- Home
- |
Privacy Statement
We at Crowell & Moring respect your concerns about privacy and value the relationship that we have with you. We want you to know what happens to the personal information that we collect through the following website(s) www.crowell.com ("our Websites"); our social media activities on LinkedIn, Twitter, and Facebook ("our Official Social Media Accounts"); our official blogs, hosted by LexBlog ("our Official Blogs"); and our other activities and sources.
For purposes of this Privacy Statement, "personal information" means information from or about you that identifies you directly and information that is associated with you and thus could potentially identify you, including when combined with other information from or about you.
Crowell & Moring is a U.S.-based law firm with international offices and international clients. As a result, personal information that we collect and personal information that we receive from clients may be transferred to our U.S. offices to permit us to comply with our legal and contractual obligations, to provide information and services to our prospective and current clients, and to perform related business services. In addition, we may transfer personal information to third-party service providers and business partners, in the U.S. and in other countries, to the extent necessary to support Crowell & Moring's business activities. Thus, personal information that we collect may be transferred to and stored on servers located in the United States and in countries different from the country in which that information was initially collected. Similarly, personal information may be accessed by Crowell & Moring and its third-party service providers and business partners from countries other than the ones in which the personal information is stored.
This Privacy Statement does not apply to personal information arising from Crowell & Moring's employment-related activities, which is covered by a separate internal Employee Privacy Statement.
Our receipt, use, and disclosure of personal information that is protected health information under the Health Insurance Portability and Accountability Act ("HIPAA") are subject to the requirements imposed on us by HIPAA and any additional requirements imposed on us by our clients. For more information, please refer to HIPAA-Protected Personal Health Information, below.
California Residents – please see Information for California Residents, below.
EU Residents – please see Transfers of Personal Information from the EU to the U.S. and Other Non-EU Countries and Additional Rights for EEA Residents, below.
For information about how we collect, use, and share your information, please see below.
Crowell & Moring is committed to working with you to obtain a fair and rapid resolution of any queries, complaints, or disputes about privacy. If you have any questions or comments about our Privacy Statement or our information collection and data protection practices, please contact Crowell & Moring at dataprivacy@crowell.com or by mail/overnight/courier to
Privacy Officer
Crowell & Moring LLP
1001 Pennsylvania Ave. NW
Washington, DC 20004-2595
Information that We Collect From and About You
Information that We Collect Directly
Crowell & Moring may obtain information (primarily name, contact information, employer, title, and type of business) directly from and about you in a number of ways, such as:
- Through interactive forms on our Websites, if you choose to provide it;
- Through your registration for, or attendance at, one of our events;
- Through your conversations with someone from the Firm;
- Through your use of and access to our, newsletters, emails, and Official Social Media Accounts; and
- Through other public sources.
Information that We Collect Through Cookies and Technology
When you visit our Websites or open an email or newsletter that we send you, we may collect information about your usage and device by automated means or by using technologies such as cookies, web server logs, and web beacons. As set forth in more detail below, we may also collect information about your usage and browsing habits using various web-based technologies, including but not limited to Cookies. Cookies are small text files that websites send to your computer or other Internet-connected device to uniquely identify your browser or to store information or settings in your browser. Your browser may tell you how to be notified when you receive certain types of cookies and how to restrict or disable certain cookies. Some cookies may exist for only a single session and some are persistent for multiple sessions over time.
You have a right to a copy of the personal information which we hold about you, and you have a right to have that information amended if it is inaccurate. For further information about our privacy practices, please send an e-mail to website@crowell.com We will do our utmost to respond to your query within 14 days.
Cookies
A "cookie" is a very small data file comprised of text and/or numbers that downloads on your computer hard drive (via your web browser) when you visit a website. Cookies notify a web server that you are returning to a specific web page on it, and they contain information about your web browsing that can save you time, such as by remembering your preferences, or they can track certain web browsing data (such as which site pages are more important in terms of traffic or which web browsers are preferred by site visitors) that can aid websites in enhancing the user/visitor experience. Cookies cannot be executed as code or deliver viruses, and they can be controlled by end users through their browser settings (see below).
Controlling Cookies
You can confirm your cookies with our here interface which will provide details and allow control of cookie preferences. Blocking some types of cookies may impact website experience and services.
Should you be adverse to the collection of cookies by Crowell.com or any other website, there are actions you can take with your personal Web browser settings.
Web browser settings can be adjusted to perform one or more of the following actions: delete all cookies, block all cookies, allow all cookies, block third-party cookies, clear all cookies when you close the browser, open a 'private' browsing session, install add-ons and plug-ins to extend browser functionality as it pertains to cookies.
Please click one of the links below to access more information and learn how to adjust cookie settings for a particular web browser.
More information on cookies can be found at www.allaboutcookies.org.
- Web server logs: In conjunction with obtaining information through cookies, our web servers may log details regarding your device, operating system, or information about your use of our Websites.
- Web beacons & pixels: To control which web servers collect information described above, we may place tags on our Websites or in emails called "web beacons" or "pixels." These are computer instructions that link web pages to particular web servers and their cookies. Web beacons and pixels can be used to track the pages you view, links that you click, or other online behavior. These tools may also be used to measure the effectiveness of our email campaigns by identifying the individuals who open or act upon an email message, when an email message is opened, how many times an email message is forwarded, the type of software, device, operating system and browser used to deliver the email, and any URL accessed through our email message.
- Other: we may use other technology to collect information for the purposes described in this Privacy Statement.
Our Privacy Statement only cover Crowell & Moring websites. Our website, newsletters, email updates and other digital communications may contain links to and from other third-party websites. When you click on these links, you are exiting our website, and the personal data that you provide through such third-party websites is not subject to our privacy notice(s)/policies. If you follow any link to a third-party website, please note that that website will have its own privacy notice(s) which set out how your information is collected and processed by them. We recommend that you check the privacy notices/policies of each website you visit. Some of these third parties may use applications that track your online activities across different websites and platforms over time.
Our Websites use Google Analytics 4, a web analytics service provided by Google, Inc. ("Google"). Google Analytics 4 uses cookies to help us analyze how visitors use our website. The information generated by Google Analytics 4 does not log or store IP addresses. Analytics drops any IP addresses that it collects from EU users before logging that data via EU domains and servers. In addition, Analytics provides controls to: disable collection of Google-signals data on a per-region basis which Crowell & Moring disabled globally. Additionally, Crowell & Moring disabled the collection of granular location and device data on a per-region basis. Google will not combine the IP address sent by your browser in connection with Google Analytics with other data. You can prevent Google Analytics cookies from being stored by setting your browser software accordingly. You can also opt-out of Google Analytics by downloading and installing the browser plug-in available at http://tools.google.com/dlpage/gaoptout?hl=e.
Information that We Receive About You While Representing Our Clients
Our clients, opposing counsel, courts, and others may provide personal information to us in connection with our representation of a client in a particular matter. The nature of the personal information provided will depend upon the specific matter, but may include medical, financial, family, and educational information, conduct and belief information, and other similarly sensitive categories of personal information.
Our clients and prospective clients are responsible for complying with all applicable federal, state, local, and international privacy laws and regulations regarding notice, disclosure, consent, and cross-border transfer requirements prior to providing personal information to Crowell & Moring. In addition, our clients and prospective clients are also responsible for identifying, in the representation agreement or in a related document, any additional requirements for protecting and handling personal information in a particular matter that exceed the risk-based administrative, technical, and physical safeguards that Crowell & Moring would otherwise routinely implement, that require a specific form of written privacy and data security agreement, or that otherwise require documentation because of inconsistency with this Privacy Statement.
How We Use Information that We Collect From and About You
We use information that we collect directly from or about You:
- To maintain client relationships as required by Crowell & Moring's business needs and contractual obligations.
- To administer, operate, maintain, and secure our Websites, newsletters, emails, and Official Social Media Accounts as required by Crowell & Moring's business needs, legal obligations, and contractual obligations
- To provide client support and respond to inquiries as required by Crowell & Moring's business needs and contractual obligations
- To provide information, education, and legal updates to individuals and entities who have consented to receive such material
- To market Crowell & Moring products and services to individuals and entities who have consented to receive such material (we only provide marketing information about Crowell & Moring services, activities, and events; we do not provide information to third parties for non-Crowell marketing purposes or to provide information about third-party goods and services)
- To customize and improve communication content for individuals and entities who have consented to receive such material
- To comply with legal and ethical requirements and our Crowell & Moring policies and procedures
- For Crowell & Moring's necessary accounting, recordkeeping, backup, and administrative needs
We use information that we receive while representing our clients solely for purposes related to that representation, not for other purposes described in this Privacy Statement. We do not combine personal information that we receive from clients and prospective clients for purposes of providing legal representation with any of the personal information that we collect directly from and about you.
We do not collect, receive, or use personal information that we collect directly from and about you to make decisions based on automated processing which may produce legal effects or similarly significantly affect you.
Your Control Over Information that We Collect From and About You
With regard to information that we collect directly from or about you:
- You may choose not to provide us with information that we request, but we may not be able to respond to your inquiry, register you for one of our events or activities, or provide you with additional information or publications.
- If you provide us with your information, but later decide that you do not want to receive marketing or other informational communications from Crowell & Moring, or if you wish to discontinue your subscription to an email or newsletter, you may send an email to dataprivacy@crowell.com or click the "unsubscribe" link at the bottom of the email communication.
- Some browsers have a "Do Not Track" feature that lets you tell websites that you do not want to have your online activities tracked. These features are not yet uniform. Although we do not, at this time, honor "Do Not Track" signals from a web site browser, we offer you a choice about whether to accept cookies from our Websites, and you may choose not to accept, or to later delete, cookies. Please refer to your browser's Help instructions to learn more about cookies and other technologies and how to manage their use. If you choose not to accept, or to later delete, cookies, you will need to repeat this process each time you use a different computer or change browsers. If you choose not to accept cookies, some of your online functionality may be impaired.
With regard to personal information that we might have received about you while representing a client, please contact the privacy or legal team for the company or entity that you think might have provided Crowell & Moring with personal information about you. Because of the legal, ethical, and contractual obligations imposed on us as a law firm, we cannot confirm whether we have received personal information about you from a current or past client or identify the client(s) who might have provided personal information.
Who Do We Share Personal Information With, and Why?
Except to the extent necessary to fulfill our business obligations, we do not sell, transfer, or otherwise disclose to third parties any of the personal information that we collect directly from or about you, or that we receive in the course of representing clients. We do not permit third parties to whom we transfer personal information to use that information for any purposes other than the ones authorized by us, as described in this Privacy Statement.
We may transfer information to third-party service providers and business partners to the extent necessary to help us comply with our legal and contractual obligations, to provide information and services to prospective and current clients, and to perform related business services such as hosting our Websites or managing e-discovery. Our contracts with our service providers and business partners, among other things:
- maintain our ownership in and exclusive rights to any information that we provide;
- prohibit use or disclosure of information that we provide except to the extent required to perform authorized services on our behalf;
- require compliance with all applicable legal and ethical requirements;
- require implementation and maintenance of risk-based security that is at least equivalent to what we would provide;
- require compliance with all applicable legal and contractual privacy and data security requirements, including data transfer and data localization;
- require prompt notification to us of any actual or suspected unauthorized access, use, disclosure, or disposal of information that we have provided or that they have collected on our behalf;
- require them to immediately terminate their processing, secure the information, and notify us if they are for any reason unable to remain in compliance with their legal obligations or contract terms with us; and
- require them to flow down and apply the contract terms to any subvendor that they might work with in providing services to us or otherwise helping us accomplish our business purposes and to notify us of the identity and location of any such subvendors.
In addition, in the course of providing legal services to our clients, we may be asked or required to share personal information with adverse parties, related parties, interested parties, courts, regulators, enforcement authorities, etc. to further the legal representation. We will do so as authorized by our clients in connection with our representation and consistent with the nature of the legal proceeding, and as otherwise required by applicable law.
Finally, we may also disclose or share information collected from and about you (i) if you expressly request or authorize us to do so; (ii) if we are required to do so by law, legal ethics or pursuant to legal process; (iii) in response to a request from law enforcement authorities or other government officials that we believe to be valid and legally enforceable; (iv) when we believe disclosure is necessary or appropriate to prevent financial loss, including to address disputes or claims and to respond to persons holding a legal or beneficial interest; (v) in connection with an investigation of suspected or actual fraud or illegal activity; (vi) when we believe that disclosure is necessary to protect our rights, property, or safety or to protect the rights, property or safety of our employees, you, or others; (vii) in connection with the sale, transfer or financing of all or part of a Crowell & Moring business or its assets, including any such activities associated with a bankruptcy proceeding; or (viii) as a result of emergencies or acts of God.
Interaction with Your Social Media Accounts
Our Websites, Official Social Media Accounts, and Official Blogs, as well as the websites of some of our third-party service providers, may permit you to connect and share your online activities and interactions with us and our content with your online community through your accounts on social media platforms such as YouTube, LinkedIn, and Twitter, including through the use of social media plugins (such as the Twitter "Tweet" button). The operator of that social media plugin may set cookies or other tracking technology on your browser to recognize its users when they visit our Websites again. In addition, if you are logged into one of your social media accounts while you are browsing on our Websites, the social media plugins may allow the social media platform to receive information about your visit – including the pages that you viewed – and to connect information about Your visit to our Websites with other personal information regarding your social media account.
When you use social media plugins to connect to your social media account, we may receive or review certain information that you post on that service in accordance with the Privacy Statement of that service and the privacy settings that are applicable to your account. This allows us to share information about your activities on our Websites with other users of their social media website. For example, Twitter social media plugins allow Twitter to show your Tweets and comments on our Websites to your Twitter followers. Your use of social media plugins is subject to each social media platform's Privacy Statement, and we encourage you to use care and thoughtfully read the Privacy Statement of each social media platform that you use. We have no control over the information that social media websites or social media plugins collect, store, or use. Before connecting to our Websites from a social media website or using a social media plugin on our Websites, please be certain that you understand the social media website's Privacy Statement and how it may gather information about your use of our Websites.
How Do We Protect Personal Information?
We maintain reasonable risk-based physical, technical, and administrative safeguards to protect against unauthorized and accidental disclosure, use, alteration, or destruction of personal information in our possession, and to maintain the confidentiality, integrity, availability, and resilience of our systems, data, and services. We restrict access to personal information to those individuals and third parties that need to know the information to accomplish the authorized business purposes described in this Privacy Statement. We are committed to taking appropriate measures to enforce compliance with this Privacy Statement. In addition, we comply with applicable law and with client-specific requirements for protecting personal information.
We provide reasonable security controls to protect electronic information that we receive from you against foreseeable hazards, but please note that no data transmission over the Internet and no data security measures can be guaranteed to be 100% secure. In addition, use of email to transmit personal information is insecure and violates Crowell & Moring policy. Please contact us if you need a more secure method for transmitting personal information.
Transfers of Personal Information from the EU to the U.S. and Other Non-EU Countries
We respect data transfer laws when transferring Personal Information from the EU to the U.S. or other Non-EU countries.
When we receive or transfer Personal Information from an EU Member State, Switzerland, or other country signatory to the Agreement on the European Economic Area (EEA) to a country that the EU has determined does not provide adequate protection, we will put in place appropriate safeguards. In particular, we will enter into data processing and data transfer agreements that incorporate the EU Standard Contractual Clauses.
For Personal Information that is transferred from our EU offices to our U.S. offices, we have put in place an intra-group data transfer agreement incorporating the EU Standard Contractual Clauses.
In exceptional cases, where we are not able to rely on data transfer agreements or other recognized transfer mechanisms for the transfer of your Personal Information to a country that the EU has determined does not offer adequate protection, we will only do so after having obtained your consent, or if necessary for the performance of an agreement concluded between us or in your interest, or if necessary for the establishment, exercise or defense of legal claims.
Additional Rights for EEA Residents
Under the conditions provided for by the General Data Protection Regulation and in addition to the rights stated above, EEA residents have the right to request the restriction of the processing of their personal information, to object to the processing of their personal information for direct marketing purposes or, where the processing is based on legitimate interest, on grounds relating to their particular situation and to receive their personal information to transmit it to another data controller.
Transfers of Personal Information from Other Countries
We will comply with applicable law regarding collection and transfer of personal information from countries that have privacy or data security laws that are inconsistent with the practices described in this Privacy Statement.
Information for California Residents
If you are a California resident, you have the right to request information from us regarding the manner in which Crowell & Moring shares certain categories of your personal information with third parties, for the third parties' direct marketing purposes. California law provides that you have the right to submit a request, using the contact information shown below, and receive the following information:
- The categories of information that we disclosed to third parties for the third parties' direct marketing purposes during the preceding calendar year; and
- The names and addresses of the third parties that received such information, or if the nature of their business cannot be determined from the name, then examples of the products or services marketed.
Children's Privacy
We do not knowingly collect information from anyone under 16 years of age, and our Websites, Official Social Media Accounts, and Official Blogs are not directed at or intended for use by anyone under the age of 16. If you believe that we have collected information from anyone under the age of 16, please contact us as shown below and we will endeavor to return or delete any such information.
HIPAA-Protected Health Information
Crowell & Moring safeguards HIPAA-protected health information that we receive while representing clients by entering into Business Associate Agreements with clients and third-party service providers and by implementing HIPAA-compliant administrative, technical, and physical safeguards for each representation.
Links to Other Sites
Occasionally we provide links to other websites, social media platforms, or blogs for your convenience and information. Except to the extent that those websites, social media platforms, or blogs provide services with the authorization of and on behalf of Crowell & Moring, they operate independently from Crowell & Moring and are not under our control. These websites, social media platforms, and blogs have their own privacy notices in place, which we strongly suggest that you review if you visit any third party links. Except to the limited extent that the third parties provide services to us or otherwise act our behalf, we are not responsible for their content, any products or services they may offer, or any other uses that are not related to Crowell & Moring services.
Data Retention
Pursuant to our retention policy, we retain personal information only as long as is necessary to accomplish the purpose for which it was collected, and as otherwise required for legal, compliance, or business requirements, and we securely delete it thereafter. The retention period will depend upon, among other factors, the status of your relationship with Crowell & Moring, Crowell & Moring's legal ethical obligations, whether any applicable contract, law, statute, or regulation requires a specific retention period, and what the expectation for retention was at the time the data was provided to us.
How to Access, Change, or Delete Your Personal Information
You can update, correct, or delete your personal information, or you can ask us to remove it from our system by contacting us as shown below. If we cannot resolve your request promptly – within thirty (30) days or less - we will provide you with an estimated date by which the information will be provided. If we are unable to fulfill your request or if we deny your request, we will respond and provide an explanation.
Changes or Updates to this Privacy Statement
We may update or change this Privacy Statement from time to time and without prior notice to you. We will post a notice on this site to notify you of any significant changes to our Privacy Statement and indicate at the bottom of the Statement when it was most recently updated.
How We May Provide Notice to You
To the extent additional notice is required by law or otherwise, Crowell & Moring may deliver a general notice on our Websites, Official Social Media Accounts, or Official Blogs, or we may use email or other delivery methods if you have provided us with your contact information.
How You May Contact Us
If you have any questions about our information collection or our data protection practices, or if you wish to update or correct information provided to us or exercise any other rights you may have under applicable laws, please contact us at dataprivacy@crowell.com or by mail/overnight/courier to:
Privacy Officer
Crowell & Moring LLP
1001 Pennsylvania Ave. NW
Washington, DC 20004-2595
We will respond promptly to your inquiries.
When making an inquiry, please always include a proof of identity to enable us to verify the lawfulness of the inquiry.
Effective Date: October 13, 1999
Last Updated: April 20, 2023
Qatar Financial Centre (QFC)
We, acting through our branch in the Qatar Financial Centre (“QFC”), may collect and process personal data about you that is provided by you or personnel within your organization. In accordance with Articles 14 and 15 of the QFC Data Protection Regulations 2021 (“QFC Data Protection Regulations”), you have the right to: access, rectification, erasure, restriction of processing and portability, and to object to and withdraw your consent with regard to the processing of your personal data (although such withdrawal will not affect the lawfulness of processing occurring prior to such withdrawal).
We may process your personal data outside the QFC. If we send your personal data to be processed for use outside the QFC, we will only do so where (i) it will be processed in a country that the QFC Data Protection Office has decided has privacy laws that provide an adequate level of protection for that personal data; or (ii) we have put in place a contract with the recipient under which they must protect it to the same standards as if it were being processed in the QFC. In any other cases where we want to transfer data to another country, we will inform you about it and, if necessary, seek your consent.
Where the personal data we collect from you is needed to meet our legal or regulatory obligations or enter into an agreement with you, if we cannot collect this personal data there is a possibility, we may be unable to on-board you as a client or provide products or services to you (in which case we will inform you accordingly).
For any complaints related to alleged breaches of the QFC Data Protection Regulations, you can contact the QFC Data Protection Office by email at dataprotection@qfc.qa, or write to the QFC Data Protection Office at:
Data Protection Office
Qatar Financial Centre Authority
QFC Tower 1
Al Wahda Street, West Bay
P.O. Box 23245
Doha, State of Qatar
Miscellaneous Disclaimers
* The Apple logo, iPhone, iPod touch, and iTunes are trademarks of Apple Inc., registered in the U.S. and other countries. Google Play and the Google Play logo are trademarks of Google Inc