PRIVACY STATEMENT
Lerners LLP and its affiliated entities (“Lerners”, “we”, “us”, or “the firm”) are committed to protecting the privacy and security of the personal information we control. This Privacy Statement explains how we collect, use, disclose, and protect personal information while providing legal services and operating our firm. The term “personal information” means information about an identifiable individual, as defined in applicable privacy legislation. It does not include business contact information or anonymous or de-identified data that is not associated with a particular individual.
These requirements are in addition to any obligations of confidentiality that may be owed to you through a lawyer-client relationship (which exists only after we have agreed to act as your legal counsel and entered into a written agreement with you).
What Personal Information Do We Collect?
We collect personal information that is necessary to provide legal advice and representation to our clients, and to operate our business. The types of personal information we collect, use and disclose will vary depending on the circumstances but may include:
contact and identification details (e.g., name, address, phone number, email), including background information needed to verify identity in accordance with the requirements imposed by the Law Society of Ontario (e.g., copy of driver’s license)
demographic and family information (e.g., marital status, dependants), or health information, where relevant to your legal matter;
education and employment history;
financial, tax, and investment information;
billing information;
marketing, communication preferences and related information such as event feedback and survey responses;
publicly available information (e.g., social media posts or public records); and
website usage and other technical information such as details of visits to our websites or information collected through cookies (see section below titled “Lerners Website”).
How Do We Collect Personal Information?
We will generally collect your information through direct interactions with you when you provide it to us, for example, by filling in forms or corresponding with us by phone, email, or otherwise. We may also collect your personal information from third parties (such as witnesses, family members, experts, or adverse parties) or publicly available sources (e.g., social media sites). We may also collect personal information indirectly from our clients or others (e.g., family members, witnesses, adverse parties, investigators, experts, professional advisors, partners, and customers). Through our website, we collect certain information through automated means (see “Our Website” below).
How Do We Use Personal Information?
We only use personal information to provide services, operate our business, or where applicable law permits or requires it.
For example, we use personal information to provide legal advice and representation to our clients. This includes running conflict searches, conducting client identity and verification processes, investigating and advising on legal matters, managing client relationships, and working with third parties (such as experts, witnesses, and treatment providers). We also use personal information to manage day-to-day firm operations, including:
administering client accounts, billing, and payments;
client relationship management;
business development (e.g., lead generation);
marketing, events, and distributing newsletters or other communications;
maintaining internal systems, precedents, and knowledge management;
enforcement of our legal rights (e.g., to enforce payment terms)
protecting against fraud, error, and other illegal activity; and
complying with legal, regulatory, and professional obligations
We will only use your personal information for the purposes for which we collected it. If we determine that your personal information is needed for a purpose materially different from the original reason it was gathered, we will inform you in advance and obtain your consent where the law requires us to do so.
We may use your personal information without your knowledge or consent where required or permitted by applicable law or regulation.
USE OF ARTIFICIAL INTELLIGENCE
Lerners uses third party artificial intelligence tools (“AI Tools”) to assist in providing legal services and operating the firm. For example, we use AI Tools to support docketing, document review and analysis, legal research and drafting, and administrative tasks such as scheduling or transcription. Unless otherwise agreed in writing, we may input personal information into AI Tools while providing services. We will limit the information entered to what is necessary for the task at hand and take steps to avoid compromising the confidentiality of your matter (see approach to service providers described in “How Do We Share Your Information” below). All AI-assisted work is supervised by qualified professionals, and no decision producing legal or significant effects will be made solely by automated means without human review. If you wish to limit or opt out of the use of AI Tools, please notify your primary contact at the firm. We will attempt to accommodate such requests, though doing so may affect the availability, scope, timing, or cost of our services.
Marketing
You may be given the opportunity to consent to receive future promotional communications from us. If you choose to do so, we may use the information you have provided to send you details about our products, services, and special offers; to fulfill other informational requests you have made; and to enhance and refine the products and services we offer. You retain the right to withdraw your consent for receiving emails or other promotional correspondence at any time.
How Do We Share Personal Information?
We may transfer your personal information to contractors, designated agents, or third-party service providers who require it to assist us with providing services to you. We engage third party providers to assist Lerners with administrative tasks related to our business operations (e.g., IT system administration and hosting, billing and payment processing, AI Tools, e-discovery). We may also engage third parties to support the provision of legal advice (e.g., expert witnesses, professional advisors). To the extent we enter into arrangements with service providers, agents and contractors to store, handle or process the personal information on our behalf, we require such parties by contractual or other means to provide comparable privacy protection while the information is processed or handled by them.
We may also disclose your personal information to third parties for their own purposes, either with your consent (e.g., sharing information with other parties involved in the matter, including opposing counsel witnesses, or mediators), or without your knowledge or consent if required or permitted by applicable law or regulation. For example, this can include disclosures for the following purposes:
complying with legal or regulatory obligations (e.g., to the Law Society of Ontario). When we disclose your personal information to comply with a legal obligation or legal process, we will take reasonable steps to ensure that we only disclose the minimum personal information necessary for the specific purpose and circumstances;
during emergency situations or where necessary to protect the safety of persons;
to collect a debt (e.g., enforce payment terms); and
in connection with a transfer of assets or change in ownership.
Consent
Where required under applicable privacy legislation, we will secure the consent of clients and other relevant individuals before collecting, using, or disclosing their personal information.
Capacity: An individual who lacks legal capacity (for example, a minor or a person whose decision-making ability is seriously impaired) must have consent provided by an authorized representative (e.g. legal guardian).
Third Party Information: If you give us personal information about another individual, you confirm that you have the authority and consent of that individual to do so.
In some cases, consent will be implied through your conduct with us or the nature of our retainer. When an individual voluntarily reaches out to us or provides personal information of their own accord, we may treat this as implied consent to the reasonable collection and use of that information in a manner consistent with the purposes for which it was shared. Similarly, we may consider that clients who engage our services, as well as individuals involved in matters or proceedings related to our clients, have implicitly agreed to the reasonable collection, use, and disclosure (e.g., to opposing parties and counsel, witnesses, mediators) of their personal information by our professionals and agents in connection with the representation, legal advice, or transactions undertaken on behalf of our clients.
You may withdraw or limit your consent at any time by writing to the Chief Privacy Officer (see “Contact Us” below). A withdrawal or limitation of consent may affect our ability to continue providing certain legal services, advice, or information.
Safeguards
Once we receive personal information, we use commercially reasonable efforts to protect it. Lerners uses a range of physical, technological and organizational safeguards appropriate to the sensitivity of personal information to ensure that it is kept secure. These measures include:
education and training to relevant staff to ensure they are aware of our privacy obligations when handling personal information;
administrative and technical controls to restrict access to personal information;
technological and security measures, including firewalls, multi-factor authentication, encryption and anti-virus software; and,
physical security measures, such as security passes to enter areas where personal information is stored or can be accessed.
Despite these safeguards, no method of electronic transmission or storage can be entirely secure. We cannot guarantee absolute security.
Where Do We Store Information?
Personal information under our control is stored in secure facilities or on secure servers located in Canada. Certain AI software or cloud-based services may involve limited cross-border transfers of personal information to other jurisdictions, such as the United States, for processing. In such cases, we require, through technical and contractual means, the service provider to protect the personal information in a manner equivalent to that required in Canada. But the measures that we use to protect personal information are subject to the legal requirements of the jurisdictions to which we transfer personal information, including lawful requirements to disclose information to law enforcement and government agencies in those countries. If you have questions about our policies and practices regarding the storage of personal information outside of Canada, please contact our Chief Privacy Officer (see “Contact Us” below).
Retention
We retain personal information for the longer of: (i) the period necessary to fulfil the purpose for which it was collected; (ii) any retention period mandated by law, professional rules, or our insurers; (iii) the expiry of any limitation period for potential claims relating to the matter; or (iv) the duration set by our internal records-management schedule. Derivative work product or analytical data that does not contain personal information may be retained for longer periods to support precedent development, quality assurance, and research, provided that it is irreversibly de-identified or aggregated.
Your Rights
Maintaining the accuracy and completeness of your personal information is a priority for us. We encourage you to notify us promptly of any changes to the personal information you have provided. You are entitled under applicable law to request access to the personal information about you that we control and to have any inaccuracies corrected. Should you wish to review, verify, update your personal information, you may reach out to our Chief Privacy Officer (see “Contact Us” below). Under certain circumstances, applicable law may permit or require us to deny your request. If we are unable to fulfill your request, we will provide you with an explanation of the reasons for that decision, to the extent permitted by law or regulation.
Our Website
When you visit our website, we may use cookies to collect information such as domain name of the website from which the visitor came, date and duration of the visit, number of visits, average time spent on our website, pages viewed and number of cookies accumulated. We use this information to improve website functionality and measure usage. You can configure your browser to refuse cookies, though some website features may not function as a result.
You may voluntarily submit personal information through our website (e.g., to subscribe to a newsletter, register for an event, or submit an inquiry). We may combine this information with other information we hold about you.
Our website may contain links to third-party sites. We are not responsible for the privacy practices of those sites.
Contact Us
If you have questions about this Privacy Statement or wish to make a privacy-related request, please contact our Chief Privacy Officer:
Lerners LLP
Attention: Chief Privacy Officer
225 King St. West, Suite 1600
Toronto, Ontario
M5V 3M2
privacyofficer@lerners.ca
1.800.263.5583
CHANGES TO THis STATEMENT
We update this Privacy Statement from time to time. The date of the most recent revision appears below. We encourage you to review this statement periodically.
This Privacy Policy was last updated June 16, 2026