Barack Ferrazzano is committed to protecting the privacy of our clients and other individuals whose personal data we receive, consistent with applicable laws and regulations, including the General Data Protection Regulation (GDPR) to the extent that the personal data we use relates to individuals within the European Union (EU).
This policy is effective as of May 25, 2018. We may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are aware of changes to the policy.
What personal data do we collect about individuals?
Personal data refers to any information relating to an identified or identifiable natural person, such as a name, an email or physical address, an identification number, as well as information specific to that natural person, such as genetic, cultural, and physical information.
In the course of conducting the business of our law firm, we may receive personal data about individuals in several ways. Examples of the categories of personal data we collect and how we collect it are:
- Contact Information: This information, which includes names, job titles, addresses, and email addresses, is generally provided to us by clients in connection with their engagement, and by parties contacting us through our website or through personal interactions at meetings and events. We use contact information to communicate with clients and others about firm business, as well as about developments in the law, news about the firm, or events in which the firm is involved.
- Financial Information: This information, which includes credit card information, bank information, and general financial data, may be provided by our clients in connection with payment for legal services, or may be provided by our clients or third parties in connection with a transaction, litigation or other matter with which we are involved.
- Health Information: We may receive health information of our clients and others to the extent relevant or required in connection with a legal matter for which we have been engaged.
- Other Information: In connection with our representation of our clients, our clients may provide us with other information that is considered “personal data” under applicable laws, if that personal data is necessary for or otherwise applicable to our work.
What is our legal basis for processing the personal data we receive?
We are a law firm in the business of providing legal advice to clients and representing their interests in transactions, litigation, before government agencies, and in other types of legal matters. We only collect and process data if we have an appropriate legal basis for doing so.
If you have formally engaged us to provide legal services to you, our engagement letter forms a contract between you and us, and we will collect and use personal data as necessary to communicate with you about our representation, to perform the work you have hired us to do, and to process any payments made to our firm.
We may also process personal data as necessary to comply with a legal obligation to which we are subject, such as producing information required by a court order.
In many cases, we will collect and process personal data as necessary to carry out our legitimate business interests, which are:
- to conduct our business as a law firm and represent our clients in transactional and litigation matters;
- to carry out our clients’ instructions;
- to communicate with our clients and third parties regarding ongoing matters;
- to produce certain information to opposing parties in litigation (subject to court orders governing the confidentiality of the information); and
- to keep our current and former clients and others informed about developments in the law, news about the firm, and events in which the firm is involved.
Where we rely on our legitimate interests to process your personal data, you have the right to object to such processing (meaning that you can ask us to stop).
Who do we share your personal data with?
The personal data that we receive from clients and other persons will be available to various employees at our firm, including the lawyers and paralegals at our firm who provide services to our clients, as well as to certain staff members who need access to the information to do their jobs, which may include staff who: (i) process invoices to clients; (ii) manage client trust accounts; (iii) draft correspondence or other documents; (iv) process data used in litigation; (v) evaluate potential conflicts of interest; or (vi) prepare and distribute marketing materials. Our personnel are subject to confidentiality obligations with respect to the information they receive.
In addition to the employees at our firm, we may provide your personal data to vendors who we engage to hold our data in the cloud, manage our email security, or who process our data for shipping, e-billing, marketing or litigation purposes. These parties are under contractual obligations limiting their use and sharing of your information.
We may also provide your personal data to counsel for parties who are engaged in transactions or litigation in which we are representing clients, as required for the purpose of that representation, such as providing due diligence in a transaction or discovery in litigation.
We will not sell or lease your personal data to third parties unless we have your permission or are required by law to do so.
How long will we keep your personal data?
We typically retain the information we receive in the course of matters in which we represent clients for 7 years after the matter is over. We sometimes retain data for longer if the attorney responsible for the matter determines that it is appropriate to do so.
We retain contact information until we determine that it is no longer valid or we no longer have need to use that information.
What do we do to secure your personal data?
We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
Cookies. A cookie is a small file that asks permission to be placed on your computer's hard drive, if allowed by your browser’s cookie setting. If allowed, the file is added and the cookie helps analyze web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyze data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Do Not Track. Currently, certain browsers, including Firefox, Google Chrome, Safari and Internet Explorer, offer a “do not track” (or, “DNT”) option. This option, using a technology known as a DNT header, sends a signal to websites visited by the user about the user’s DNT preference, if any, set on the browser. We do not currently commit to responding to browsers’ DNT signals. We cannot make this commitment because no common industry standard for DNT has been adopted by industry groups, technology companies, or regulators.
How can you control the use of your personal data?
You may choose to restrict the collection or use of your personal data in the following ways:
- whenever you are asked to fill in a form on the website, look for the box that you can click to indicate that you do not want the information to be used by anybody for direct marketing purposes;
- if you have previously agreed to let us use your personal data for direct marketing purposes, you may change your mind at any time by writing to or emailing us at firstname.lastname@example.org.
You have the right to ask us for a copy of the personal data we have about you, along with related information about our purposes for processing that data.
If you believe that any information we are holding about you is incorrect or incomplete, you have the right to ask us to correct that information. We will promptly correct any information found to be incorrect.
In addition, you have the right to ask us to erase your personal data. If you do so, we will delete your information, unless we continue to have an overriding legitimate interest in retaining the information. We will always honor a request to delete information that we use solely for direct marketing purposes.
If you would like to make any request to us about your personal data, please contact us at email@example.com.
Who can you contact with complaints?
If you have a complaint about how we are using your personal data, you can contact us and we will promptly address your complaint.
If you are in the EU, the GDPR also gives you the right to lodge a complaint with the governing Data Protection Authority within your jurisdiction. You can find your national Data Protection Authority here.
Who is your “Data Controller”?
Under the GDPR, our firm – Barack Ferrazzano Kirschbaum & Nagelberg LLP – is considered the “Data Controller” with respect to the personal data we collect directly, because we are responsible for deciding how to use that data.
You may communicate with us by writing to us at:
Barack Ferrazzano Kirschbaum & Nagelberg LLP
200 W. Madison Street
Chicago, IL 60606
Attention: Edward F. Malone
Visitors from Outside the United States
If you reside outside the United States ("U.S."), any information you provide to our website will be transferred out of your country and into the U.S. If you do not want any personal information to be transferred to the U.S., please do not provide that information to us or our website. By providing personal information to us or our website, you expressly consent to the transfer of that information to the U.S.