described above under Business Operations including use of AI.
Clients, Customers. We may share personal information with our clients who have roles in which you are interested.
Referees. We may share personal information with companies and/or individuals whose details you provide to us, so they can provide a reference.
Service Providers. We share personal information with third parties and individuals who perform functions on our behalf and help us run our business. For example, we work with service providers that help us perform website hosting, account security and authentication (including screening, background and criminal records checks),such as Checkr, Inc., cloud storage, web analytics, HR and recruitment processes, independent background checkers, payroll services, email services, benefit providers, marketing (including social media providers) and other purposes.
Law Enforcement, Authorities, and Others. Under certain circumstances, Eudia may be required to disclose your personal information to law enforcement, government authorities and departments, and other parties if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency). Eudia may also disclose your personal information in the good faith belief that such action is necessary to comply with a legal obligation or for the purposes described above in the section titled “Compliance, Fraud Prevention, and Safety.”
Professional Advisors. We may share your personal information with persons, companies, or professional firms providing Eudia with advice and consulting in accounting, administrative, legal, tax, financial, and other matters.
Business Transaction Participants. We may disclose your personal information to third parties in connection with any business transaction (or potential transaction) involving a merger, acquisition, sale of shares or assets, financing, acquisition, consolidation, reorganization, divestiture, or dissolution of all or a portion of our business (including in connection with a bankruptcy or similar proceedings).
We will not sell your data to any third party and will take all appropriate steps to ensure the security of your data in dealings with third parties.
TRANSFER OF PERSONAL INFORMATION
Eudia is headquartered in the United States, and we work with service providers in the United States and other countries. Your personal information may be collected, used, and stored in these countries or other locations outside of your home country. Privacy laws in the locations where we handle your personal information may not be as protective as the privacy laws in your home country. By providing your personal information, where applicable law permits, you hereby specifically and expressly consent to such transfer and processing and the collection, use, and disclosure set forth herein or in any applicable terms of service.
If you are located in Europe please view further information about cross-border transfers in the section below titled “NOTICE FOR EU-BASED AND UK-BASED CONSULTANTS”
SECURITY
The security of your personal information is important to us. We have implemented generally accepted standards of technology and operational security to protect personal information from alteration, unauthorised disclosure or destruction, and from use for unauthorised purposes however, please remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.
RETENTION OF PERSONAL INFORMATION
We will retain your personal information for as long as necessary to fulfil the purpose of collection, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish and defend legal claims, for fraud prevention purposes, or as long as required to meet our legal obligations. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
We have detailed retention periods for which Personal Data shall be retained for particular purposes. We reserve the right to delete Personal Data prior to the conclusion of the retention period or where such retention is not absolutely necessary.
YOUR CHOICES
In this section, we describe the rights and choices that may be available to you depending on how you interact with us.
Opt-Out of Promotional Email Communications. ou may opt out of marketing-related emails you receive from us by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us as described above. You may continue to receive service-related and other non-marketing emails.
Cookies. Most browsers let you remove or stop accepting cookies from the websites you visit. To do this, follow the instructions in your browser’s settings. Many browsers accept cookies by default until you change your settings. If you do not accept cookies, however, our Site may not work properly. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit www.allaboutcookies.org.
Analytics. The Site uses Google Analytics to help us analyze how the Site is being accessed and used. You can learn more about Google Analytics cookies by clicking here and about how Google protects your data by clicking here. To opt-out of Google Analytics, you can download and install the Google Analytics Opt-out Browser Add-on, available here.
Do Not Track. Some browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
Declining to Provide Information. We need to collect personal information to provide certain services. If you do not provide the information requested, we may not be able to provide those services.
CHILDREN
The Platform is not intended for use by anyone under the age of 18, and we do not knowingly collect personal information from children or minors.
LINKS TO OTHER WEBSITES AND SERVICES
The Site may contain links to other websites and online services that are not operated by us. These links are not an endorsement of, or representation that we are affiliated with, any third party. If you click on a third party link, you will be directed to that third party’s site or service. In addition, our content may be included on web pages or online services that are not associated with us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third party sites or services. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to review the privacy policies of other websites and other online services that you visit or use.
The Site may contain links to other websites and online services that are not operated by us. These links are not an endorsement of, or representation that we are affiliated with, any third party. If you click on a third party link, you will be directed to that third party’s site or service. In addition, our content may be included on web pages or online services that are not associated with us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third party sites or services. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to review the privacy policies of other websites and other online services that you visit or use.
NOTICE TO EU-BASED AND UK-BASED CONSULTANTS
The information provided in this section applies only to individuals in the European Economic Area and the United Kingdom (collectively, “Europe”). Except as otherwise specified, references to “personal information” in this Privacy Policy are equivalent to “Personal Data” as described below.
Key Definitions
Personal Data refers to information relating to an identified or identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as; a name, an identification number, location data, an online identifier, or one of more factors specific to the physical, psychological, genetic, mental, economic, cultural or social identity of that natural person.
Special Category Data refers to racial or ethnic origin, political opinions, religious or philosophical beliefs, or trades union membership, or that includes genetic data, biometric data to reveal the identity of a person, or data concerning health, sex life or sexual orientation. Personal Data relating to criminal convictions is also considered sensitive.
Controller refers to the natural or legal person or body which alone or jointly determines the purpose and means of the processing of Personal Data.
Processor refers to the natural or legal person or body which processes Personal Data on behalf of the Controller under their instructions.
Controller. The Controller of your Personal Data in relation to this Privacy Policy is Johnson Hana International Limited.
Legislation. This Privacy Notice is published in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 ("GDPR") and Assimilated Regulation (EU) 2016/679, (“UK GDPR”).
Purpose and Legal Bases for Processing. The legal bases of our processing of your Personal Data as described in this Privacy Policy will depend on the type of Personal Data and the specific context in which we process it. However, the legal bases we typically rely on are set out in the table below. We rely on our legitimate interests as our legal basis only where those interests are not overridden by the impact on you (unless we have your consent or our processing is otherwise required or permitted by law). *Legitimate interest below refers to the business of the operation of an AI platform purpose-built for in-house legal teams that delivers faster, higher impact execution across everyday legal work and through vertically integrated, AI augmented workflows, together with the provision of augmented delivery services. If you have questions about the legal basis of how we process your personal information, contact us as provided at section “CONTACT US” of this Privacy Policy.
The purposes for processing your Personal Data may overlap, and some purposes for processing may have multiple legal basis. They are as follows:
Use for New Purposes. We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.
Your Rights. European data protection laws may give you certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:
Access. Provide you with information about our processing of your personal information and give you access to your personal information.
Correct. Update or correct inaccuracies in your personal information.
Delete. Delete your personal information.
Port. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
Restrict. Restrict the processing of your personal information.
Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.
You may submit these requests by emailing privacyeurope@eudia.com. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction. In the European Economic Area, you can find your data protection regulator here. In the United Kingdom, you can find your data protection regulator here.
INTERNATIONAL TRANSFERS
Cross-Border Data Transfer. If we transfer your personal information to a country outside of the European Economic Area such that we are required to apply additional safeguards to your personal information under European data protection laws, we will do so including using Standard Contractual Clauses. Please contact us at privacyeurope@eudia.com for further information about any such transfers or the specific safeguards applied.
3) NOTICE TO CALIFORNIA RESIDENTS
This section applies only to California residents. It describes how we collect, use, and share personal information of California residents when we act as a “business” as defined under the California Consumer Privacy Act (“CCPA”), and their rights with respect to their personal information. For purposes of this section, “personal information” has the meaning given under the CCPA but does not include information exempted from the CCPA. In some cases, we may provide a different privacy notice to certain categories of California residents, in which case that notice will apply instead of this section.
Categories of Personal Information We Collect, and the Purposes of Collection and Use. We describe the categories of personal information we collect/have collected about you in the preceding 12 months, and the categories of sources from which we collect/have collected such personal information, in the section above called “COLLECTION OF PERSONAL INFORMATION.” The business and commercial purposes for which we collect and share these categories of personal information are described in the section above called “USE OF PERSONAL INFORMATION.”
To the extent that we may collect sensitive personal information (as defined under the CCPA), we only use or disclose it for purposes permitted under the CCPA. We do not collect or use sensitive personal information for the purpose of inferring characteristics about California residents.
Personal Information Disclosed for Business Purposes. We disclose (and in the preceding 12 months may have disclosed) each of the categories of personal information listed above with our service providers and the other parties listed above in the section titled “DISCLOSURE OF PERSONAL INFORMATION.”
Your California Privacy Rights. As a California resident, in addition to the choices described elsewhere in this Privacy Policy, you have the rights listed below. Please note, these rights are not absolute, and, in some cases, we may not be able to respond to your request, such as when a legal exemption applies or if we are not able to verify your identity.
Right to Know/Access. You can request the following information about how we have collected and used your personal information:
the categories of personal information we collected;
the categories of sources from which we collected personal information;
the business or commercial purpose for collecting, selling, or sharing (as applicable) that personal information;
the categories of third parties with whom we disclose personal information; and
a copy of the personal information that we collected about you.
Right to Delete. You can request that we delete the personal information we collected from you.
Right to Correct. You can request that we correct inaccurate personal information that we maintain about you.
Right to Opt-Out of Sales/Sharing. If we “sell” or “share” your personal information, you can opt-out.
Right to Nondiscrimination. You are entitled to exercise the rights described above without receiving discriminatory treatment.
How to Exercise Your Rights. You may exercise the rights described above as follows:
Know/Access, Delete, or Correct. You may exercise these California privacy rights by emailing us at privacyeurope@eudia.com
Right to opt-out “sales” or “sharing”/ “targeted advertising” or “profiling” relating to the use of cookies. You can request to opt-out out your personal information from “sales” or “sharing”/ “targeted advertising” relating to the automatic collection of data on the Site by cookies and similar technologies by clicking “reject all” at the bottom of the Site and changing your cookie preferences or broadcasting the Global Privacy Control (GPC) signal. Note that due to technological limitations, if you visit our Site from a different computer or device, or clear cookies on your browser that store your preferences, you will need to return to this screen to select your preferences or rebroadcast the GPC signal.
Opt-Out of other Sales/Sharing. You can request to opt-out of the “sale” or “sharing” of your personal information by emailing us at privacyeurope@eudia.com.
If you direct us not to sell/share your personal information, we will consider it a request pursuant to California’s “Shine the Light” law to stop sharing your personal information covered by that law with third parties for their direct marketing purposes.
We reserve the right to confirm your California residence to process your requests and will need to confirm your identity to process your requests to exercise your right to know/access, delete, and correct. This is a security measure to, for example, help ensure we do not disclose information to a person who is not entitled to receive it. The identity verification process may vary depending on how you submit your request.
Consistent with California law, you may designate an authorized agent to make a request on your behalf. If you do so, we may require proof of your identification, the authorized agent’s proof of identification, and any other information that we may request in order to verify the request, including evidence of valid permission for the authorized agent to act on your behalf. We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee or decline to comply with your request if your request is clearly unfounded, repetitive, or excessive.
We try to respond to all legitimate requests to know/access, delete, and correct within 45 days of your request. Occasionally it may take us longer than 45 days to respond, for instance if your request is particularly complex or you have made a number of requests. In this case, we will notify you of the delay, and may continue to update you regarding the progress of our response.
This Privacy Policy (“Privacy Policy”) describes how Cicero Technologies, Inc. d/b/a Eudia Group and its affiliates including Eudia FDL U.S., Inc. and Johnson Hana International Limited (collectively, “Eudia,” “us,” “we,” or “our”) collects, uses, and discloses your personal information in connection with our website located at www.johnsonhana.com, www.eudia.com and any other websites we own and operate that link to this Privacy Policy (collectively, the “Site”), our social media pages, and our email, text, and other electronic communications, and the choices you have with respect to your personal information.
This Privacy Policy applies solely to individuals who: (a) provide legal consulting services for Eudia as part of Eudia’s delivery services; or (b) are candidates for such engagements; or (c) have applied for such roles (“Candidates”, “Consultants” or “you”) in the context of our management of Candidates and Consultants in relation to the recruitment and HR processes. This Privacy Policy does not apply to other interactions with Eudia. In particular, this Privacy Policy does not apply to any processing of personal information of Consultants where you use Eudia Technology as part of your role to deliver AI-augmented services on behalf of Eudia. Please see our general privacy policy here which applies to processing of Consultants’ personal information where using Eudia Technology as an end user.
We want you to understand how we collect, use, store, and share your personal information. We also want you understand what rights you may invoke to help you to protect your privacy. In this regard, it is important that you read and understand this Privacy Notice. Please note that we reserve the right to update this Privacy Notice as required. We will notify you of changes by posting the new Privacy Policy on this page and changing the “Last Updated” date at the top of this page. In some cases, such as where required by law, we may notify you about any updates by sending you an email, posting a notice on the Site about the update, or using other reasonable means. We encourage you to review this Privacy Policy periodically for any updates.
This Privacy Policy covers the following topics:
COLLECTION OF PERSONAL INFORMATION
SOURCES OF PERSONAL INFORMATION
USE OF PERSONAL INFORMATION
DISCLOSURE OF PERSONAL INFORMATION
TRANSFER OF PERSONAL INFORMATION
SECURITY
RETENTION OF PERSONAL INFORMATION
YOUR CHOICES
CHILDREN
LINKS TO OTHER WEBSITES AND SERVICES
NOTICE TO EU-BASED AND UK-BASED CONSULTANTS
NOTICE TO CALIFORNIA RESIDENTS
CONTACT US
CONTACT US
Questions, comments or requests can be submitted to our data protection representatives.
By email to: privacyeurope@eudia.com
By mail to: FAO Legal Department, Dargan House, 21-23 Fenian Street, Dublin 2, Ireland
COLLECTION OF PERSONAL INFORMATION
Categories of Personal Information Collected. We collect personal information about you in different contexts depending on how you use the Platform. The categories we collect and some examples of the personal information within those categories are described in the table below:
SOURCES OF PERSONAL INFORMATION
Personal Information You Provide. We collect personal information when you provide it to us, such as when you contact us, register on the Site, complete a contact form, engage in our recruitment and hiring process, join our talent community, or otherwise interact with us.
It is important that the personal information you provide us is up to date and accurate. If personal information we hold on you is inaccurate or incomplete, please contact us and we will update the information.
Personal Information Obtained from Third Parties. We may receive personal information from third parties, such as your nominated referees, our service providers, and data analytics partners, other publicly available sources and social media platforms such as LinkedIn.
References/Referrals. You may provide referee details to us or have the opportunity to refer colleagues or other contacts to us and share their contact information. Please do not provide us with another person’s contact information unless you have their permission to do so.
Automatically Collected Personal Information. When you visit or interact with the Site or engage with us, your personal information may also be collected automatically. We, our service providers, and our advertising partners may automatically log information about you, your computer, or your device, and your activity over time on our Sites.
On-premises Collection. Please note that where working from any of our premises or off-site locations CCTV and Visitor Sign-In may be used for security purposes.
USE OF PERSONAL INFORMATION
Eudia may use personal information for the purposes set forth below and as otherwise described in this Privacy Policy or at the time of collection.
Business Operations including use of AI. We may use your information for any of the purposes set out in section Purpose and Legal Basis for processing below. As part of this we also use our proprietary AI tools. Eudia is committed to using our augmented intelligence approach of deploying our own trusted AI systems to empower our talent teams to work more efficiently by streamlining administrative steps and surfacing relevant information while always preserving their tenured experience and human judgment in decision making. In practice, our AI tools help us review job applications, CVs, resumes and to generate summaries and Candidate profiles for review by relevant stakeholders. Our team reviews these outputs for accuracy and appropriateness and we do not rely on AI tools for the sole basis for hiring decisions.
For Research and Development. We may use your information to: (i) improve the Site and our business; and (ii) understand and analyze the interaction and engagement trends and preferences of our Candidates.
As part of these activities, we may create aggregated or de-identified data from personal information we collect. We make personal information into de-identified data by removing information that makes the data personally identifiable to you.
Compliance, Fraud Prevention and Safety. We may use your personal information and disclose it to law enforcement, government authorities, and private parties as we believe necessary or appropriate to: (a) protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); (b) audit our internal processes for compliance with legal and contractual requirements and internal policies; (c) prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft. We will use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
With Your Consent. In some cases, we may specifically ask you for your consent to collect, use, or share your personal information, such as when required by law.
DISCLOSURE OF PERSONAL INFORMATION
We may disclose your personal information to the entities and individuals listed below or as otherwise described in this Privacy Policy or at the point of collection.
Related Companies. We may share personal information with our affiliated entities, including parents, subsidiaries, or other related companies. This may include for the purpose of availing of Eudia AI technology as part of our talent search, recruitment and hiring processes as described above under Business Operations including use of AI.
Clients, Customers. We may share personal information with our clients who have roles in which you are interested.
Referees. We may share personal information with companies and/or individuals whose details you provide to us, so they can provide a reference.
Service Providers. We share personal information with third parties and individuals who perform functions on our behalf and help us run our business. For example, we work with service providers that help us perform website hosting, account security and authentication (including screening, background and criminal records checks),such as Checkr, Inc., cloud storage, web analytics, HR and recruitment processes, independent background checkers, payroll services, email services, benefit providers, marketing (including social media providers) and other purposes.
Law Enforcement, Authorities, and Others. Under certain circumstances, Eudia may be required to disclose your personal information to law enforcement, government authorities and departments, and other parties if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency). Eudia may also disclose your personal information in the good faith belief that such action is necessary to comply with a legal obligation or for the purposes described above in the section titled “Compliance, Fraud Prevention, and Safety.”
Professional Advisors. We may share your personal information with persons, companies, or professional firms providing Eudia with advice and consulting in accounting, administrative, legal, tax, financial, and other matters.
Business Transaction Participants. We may disclose your personal information to third parties in connection with any business transaction (or potential transaction) involving a merger, acquisition, sale of shares or assets, financing, acquisition, consolidation, reorganization, divestiture, or dissolution of all or a portion of our business (including in connection with a bankruptcy or similar proceedings).
We will not sell your data to any third party and will take all appropriate steps to ensure the security of your data in dealings with third parties.
TRANSFER OF PERSONAL INFORMATION
Eudia is headquartered in the United States, and we work with service providers in the United States and other countries. Your personal information may be collected, used, and stored in these countries or other locations outside of your home country. Privacy laws in the locations where we handle your personal information may not be as protective as the privacy laws in your home country. By providing your personal information, where applicable law permits, you hereby specifically and expressly consent to such transfer and processing and the collection, use, and disclosure set forth herein or in any applicable terms of service.
If you are located in Europe please view further information about cross-border transfers in the section below titled “NOTICE FOR EU-BASED AND UK-BASED CONSULTANTS”
SECURITY
The security of your personal information is important to us. We have implemented generally accepted standards of technology and operational security to protect personal information from alteration, unauthorised disclosure or destruction, and from use for unauthorised purposes however, please remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.
RETENTION OF PERSONAL INFORMATION
We will retain your personal information for as long as necessary to fulfil the purpose of collection, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish and defend legal claims, for fraud prevention purposes, or as long as required to meet our legal obligations. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
We have detailed retention periods for which Personal Data shall be retained for particular purposes. We reserve the right to delete Personal Data prior to the conclusion of the retention period or where such retention is not absolutely necessary.
YOUR CHOICES
In this section, we describe the rights and choices that may be available to you depending on how you interact with us.
Opt-Out of Promotional Email Communications. ou may opt out of marketing-related emails you receive from us by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us as described above. You may continue to receive service-related and other non-marketing emails.
Cookies. Most browsers let you remove or stop accepting cookies from the websites you visit. To do this, follow the instructions in your browser’s settings. Many browsers accept cookies by default until you change your settings. If you do not accept cookies, however, our Site may not work properly. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit www.allaboutcookies.org.
Analytics. The Site uses Google Analytics to help us analyze how the Site is being accessed and used. You can learn more about Google Analytics cookies by clicking here and about how Google protects your data by clicking here. To opt-out of Google Analytics, you can download and install the Google Analytics Opt-out Browser Add-on, available here.
Do Not Track. Some browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
Declining to Provide Information. We need to collect personal information to provide certain services. If you do not provide the information requested, we may not be able to provide those services.
CHILDREN
The Platform is not intended for use by anyone under the age of 18, and we do not knowingly collect personal information from children or minors.
LINKS TO OTHER WEBSITES AND SERVICES
The Site may contain links to other websites and online services that are not operated by us. These links are not an endorsement of, or representation that we are affiliated with, any third party. If you click on a third party link, you will be directed to that third party’s site or service. In addition, our content may be included on web pages or online services that are not associated with us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third party sites or services. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to review the privacy policies of other websites and other online services that you visit or use.
The Site may contain links to other websites and online services that are not operated by us. These links are not an endorsement of, or representation that we are affiliated with, any third party. If you click on a third party link, you will be directed to that third party’s site or service. In addition, our content may be included on web pages or online services that are not associated with us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third party sites or services. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to review the privacy policies of other websites and other online services that you visit or use.
NOTICE TO EU-BASED AND UK-BASED CONSULTANTS
The information provided in this section applies only to individuals in the European Economic Area and the United Kingdom (collectively, “Europe”). Except as otherwise specified, references to “personal information” in this Privacy Policy are equivalent to “Personal Data” as described below.
Key Definitions
Personal Data refers to information relating to an identified or identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as; a name, an identification number, location data, an online identifier, or one of more factors specific to the physical, psychological, genetic, mental, economic, cultural or social identity of that natural person.
Special Category Data refers to racial or ethnic origin, political opinions, religious or philosophical beliefs, or trades union membership, or that includes genetic data, biometric data to reveal the identity of a person, or data concerning health, sex life or sexual orientation. Personal Data relating to criminal convictions is also considered sensitive.
Controller refers to the natural or legal person or body which alone or jointly determines the purpose and means of the processing of Personal Data.
Processor refers to the natural or legal person or body which processes Personal Data on behalf of the Controller under their instructions.
Controller. The Controller of your Personal Data in relation to this Privacy Policy is Johnson Hana International Limited.
Legislation. This Privacy Notice is published in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 ("GDPR") and Assimilated Regulation (EU) 2016/679, (“UK GDPR”).
Purpose and Legal Bases for Processing. The legal bases of our processing of your Personal Data as described in this Privacy Policy will depend on the type of Personal Data and the specific context in which we process it. However, the legal bases we typically rely on are set out in the table below. We rely on our legitimate interests as our legal basis only where those interests are not overridden by the impact on you (unless we have your consent or our processing is otherwise required or permitted by law). *Legitimate interest below refers to the business of the operation of an AI platform purpose-built for in-house legal teams that delivers faster, higher impact execution across everyday legal work and through vertically integrated, AI augmented workflows, together with the provision of augmented delivery services. If you have questions about the legal basis of how we process your personal information, contact us as provided at section “CONTACT US” of this Privacy Policy.
The purposes for processing your Personal Data may overlap, and some purposes for processing may have multiple legal basis. They are as follows:
Use for New Purposes. We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.
Your Rights. European data protection laws may give you certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:
Access. Provide you with information about our processing of your personal information and give you access to your personal information.
Correct. Update or correct inaccuracies in your personal information.
Delete. Delete your personal information.
Port. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
Restrict. Restrict the processing of your personal information.
Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.
You may submit these requests by emailing privacyeurope@eudia.com. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction. In the European Economic Area, you can find your data protection regulator here. In the United Kingdom, you can find your data protection regulator here.
INTERNATIONAL TRANSFERS
Cross-Border Data Transfer. If we transfer your personal information to a country outside of the European Economic Area such that we are required to apply additional safeguards to your personal information under European data protection laws, we will do so including using Standard Contractual Clauses. Please contact us at privacyeurope@eudia.com for further information about any such transfers or the specific safeguards applied.
3) NOTICE TO CALIFORNIA RESIDENTS
This section applies only to California residents. It describes how we collect, use, and share personal information of California residents when we act as a “business” as defined under the California Consumer Privacy Act (“CCPA”), and their rights with respect to their personal information. For purposes of this section, “personal information” has the meaning given under the CCPA but does not include information exempted from the CCPA. In some cases, we may provide a different privacy notice to certain categories of California residents, in which case that notice will apply instead of this section.
Categories of Personal Information We Collect, and the Purposes of Collection and Use. We describe the categories of personal information we collect/have collected about you in the preceding 12 months, and the categories of sources from which we collect/have collected such personal information, in the section above called “COLLECTION OF PERSONAL INFORMATION.” The business and commercial purposes for which we collect and share these categories of personal information are described in the section above called “USE OF PERSONAL INFORMATION.”
To the extent that we may collect sensitive personal information (as defined under the CCPA), we only use or disclose it for purposes permitted under the CCPA. We do not collect or use sensitive personal information for the purpose of inferring characteristics about California residents.
Personal Information Disclosed for Business Purposes. We disclose (and in the preceding 12 months may have disclosed) each of the categories of personal information listed above with our service providers and the other parties listed above in the section titled “DISCLOSURE OF PERSONAL INFORMATION.”
Your California Privacy Rights. As a California resident, in addition to the choices described elsewhere in this Privacy Policy, you have the rights listed below. Please note, these rights are not absolute, and, in some cases, we may not be able to respond to your request, such as when a legal exemption applies or if we are not able to verify your identity.
Right to Know/Access. You can request the following information about how we have collected and used your personal information:
the categories of personal information we collected;
the categories of sources from which we collected personal information;
the business or commercial purpose for collecting, selling, or sharing (as applicable) that personal information;
the categories of third parties with whom we disclose personal information; and
a copy of the personal information that we collected about you.
Right to Delete. You can request that we delete the personal information we collected from you.
Right to Correct. You can request that we correct inaccurate personal information that we maintain about you.
Right to Opt-Out of Sales/Sharing. If we “sell” or “share” your personal information, you can opt-out.
Right to Nondiscrimination. You are entitled to exercise the rights described above without receiving discriminatory treatment.
How to Exercise Your Rights. You may exercise the rights described above as follows:
Know/Access, Delete, or Correct. You may exercise these California privacy rights by emailing us at privacyeurope@eudia.com
Right to opt-out “sales” or “sharing”/ “targeted advertising” or “profiling” relating to the use of cookies. You can request to opt-out out your personal information from “sales” or “sharing”/ “targeted advertising” relating to the automatic collection of data on the Site by cookies and similar technologies by clicking “reject all” at the bottom of the Site and changing your cookie preferences or broadcasting the Global Privacy Control (GPC) signal. Note that due to technological limitations, if you visit our Site from a different computer or device, or clear cookies on your browser that store your preferences, you will need to return to this screen to select your preferences or rebroadcast the GPC signal.
Opt-Out of other Sales/Sharing. You can request to opt-out of the “sale” or “sharing” of your personal information by emailing us at privacyeurope@eudia.com.
If you direct us not to sell/share your personal information, we will consider it a request pursuant to California’s “Shine the Light” law to stop sharing your personal information covered by that law with third parties for their direct marketing purposes.
We reserve the right to confirm your California residence to process your requests and will need to confirm your identity to process your requests to exercise your right to know/access, delete, and correct. This is a security measure to, for example, help ensure we do not disclose information to a person who is not entitled to receive it. The identity verification process may vary depending on how you submit your request.
Consistent with California law, you may designate an authorized agent to make a request on your behalf. If you do so, we may require proof of your identification, the authorized agent’s proof of identification, and any other information that we may request in order to verify the request, including evidence of valid permission for the authorized agent to act on your behalf. We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee or decline to comply with your request if your request is clearly unfounded, repetitive, or excessive.
We try to respond to all legitimate requests to know/access, delete, and correct within 45 days of your request. Occasionally it may take us longer than 45 days to respond, for instance if your request is particularly complex or you have made a number of requests. In this case, we will notify you of the delay, and may continue to update you regarding the progress of our response.
This Privacy Policy (“Privacy Policy”) describes how Cicero Technologies, Inc. d/b/a Eudia Group and its affiliates including Eudia FDL U.S., Inc. and Johnson Hana International Limited (collectively, “Eudia,” “us,” “we,” or “our”) collects, uses, and discloses your personal information in connection with our website located at www.johnsonhana.com, www.eudia.com and any other websites we own and operate that link to this Privacy Policy (collectively, the “Site”), our social media pages, and our email, text, and other electronic communications, and the choices you have with respect to your personal information.
This Privacy Policy applies solely to individuals who: (a) provide legal consulting services for Eudia as part of Eudia’s delivery services; or (b) are candidates for such engagements; or (c) have applied for such roles (“Candidates”, “Consultants” or “you”) in the context of our management of Candidates and Consultants in relation to the recruitment and HR processes. This Privacy Policy does not apply to other interactions with Eudia. In particular, this Privacy Policy does not apply to any processing of personal information of Consultants where you use Eudia Technology as part of your role to deliver AI-augmented services on behalf of Eudia. Please see our general privacy policy here which applies to processing of Consultants’ personal information where using Eudia Technology as an end user.
We want you to understand how we collect, use, store, and share your personal information. We also want you understand what rights you may invoke to help you to protect your privacy. In this regard, it is important that you read and understand this Privacy Notice. Please note that we reserve the right to update this Privacy Notice as required. We will notify you of changes by posting the new Privacy Policy on this page and changing the “Last Updated” date at the top of this page. In some cases, such as where required by law, we may notify you about any updates by sending you an email, posting a notice on the Site about the update, or using other reasonable means. We encourage you to review this Privacy Policy periodically for any updates.
This Privacy Policy covers the following topics:
COLLECTION OF PERSONAL INFORMATION
SOURCES OF PERSONAL INFORMATION
USE OF PERSONAL INFORMATION
DISCLOSURE OF PERSONAL INFORMATION
TRANSFER OF PERSONAL INFORMATION
SECURITY
RETENTION OF PERSONAL INFORMATION
YOUR CHOICES
CHILDREN
LINKS TO OTHER WEBSITES AND SERVICES
NOTICE TO EU-BASED AND UK-BASED CONSULTANTS
NOTICE TO CALIFORNIA RESIDENTS
CONTACT US
CONTACT US
Questions, comments or requests can be submitted to our data protection representatives.
By email to: privacyeurope@eudia.com
By mail to: FAO Legal Department, Dargan House, 21-23 Fenian Street, Dublin 2, Ireland
COLLECTION OF PERSONAL INFORMATION
Categories of Personal Information Collected. We collect personal information about you in different contexts depending on how you use the Platform. The categories we collect and some examples of the personal information within those categories are described in the table below:
SOURCES OF PERSONAL INFORMATION
Personal Information You Provide. We collect personal information when you provide it to us, such as when you contact us, register on the Site, complete a contact form, engage in our recruitment and hiring process, join our talent community, or otherwise interact with us.
It is important that the personal information you provide us is up to date and accurate. If personal information we hold on you is inaccurate or incomplete, please contact us and we will update the information.
Personal Information Obtained from Third Parties. We may receive personal information from third parties, such as your nominated referees, our service providers, and data analytics partners, other publicly available sources and social media platforms such as LinkedIn.
References/Referrals. You may provide referee details to us or have the opportunity to refer colleagues or other contacts to us and share their contact information. Please do not provide us with another person’s contact information unless you have their permission to do so.
Automatically Collected Personal Information. When you visit or interact with the Site or engage with us, your personal information may also be collected automatically. We, our service providers, and our advertising partners may automatically log information about you, your computer, or your device, and your activity over time on our Sites.
On-premises Collection. Please note that where working from any of our premises or off-site locations CCTV and Visitor Sign-In may be used for security purposes.
USE OF PERSONAL INFORMATION
Eudia may use personal information for the purposes set forth below and as otherwise described in this Privacy Policy or at the time of collection.
Business Operations including use of AI. We may use your information for any of the purposes set out in section Purpose and Legal Basis for processing below. As part of this we also use our proprietary AI tools. Eudia is committed to using our augmented intelligence approach of deploying our own trusted AI systems to empower our talent teams to work more efficiently by streamlining administrative steps and surfacing relevant information while always preserving their tenured experience and human judgment in decision making. In practice, our AI tools help us review job applications, CVs, resumes and to generate summaries and Candidate profiles for review by relevant stakeholders. Our team reviews these outputs for accuracy and appropriateness and we do not rely on AI tools for the sole basis for hiring decisions.
For Research and Development. We may use your information to: (i) improve the Site and our business; and (ii) understand and analyze the interaction and engagement trends and preferences of our Candidates.
As part of these activities, we may create aggregated or de-identified data from personal information we collect. We make personal information into de-identified data by removing information that makes the data personally identifiable to you.
Compliance, Fraud Prevention and Safety. We may use your personal information and disclose it to law enforcement, government authorities, and private parties as we believe necessary or appropriate to: (a) protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); (b) audit our internal processes for compliance with legal and contractual requirements and internal policies; (c) prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft. We will use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
With Your Consent. In some cases, we may specifically ask you for your consent to collect, use, or share your personal information, such as when required by law.
DISCLOSURE OF PERSONAL INFORMATION
We may disclose your personal information to the entities and individuals listed below or as otherwise described in this Privacy Policy or at the point of collection.
Related Companies. We may share personal information with our affiliated entities, including parents, subsidiaries, or other related companies. This may include for the purpose of availing of Eudia AI technology as part of our talent search, recruitment and hiring processes as described above under Business Operations including use of AI.
Clients, Customers. We may share personal information with our clients who have roles in which you are interested.
Referees. We may share personal information with companies and/or individuals whose details you provide to us, so they can provide a reference.
Service Providers. We share personal information with third parties and individuals who perform functions on our behalf and help us run our business. For example, we work with service providers that help us perform website hosting, account security and authentication (including screening, background and criminal records checks),such as Checkr, Inc., cloud storage, web analytics, HR and recruitment processes, independent background checkers, payroll services, email services, benefit providers, marketing (including social media providers) and other purposes.
Law Enforcement, Authorities, and Others. Under certain circumstances, Eudia may be required to disclose your personal information to law enforcement, government authorities and departments, and other parties if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency). Eudia may also disclose your personal information in the good faith belief that such action is necessary to comply with a legal obligation or for the purposes described above in the section titled “Compliance, Fraud Prevention, and Safety.”
Professional Advisors. We may share your personal information with persons, companies, or professional firms providing Eudia with advice and consulting in accounting, administrative, legal, tax, financial, and other matters.
Business Transaction Participants. We may disclose your personal information to third parties in connection with any business transaction (or potential transaction) involving a merger, acquisition, sale of shares or assets, financing, acquisition, consolidation, reorganization, divestiture, or dissolution of all or a portion of our business (including in connection with a bankruptcy or similar proceedings).
We will not sell your data to any third party and will take all appropriate steps to ensure the security of your data in dealings with third parties.
TRANSFER OF PERSONAL INFORMATION
Eudia is headquartered in the United States, and we work with service providers in the United States and other countries. Your personal information may be collected, used, and stored in these countries or other locations outside of your home country. Privacy laws in the locations where we handle your personal information may not be as protective as the privacy laws in your home country. By providing your personal information, where applicable law permits, you hereby specifically and expressly consent to such transfer and processing and the collection, use, and disclosure set forth herein or in any applicable terms of service.
If you are located in Europe please view further information about cross-border transfers in the section below titled “NOTICE FOR EU-BASED AND UK-BASED CONSULTANTS”
SECURITY
The security of your personal information is important to us. We have implemented generally accepted standards of technology and operational security to protect personal information from alteration, unauthorised disclosure or destruction, and from use for unauthorised purposes however, please remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.
RETENTION OF PERSONAL INFORMATION
We will retain your personal information for as long as necessary to fulfil the purpose of collection, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish and defend legal claims, for fraud prevention purposes, or as long as required to meet our legal obligations. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
We have detailed retention periods for which Personal Data shall be retained for particular purposes. We reserve the right to delete Personal Data prior to the conclusion of the retention period or where such retention is not absolutely necessary.
YOUR CHOICES
In this section, we describe the rights and choices that may be available to you depending on how you interact with us.
Opt-Out of Promotional Email Communications. ou may opt out of marketing-related emails you receive from us by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us as described above. You may continue to receive service-related and other non-marketing emails.
Cookies. Most browsers let you remove or stop accepting cookies from the websites you visit. To do this, follow the instructions in your browser’s settings. Many browsers accept cookies by default until you change your settings. If you do not accept cookies, however, our Site may not work properly. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit www.allaboutcookies.org.
Analytics. The Site uses Google Analytics to help us analyze how the Site is being accessed and used. You can learn more about Google Analytics cookies by clicking here and about how Google protects your data by clicking here. To opt-out of Google Analytics, you can download and install the Google Analytics Opt-out Browser Add-on, available here.
Do Not Track. Some browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
Declining to Provide Information. We need to collect personal information to provide certain services. If you do not provide the information requested, we may not be able to provide those services.
CHILDREN
The Platform is not intended for use by anyone under the age of 18, and we do not knowingly collect personal information from children or minors.
LINKS TO OTHER WEBSITES AND SERVICES
The Site may contain links to other websites and online services that are not operated by us. These links are not an endorsement of, or representation that we are affiliated with, any third party. If you click on a third party link, you will be directed to that third party’s site or service. In addition, our content may be included on web pages or online services that are not associated with us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third party sites or services. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to review the privacy policies of other websites and other online services that you visit or use.
The Site may contain links to other websites and online services that are not operated by us. These links are not an endorsement of, or representation that we are affiliated with, any third party. If you click on a third party link, you will be directed to that third party’s site or service. In addition, our content may be included on web pages or online services that are not associated with us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third party sites or services. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to review the privacy policies of other websites and other online services that you visit or use.
NOTICE TO EU-BASED AND UK-BASED CONSULTANTS
The information provided in this section applies only to individuals in the European Economic Area and the United Kingdom (collectively, “Europe”). Except as otherwise specified, references to “personal information” in this Privacy Policy are equivalent to “Personal Data” as described below.
Key Definitions
Personal Data refers to information relating to an identified or identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as; a name, an identification number, location data, an online identifier, or one of more factors specific to the physical, psychological, genetic, mental, economic, cultural or social identity of that natural person.
Special Category Data refers to racial or ethnic origin, political opinions, religious or philosophical beliefs, or trades union membership, or that includes genetic data, biometric data to reveal the identity of a person, or data concerning health, sex life or sexual orientation. Personal Data relating to criminal convictions is also considered sensitive.
Controller refers to the natural or legal person or body which alone or jointly determines the purpose and means of the processing of Personal Data.
Processor refers to the natural or legal person or body which processes Personal Data on behalf of the Controller under their instructions.
Controller. The Controller of your Personal Data in relation to this Privacy Policy is Johnson Hana International Limited.
Legislation. This Privacy Notice is published in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 ("GDPR") and Assimilated Regulation (EU) 2016/679, (“UK GDPR”).
Purpose and Legal Bases for Processing. The legal bases of our processing of your Personal Data as described in this Privacy Policy will depend on the type of Personal Data and the specific context in which we process it. However, the legal bases we typically rely on are set out in the table below. We rely on our legitimate interests as our legal basis only where those interests are not overridden by the impact on you (unless we have your consent or our processing is otherwise required or permitted by law). *Legitimate interest below refers to the business of the operation of an AI platform purpose-built for in-house legal teams that delivers faster, higher impact execution across everyday legal work and through vertically integrated, AI augmented workflows, together with the provision of augmented delivery services. If you have questions about the legal basis of how we process your personal information, contact us as provided at section “CONTACT US” of this Privacy Policy.
The purposes for processing your Personal Data may overlap, and some purposes for processing may have multiple legal basis. They are as follows:
Use for New Purposes. We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.
Your Rights. European data protection laws may give you certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:
Access. Provide you with information about our processing of your personal information and give you access to your personal information.
Correct. Update or correct inaccuracies in your personal information.
Delete. Delete your personal information.
Port. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
Restrict. Restrict the processing of your personal information.
Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.
You may submit these requests by emailing privacyeurope@eudia.com. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction. In the European Economic Area, you can find your data protection regulator here. In the United Kingdom, you can find your data protection regulator here.
INTERNATIONAL TRANSFERS
Cross-Border Data Transfer. If we transfer your personal information to a country outside of the European Economic Area such that we are required to apply additional safeguards to your personal information under European data protection laws, we will do so including using Standard Contractual Clauses. Please contact us at privacyeurope@eudia.com for further information about any such transfers or the specific safeguards applied.
3) NOTICE TO CALIFORNIA RESIDENTS
This section applies only to California residents. It describes how we collect, use, and share personal information of California residents when we act as a “business” as defined under the California Consumer Privacy Act (“CCPA”), and their rights with respect to their personal information. For purposes of this section, “personal information” has the meaning given under the CCPA but does not include information exempted from the CCPA. In some cases, we may provide a different privacy notice to certain categories of California residents, in which case that notice will apply instead of this section.
Categories of Personal Information We Collect, and the Purposes of Collection and Use. We describe the categories of personal information we collect/have collected about you in the preceding 12 months, and the categories of sources from which we collect/have collected such personal information, in the section above called “COLLECTION OF PERSONAL INFORMATION.” The business and commercial purposes for which we collect and share these categories of personal information are described in the section above called “USE OF PERSONAL INFORMATION.”
To the extent that we may collect sensitive personal information (as defined under the CCPA), we only use or disclose it for purposes permitted under the CCPA. We do not collect or use sensitive personal information for the purpose of inferring characteristics about California residents.
Personal Information Disclosed for Business Purposes. We disclose (and in the preceding 12 months may have disclosed) each of the categories of personal information listed above with our service providers and the other parties listed above in the section titled “DISCLOSURE OF PERSONAL INFORMATION.”
Your California Privacy Rights. As a California resident, in addition to the choices described elsewhere in this Privacy Policy, you have the rights listed below. Please note, these rights are not absolute, and, in some cases, we may not be able to respond to your request, such as when a legal exemption applies or if we are not able to verify your identity.
Right to Know/Access. You can request the following information about how we have collected and used your personal information:
the categories of personal information we collected;
the categories of sources from which we collected personal information;
the business or commercial purpose for collecting, selling, or sharing (as applicable) that personal information;
the categories of third parties with whom we disclose personal information; and
a copy of the personal information that we collected about you.
Right to Delete. You can request that we delete the personal information we collected from you.
Right to Correct. You can request that we correct inaccurate personal information that we maintain about you.
Right to Opt-Out of Sales/Sharing. If we “sell” or “share” your personal information, you can opt-out.
Right to Nondiscrimination. You are entitled to exercise the rights described above without receiving discriminatory treatment.
How to Exercise Your Rights. You may exercise the rights described above as follows:
Know/Access, Delete, or Correct. You may exercise these California privacy rights by emailing us at privacyeurope@eudia.com
Right to opt-out “sales” or “sharing”/ “targeted advertising” or “profiling” relating to the use of cookies. You can request to opt-out out your personal information from “sales” or “sharing”/ “targeted advertising” relating to the automatic collection of data on the Site by cookies and similar technologies by clicking “reject all” at the bottom of the Site and changing your cookie preferences or broadcasting the Global Privacy Control (GPC) signal. Note that due to technological limitations, if you visit our Site from a different computer or device, or clear cookies on your browser that store your preferences, you will need to return to this screen to select your preferences or rebroadcast the GPC signal.
Opt-Out of other Sales/Sharing. You can request to opt-out of the “sale” or “sharing” of your personal information by emailing us at privacyeurope@eudia.com.
If you direct us not to sell/share your personal information, we will consider it a request pursuant to California’s “Shine the Light” law to stop sharing your personal information covered by that law with third parties for their direct marketing purposes.
We reserve the right to confirm your California residence to process your requests and will need to confirm your identity to process your requests to exercise your right to know/access, delete, and correct. This is a security measure to, for example, help ensure we do not disclose information to a person who is not entitled to receive it. The identity verification process may vary depending on how you submit your request.
Consistent with California law, you may designate an authorized agent to make a request on your behalf. If you do so, we may require proof of your identification, the authorized agent’s proof of identification, and any other information that we may request in order to verify the request, including evidence of valid permission for the authorized agent to act on your behalf. We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee or decline to comply with your request if your request is clearly unfounded, repetitive, or excessive.
We try to respond to all legitimate requests to know/access, delete, and correct within 45 days of your request. Occasionally it may take us longer than 45 days to respond, for instance if your request is particularly complex or you have made a number of requests. In this case, we will notify you of the delay, and may continue to update you regarding the progress of our response.