Main Menu


Barack Ferrazzano Kirschbaum & Nagelberg LLP Privacy Policy

Barack Ferrazzano is committed to protecting the privacy of our clients and other individuals whose personal data we receive, consistent with applicable laws and regulations, including the General Data Protection Regulation (GDPR) to the extent that the personal data we use relates to individuals within the European Union (EU).

If we receive personal data about an individual, we will only use that information in accordance with this privacy policy.

This policy is effective as of May 25, 2018. We may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are aware of changes to the policy.

What personal data do we collect about individuals?

Personal data refers to any information relating to an identified or identifiable natural person, such as a name, an email or physical address, an identification number, as well as information specific to that natural person, such as genetic, cultural, and physical information.

In the course of conducting the business of our law firm, we may receive personal data about individuals in several ways. Examples of the categories of personal data we collect and how we collect it are:

What is our legal basis for processing the personal data we receive?

We are a law firm in the business of providing legal advice to clients and representing their interests in transactions, litigation, before government agencies, and in other types of legal matters. We only collect and process data if we have an appropriate legal basis for doing so.

If you have formally engaged us to provide legal services to you, our engagement letter forms a contract between you and us, and we will collect and use personal data as necessary to communicate with you about our representation, to perform the work you have hired us to do, and to process any payments made to our firm.

We may also process personal data as necessary to comply with a legal obligation to which we are subject, such as producing information required by a court order.

In many cases, we will collect and process personal data as necessary to carry out our legitimate business interests, which are:

Where we rely on our legitimate interests to process your personal data, you have the right to object to such processing (meaning that you can ask us to stop).

Who do we share your personal data with?

The personal data that we receive from clients and other persons will be available to various employees at our firm, including the lawyers and paralegals at our firm who provide services to our clients, as well as to certain staff members who need access to the information to do their jobs, which may include staff who: (i) process invoices to clients; (ii) manage client trust accounts; (iii) draft correspondence or other documents; (iv) process data used in litigation; (v) evaluate potential conflicts of interest; or (vi) prepare and distribute marketing materials. Our personnel are subject to confidentiality obligations with respect to the information they receive.

In addition to the employees at our firm, we may provide your personal data to vendors who we engage to hold our data in the cloud, manage our email security, or who process our data for shipping, e-billing, marketing or litigation purposes. These parties are under contractual obligations limiting their use and sharing of your information.

We may also provide your personal data to counsel for parties who are engaged in transactions or litigation in which we are representing clients, as required for the purpose of that representation, such as providing due diligence in a transaction or discovery in litigation.

We will not sell or lease your personal data to third parties unless we have your permission or are required by law to do so.

How long will we keep your personal data?

We typically retain the information we receive in the course of matters in which we represent clients for 7 years after the matter is over. We sometimes retain data for longer if the attorney responsible for the matter determines that it is appropriate to do so.

We retain contact information until we determine that it is no longer valid or we no longer have need to use that information.

What do we do to secure your personal data?

We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

How do we use cookies and other tracking technology?

Cookies. A cookie is a small file that asks permission to be placed on your computer's hard drive, if allowed by your browser’s cookie setting. If allowed, the file is added and the cookie helps analyze web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyze data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Do Not Track. Currently, certain browsers, including Firefox, Google Chrome, Safari and Internet Explorer, offer a “do not track” (or, “DNT”) option. This option, using a technology known as a DNT header, sends a signal to websites visited by the user about the user’s DNT preference, if any, set on the browser. We do not currently commit to responding to browsers’ DNT signals. We cannot make this commitment because no common industry standard for DNT has been adopted by industry groups, technology companies, or regulators.

Third Party Services. Some features on our site may be served by third parties, including advertisers, ad networks and servers, content providers and application providers. These third parties may use cookies, alone or with web beacons or other tracking technology, to collect information about you when you use the site. They may be able to associate the information they collect with your personally identifiable information, or they may collect information, including personally identifiable information, about your online activities over time and across other website and online services. They may use this information to provide you with behavioral advertising or other targeted content. That content may appear either on our site, or on other websites. We cannot control any third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.

How can you control the use of your personal data?

You may choose to restrict the collection or use of your personal data in the following ways:

You have the right to ask us for a copy of the personal data we have about you, along with related information about our purposes for processing that data.

If you believe that any information we are holding about you is incorrect or incomplete, you have the right to ask us to correct that information. We will promptly correct any information found to be incorrect.

In addition, you have the right to ask us to erase your personal data. If you do so, we will delete your information, unless we continue to have an overriding legitimate interest in retaining the information. We will always honor a request to delete information that we use solely for direct marketing purposes.

If you would like to make any request to us about your personal data, please contact us at

Who can you contact with complaints?

If you have a complaint about how we are using your personal data, you can contact us and we will promptly address your complaint.

If you are in the EU, the GDPR also gives you the right to lodge a complaint with the governing Data Protection Authority within your jurisdiction. You can find your national Data Protection Authority here.

Who is your “Data Controller”?

Under the GDPR, our firm – Barack Ferrazzano Kirschbaum & Nagelberg LLP – is considered the “Data Controller” with respect to the personal data we collect directly, because we are responsible for deciding how to use that data.

You may communicate with us by writing to us at:

Barack Ferrazzano Kirschbaum & Nagelberg LLP
200 W. Madison Street
Chicago, IL 60606
Attention: Edward F. Malone

Visitors from Outside the United States

If you reside outside the United States ("U.S."), any information you provide to our website will be transferred out of your country and into the U.S. If you do not want any personal information to be transferred to the U.S., please do not provide that information to us or our website. By providing personal information to us or our website, you expressly consent to the transfer of that information to the U.S.

Back to Page