Greenberg Traurig Privacy Notice
Greenberg Traurig Privacy Notice
Effective Date: July 2, 2024
Greenberg Traurig, P.A. and Greenberg Traurig, LLP (a New York registered entity) (“GT”, “we” or “us”) respect your right to privacy. This Privacy Policy applies to GT’s non-European offices and explains how we may collect, share, use and process personal information about you, and how you can exercise your privacy rights. It applies to personal information we collect through our website (www.gtlaw.com), mobile apps, social media pages, as well as through our marketing activities, services we provide to our clients, live events, any offline business interactions you may have with us, and other activities described in this Privacy Notice (collectively, the “Service”).
If you are receiving services from or working with any of our European offices, or you are accessing GT’s European offices pages on www.gtlaw.com, please review Greenberg Traurig’s European Offices Privacy Notice (the “GT EU Privacy Notice”).
We may provide additional or supplemental privacy notices for specific products or services that we offer at the time of collection. Unless otherwise noted, those supplemental notices should be read together with this Privacy Notice.
Table of Contents
- Personal Information We Collect
- How and Why We Use Your Information
- Information Sharing and Disclosure
- Security
- Retention
- Children’s Information
- Privacy Rights and Choices
- International Transfers of Personal Information
- Notice to Individuals in the European Economic Area, Switzerland and the United Kingdom
- Data Privacy Frameworks Participation
- Notice to California Residents
- Links to Third Party Services
- Changes to this Privacy Notice
- How to Contact Us
1. Personal Information We Collect
When you use our Service, we collect personal information about your use of our Service and information that you send us.
We may collect and store the following information when running the Service:
- Information You Provide Voluntarily. We collect information that you voluntarily provide to us, including: when you communicate via email or other channels; when you sign up for news, publications and marketing communications and events; when you seek career information; when you register for alumni communications newsletters, alerts, or other materials; when you submit an application for a position with us; when you sign up for a webinar or event; when you respond to our communications or requests for information. The information you provide may include: your name, contact information, title, and information about the organization with which you are affiliated. In relation to career information, the information you provide may also include employment history and qualifications. We only collect and process the personal information we need to allow us to respond to your request and/or provide the particular service you have sought.
- Information We Collect Automatically. We may automatically collect information about you when you use our Services such as, but not limited to:
- Device Information. We may collect information about devices you use to access the Services and how you use the Services, such as your Internet Protocol (“IP”) address and which websites you visited before accessing our Services.
- Performance and Log Data. Our servers may automatically record information created by your use of our Services, which may include information such as, but not limited to, your IP address, browser type, operating system, command line information, diagnostic information related to the Services (e.g., crash activity reports), the referring web page, pages visited, location, your mobile carrier, device and application IDs, and search terms. For instance, when we send you an email, we may collect certain information including the nature of the email, whether you opened or deleted our email, action you took upon receipt of our email, or your name and contact information.
- Cookies. We use cookies to display information more effectively, store, on a user’s computer or device information about the user’s preferences and settings, gather statistical information about the use of our Services to improve our design and functionality, and for security purposes. Please review our Cookie Notice for more information or click the “Cookie Settings” link in our website footer to update your browser’s cookie preferences for our website at any time.
- Information We Receive From Third Parties. When we receive personal information about you from third parties and use such information, this can include: your name, email address, contact information, the company you work for, your position, business and home address, identification and background information, professional experience and qualifications, previous positions, financial information, such as payment related information and shareholdings, and other personal information.
If you connect to us from a social network, such as LinkedIn or Facebook, we will collect personal information from the social network in accordance with your privacy settings on that social network. The connected social network may provide us with information such as your name, profile picture, network, gender, username, user ID, age or age range, language, country, friends list, follower list, and any other information you have agreed it can share or that the social network provides to us. We will assume that such social network or other third parties are entitled to collect and share such personal information with us.
- Sensitive Information. We may collect sensitive information about you when you use our Services. Any use of such information is limited to such purposes described to you at the time of collection.
2. How and Why We Use Your Information
- To Provide Our Services to You. We may process your personal information to inform you about our Services, new legal and policy developments, relevant information in the industries we serve, and our marketing events. Without your personal information, we cannot provide such Services.
- To Respond to Your Inquiries. We process your personal information when you contact us, such as with questions, concerns, feedback, disputes or issues. Without your personal information, we cannot respond to you or ensure your continued use and enjoyment of the Services.
- To Enforce Our Terms or Agreements. We process your personal information to actively monitor, investigate, prevent and mitigate any alleged or actual prohibited, illicit or illegal activities in connection with our Services; investigate, prevent, or mitigate violations of our terms, agreements or policies; and enforce our agreements with third parties and partners. We cannot perform our Services in accordance with our terms, agreements or policies without processing your personal information for such purposes.
- To Ensure the Security of the Service. We are committed to ensuring your safety and continued enjoyment of our Services. To do so, we process your personal information to: combat spam, malware, malicious activities or security risks; improve and enforce our security measures; and to monitor and verify your identity so that unauthorized users do not access your account with us or your information we otherwise hold. We cannot ensure the security of our Services if we do not process your personal information for security purposes.
- To Personalize Your Experience on the Services. We may provide you with third-party services, plugins, and many other options to personalize your experience of our Services. In addition, we also use cookies and similar tracking technology for such purposes (please see our Cookie Notice for more information or click the “Cookie Settings” link in our website footer to update your browser’s cookie preferences for our website at any time). By personalizing the Services, you get to enjoy our Services even more because we keep track of your preferences (e.g. your language selection, your time zone, etc.). Without processing your personal information for such purposes, you may not be able to access or personalize part or all of our Services.
- For Research and Development Purposes. To continue to provide you with our innovative Services, we collect information about the way you use and interact with our Services for research and development purposes. Research and development help us improve our Services and build new Services and customized features or Services. We take additional security measures when processing your personal information for such purposes, by de-identifying or pseudonymizing your information, limiting access to personnel that may conduct research and development, and applying other technical, physical, and administrative security measures.
- For Potential Employment. We process your personal information when you seek employment with us to evaluate you as a candidate for the position. Without your personal information, we cannot evaluate your qualifications for employment.
- To Engage in Marketing Activities. We process your personal information to inform you about our Services, new legal and policy developments, relevant information in the industries we serve and our marketing events (including by electronic means, such as email). To do so we may process your contact information or information about your interactions on our Services to send you marketing communications; provide you with information about events, webinars, or other materials; deliver targeted marketing to you (please see our Cookie Notice for more information about digital interest-based advertising or click the “Cookie Settings” link in our website footer to update your browser’s cookie preferences for our website at any time); and keep you updated about our Services. You can opt-out of receiving our marketing information at any time by clicking an unsubscribe link in our emails.
3. Information Sharing and Disclosure
We do not sell, exchange, transfer, or give your personal information to any other company or individual for any reason except as set forth in this Privacy Notice and as described below:
- GT Affiliated Entities. As a global organization that provides global services, we may share your information with our offices and data centers throughout the world to provide our Services (e.g., the United States, Europe, Latin America, the Middle East, and Asia).
- Our Service Providers. We share information with our service providers, suppliers, subcontractors, and similar third parties who provide services to us, or act on our behalf so that they can assist us with the maintenance of our Service. Our contracts with these service providers prohibit them from sharing your personal information with others for other purposes than as directed by us.
- Corporate Reorganization. We may transfer information to a third party in case of the reorganization, sale, merger, joint venture, assignment, transfer or other disposition of all or any portion of our business, asset or stocks, including in the event of corporate restructuring. We reserve the right, as part of this transaction, to transfer or assign personal information we have collected from you to these third parties. Except as otherwise provided by a bankruptcy or other court, the use and disclosure of all personal information will be subject to policies that are consistent with the policies described in this Privacy Notice. However, any personal information that is submitted or collected after that transfer may be subject to a new privacy policy adopted by the successor entity.
- Legal Concerns or Liabilities. We may use, share, or disclose information about you in order to address legal concerns or liabilities, especially when we believe, in our sole discretion, that (a) you might have misused the Services, such as to gain unauthorized access to any system, engaged in spamming, denial of service attacks, or similar attack; (b) disclosure is reasonably necessary to enforce our Terms of Use; (c) to respond to suspected illegal or fraudulent activity; (d) to protect legal rights or defend against legal claims; I to allow us to pursue available remedies or limit the damages that we or a third party may sustain.
- Your Consent. We will disclose your information to a person you have given us your consent to disclose to or as required to complete the Services.
4. Security
We seek to use reasonable technical, organizational, and administrative measures to protect user information within our organization against unauthorized or unlawful access or processing, and against accidental loss, destruction, or damage. We believe that these measures are reasonably adapted to the nature of the information in our custody. In addition to the security measures detailed above, we protect personal information by taking measures: (i) to protect the ongoing confidentiality, integrity, availability, and resilience of our processing systems and services; (ii) to restore the availability of and access to personal information in a timely manner in the event of a physical or technical incident; and (iii) to regularly test, assess, and evaluate the effectiveness of our technical and organizational measures.
However, even though GT makes reasonable efforts to protect information in its custody, no security system or data storage or transmission over the Internet or otherwise is fully secure. Thus, we cannot guarantee the security of any information we may have collected or received from you or transmitted to you.
If you believe your information is not secure, please immediately notify us of the problem at the address provided in the “How to Contact Us” section below.
5. Retention
We retain information about you for as long as necessary to perform the activities described in this Privacy Notice, or where we have an ongoing legitimate business need to do so, such as for legal, regulatory, accounting or reporting requirements.
When our legitimate interest for retaining your personal information ceases to exist, we will either delete or anonymize your information so that it can no longer be attributed to a particular individual. To the extent residual information remains within our databases, back-ups or other records and we are unable to anonymize it we will isolate such information from further processing until deletion is possible. If you have any questions, please feel free to contact us.
6. Children’s Information
We do not knowingly collect any personal information from children under 16. If we become aware that an individual under the age of 16 is submitting information without consent from their parent or legal guardian or as permitted under applicable law, we will delete the information as soon as possible from our database. If you believe we are collecting information about an individual under 16, please notify us immediately so that we can take appropriate action.
7. Privacy Rights and Choices
Depending on applicable law where you reside or are located, you may be able to assert certain rights identified below with respect to your personal information. Any rights you may have in relation to your personal information are not absolute. We reserve the right to refuse to act on a request that is manifestly unfounded or excessive (for example because it is repetitive) and/or to charge a fee that takes into account the administrative costs for providing the information or taking the action requested.
- Right to Know/Access. You may have the right to obtain a copy, or a list of categories of the personal information that we hold about you, as well as other supplementary information, such as the purposes of processing, and the entities to whom we disclose your personal information.
- Right to Correct. You may have the right to correct any of your personal information in our records and systems. You may request us to rectify, correct or update any of your personal information held by us that is inaccurate.
- Right to Delete. Under certain circumstance, you may have the right to request that we delete the Personal Information that we hold about you. This right is not absolute, and we may refuse such a request if there are compelling legitimate grounds for keeping your personal information, for legitimate purposes, or as required by law. In addition, in the event your deletion request is honored, we may retain a record of your deletion request as required under applicable law.
- Right to Portability. You have the right to receive a copy of the personal information we have collected about you in a structured, commonly used and machine-readable format.
- Right to Opt-Out of Automated Decision-making or Profiling. You may have the right not to be subject to a decision which significantly impact your rights that is based solely on automated processing (where a decision is taken about you using an electronic system without human involvement). No decision will be made by us about you solely on the basis of automated decision making which has a significant impact on you.
- Right to Appeal. In certain jurisdictions, you may have the right to appeal if we refuse to take action on your rights request. Instructions on how to appeal will be provided to you upon such a denial, but in any event, such instructions will be substantially similar to those provided below for submitting requests.
- Right Against Discrimination. You may have the right not to be discriminated against for exercising any of the rights described in this section. We will not discriminate against you for exercising your rights.
We do not sell your personal information. We do not share your personal information for targeted advertising. We do not process any information that may be considered “sensitive personal information”, under certain laws, to infer characteristics about you.
To make a privacy rights request, please contact us by email at privacyoffice@gtlaw.com or contact us at 1-202.533.2300. To confirm your identity, we may ask you to verify personal information we already have on file for you. If we cannot verify your identity based on the information we have on file, we may request additional information from you, which we will only use to verify your identity, and for security or fraud-prevention purposes.
In your request, please make clear what information you would like to have changed, whether you would like to have your personal information correct, deleted, or other limitations you would like to put on our use of your personal information. We may only implement requests with respect to personal information that is associated with the particular email address that you use to send your request.
You may use an authorized agent to submit a rights request on your behalf. If you use an authorized agent to submit requests on your behalf, we will require you to directly verify your identity with us, or have you directly confirm with us that the authorized agent has been authorized to act on your behalf.
Depending upon the applicable law, access to your rights may be denied: (a) when denial of access is required or authorized by law; (b) when granting access would have a negative impact on another’s privacy; (c) to protect our rights and properties; or (d) where the request is frivolous or vexatious, or for other reasons.
For individuals located in the European Economic Area, Switzerland or the United Kingdom during data collection, please refer to Section 9 below for more information about your rights.
8. International Transfers of Personal Information
This section only applies to individuals who do not reside in the United States, the European Economic Area, Switzerland or the United Kingdom. As a global organization, we may store, process and transmit personal information in locations around the world, including locations outside of the country or jurisdiction where you are located. Such countries or jurisdictions may have data protection laws that are less protective than the laws of the jurisdiction in which you reside. If you do not want your information transferred to or processed or maintained outside of the country or jurisdiction where you are located, you should not use our Services.
9. Notice to Individuals in the European Economic Area, Switzerland and the United Kingdom
This section only applies to individuals using or accessing our Services while located in the European Economic Area (“EEA”), the United Kingdom and/or Switzerland (collectively, the “Designated Countries”) at the time of data collection.
We may ask you to identify which country you are located in when you use or access some of the Services, or we may rely on your IP address to identify which country you are located in. When we rely on your IP address, we cannot apply the terms of this section to any individual that masks or otherwise hides their location information from us so as not to appear located in the Designated Countries. If any terms in this section conflict with other terms contained in this Policy, the terms in this section shall apply to individuals in the Designated Countries.
For the purposes of the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the data controller for the personal information you provide or that we collect in connection with the Services is Greenberg Traurig, P.A. and Greenberg Traurig, LLP (a New York registered entity).
Legal Basis. Article 6(1) of the GDPR describes when processing can be done lawfully. When we process your personal information for a specified purpose, we shall apply one of the Article 6 legal bases described below, including any Article 9 conditions for processing special categories of personal information.
- Whenever we require your consent for the processing of your personal information such processing will be based on Article 6(1)(a) GDPR.
- If the processing of your personal information is necessary for the performance of a contract between you and GT or for taking any pre-contractual steps upon your request, such processing will be based on Article 6(1)(b) GDPR. If this data is not processed, GT will not be able to execute the contract with you.
- Where the processing is necessary for us to comply with a legal obligation, we will process your information on basis of Article 6(1)(c) GDPR, for example for complying with obligations under anti-money laundering laws.
- Where the processing is necessary for the purposes of GT’s or another party’s legitimate interests, such processing will be made in accordance with Article 6(1)(f) GDPR, for example to enforce legal claims.
Below is a chart indicating the legal bases we rely in processing personal information.
Purposes of Processing |
Legal Basis for Processing |
|
Processing is based on our contract obligations or to take steps at the request of the individual prior to entering into a contract. |
|
Processing is based on our legitimate interest to better understand you, to maintain and improve the accuracy of the information we store about you, and to better promote or optimize our Services. |
|
Processing is necessary for compliance with our legal obligations, the public interest, or in your vital interests. |
If, in the future, we use your personal information in any way that is not described in this Privacy Notice, we will disclose this to you. At that time, you can choose not to allow us to use your personal information for any purpose that is incompatible with the purposes for which we originally collected it or subsequently obtained your consent. If you choose to limit the ways we can use your personal information, some or all of the Services may not be available to you. Also, we may have legitimate reasons to still use your personal information even though you did not allow us to.
Marketing. We will only contact individuals located in the Designated Countries by electronic means (including email or SMS) based on our legitimate interests, as permitted by applicable law, or after obtaining the individual’s consent. If you do not want us to use your personal information in this way please click an unsubscribe link in our emails or send us an email at privacyoffice@gtlaw.com. You can object to direct marketing at any time and free of charge.
Individual Rights. We take reasonable steps to ensure that your personal information is accurate, complete, and up to date. You have the right to access, correct, or delete the personal information that we collect. You are also entitled to restrict or object, at any time, to the further processing of your personal information. You have the right to receive your personal information in a structured and standard format and, where technically and legally feasible, the right to have your personal information transmitted directly to a third party. If you would like to exercise your rights under applicable law, or if you believe we have infringed or violated your privacy rights, please contact us at privacyoffice@gtlaw.com so that we may resolve your dispute directly. You also have a right to lodge a complaint with a competent supervisory authority situated in a Member State of your habitual residence or place of alleged infringement.
International Transfers of Personal Information. If we share your personal information with entities located in the United States or other non-EEA jurisdictions which, according to the European Commission, do not offer an adequate level of protection to personal information we implement specific contracts, approved by the European Commission, which ensure the same protection to personal information as granted in the EEA, or other appropriate solutions to address cross-border transfers as required or permitted by Articles 46 and 49 of the GDPR. Where required by such laws, you may request a copy of the suitable mechanisms we have in place by contacting us.
10. Data Privacy Frameworks Participation
Greenberg Traurig, P.A. and Greenberg Traurig, LLP comply with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”), including the Frameworks’ onward transfer liability provisions, as set forth by the U.S. Department of Commerce. Greenberg Traurig, P.A. and Greenberg Traurig, LLP has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF, as well as the processing of data received from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Greenberg Traurig, P.A. and Greenberg Traurig, LLP has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF, upon Switzerland granting its anticipated adequacy decision for the U.S. Until such time, transfers of Swiss personal data will be subject to appropriate safeguards, such as Standard Contractual Clauses and technical organizational measures. If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF Principles and/or the UK Extension to the EU-U.S. DPF and/or the Swiss-U.S. DPF Principles, the respective Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
If you believe we have infringed or violated your privacy rights, please contact us at privacyoffice@gtlaw.com so that we may resolve your dispute directly. In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, Greenberg Traurig, P.A. and Greenberg Traurig, LLP commit to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF to the International Centre for Dispute Resolution (“ICDR”), an alternative dispute resolution provider based in the United States that is operated by the American Arbitration Association (“AAA”). For more information and to file a complaint, you may contact the International Centre for Dispute Resolution by phone at +1.212.484.4181, or by visiting the website.. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://go.adr.org/dpf_irm.html for more information or to file a complaint. The services of ICDR are provided at no cost to you. Please note that if your complaint is not resolved through these channels, under limited circumstances, you may have a binding arbitration option. Further information can be found on the official DPF website here.
The Federal Trade Commission has jurisdiction over Greenberg Traurig, P.A. and Greenberg Traurig, LLP’s compliance with EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF.
11. Notice to California Residents
The California Consumer Privacy Act of 2018, as amended by the Consumer Privacy Rights Act of (“CCPA”), requires us to explain the “Personal Information” categories, as identified and defined by the CCPA (see California Civil Code section 1798.140(o)), that we collect, the reason we collect the Personal Information, where we obtain the Personal Information, and the other entities with whom we may share the Personal Information. Under the CCPA, Personal Information is defined as any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“Personal Information”).
We generally collect the following categories of Personal Information in providing our Services:
- identifiers such as a name, address, unique personal identifier, email, phone number, your device’s IP address, software, and identification numbers associated with your devices;
- characteristics of protected classifications under California or federal law, such as gender;
- commercial information such as records of products or services purchased, obtained, or considered by you;
- Internet or other electronic information regarding you browsing history, search history, the webpage visited before you came to our website, length of visit and number of page views, click-stream data, locale preferences, your mobile carrier, date and time stamps associated with transactions, and system configuration information;
- professional or employment-related information;
- your geolocation, to the extent you have configured your device to permit us to collect such information; and
- inferences about your preferences, characteristics, behavior and attitudes.
For more information about the Personal Information we collect and how we collect it, please refer to section 1 above, and our Cookie Notice.
We collect Personal Information for the business purposes described in section 2 above, and in our Cookie Notice. The CCPA defines a “business purpose” as the use of Personal Information for the business’s operational purposes, or other notified purposes, provided the use of Personal Information is reasonably necessary and proportionate to achieve the operational purpose for which the Personal Information was collected or another operational purpose that is compatible with the context in which the Personal Information was collected.
The categories of other individuals or entities with whom we may share your Personal Information are listed in section 4 above.
GT is comprised of several separate legal entities that may be considered “third party affiliated entities” for purposes of California Civil Code Section 1798.83. California law requires us to inform California residents who have provided us with personal information that they may request of us information about our disclosures to third parties (including GT Affiliated Entities) for their direct marketing purposes. To do so, contact us at privacyoffice@gtlaw.com and indicate in the subject line “California Privacy Rights.”
Do Not Track. Please note that we do not currently respond to web browser “do not track” signals or other mechanisms that may allow you to opt out of the collection of information across networks of websites and online services as there is no standard for how online services should respond to such signals.
12. Links to Third Party Services
Our Service may include links to third party services where you might be able to post comments, reviews, or view third party information. Please note, the inclusion of a link on our Service to a third party’s service does not imply endorsement of the third party’s data handling practices, and does not imply that the third party’s practices are covered by this Privacy Notice. We are not responsible for the privacy practices of these entities.
13. Changes to this Privacy Notice
We may update this Privacy Notice from time to time. The effective date of the current Privacy Notice is noted at the top of this page.
If we make material changes to the way we collect, use, share or process the personal information that you have provided that adversely impact you, we will notify you by posting it on the Service or other appropriate means. Any modifications to this Privacy Notice will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your use of the Service after the effective date of any modified Privacy Notice indicates your acknowledging that the modified content of the Privacy Notice applies to your interactions with the Service and our business.
14. How to Contact Us
You can contact us via email at privacyoffice@gtlaw.com. If you prefer to contact us by postal mail, and you are in the United States or in any country other than the countries listed in the chart below, please contact us at: Office of the General Counsel, Greenberg Traurig, One Vanderbilt Avenue, New York, NY 10017. Otherwise please use one of the following addresses based on your location.
China Greenberg Traurig, LLP |
Japan 14F, Meiji Yasuda Seimei Building |
South Korea 23F, Seoul Finance Center |
Mexico Greenberg Traurig, S.C. |