PRIVACY STATEMENT AND COOKIE POLICY

As professionals engaged in the provision of legal services to clients worldwide, Sidley Austin LLP, including its affiliated partnerships, (collectively, the firm) is committed to protecting the privacy of confidential and “Personal Information” (information that directly or indirectly identifies individuals who may be clients, staff, agents, lawyers, law students, job applicants or others inside or outside the firm). It has always been and remains the policy of the firm to comply with the rules of professional conduct, which impose a duty to preserve and protect confidential client information, upon lawyers and their associated personnel.

This Privacy Statement and Cookie Policy (the “Statement”) is based on the privacy and data protection principles common to the countries in which we operate. We apply it in light of our overarching obligations to comply with law, to preserve client confidentiality and to represent our clients as effectively as possible within the bounds of the law. This Statement is intended to summarize the firm’s data protection practices generally, and to advise our clients, interested law students, job applicants, website visitors, and other third parties about the firm’s privacy policies that may be applicable to them.

This Statement is also specifically addressed to parties outside the firm who provide Personal Information to the firm or who visit or use the firm’s websites, our apps, our social media sites, our extranets, as well as email messages that we send to you that contain a link to this Statement (collectively, the “Internet Services”). This Statement also describes how the firm collects, processes and discloses Personal Information in connection with the provision of legal services and the Internet Services.

Collection and Use of Personal Information

The firm collects Personal Information in the course of providing legal services to clients and as provided by visitors to its website or users of Internet Services. We may also collect Personal Information about you when you interact with us on social media sites and from other third parties and may also automatically collect information that may contain Personal Information as described below in the cookie policy.

We may use that Personal Information where in our legitimate interest to do so for the following purposes:

  • to contact you and respond to your requests and enquiries
  • to personalize your visit and use of our Internet Services and to assist you while you use those services
  • to carry out, monitor and analyze our business or website operations
  • to conduct our recruiting and selection process
  • to provide you with legal services, if you are or become a client of the firm, and otherwise deal with you, and administer the matters you instruct us on
  • to contact you (unless you tell us that you prefer us not to) regarding legal or law firm developments that may be of interest to you. If you do not want to receive publications or details of events or seminars that we consider may be of interest to you, you may do so by clicking on the unsubscribe link in electronic marketing communications
  • to enter into or carry out contracts of various kinds
  • to comply with applicable laws, regulations, guidance or professional obligations that we may be subject to, including anti-money laundering requirements. Where Personal Information is necessary for the firm to carry out its anti-money laundering checks failure to provide such information may result in the firm not being able to provide the representation.

Confidentiality, Security, and Retention of Personal Information

Consistent with our professional obligations, it has always been the policy of the firm to exercise the utmost discretion regarding the information our clients entrust to us.

We maintain reasonable and appropriate, albeit not infallible, physical, electronic and procedural safeguards intended to maintain the confidentiality of Personal Information, including that provided by a visitor to this website and provided while using other Internet Services. We do not guarantee that our safeguards will always work.

We require consultants, suppliers and vendors to maintain data protections consistent with reasonable and appropriate obligations of data processors, including, where applicable, European Union’s data protection laws and regulations.

We may retain information provided by you, including Personal Information, for as long as necessary to comply with our legal obligations, or to achieve the purposes for which the information was originally collected and for the purposes described in the Statement and in our applicable policies. If you wish to obtain more details on our information practices, please refer to the “Contact Us” section below.

Disclosure and Transfer of Personal Information

We do not disclose any Personal Information to unrelated parties outside of the firm except in limited circumstances. Such circumstances include disclosures to our agents or data processors or other contractors acting on our behalf and at our direction, subject to appropriate confidentiality, privacy and information security commitments provided by the receiving party, or where we believe it necessary to provide a service which you have requested, or as permitted or required by law, or as otherwise authorized or directed by you. Consistent with our professional obligations, we may provide Personal Information to regulatory authorities and law enforcement officials in accordance with applicable law or when we otherwise believe in good faith that the provision of such information is required or permitted by law, such as in connection with the investigation or assertion of our legal defenses or for our compliance matters.

As an international firm, we operate systems that may make data related to your matters accessible from our various offices around the world and often transfer client data which may include Personal Information between our offices. We have entered into EU Standard Contractual Clauses for transfers between our offices, which you can request under the “Contact Us” section below.

Cookie Policy

A cookie is a text file sent by a web server and placed on your computer by your web browser. Cookies can be usefully divided into two different types, session and persistent. Session cookies differ from persistent cookies primarily in that session cookies are temporary and expire and are normally deleted when you close your browser. Persistent cookies, in contrast, remain stored on your computer after you close your browser until they are deleted either because they expire or you delete them. The firm uses session cookies in connection with its Internet Services, except for Internet Services that require you to log in, such as our client extranets, and a Region Code cookie that persists over time and ensures that you are directed to the correct version of our website.

Cookies are often used in conjunction with other Internet technologies, such as web beacons, to understand behavior on the Internet. For example, the firm uses cookies in conjunction with web beacons, which are small sections of code that we may place in our Internet Services to understand the number of unique users that have visited a specific page. Similarly, we may use or receive reporting from tracking scripts that recognize unique cookies issued by another website. These tracking scripts are not used to gather information on your use of the Internet unrelated to the firm, and they do not identify you unless you choose to provide Personal Information to the firm.

The firm’s Internet Services use cookies. The firm uses session cookies in connection with its Internet Services, specifically for cybersecurity purposes, to provide you with customizations of your experience, such as highlighting your recently viewed items, to detect and remember your region and language preferences, and track your activities on the Internet Services. We also use a Region Code cookie that persists over time and ensures that you are directed to the correct version of our website.

Although the firm uses the services of third parties in connection with these cookies, we do not allow the third-party service provider to use Personal Information about the users of our Internet Services. The firm does not use Google Analytics.

None of these cookies are strictly necessary to access our Internet Services. You may reset your browser to refuse all cookies or to allow your browser to alert you when a cookie is set, however, certain parts of the Internet Services may function differently and not as well. Unless you have adjusted your browser setting so that it will refuse cookies, our Internet Services will issue cookies when you logon to the firm’s Internet Services. For more information about how to manage your cookies preferences, you should use the “help” menu of your web browser or explore the customer support sections of your web browser. Please note that you need to configure each browser on each device that you use if you wish to opt-out or block some or all cookies. If you do not wish to receive advertising cookies, you may wish to visit the Network Advertising Initiative (NAI) website by clicking here and the Digital Advertising Alliance (DAA) website here.

Do Not Track Signals

“Do Not Track” signals are options available on your browser to tell operators of websites that you do not wish to have your online activity tracked. Our websites operate no differently if these “Do Not Track” signals are enabled or disabled. Our Internet Services do not allow any third parties to collect Personal Information about your online activities over time or across websites for their own purposes.

Children

In order to respect the privacy of minors, the firm does not knowingly collect, maintain or process Personal Information submitted online via our Internet Services by anyone under the age of 18. To the extent the firm collects Personal Information on minors in the context of one of the purposes mentioned in the Statement, the firm will only do so with the appropriate consent or as otherwise permitted under applicable laws.

Your California Privacy Rights

Under California Civil Code Section 1798.100 (California Consumer Privacy Act), California residents may have certain data protection rights regarding their Personal Information. These rights which may be subject to limitations and/or restrictions include: (i) the right to disclosure, deletion, access, and nondiscrimination; and (ii) the right to opt out of having your Personal Information shared or sold. The firm does not sell or share your Personal Information with third-party companies for their direct marketing purposes without your consent. To exercise your rights under the California Consumer Privacy Act, please send us your request using the “Contact Us” section below.

The following are categories of Personal Information defined under the Act we may collect, receive, or maintain in the course of administering firm business or receive from a client in the course of providing legal services: Identifiers, Personal information described in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)), Protected classification characteristics under California or federal law, Commercial information, Biometric information, Internet or other electronic network activity, Geolocation data, Sensory data, Professional or employment-related information, Non-public education information, and inferences drawn from other personal information.

Your European Union (EU) and United Kingdom (UK) Data Protection Rights

Under EU and UK data protection laws (UK GDPR/2018 Data Protection Act and EU GDPR), individuals may have certain data protection rights which may be subject to limitations and/or restrictions and which includes: (i) the right to request access to and, rectification or erasure of your Personal Information; and (ii) the right to ask us to restrict the processing of your Personal Information. You may also have a right to object to processing of your Personal Information where carried out for our legitimate interest or direct marketing. To exercise your rights under this Privacy Policy, please send us your request using the “Contact Us” section below.

Individuals may also have a right to lodge a complaint about the processing of their Personal Information with their local data protection authority.

The firm’s data protection officer, dealing with EU and UK matters, can be contacted at, Data Protection Officer, Sidley Austin LLP, 70 St Mary Axe, London, EC3A 8BE, United Kingdom.

Changes

We reserve the right to change this Statement at any time without advance notice. Should any new policy go into effect for our Internet Services, the firm will post it on this website and relevant Internet Services.

Contact Us

The firm maintains a Privacy Program with a Chief Privacy Officer, and a Data Protection Officer to enhance and promote compliance privacy and data protection principles. These positions also serve as points of contact for answering questions, accessing, amending, or correcting your information and resolving issues and disputes. If you have any questions relating to our use of your Personal Information please contact the Chief Privacy Officer at DataProtectionAdmin@Sidley.com or by mail at:

Sidley Austin LLP
ATTN: Chief Privacy Officer
One South Dearborn
Chicago, IL 60603