Privacy Policy


Miller Thomson LLP and its management corporation, Miltom Management LP, (collectively “Miller Thomson”, “we” or “us”) is committed to protecting the privacy, confidentiality, accuracy and security of personal information in our possession. This Policy outlines how we collect, use, disclose and safeguard the personal information of individuals who work – and do business with – Miller Thomson.

Personal information refers to information about an identifiable individual or any information that allows an individual to be identified directly or indirectly. This may include your name and address, email, age and gender, personal financial records, or identification numbers. Miller Thomson is a national law firm with offices across Canada and is subject to both provincial and federal privacy legislation. Our obligations are governed in part by the applicable rules of professional conduct that apply to each of our professionals. These obligations apply to all partners, employees, contractors and agents in the provision of legal services to our clients. Thus, much of the personal information in our possession or that we collect is protected by solicitor-client privilege. We honour and respect our professional obligation to keep confidential the information we receive due to a solicitor-client relationship.

We are committed to collecting, using and disclosing personal information responsibly and only to the extent that you have consented and to the extent necessary to serve clients and our related business purposes. We strive to limit the amount of personal information we collect from individuals or organizations to what is required for the purposes of providing legal advice and services, carrying out client instructions and as otherwise set out in this Policy.


We collect and process different types of personal information to provide and administer legal services. The specific type of personal information we collect and process depends on various factors and the particular situation but nonetheless includes:

  • Contact details, such as your name, mailing address, email address and telephone number.
  • Recruitment information, such as your resume, education, employment history, job title and employer name.
  • Identification information, such as copies of your driver’s license, passport information and source of funds.
  • Financial and billing information, such as credit information, bank account and billing address.
  • Information relevant to your legal issue, such as, your opinions, financial, property, employment, family, tax information, and insurance records.
  • Personal information about a client, vendor, consultant or sub-contractor and their directors, officers, shareholders, guarantors, employees or adverse parties, witnesses and potential witnesses, other counsel, mediators and arbitrators.
  • Personal information about directors, officers, shareholders, guarantors, employees and consultants of a client or adverse parties, witnesses and potential witnesses, other counsel, mediators and arbitrators.
  • Marketing information, such as communication and area of law preferences, when you sign up for our communications, newsletters or seminars, your feedback and survey responses.

Most personal information is collected from you directly, however, in some instances, we may need to collect personal information indirectly from other sources. The means used to collect personal information may at times include the use of technology that includes functions allowing the person concerned to be identified, located or profiled. Profiling refers to the gathering and utilization of an individual’s personal characteristics in order to evaluate specific traits about them. An example of this is the use cookies, as described further below.


A. General

We may collect, use or disclose personal information for the following reasons:

  • To perform conflict searches and/or otherwise determine whether Miller Thomson will enter into a professional relationship with clients or a commercial relationship with suppliers and other third parties.
  • To comply with our legal duties and professional obligations, including but not limited to, the provincial law societies’ respective rules of professional conduct regarding client identification and verification, and Anti-Money Laundering requirements.
  • For clients, suppliers and third parties’ communication, service and administration.
  • For the use of legal precedents.
  • To provide legal advice and/or represent you in a transaction or litigation.
  • For billing and accounting services relating to our services.
  • When we have your consent, to send you our newsletters, courses and seminars. You may opt out of these types of communications at any time.
  • To communicate with you and send holiday cards or other greetings from the firm.
  • For internal, external and regulatory audit purposes.
  • For safety, security and emergency preparedness purposes, we collect information about visitors and guests who visit our premises.
  • For other reasons as permitted or required by applicable laws and regulations.
  • For any other purpose for which we have your consent.

B. Personal Information about Members of the General Public

Our primary purpose for collecting personal information from members of the general public is usually incidental; to gather and review evidence that is relevant to a legal issue affecting our clients, and to provide legal advice to our clients. We may also use personal information provided to us as part of a transaction or litigation we are providing advice on.

In addition, we may also collect, use and disclose personal information from or about third parties to provide members of the general public with information about special events (e.g. a seminar or conference) or to make them aware of our legal services.

C. Personal Information about Applicants and Alumni

We collect personal information of job candidates in order to evaluate the candidate’s application and determine whether to offer the candidate a position. Information may be collected from third parties, such as job references, background checks and employment pre-screening providers. If an applicant does not become a firm member, we typically keep the related information for a reasonable period of time in case a position becomes available or the applicant resubmits an application, unless an applicant asks us to delete his/her information. Candidate background checks are kept for a period of one year. If we hire the applicant, the related information is kept as part of the firm member’s employment file.

We collect and keep personal information of previous firm members, such as name, contact information, employment status and employment history.

D. Personal Information Collected Through Our Website

Our Internet servers automatically collect IP addresses, the date and time of your visit to our website, the pages on our website that you visited and the documents that you downloaded, the searches you performed, and the referring URL that you came to our website from.  We use this information to optimize our website.

Our website uses cookies to monitor traffic patterns, site usage and related site information. Cookies are small pieces of data which are stored on your computer to allow your Internet browser to remember something about a website.  Most browsers accept cookies automatically but can be configured not to accept them or to indicate when a cookie is being sent. Cookies allow us to customize your user interface to speed up the navigation process and to make the website experience more efficient. If your browser is configured to reject cookies, you will not be able to use the features of the website. When you visit our website, a cookie can tell us whether you’ve visited us before or are a new visitor. We do use the cookie to help us identify website features in which you have the greatest interest so that we can provide you with more of what you want.

We also use Google Analytics, Google Tag Manager and Google Ads. Third-party vendors may also use cookies to serve you ads based on your visit to the website or other websites. You may opt out of Google’s personalized advertising by visiting Ads Settings. You may opt out of other third-party vendor’s use of cookies for personalized advertising by visiting their website, and/or by visiting

We do not extract personal information through the above processes, nor do we provide this information to third parties.

By accessing and browsing our website, you agree that we may collect, use and disclose any information collected about you through our website as described in this privacy policy or that you provide to us through our website, for example, the contact information you provide when you sign up for one of our newsletters.

Pages on our website, such as our Credit Card payment page, may contain links to other sites.  We are not responsible or liable for the privacy practices of third parties, and we strongly recommend you review a third party’s privacy policy before disclosing any personal information to the third party.

Credit Card Payment

Our Credit Card payment page collects client information related to billing, such as name, contact information, file and payment information, to enable us to identify online payments made for our services. Online payments are processed through our credit card payment provider, Chase Merchant Services. Miller Thomson does not collect, store or have access to the information (including credit card information) you provide to Chase Merchant Services.


If you provide Miller Thomson with personal information regarding another individual, you represent that, prior to providing such information you have obtained the necessary consent or are otherwise legally permitted to authorize Miller Thomson to collect, use and disclose this personal information for the purposes set out in this Policy or otherwise applicable by law.

In many circumstances, privacy legislation requires us to obtain the consent of an individual for the collection, use or disclosure of personal information. Consent may be written or oral, express (such as signing a consent form or e-mail communication, or verbally providing consent in person or over the telephone) or implied (such as by providing us with your personal information in the context of an ongoing relationship), depending on the circumstances and the sensitivity of the personal information. Such consent will allow us to deal with your personal information in a reasonable manner for the purpose of providing our services to you. If you need to provide us with personal information about other individuals (such as employees, dependents, etc.), you must, where required by law and prior to your disclosure to us, obtain the consent of each individual to the disclosure for the specific purposes the disclosure is made by you.

Providing us with your personal information is always your choice. When you request services from us, we ask that you provide information that enables us to respond to your request. In doing so, you consent to our collection, use and disclosure to appropriate third parties of such personal information for these purposes. You also authorize us to use and retain this personal information for as long as it may be required for the purposes described above. Your consent remains valid even after the termination of our relationship with you, unless you provide us with written notice that such consent is withdrawn.

We may install video cameras or other recording devices in the public-access areas of our premises in order to protect the security of our employees, firm property, and client’s confidential information. We will post signs notifying individuals of the existence and purpose of any such recording devices. Our video cameras are motion triggered, have a fixed view, and do not collect audio. Video footage is only accessible to our internal administrators and is retained for 3-12 months, depending on traffic.

We may also use your personal information to render a decision based exclusively on an automated processing of such information. This could include, for example, situations where we make the use of artificial intelligence technologies.

There are legal exceptions where we will not need to obtain consent or explain the purposes for the collection, use or disclosure of personal information. Some examples of situations where consent is not required include an emergency that threatens the life, health or security of an individual, or if we must comply with a court order. A more complete list of exemptions may be obtained by contacting the Privacy Officer listed below.

Aside from any legal exceptions, personal information will only be used or disclosed for the purpose(s) for which it was collected. We will seek a new consent from you or continued consent if for any reason it becomes necessary for us to use or disclose personal information for a different purpose than was identified when you originally provided it, we will make reasonable efforts to contact you in advance and obtain your consent.

If an individual is a current or previous client of Miller Thomson, we will maintain their information to facilitate our provision of services. If you do not wish to receive information about our services, please contact the Privacy Officer noted below and we will update our contact list accordingly.


In providing our services, we may need to disclose the personal information we collect to third parties, other service providers or agents who perform various functions for us. We will share your personal information with third parties when you have given us consent to share the information with a specific third party for a particular purpose, when third parties are acting on our behalf as agents or service providers (such as IT service providers, hosting providers, or marketing solution providers), and the information is shared with them solely for the purpose of providing those services and for such other instances as required or permitted by applicable laws.

Categories of third parties include other professional service firms in connection with our legal services, service providers that assist our practice by providing storage, tech, finance, accounting, human resources, marketing, insurance, communication, software or such other services that relate to the practice, and supporting of the practice of law. In doing so, these third parties may store, handle or process personal information on our behalf in Canada or outside Canada (e.g., data storage and processing, cloud computing, application hosting or office services).

Where we disclose personal information to third parties (e.g. for archival storage services) or third-party services related to services rendered to and for our clients, our agreements with such third parties will stipulate that the third parties agree to only use the personal information for the purposes specified in the agreement and that they agree to provide a level of protection of personal information comparable to that used by Miller Thomson. For residents of Quebec, please note your personal information may be communicated outside of Quebec or Canada, for the purposes described above, including its collection, use, disclosure and storage. We do not sell, lease or barter client lists or any other personal information to others.

In certain circumstances, we may be required to provide personal information to third parties for legal or regulatory purposes.

The personal information of clients is protected by a lawyer’s professional responsibility to protect client confidences. The law of solicitor-client privilege also protects privileged information, which a lawyer must never disclose without client instructions. The applicable privacy legislation does not abrogate solicitor-client privilege but rather provides that nothing in the legislation affects solicitor-client privilege. Accordingly, the firm will protect client confidences and information which is covered by solicitor-client privilege.

As lawyers for a client, we have professional obligations to disclose to such client information in the client’s file at the request of the client.


It is important that your personal information is accurate and complete. Having accurate information about you enables us to give you the best possible service. With some exceptions, you have the right to access, verify and amend the information we have about you. You can help us keep personal information up-to-date by keeping us informed of any changes, such as a change of address, telephone number or any other circumstances.

Despite our best efforts, errors sometimes do occur. If you identify any personal information that we possess that is out-of-date, incorrect or incomplete, you have the right to request a correction. Please let us know and we will make the corrections promptly and use every reasonable effort to communicate these changes to other parties who may have inadvertently received incorrect or out-of-date personal information from us.


The amount of time we will keep personal information varies, depending on the services we have provided and the nature of the personal information.  Our file retention policy, as it pertains to client records, mandates that we retain all client files for the durations stipulated by the law societies of each of the jurisdictions where we operate.  These retention periods range between seven (7) and fifteen (15) years (depending on the jurisdiction) from the date that the file is completed.  In addition to these prescribed retention periods, the policy stipulates that for certain matter types (e.g. matters involving a client’s will) all records shall be retained for an extended period due to the nature of the file.  When personal information is no longer required by us or by law, we will appropriately destroy or erase the personal information in a manner that is congruent with our current policies and procedures.


We maintain a file of your personal information. Depending on your relationship with us, where you reside or where services are provided, your file will be kept at the appropriate MT office(s), as well as electronically within our document management system and on third party technologies we use to administer our records. If you would like to know where your file is located, please contact our Privacy Officer noted below.

At Miller Thomson, we take all appropriate physical, electronic and procedural safeguards to protect our systems and all personal information under our control against unauthorized access and use. All safety and security measures are appropriate to the sensitivity level of the information collected.

Our service providers and agents, as part of their contracts with Miller Thomson, are bound to maintain client confidentiality, and may not use the information for any unauthorized purpose.

Employees are governed by strict standards and policies to ensure that personal information is secure and treated with the utmost care and respect. These policies and practices outline the protection of personal information through its life cycle and includes guidelines for the storage and destruction of information, defining responsibilities for members of our personnel, and a process for handling complaints related to information security. We also communicate with our firm members about the importance of maintaining the confidentiality of personal information, and promote awareness regarding the same on an on-going basis.

While we take all appropriate steps to safeguard your personal information, there is a risk involved in the exchange and/or safeguarding of information using any form of communication – electronic or otherwise – including, but not limited to the use of commercial and/or publicly available software and services (often referred to as the “Cloud”). Any communication of personal information may be accidentally or deliberately intercepted by third parties.

We assume no liability for any damages you may suffer as a result of any possible misuse of confidential information during such exchanges of information. Miller Thomson’s preferred method of communication is e-mail and, unless you otherwise direct us in writing, we may use unencrypted plain text emails when communicating with you.

Miller Thomson’s data servers reside in Canada, however we may use service providers, commercial and/or publicly available software and services located in other countries to store, transmit and/or process some of your data. When data is located outside of Canada, it may be accessible by foreign governments, courts and law enforcement authorities, if required by law or court order.


Please contact our Firm Privacy Officer to obtain further information about our policies and procedures, or to seek access to personal information we may have about you, or if you have any unresolved inquiries or concerns. We may need to ask you for personal information to verify your identity. We may charge a reasonable fee for providing information in response to an access request. If so, we will provide you with an estimate in advance. We may also require a deposit for all or part of the fee.

You have the right to submit a complaint with our Privacy Officer if you feel that we are not fulfilling our responsibilities to safeguard personal information. We will respond to you promptly and do our utmost to resolve your concerns. In doing so, we may contact you for any additional information required before carrying out a confidential review, and provide you with our conclusions. If your complaint is found to be valid, we will take appropriate actions to rectify the situation. You may also contact or make a complaint to the Office of the Privacy Commissioner of Canada at 1-800-282-1376 or, or the applicable provincial privacy commissioner, as appropriate.

In some situations, we may not be able to provide access to certain personal information as the right to access is not absolute. For example, we may not be able to disclose information if it would reveal personal information of another individual or confidential commercial information, or the information is protected by solicitor-client privilege or litigation privilege.  If we do not provide you with the requested information, we will notify you in writing and explain our reason(s) for not fulfilling your request and any recourse you may have.

Firm Privacy Officer

Contact: Pascale Cloutier, Partner and General Counsel,