Privacy Notice for Business Contacts

Skadden, Arps, Slate, Meagher & Flom LLP and Affiliates (collectively, "Skadden," the "Firm," "we," "us" or "our") is committed to safeguarding the privacy of its customers, suppliers or other business partners ("you"). Please read the following statement, which sets out the principles governing the Firm’s use of personal information that we may obtain about you, to understand how your information will be treated (the "Privacy Notice for Business Contacts"). Throughout our business relationship, the Firm comes into possession of certain information about you (your "personal information") and collects, uses and is responsible for it. When we do this, we are the "controller" of this information for the purposes of the General Data Protection Regulation (the "GDPR") and other applicable data protection laws.

If you have any comments or questions in connection with this Privacy Notice for Business Contacts, please contact us at DataProtection@skadden.com.

Information Collection and Usage

We may process the following personal data about you:

  • Personal information about you that you disclose to us by providing your business card to us or filling in forms on our website (or other forms that we ask you to complete), corresponding with us by telephone, post, e-mail or otherwise. It may include, for example, your name, company, business and/or private address, e-mail address and telephone numbers, information about your business relationship with the Firm and information about your professional role, background and interests.

    • We will process your personal information throughout our business relationship with you and may retain some limited personal information about you even when we know that you have left the organization that you represent, so that we can maintain a continuous relationship with you if and when we are in contact with you again, representing a different organization. This processing of your personal information can be based on Article 6 (1) f GDPR. Our legitimate interest is the improvement of our client relationship management, networking, marketing and the development of our business. We will keep this information on a computer or in hard copy form for a period of 2 years after the last contact with you.

  • If you contact us by e-mail or via our contact form, the personal information transmitted by you are automatically stored. Such personal information transmitted on a voluntary basis are stored for the purpose of processing your request and/or contacting you. This processing activity can be based on Article 6 (1) f GDPR. Our legitimate interest is the enabling of an easy communication platform with you. The information received will be stored on a computer and automatically erased no later than 3 months after the contact request was fulfilled and no other legal justification (e.g. continued client relationship) or statutory retention obligation exists for the continued retention.
  • If you sign up or have previously signed up to our e-mail alerts, we will process your personal information provided to us by you for the purpose of providing you with information relating to our services. You can opt-out of the e-mail alerts at any time by either contacting us at info@skadden.com or clicking on the opt-out hyperlink contained within an e-mail that you have received.
  • We may supplement the information that you provide to us with information that we receive or obtain from other sources. If we have a business relationship with the organization that you represent, your colleagues or other business contacts may give us information about you such as your contact details or details of your role in the relationship. We process your personal information on the basis of the legitimate interests set out above (Article 6 (1) f GDPR).
  • We do not generally rely on obtaining your consent to process your personal information. Where we process personal information based on consent, we will ask for your consent on a case-by-case basis. If we obtain your consent for any use of your personal information, you have the right to withdraw your consent at any time with effect for the future. We will give you further information in the consent form on how to withdraw consent.

Your Rights

Under the GDPR you have a number of important rights. In summary, those include rights to:

  • Fair processing of information and transparency over how we use your use personal information;
  • Access to your personal information and to certain other supplementary information that this Privacy Notice for Business Contacts is already designed to address;
  • Require the correction of any mistake in the personal information that we hold about you;
  • Require the erasure of personal information concerning you in certain situations;
  • Receive the personal information concerning you that you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit that data to a third party in certain situations;
  • Otherwise restrict our processing of your personal information in certain circumstances;
  • Object to decisions being taken by automated means that produce legal effects concerning you or similarly significantly affect you;
  • Object at any time to processing of personal information concerning you for direct marketing; and
  • Object in certain other situations to our continued processing of your personal information (for details please see below).

Information regarding the right to object, Article 21 GDPR

  1. You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, which is based on Article 6 (1) e GDPR (data processing for purposes of public interest) or Article 6 (1) f GDPR (data processing for purposes of prevailing legitimate interests pursued by us). This also applies to profiling based on these provisions.
  2. If you object, we shall no longer process the personal data, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of you, or for the establishment, exercise or defence of legal claims.

If you would like to object, please contact us at: DataProtection@skadden.com

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (the "ICO") on individuals' rights under the GDPR - https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.

If you would like to exercise any of those rights, please:

  • Contact us at DataProtection@skadden.com.
  • In order to facilitate the process, please provide the information to which your request relates, including any account or reference number, if you have it and provide enough information to identify you (e.g., account number, user name, registration details).

If we have reasonable doubt as to your identity, we may require additional proof of your identity.

You also have the right, at any time, to lodge a complaint about the processing activities of your personal information by us with the ICO, or other competent supervisory authority.

Security

We endeavour to take all reasonable steps to protect your personal information, but cannot guarantee the security of any data you disclose online. Please note that e-mail is not a secure medium and should not be used to send confidential or sensitive information. You accept the inherent security risks of providing information over the Internet and will not hold us responsible for any breach of security, unless this is due to our negligence or wilful default.

Business Transfers

As we continue to develop our business, we might sell or otherwise transfer certain of our assets. In such transactions, user information, including personal information, is generally one of the transferred business assets and, by providing your personal information to us, you agree that your data may be transferred to such parties in these circumstances.

Data Sharing and Transfer

We will provide information about you (on the understanding that such information will be kept confidential) to partners, employees and agents of Skadden for the purposes of networking, marketing, the development of our business and the improvement of our client relationship management (Article 6 (1) f GDPR). We may share your personal information with your colleagues within the organization that you represent for the same purposes.

We will only disclose information as previously notified to you except as follows: to any law enforcement agency requesting it in connection with an inquiry regarding the commission of any offence, once we are reasonably satisfied as to the circumstances surrounding the request; to comply with applicable laws and lawful government or regulatory requests; to operate our systems properly; or to protect our users and the Firm. We will transfer your personal information in these circumstances based on Article 6 (1) c and f GDPR or, where required by applicable law, your consent. Our legitimate interest is the operation and protection of our business.

Skadden is an international law firm comprised of multiple offices and affiliated entities in numerous jurisdictions. Details regarding our offices and affiliated entities can be found at https://www.skadden.com/locations. Any information received by us through this website, including personal information, may be transferred to or shared across our integrated computer networks with one or more of our affiliated offices in the United States and other countries.

Further, your personal information will be disclosed to our service providers, such as IT service providers.

We may transfer data also to countries that may not be subject to data protection laws similar to those prevailing in the jurisdiction in which such information is provided to or received by us. However, all of our offices adhere to the same procedures with respect to your personal information, including this Privacy Notice for Business Contacts. Where we transfer your personal information outside the European Economic Area (the "EEA") or to an international organization that does not have data protection laws substantially similar to those in the United Kingdom and the EEA, we will implement sufficient safeguards to protect your privacy rights and provide you with remedies in the unlikely event that your personal information is misused. Transfers within Skadden will be subject to the terms of data transfer agreements between our offices that include standard contractual clauses as approved by the European Commission and applicable data protection authorities and permitted under applicable data protection laws, including the GDPR. These safeguards are designed to protect your privacy rights and provide you with remedies in the unlikely event that your personal information is misused. You are entitled to obtain a copy of our standard contractual clauses. If you would like a copy or any further information please e-mail us at DataProtection@skadden.com.

Future Processing

We do not intend to process your personal information for any reason other than stated within this Privacy Notice for Business Contacts. If this changes, we will inform you by e-mail.

Notification of Changes

We may occasionally modify this Privacy Notice for Business Contacts; when this happens, we will publish details on this web page. We will not, however, significantly change how we use information you have already given to us without your prior agreement.

BACK TO TOP