Shearman & Sterling LLP is a limited liability partnership organized under the laws of the state of Delaware. References in this policy to “we”, “us” or “Shearman” are references to Shearman & Sterling LLP together with its affiliated entities, including Shearman & Sterling (London) LLP, a limited liability partnership through which we practice in the United Kingdom, and Shearman & Sterling, a partnership through which we practice in Hong Kong. Shearman & Sterling LLP also practices in Saudi Arabia in association with a Saudi firm, Dr. Sultan Almasoud & Partners, and in Italy in association with Studio Legale Associato Shearman & Sterling LLP.
Shearman & Sterling is committed to protecting and respecting your privacy.
Please read this notice carefully to understand our practices with respect to personal data.
As a law firm, we regularly receive personal data as part of our professional activities. We may collect your personal data:
Ordinarily, you will have provided any such data to us. But in some cases, we may collect data about you from a third party source, such as government or credit reporting agencies, an information or service provider or from public records.
The personal information that we collect and process may include:
Whether we receive your personal data directly from you or from a third party source, we will only use your personal data in connection with our ordinary professional activities (including the fulfilment of our legal or regulatory obligations). These “Permitted Uses” may include:
If you have given us your express consent, we may process your personal data for additional purposes. You may withdraw your consent at any time. Additional purposes for which we may process your personal data may include:
Shearman is a global firm and a list of our offices, together with relevant contact information, may be found on our website. Irrespective of how we obtain your personal data, it may be shared among all the offices within Shearman (both inside and outside the European Economic Area). Our global policy requires all offices to at all times ensure a level of data protection at least as protective as those mandated by the European Economic Area. We may also need to transfer personal data to third parties, including third parties based outside the European Economic Area, for example (but not limited to) sub-contractors, other counsel and accountants and third parties involved in your matters.
Where we share or transfer your personal data, we will do this in accordance with applicable data protection laws and will take appropriate safeguards to ensure its integrity and protection.
We will take appropriate technical and organizational measures against unauthorized or unlawful processing of your personal data and against accidental loss or destruction of, or damage to, your personal data in accordance with our internal security procedures covering its storage, access and destruction. Personal data may be stored on our own technology systems or those of our vendors or in paper files.
We will delete your personal data when it is no longer reasonably required for the Permitted Uses or you withdraw your consent (where applicable), provided that we are not legally required or otherwise permitted to continue to hold such data. We may retain your personal data for an additional period to the extent deletion would require us to overwrite our automated disaster recovery backup systems or to the extent we deem it necessary to assert or defend legal claims during any relevant retention period.
In addition to your rights under applicable data protection legislation and where we are permitted or required by applicable law and regulation and by our professional obligations, we will provide you, upon request, with a copy of your personal data and we will correct any errors identified by you. Except as set forth above, we will not use your data for any automated decision making or any profiling and you have the right to restrict our processing of your personal data as well as the right to lodge a complaint with supervisory authorities regarding the processing of your personal data. We will refrain from sending you marketing materials without your express consent and will also comply with your request to stop sending any such further communications. All such requests, or any questions or comments regarding this policy or our handling of your personal data, should be addressed to email@example.com.
This Privacy Notice was updated in April, 2018. We reserve the right to amend this Privacy Notice from time to time to reflect changing legal requirements or our processing practices. Any such changes will be posted on this website and will be effective upon posting.