Last Updated: August 28, 2019

This Privacy Notice describes how Hopkins & Carley (“Hopkins & Carley”, “we” or “us”) processes, uses and shares the personal information that it receives or collects from visitors to the Hopkins & Carley website (“Website”), blogs and social media accounts (hereinafter all collectively referred to as “Sites”), as further described below.

Who We Are

Hopkins & Carley is a law firm based in the United States. We are a law corporation organized under the laws of the state of California for the practice of law. We have offices in California, and our main office is located at:

70 S 1st St
San Jose, CA 95113

Scope of this Privacy Notice

This Privacy Notice applies to information that we collect online through the Sites, when you contact us or as may be provided in connection with recruiting. It does not apply to information that we collect or obtain in the course of representing or advising clients once a Professional Services Agreement has been executed. Such information is confidential and subject to the attorney-client relationship, and therefore outside the scope of this Privacy Notice.

This Privacy Notice also does not cover information collected by any other company, a third-party site or third-party application that may link to, or that can be accessed from, any of our Sites.

By using the Sites, you acknowledge and consent to our practices described below. If you have questions or comments about this Privacy Notice or our use of your personal information, please contact us at

Changes to This Privacy Notice

We may update this Privacy Notice from time to time. If we do so, we will post our updated Privacy Notice on the Website and the blog Site,  where applicable, and for a reasonable period of time we will post notice of the change so it is visible when users use the Sites after the change is posted. By your continued use of any of the Sites, you consent to the terms of the revised Privacy Notice.

When and How Do We Collect Data?

When you visit the Sites, we collect personal information directly from you when you provide it to us, as well as indirectly through automated technologies such as cookies.

Put simply, we process information that you provide to us and information that we (or our authorized service providers) collect automatically.

Information You Provide Information We Collect Automatically
You browse any page of our Website or our blog Site  
You request information from us
You register for a webinar, newsletter, conference or other event
You contact us or provide information in connection with recruiting  

Types of Personal Information We Collect

Personal information, or personal data, means any information about an individual from which that person may be identified. For example, it may include obvious things like your name, telephone number, email, and address, as well as less obvious things like your IP address, device ID and location information. Personal information does not, however, include information from which the identity of an individual has been definitively removed (also known as anonymous or anonymized data).

Data You Provide

We collect personal information that you provide voluntarily through our Sites, which may include some or all of the following:

  • Your contact information: your name, address, phone number, email address, company name, and country;
  • When you request information or register for an event that we sponsor, we collect information relevant to your information request or the event for which you are registering, such as postcode, preferences, and interests;
  • Communications that are within the scope of this Privacy Notice;
  • Resumé or other employment-related data that you provide to us in connection with recruiting as further explained below; and
  • Any other personal information that you voluntarily choose to provide to us.

If we ask you to provide any other personal information not described above, the personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point that you are asked to provide your personal information.

Data We Collect Automatically

We collect certain information automatically from your device. Our web servers log certain technical information automatically, such as the identity of your Internet Service Provider and your computer’s IP address. Specifically, the information that we collect automatically may include information like your IP address, device type, unique device identification number, browser-type, broad geographic location (e.g. country or city-level location) and other technical information.

We may also collect information about how your device has interacted with our Sites, including the pages accessed and links clicked. Although this information may be considered personal information under applicable laws, we do not append or associate it with any personal information you may choose to provide.

Some of this information may be collected using cookies and similar tracking technology, as explained further in Cookies and Similar Technologies.

Data Collected For Recruiting Purposes

We collect information from and about potential candidates in connection with employment opportunities at Hopkins & Carley. This information may include name and contact information, resumé, academic records, employment history, and references.

We use the personal information that you provide to match your skills, experience, and education to available and/or specific roles within Hopkins & Carley. This information is passed to the relevant hiring managers and individuals involved in the recruiting process in order to assess next steps. We may also collect further information from you as you move along in the recruiting process.

In connection with our recruiting activities, we may also collect special categories of personal information from candidates where we have an employment law obligation to do so, the information is relevant to the future provision of employment, or with the individual’s explicit consent. For instance, we may need to collect information about a candidate’s immigration status in order to ensure that we may legally hire that candidate, or a candidate’s disabilities in order to provide a suitable working environment for that candidate if they are hired by Hopkins & Carley. We may also need to conduct criminal background checks. We may also ask you to provide diversity information about your race/ethnicity and sexual orientation for diversity monitoring purposes, although providing this information will be entirely up to the candidate.

Hopkins & Carley collects information about candidates from the following sources:

  • Directly from the candidate – for example, information provided when applying for a position directly through the Website;
  • From recruiting service providers – for example, when a recruitment agency contacts us to identify someone as a potential candidate;
  • Through publicly available sources online – for example, through a professional profile posted online (e.g. such as a professional networking site); and
  • By reference or word of mouth.

How We Use Personal Information

We use the personal information you provide through our Sites to:

  • Communicate with you about your use of the Sites and our services, as well as any inquiries or recruiting activities;
  • Respond to your inquiries, and in the case of recruiting, evaluate whether you may be a match;
  • Fulfill your requests;
  • Measure the effectiveness of our online content and how visitors use our Sites, which allows us to learn what pages, functions or areas of our Sites are most attractive to our visitors, which parts of our Sites are the most interesting, and what kind of event offerings our visitors like to see.
  • Organize events for which you have registered. We use the information we collect from you in connection with events that we organize to track registration, confirm attendance, and furnish certain details you have provided to us, such as your company affiliation, to other attendees. If you request at the time of your registration, or at any time afterward, we may use this information to call to your attention similar events that might be of interest to you.

Cookies and Similar Technologies

Like most websites, we use cookies and other standard Internet technologies to help us improve our Sites. A cookie is a small text file that is placed on your computer or mobile device when you visit a certain website. Cookies enable the website to remember your actions and preferences (such as login, language, font size, and other display preferences) over a period of time, for example, so you don’t have to re-enter them whenever you come back to the website or browse from one page to another.

A cookie can be classified by its lifespan and the domain to which it belongs.

By lifespan, a cookie is either a:

  • Session cookie, which is erased when the user closes the browser; or
  • Persistent cookie which remains on the user’s computer/device for a pre-defined period of time.

As for the domain to which it belongs, there are either:

  • First-party cookies which are set by the web server of the visited page and share the same domain (in this case the domain); or
  • Third-party cookies stored by a different domain to the visited page’s domain. This can happen when the webpage references a file, such as JavaScript, located outside its domain.

When you visit or access the Sites, we may – by means of cookies, beacons, tags, scripts, and/or other similar technologies – automatically collect technical information about the devices and software you use to access the Sites, such as the type of Internet browser or mobile device you use, the website or source that linked or referred you to the Sites, your IP address or device ID (or other persistent identifier that uniquely identifies your computer or mobile device on the Internet), the operating system of your computer or mobile device, and other similar technical information. We use these same technologies (or a combination of them) to help us:

  • Capture and store users’ preferences, account settings, and certain login information (mainly for convenience, user verification, and account security) – these are strictly necessary cookies; and
  • Compile statistics and analytics about your use of and interaction with the Sites, including details about how and where our Sites are accessed, which areas of the Sites are visited and for how long, and other similar traffic, usage, and trend data-these are analytics cookies.

Strictly Necessary Cookies

These cookies are necessary for the Website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any information that directly identifies you.

Session cookies used:

Performance Cookies

In connection with our analytics, we use Google Analytics. With the information collected by Google Analytics, we process “Aggregated Data”, such as statistical or demographic data. Aggregated Data may be derived from personal information, but is not considered personal information under the law if it does not directly or indirectly reveal your identity. For example, we may aggregate usage data to calculate the percentage of users accessing a specific feature of our Website. However, if we combine or connect Aggregated Data with your personal information so that it can directly or indirectly identify you, we treat the combined data as personal information, which will be processed in accordance with this Privacy Notice.

For more information on downloading the Google Analytics opt-out browser add-on click here.

Persistent cookies used:

Disclosure of Information

The personal information that we collect is used only within Hopkins & Carley except as stated below.

Aside from disclosing your information to those of our personnel who are authorized to process the information in order to provide our services and are committed to confidentiality, we disclose your personal information only to the third parties indicated below (and for the following reasons):

  • Companies that do things to help us provide the Sites, such as hosting service providers, conference organizers, communication tools, and analytics tools;
  • Professional service providers, such as auditors, lawyers, consultants, accountants, and insurers;
  • Governments, regulators, law enforcement and fraud prevention agencies, but only as authorized as explained below; and
  • In the event of a business transfer as explained below.

Third-Party Service Providers

Specifically, depending on how you use the Sites, the following third parties collect data on our behalf or receive your personal information in order to assist us in providing our services:

  • Rackspace to host our Website;
  • Google Analytics, our analytics tool (see Cookies); and
  • Service providers who assist us with recruiting, blog delivery and other services.

We generally do not share any user information gathered on Website with third parties for their own direct marketing purposes. Please note, however, that your registration information for a particular event may be provided to co-presenters or co-sponsors for that event, each of whom will be identified to you at the time of registration. Unless you opt-out at the time of registering for the event, those sponsors may use your personal information for their own marketing purposes.  Their privacy policies may differ from this Privacy Notice.

We require all third-party service providers to respect the security of your personal information and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions, unless the data is rendered fully anonymous.

Legal Obligations & Security

Additionally, other than as explained above, we will disclose your personal information: (i) with your consent; (ii) when we have a good faith belief it is required by law, such as pursuant to a subpoena, warrant or other judicial or administrative order (as further explained below); (iii) to protect the safety of any person; to protect the safety or security of our Sites or to prevent spam, abuse, or other malicious activity of actors on our Sites; or (iv) to protect our rights or property or the rights or property of those who use our Sites and/or services.

If we are required to disclose personal information by law, such as pursuant to a subpoena, warrant or other judicial or administrative order, our policy is to respond to requests that are properly issued by law enforcement within the United States or otherwise via mutual legal assistance mechanism (e.g., treaty). Under such circumstances, we will attempt to provide you with prior notice that a request for your information has been made in order to give you an opportunity to object to the disclosure. We will attempt to provide this notice by email if you have given us an email address. However, government requests may include a court-granted non-disclosure order, which prohibits us from giving notice to the affected individual. In cases where we receive a non-disclosure order, we notify the user when it has expired or once we are authorized to do so.

Note that if we receive information that provides us with a good faith belief that there is an exigent emergency involving the danger of death or serious physical injury to a person, we may provide information, including personal information, to law enforcement trying to prevent or mitigate the danger (if we have it), to be determined on a case-by-case basis.

Business Transfer

We may transfer your personal information to an affiliate; a successor entity upon a merger, consolidation or other corporate reorganization in which Hopkins & Carley participates or to a purchaser or acquirer of all or substantially all of Hopkins & Carley’s business or assets to which the Sites and/or the services offered on the Sites relate; or a successor in bankruptcy.

Tracking Disclosure

Hopkins & Carley tracks users use of the Sites but does not track users across third-party websites.  We do not respond to Do Not Track (DNT) signals.

Changing Your Information and Choices

If you would like us to stop using your personal information, or if you want to change personal information you previously have provided to us via the Sites, please contact us at and we will comply to the extent required and allowed by applicable laws.  Regarding personal information you have provided for an event sponsored by us, you may contact the event coordinator directly via email or telephone. Marketing contacts for each event are listed on the Hopkins & Carley Events page.

We allow you to opt-out of future communications at any time by clicking the “Opt-Out” link in the email or replying to any email you receive with a message that reads “Opt-Out” in the subject line.

Links to Other Websites

Our Sites may link to websites maintained by outside organizations. For instance, when we repost an article from our Website to our on social media pages, you may be redirected to a third-party website. Please be aware that these third-party websites are governed by their own privacy policies and do not fall within this Privacy Notice. Our firm is not responsible for the content or policies maintained by these websites. Please familiarize yourself with the privacy policy or notice of any third-party website you visit, as it will govern any information you submit through that website.

Social Plugins

We may use social plugins on our Sites and may include icons that allow you to interact with third-party social networks such as LinkedIn, Twitter and Facebook. For example, you may “like” us on Facebook or follow us on Twitter. The third-party social plugin may set a cookie when your browser creates a connection to the servers of such social networks and the plugin may transmit your information to the social networks. Your use of these social plugins is subject to the privacy policies of the third party social networks.


We recognize the privacy interests of children, and we encourage parents and guardians to take an active role in their children’s online activities and interests. The Sites and our services are not intended for children under the age of 18, we endeavor not to collect any personal information from children under the age of 18. We target our Sites and the services offered on the Sites to adults and not to children under 18.

Confidential Information

Because the security of transmission of confidential information over the Internet cannot be guaranteed, please do not disclose any confidential information to us via email or the Sites. Please note that providing personal or any other information to Hopkins & Carley through our Sites does not, by itself, engage our firm for legal services and does not form an attorney-client relationship.

Legal Basis for Processing Personal Information

Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.

However, we will normally collect personal information from you only where we need the personal information to perform a contract with you (for example, when providing registering you for a webinar), where we have your consent to do so (such as when you opt-in for our blog Sites), or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to process personal information about you or may need to process personal information in order to exercise, establish or defend legal claims.

If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as the possible consequences, if any,  if you do not provide your personal information).

To the extent that we rely on consent, you will always be able to withdraw your consent.

How Long Do We Keep Your Personal Information?

Your personal information is processed for the period necessary to fulfill the purposes for which it is collected, to comply with legal and regulatory obligations and for the duration of any period necessary to establish, exercise or defend any legal rights.

In order to determine the most appropriate retention periods for your personal information, we consider the amount, nature and sensitivity of your information, the reasons for which we collect and process your personal information, and applicable legal requirements. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it (see below) or, if this is not possible (for example, because your personal information has been stored in backup archives), we will securely store your personal information and isolate it from any further processing until deletion is possible.

In some circumstances, you can ask us to delete your data. See Additional Legal Rights For Users in the European Economic Area below for further information.

Some exceptions from static retention periods may occur. For instance, we cannot delete personal information when there are legal obligations to retain it (e.g. arising from tax or commercial law). This is particularly true of financial data and payment information. Additionally, we cannot delete personal information when it is needed for the establishment, exercise or defense of legal claims (“litigation hold”). In this case, the personal information can be retained as long as needed for exercising respective potential legal claims.

In some instances, we may choose to anonymize your personal information instead of deleting it, for statistical use, for instance. When we choose to anonymize, we implement measures so there is no way that the personal information can be linked back to you or any specific user.

Protecting Your Personal information

We have put in place reasonably appropriate technical and organizational measures to protect the personal information that we collect and process about you. The measures that we use are designed to provide a level of security appropriate to the risk of processing your personal information.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so. We also require those parties to whom we transfer your personal information to comply with the same.

However, while we take all reasonable steps necessary to provide the most secure Website, you understand and assume the risks associated with your activities on the Internet

International Transfers

We are based in the United States. The personal information that we collect is sent to and stored on servers located in the United States. This means that when we collect your personal information it may be processed the United States, which may have data protection laws that are different from (and sometimes less protective than) the laws of your country.

However, we take appropriate safeguards to require that the personal information we process remains protected in accordance with this Privacy Notice, including when processed internationally or by our third-party service providers and partners. The safeguards we may take include, for instance, implementing the European Commission’s Standard Contractual Clauses for onward transfers of personal information outside of the EEA as required. Our Standard Contractual Clauses can be provided on request. We may implement similar appropriate safeguards with our third-party service providers and partners and further details can be provided upon request.

Additional Legal Rights For Users in the European Economic Area

If the GDPR applies to you because you are in the European Economic Area, you have certain rights in relation to your personal information:

  • The right to be informed – our obligation to inform you that we process your personal information (and that’s what we’re doing in this Privacy Notice);
  • The right of access – your right to request a copy of the personal information we hold about you (also known as a ‘data subject access request’);
  • The right to rectification – your right to request that we correct personal information about you if it is incomplete or inaccurate (though we generally recommend first making any changes in your Account Settings);
  • The right to erasure (also known as the ‘right to be forgotten’) – under certain circumstances, you may ask us to delete the personal information we have about you (unless there’s an overriding legal reason we need to keep it);
  • The right to restrict processing – your right, under certain circumstances, to ask us to suspend our processing of your personal information;
  • The right to data portability – your right to ask us for a copy of your personal information in a common format (for example, a .csv file);
  • The right to object – your right to object to us processing your personal information (for example, if you object to us processing your data for direct marketing); and
  • Rights in relation to automated decision-making and profiling – our obligation to be transparent about any profiling we do, or any automated decision-making.

These rights are subject to certain rules around when you can exercise them. If are located in the European Economic Area and wish to exercise any of the rights set out above, please contact us (see How to Contact Us About Privacy).

You will not have to pay a fee to access your personal information (or to exercise any of the other rights) unless your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request under those circumstances.

We may need to request specific information from you to help us confirm your identity. This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

We will respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated as required by law.

In addition, if you no longer wish to receive our marketing/promotional information, we remind you that you may withdraw your consent to direct marketing at any time directly from the unsubscribe link included in each electronic marketing message we send to you. If you do so, we will promptly update our databases and will take all reasonable steps to meet your request at the earliest possible opportunity, but we may continue to contact you to the extent necessary for the purposes of providing our any services you may have requested as covered in this Privacy Notice.

Finally, you have the right to make a complaint at any time to the supervisory authority for data protection issues in your country of residence. We would, however, appreciate the chance to address your concerns before you approach the supervisory authority, so please contact us first.

If you have any questions about this Privacy Notice, including any requests to exercise your legal rights, please contact us using the details in How to Contact Us About Privacy below.

How to Contact Us About Privacy

If you have any questions about this Privacy Notice, have additional questions, or would like to exercise any of your rights if you are located in the European Economic Area, please contact us at You may also write to us at:

Hopkins & Carley

Attn:  Cory Cullen

70 S 1st St

San Jose, CA 95113