As professionals engaged in the provision of legal services to clients worldwide, Sidley Austin LLP, including its affiliated partnerships, (collectively, the firm) is committed to protecting the privacy of confidential and “Personal Information” (information that directly or indirectly identifies individuals who may be clients, staff, agents, lawyers, law students, job applicants or others inside or outside the firm). It has always been and remains the policy of the firm to comply with the rules of professional conduct, which impose a duty to preserve and protect confidential client information, upon lawyers and their associated personnel.
This Statement is also specifically addressed to parties outside the firm who provide Personal Information to the firm or who visit or use the firm’s websites, our apps, our social media sites, our extranets, as well as email messages that we send to you that contain a link to this Statement (collectively, the “Internet Services”). This Statement also describes how the firm collects, processes and discloses Personal Information in connection with the provision of legal services and the Internet Services.
Collection and Use of Personal Information
We may use that Personal Information where in our legitimate interest to do so for the following purposes:
- to contact you and respond to your requests and enquiries
- to personalize your visit and use of our Internet Services and to assist you while you use those services
- to carry out, monitor and analyze our business or website operations
- to conduct our recruiting and selection process
- to provide you with legal services, if you are or become a client of the firm, and otherwise deal with you, and administer the matters you instruct us on
- to contact you (unless you tell us that you prefer us not to) regarding legal or law firm developments that may be of interest to you. If you do not want to receive publications or details of events or seminars that we consider may be of interest to you, you may do so by clicking on the unsubscribe link in electronic marketing communications
- to enter into or carry out contracts of various kinds
- to comply with applicable laws, regulations, guidance or professional obligations that we may be subject to, including anti-money laundering requirements. Where Personal Information is necessary for the firm to carry out its anti-money laundering checks failure to provide such information may result in the firm not being able to provide the representation.
Confidentiality, Security, and Retention of Personal Information
Consistent with our professional obligations, it has always been the policy of the firm to exercise the utmost discretion regarding the information our clients entrust to us.
We maintain reasonable and appropriate, albeit not infallible, physical, electronic and procedural safeguards intended to maintain the confidentiality of Personal Information, including that provided by a visitor to this website and provided while using other Internet Services. We do not guarantee that our safeguards will always work.
We require consultants, suppliers and vendors to maintain data protections consistent with reasonable and appropriate obligations of data processors, including, where applicable, European Union’s data protection laws and regulations.
We may retain information provided by you, including Personal Information, for as long as necessary to comply with our legal obligations, or to achieve the purposes for which the information was originally collected and for the purposes described in the Statement and in our applicable policies. If you wish to obtain more details on our information practices, please refer to the “Contact Us” section below.
Disclosure and Transfer of Personal Information
We do not disclose any Personal Information to unrelated parties outside of the firm except in limited circumstances. Such circumstances include disclosures to our agents or data processors or other contractors acting on our behalf and at our direction, subject to appropriate confidentiality, privacy and information security commitments provided by the receiving party, or where we believe it necessary to provide a service which you have requested, or as permitted or required by law, or as otherwise authorized or directed by you. Consistent with our professional obligations, we may provide Personal Information to regulatory authorities and law enforcement officials in accordance with applicable law or when we otherwise believe in good faith that the provision of such information is required or permitted by law, such as in connection with the investigation or assertion of our legal defenses or for our compliance matters.
As an international firm, we operate systems that may make data related to your matters accessible from our various offices around the world and often transfer client data which may include Personal Information between our offices. We have entered into EU Standard Contractual Clauses for transfers between our offices, which you can request under the “Contact Us” section below.
A cookie is a text file sent by a web server and placed on your computer by your web browser. Cookies can be usefully divided into two different types, session and persistent. Session cookies differ from persistent cookies primarily in that session cookies are temporary and expire and are normally deleted when you close your browser. Persistent cookies, in contrast, remain stored on your computer after you close your browser until they are deleted either because they expire or you delete them. The firm uses session cookies in connection with its Internet Services, except for Internet Services that require you to log in, such as our client extranets, and a Region Code cookie that persists over time and ensures that you are directed to the correct version of our website.
Although the firm uses the services of third parties in connection with these cookies, we do not allow the third-party service provider to use Personal Information about the users of our Internet Services.
Do Not Track Signals
“Do Not Track” signals are options available on your browser to tell operators of websites that you do not wish to have your online activity tracked. Our websites operate no differently if these “Do Not Track” signals are enabled or disabled. Our Internet Services do not allow any third parties to collect Personal Information about your online activities over time or across websites for their own purposes.
In order to respect the privacy of minors, the firm does not knowingly collect, maintain or process Personal Information submitted online via our Internet Services by anyone under the age of 18. To the extent the firm collects Personal Information on minors in the context of one of the purposes mentioned in the Statement, the firm will only do so with the appropriate consent or as otherwise permitted under applicable laws.
Your California Privacy Rights
Under California Civil Code Section 1798.100 (California Consumer Privacy Act), California residents may have certain data protection rights regarding their Personal Information. These rights which may be subject to limitations and/or restrictions include: (i) the right to disclosure, deletion, access, and nondiscrimination; and (ii) the right to opt out of having your Personal Information shared or sold. The firm does not sell or share your Personal Information with third-party companies for their direct marketing purposes without your consent. To exercise your rights under the California Consumer Privacy Act, please send us your request using the “Contact Us” section below.
The following are categories of Personal Information defined under the Act we may collect, receive, or maintain in the course of administering firm business or receive from a client in the course of providing legal services: Identifiers, Personal information described in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)), Protected classification characteristics under California or federal law, Commercial information, Biometric information, Internet or other electronic network activity, Geolocation data, Sensory data, Professional or employment-related information, Non-public education information, and inferences drawn from other personal information.
Your European Union (EU) and United Kingdom (UK) Data Protection Rights
Individuals may also have a right to lodge a complaint about the processing of their Personal Information with their local data protection authority.
The firm’s data protection officer, dealing with EU and UK matters, can be contacted at, Data Protection Officer, Sidley Austin LLP, 70 St Mary Axe, London, EC3A 8BE, United Kingdom.
Your Singapore Data Protection Rights
If you have any enquiries, comments or suggestions about our collection or use of your personal data or this statement or about your rights under the Personal Data Protection Act 2012 (the “PDPA”), please contact our Data Protection Officer at firstname.lastname@example.org.
You may also write to us and specifically request to: (i) receive information about the personal data we have in relation to you; or (ii) update the personal data we have in relation to you; or (iii) withdraw any consent you have provided to us previously.
We reserve the right to change this Statement at any time without advance notice. Should any new policy go into effect for our Internet Services, the firm will post it on this website and relevant Internet Services.
The firm maintains a Privacy Program with a Chief Privacy Officer, and a Data Protection Officer to enhance and promote compliance with privacy and data protection principles. These positions serve as points of contact for answering questions, accessing, amending, or correcting your information and resolving issues and disputes. If you have any questions relating to our use of your Personal Information please contact the Chief Privacy Officer at email@example.com, or by mail at:
Sidley Austin LLP
ATTN: Chief Privacy Officer
One South Dearborn
Chicago, IL 60603