Updated: May 22, 2018
This Privacy Notice explains how Covington collects, uses, shares and otherwise processes your personal data collected on our website, mobile apps and in connection with our blogs, client alerts and other communication services (the “Services”). The processing of personal data in connection with client relationships are addressed in engagement agreements between Covington and our clients.
We may provide supplemental privacy notices on specific occasions when we are collecting or processing personal data about you. Those supplemental notices should be read together with this Privacy Notice.
Information we collect about you
You may choose to provide information directly to us through various sections of our Services, including:
- Contact details for news, publications and marketing communications and events
- Career information, such as contact details, employment history, and qualifications.
- Contact details for alumni communications
How and why we use your information
We will use your personal data for the following purposes:
- To inform you about our services, new legal and policy developments, relevant information in the industries we serve, and our marketing events.
- To evaluate you as a candidate for employment with our firm.
- To provide alumni communications.
- For analysis to improve this website, our services and for market research.
- For other reasons, with your consent.
Please note that we may use or disclose personal data if we are required by law to do so or if we reasonably believe that use or disclosure is necessary to protect our rights and/or to comply with judicial or regulatory proceedings, a court order or other legal process.
Sharing your information
We may share your information in the following circumstance:
- Other Covington Offices: For users residing in the EU, these offices may be in countries that offer a lower level of privacy protection than your home country. We have put into place contractual safeguards approved by the European Commission to protect your information.
- Service Providers: We may share your information with entities that provide services to us, including companies that provide web analytics, advertising, email distribution, and other services. These entities are limited in their ability to use your information for purposes other than providing services for us.
- Other Parties When Required by Law or as Necessary to Protect Our Services: There may be instances when we disclose your information to legal advisors and public authorities, such as court and law enforcement agencies.
- Other Parties in Connection With a Transfer of Assets: If we make a sale or transfer of assets, or are otherwise involved in a merger or transfer, we may transfer your information to one or more third parties as part of that transaction.
- Other Parties With Your Consent: In addition to the sharing described in this privacy notice, we may share information about you with other third parties when you consent to such sharing.
Third-Party Content, Functionality, and Services
We do not knowingly collect or store personally identifiable information about children under the age of 16, unless permitted by law. If we learn that we have collected personally identifiable information from a child under age 16, we will delete that information from our database.
Privacy Rights of European Visitors
Legal Grounds. We will process your personal data only (1) with your consent; (2) to perform a contract between you and us; (3) to comply with a legal obligation; or (4) where we have a legitimate interest to do so, balancing this interest against your interests and fundamental rights. These legitimate interests are administrative functions within Covington, marketing activities, and complying with your requests for information.
Access, Correction and Deletion. If you reside in the EU, you may exercise your Personal Data rights under GDPR through the contact information shared below. Specifically you have the following rights subject to the exceptions allowed by law:
- To access your information
- To rectify or update your information
- To erase your information, subject to our need to retain certain information for legal or other purposes
- To receive a copy of your information
- To object to or restrict its processing
How we protect your information
We use physical, technical and administrative measures to protect your information against loss, theft and unauthorized use, disclosure or modification. While we strive to protect the information we maintain, we cannot ensure or warrant the security of any information that you transmit to us since no method of data transmission or storage is 100% secure.
How long will we retain your information?
We will only retain your personal data for as long as necessary to fulfil the purposes for which it was collected and processed, including for the purposes of satisfying any legal, regulatory, accounting or reporting requirements.
To determine the appropriate retention period for your personal data, we will consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your it and whether we can achieve those purposes through other means, and the applicable legal requirements
In some circumstances we may anonymize your personal data so that it can no longer be associated with you, in which case it is no longer personal data.
Upon expiration of the applicable retention period we will securely destroy your personal data in accordance with applicable laws and regulations.
Changes to this privacy notice
We may update this Privacy Notice at any time, and we will make an updated copy of any such Privacy Notice available on our website.
Should you have any questions about this Privacy Notice or inquiries regarding your personal data rights you can contact us at firstname.lastname@example.org or at the address below.
Covington & Burling LLP
850 10th St NW
Washington, DC 20001
Users residing in the European Economic Area have a right to lodge a complaint to the supervisory authority for data protection in their country.
Cookies, Web Beacons, and Similar Technologies