Duane Morris LLP is a limited liability partnership organized under the laws of Delaware. References in this privacy notice to “Duane Morris”, “we” or “us” are references to Duane Morris LLP and our affiliated entities. This privacy notice together with our Disclaimer and our relevant Terms of Business or other contract between us (if applicable) set out the basis on which Duane Morris processes your personal data (and any mandated controller/processor information).
Reference in this privacy notice to “personal data” means any information that identifies, or could reasonably be used to identify, a living individual, either on its own or together with other information. Our “Website” means this website and any other websites of Duane Morris.
Duane Morris is committed to protecting personal data and respecting your privacy.
Please read this notice carefully to understand our practices with respect to personal data and how we treat it.
How We Obtain Your Personal Data
As a law firm, we regularly receive personal data as part of our professional activities.
Your personal data may be collected by us in a number of ways, including:
- when you request a proposal from us in relation to our services;
- as part of our business intake procedures;
- through our provision of legal services to you or your organization;
- during the course of dealings with you for or on behalf of a client;
- when you apply to us for a position;
- when you or your organisation offer or provide services to us;
- when you browse or interact with our Website or any of our online services;
- when you provide information to us by filling in forms on our Website. For example, this includes information provided at the time of registering for newsletters and updates on our Website, subscribing to our services, participating in webinars or requesting further services;
- when you provide us with information in relation to your attendance at any of our seminars or other hosted events;
- when you complete surveys that we use for research purposes; and
- when you contact us for the above and any other reason, we may monitor and keep a record of that correspondence (in whatever form).
Ordinarily, we will collect any such personal data directly from you. In some case, however, we may collect personal data from third parties (for example our clients and other professional advisers) or we may collect publicly available information about you or your business (including through electronic data sources).
The Type of Personal Data that We Collect and Process
We may collect and process a number of different categories of your personal data, including but not limited to the following:
- Personal details (such as name, postal address, email address, telephone number, fax and other contact details);
- Professional information such as company, title/function, department and website or, previous jobs, professional experience and qualifications;
- Identification and background information provided by you or collected by us as part of our business acceptance processes, subject to applicable laws and regulations;
- Financial information, such as bank account details;
- Where you provide it, information about your hobbies and interests;
- Marketing preferences, areas of interest and information from marketing activities to which you may have responded or in which you may have participated;
- Information from any research or surveys conducted by us in which you may have participated;
- Details of your visits to our Website including, but not limited to, traffic data, location data, weblogs and other communication data;
- Information we receive from other sources, such as publicly available information, and information provided to us by or on behalf of our clients, your employer or other relevant organizations or generated by us in the course of providing our services;
- Images captured by our offices’ CCTV cameras, if any.
Where necessary and legally permitted or volunteered by you, we may also collect more sensitive data such as diversity and health data, and details of offences and related proceedings. This includes, for example, access and dietary requirements when you attend meeting and events.
How We Use the Personal Data We Hold
We may process personal data about you for the following purposes:
- to prepare for the entering into a contract with you;
- to provide you or a client with our services;
- to contact you in the course of providing services to our clients;
- to deal with your enquiries and requests;
- to provide you with any other information that you request from us;
- to consider your application for a position;
- to manage our business relationship with you or your organization in connection with the provision or procurement of goods and services, including processing payments, accounting, auditing, billing and collection and related support services;
- to manage and secure the access to our offices, systems and online platforms;
- to comply with our legal and regulatory obligations and responsibilities, including with respect to anti-money laundering and sanctions checks;
- to provide you with information related to our services, and to advise you of news and legal updates, events, reports and other information;
- to seek your thoughts and opinions on the services we provide; and
- where we have other legitimate reasons for doing so (to the extent permitted by applicable law).
If you refuse to provide us with certain information when requested, we may not be able to deal with you and/or perform any contract we have entered into with you. Alternatively, we may be unable to comply with our legal or regulatory obligations.
When we collect contact information from you (for example, when you provide us with your business card), we may add your details to our contacts database and to our mailing lists. In all other cases, we will usually inform you (before collecting your information) if we intend to use your information for marketing purposes or if we intend to disclose your information to any third party for such purposes.
You can change your preferences for receiving Duane Morris event invitations, legal updates, marketing emails and other information from us by clicking on the link provided to “update my subscriptions” in a Duane Morris email.
You also have the right to ask us not to process your personal information for marketing purposes. You can exercise the above right at any time by clicking on the “unsubscribe” link in a Duane Morris email, by sending us an email at email@example.com or by writing to us at the following address: Duane Morris LLP, FAO Data Privacy Manager, 30 South 17th Street, Philadelphia PA 19103-4196, USA.
We will delete your personal data:
- when it is no longer reasonably required to fulfil the purpose for which it was collected; or
- when you withdraw your consent (where applicable), provided that we are not legally required or otherwise permitted to continue to hold such data.
We may retain your personal data for an additional period to the extent deletion would require us to overwrite our automated disaster recovery backup systems or to the extent we deem it necessary to assert or defend legal claims during any relevant retention period.
How We Share Personal Data
Duane Morris is a global undertaking and a list of our offices, together with relevant contact information, may be found on our Website. Irrespective of how we obtain your personal data, it may be shared among all the offices within Duane Morris. We will put in place commercially reasonable and appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. We may also, as set out below, share your personal data with third parties.
EEA Residents Only
If you are a European Economic Area (EEA) resident please note therefore that when you provide information to us (or a third party on our behalf) it may accordingly be accessed and used in countries outside of the EEA. In relation to such transfers, you acknowledge that you have been made aware that: (i) some countries outside the EEA provide levels of protection of personal data which are substantially poorer than those of countries within the EEA and (ii) in respect of such countries it is possible that this personal data might be intercepted and accessed by governmental and other authorities/agencies in those countries.
By submitting your personal data to us, you consent to this transfer, storing or processing.
Where your personal data is processed outside the EEA without your express consent (for example to provide services to you or where we are mandated to do so at law), we are required to ensure a level of data protection at least as protective as those mandated by the EEA.
Data Sharing with third parties
We may share your personal data with third parties where we are required to do so by law or any regulatory authority, where it is necessary to administer the relationship between us or where we have another legitimate interest in doing so.
“Third parties” includes our clients (in the course of providing our services) as well as third party service providers and external agencies that we engage to process information on our and your behalf, including to provide you with information that you have requested (for example IT and data storage services, professional advisory services, word-processing, translation and other administration services, marketing services and banking services). We may also share your personal data with other third parties, for example in the context of the possible sale, merger or other restructuring of any of our businesses.
We may disclose your personal data in order to protect our rights or property or those of our clients or others; and this includes exchanging information with other companies and organizations for the purposes of fraud prevention, compliance with anti-money laundering and ‘know your client’ requirements, and credit risk reduction.
Where we share or transfer your personal data with third parties, we will do this in accordance with applicable data protection laws and will take appropriate safeguards to ensure its integrity and protection.
Keeping Your Personal Data Secure
We will put in place commercially reasonable and appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. We also limit access to your personal data to those employees, agents, third party service providers and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
Given that the internet is a global environment, using the internet to collect and process personal data necessarily involves the transmission of information on an international basis. By browsing our Website and communicating electronically with us, you therefore acknowledge and agree to our processing of personal data in this way. The transmission of information via the internet is never completely secure and we accordingly cannot guarantee the security of your information transmitted to our Website; any transmission is at your own risk. Once we have received your information, we will use commercially reasonable and appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed.
Our Website may, from time to time, contain links to other websites which are outside of our control and are not covered by this privacy notice. We do not accept any responsibility or liability for other sites’ privacy notices or policies. If you access other websites using the links provided, please check their policies before submitting any personal data.
Your Rights in Connection with Your Personal Data
It is important that the personal data we hold about you is accurate and current. Should your personal data change, please notify us of any changes of which we need to be made aware by contacting us, using the contact details below.
As set out above, you can ask us to stop sending you any marketing communications at any time.
EEA Residents Only
Under certain circumstance, in addition to the rights set out in this privacy notice, you have rights in relation to access to (including the provision of a copy of the personal data that we hold about you), correction of, erasure of and restriction of processing of your personal data under EEA data protection legislation.
Please contact us at firstname.lastname@example.org or write to us at the following address: Duane Morris LLP, FAO Data Privacy Manager, 30 South 17th Street, Philadelphia PA 19103-4196, USA if you want to know more about or exercise any of these rights. Please note that we may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
Changes to This Privacy Notice
We reserve the right to amend this privacy notice from time to time to reflect changing legal requirements or our processing practices. Any such changes will be posted on our Website and will be effective upon posting.
If you have any requests or queries concerning your personal data or any queries with regard to our practices, please contact us at email@example.com or write to us at the following address: Duane Morris LLP, FAO Data Privacy Manager, 30 South 17th Street, Philadelphia PA 19103-4196, USA.
This privacy notice was last updated on May 25, 2018.