Dailey LLP (“Dailey”) is committed to protecting and respecting your privacy. This notice (together with the Conditions of Use of our Website) summarizes how Dailey will process and protect personal information it receives about clients, prospective clients, prospective employees and lateral partners, website visitors, office visitors, agents, suppliers, consultants, business partners and other third parties. Reference in this notice to your “personal information” means any information that identifies, or could reasonably be used to identify, you.
This policy does not cover how the firm processes the personal information of its employees. That is the subject of a separate internal Employee Notice.
Collecting and Processing Your Information
Our collection and processing of personal information varies by context. Scroll down to the category that applies to you.
What personal information do we collect during client work?
During our work for clients or prospective clients, we collect personal information about individual clients, employees and owners. We also collect personal information on others who have dealings with clients in the course of transactions, disputes or investigations. We obtain this information from clients, public websites, research services, social media sites, discovery requests and other third party sources.
How do we use client information?
We process personal information received from, or on behalf of, clients to:
- Facilitate the provision of our professional services, including client due diligence, anti-money laundering checks, conflicts checks, credit checks, billing, marketing and complaints handling.
- Promote our services by sending you (unless you tell us that you prefer us not to) event invitations, alerts on timely legal issues, and industry newsletters and announcements.
- Improve and develop new services.
- Monitor our business and compile statistical data for internal analysis and research.
- We also use a relationship-management tool, where permitted by applicable local law, to assess the strength of the relationship between individuals at Dailey and at our clients or potential clients based on the frequency of email contact between them. We use that information to uncover marketing opportunities, serve our clients and update contact information within our marketing database.
Who has access to client information?
Dailey will retain client-matter information for 10 years after activity on the matter ends. Longer retention periods may apply for cases involving estate planning, criminal liability, litigation holds, General Counsel authorizations and other periods required or permitted by law. Shorter retention periods may apply to personal information that is collected to meet anti-money laundering or other regulatory due diligence requirements. The scope of retained material includes information reasonably required to evidence Dailey’s work on the matter.
What personal information do we collect from prospective employees and lateral partners (applicants)?
We collect resumes and application data, which may include the following:
- Name, address and contact details, including email address and telephone number.
- Qualification details, skills, experience, and employment history.
- Information about an applicant’s current level of remuneration, including benefit entitlements.
- Whether or not applicants have a disability for which we need to make reasonable adjustments during the recruitment process.
- Information about an applicant’s entitlement to work in the applicable country.
- Equal opportunities monitoring information, including information about an applicant’s ethnic origin, sexual orientation, health, and religion or belief.
This information may be submitted by the applicant or indirectly by the applicant’s agent. We may collect additional information from third party sources to supplement information provided by an applicant. Potential sources include public websites, social media sites, subscription research services and our contacts.
How do we use applicant information?
We will use personal data in an application and resume to manage the recruitment process, assess a candidate’s suitability for employment, and meet legal requirements related to the hiring process. As part of our assessment, we may add applicant information to our database and approach applicants about suitable job opportunities in any of our offices. We may also need to process applicant information to defend against legal claims.
Who has access to applicant information?
As part of the application review process, application data and resumes may be reviewed by recruitment teams, lawyers, staff and agents based in any of our offices. The information in our recruitment database is not traded with external organizations and is not used for marketing purposes.
How long do we retain applicant information?
We will retain application data for at least 24 months following receipt of your application. Data may be retained for longer periods. If you prefer us not retain your application data, please contact us as explained below.
What websites does Dailey operate?
Dailey sites include this website and other Dailey-owned websites, extranets, collaboration sites, blogs, webinar platforms, social media sites and mobile device apps. To the extent that any of these sites or services have specific privacy notices or terms and conditions, they take precedence over this policy. Information input into web applications, for example, varies by application.
What personal information do we collect from website users?
Our websites use “cookies” to facilitate use of the site. For detailed information on the cookies used and the purposes for which they are used, see the “cookies” section in our website’s Conditions of Use. Other personal data from website visitors is voluntarily provided.
How do we use website user information?
We use Information collected directly from website users to provide the services that users request, such as subscribing for events and legal updates, or applying for a position at the firm. Other data collected via cookies is used to administer Dailey sites or analyze our business.
Who has access to website user information?
Our marketing team, website development personnel and our third party service providers access website user information for the above purposes. We also provide reports with website user information to our management.
How long is website user information retained?
Information collected directly from users is retained as long as it is needed to provide requested services. Personal information collected via cookies is retained until you instruct us to delete it.
What personal information do we collect from event guests?
We collect names, contact information and, where necessary, dietary and access information. We may also take photographs.
How do we use the personal information of event guests?
We will process personal information to manage visits, verify identities, provide access to our facilities and systems, secure our facilities and communicate with visitors regarding their visit. Unless a visitor opts out, we may also send communications about Dailey’s services, events and publications. We will only use personal information about dietary or access requirements to cater for a visitor’s needs and to fulfill any other legal obligations.
Who has access to the personal information of event guests?
In addition to staff that help plan the event, we may share your information with other service providers or business partners involved in organizing or hosting the relevant event. Other guests may see your name and organization on a shared guest list. Unless you are an EU subject, your information may also be loaded into our contact management database. That database is accessed by our marketing team, third party service providers, and a limited set of other personnel that support our marketing efforts.
How long do we retain the personal information of event guests?
We retain visitor information for as long as it is needed to facilitate the event and related activities. For EU subjects, we do not use personal information gathered at events for other purposes unless they provide affirmative consent. Otherwise, we may add a visitor’s contact information to our mailing list and send marketing communications.
Who are Dailey’s suppliers?
To support the provision of legal services to our clients, we may engage counsel, vendors, consultants, contractors, business partners and other third parties to provide goods or services to us or on behalf of our clients.
What personal information do we collect from suppliers?
We collect names, identification numbers, contact information, and financial data. We may collect additional information about suppliers from third party sources to supplement information provided by the supplier. Potential sources include public websites, research services and industry directories.
How do we use personal information collected from suppliers?
We use supplier personal information to track client services and manage supplier relationships. Activities include supplier selection, due diligence, credit and other checks, billing and payments, contracts, renewals, monitoring and compliance.
Who has access to personal information collected from suppliers?
Lawyers, legal staff, finance staff and other operational staff may access supplier information as needed to conduct the above activities. We do not share supplier data with unrelated third parties.
How long do we retain personal information collected from suppliers?
We retain supplier information as long as we have a relationship with the supplier and up to 7 years after the relationship ends.
Marketing to You
If you no longer wish to receive marketing communications from us, you may unsubscribe at any time either by (i) clicking a link at the bottom of each marketing email which enables you to opt out of our mailing lists or (ii) sending an e-mail to unsubscribe@DaileyLLP.com.
Securing Your Information
Dailey takes commercially reasonable and appropriate security precautions, physical, electronic and procedural safeguards consistent with industry practice to protect your personal information.
Honoring Your Rights
Dailey LLP controls the information that it collects about you and is responsible for honoring your rights. Subject to our legal obligations and rights, EU and United Kingdom subjects have numerous rights. Key rights include the following:
Access – You may request a summary or copy of your personal information that is retained or processed by Dailey.
Rectification – You may request that Dailey update your personal information when it is inaccurate or incomplete.
Erasure – You may request that we erase your personal information from our systems.
For more details on your rights and exceptions to those rights, visit the UK Information Commissioner’s Office website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.
If you wish to exercise your rights, contact us at jdailey@DaileyLLP.com.
The lawful basis for processing your information varies by information type and context. Dailey commonly relies upon four bases:
- It is necessary for the performance of a contract to which the employee concerned is a party.
- It is necessary for compliance with legal obligations.
- It is necessary to protect the employee’s vital interests.
- It is necessary for the Firm’s legitimate interests or those of a third party, except where such interests are overridden by the interests or rights of the employee concerned.
To process “special categories” of information we rely upon one of the following additional legal grounds:
- Processing is necessary for carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of employment and social security and social protection law.
- Processing is necessary to protect the vital interests of a data subject who is physically or legally incapable of giving consent.
- Data manifestly made public by the data subject.
- Processing is necessary for the establishment, exercise or defense of legal claims or whenever courts are acting in their judicial capacity.
- The data subject has provided explicit consent.
- The data subject has manifestly made the data public.
If you are a subject of the UK or another EU country, you have a right to complain to the data protection authority in your country. If you wish to exercise your data privacy rights, make a complaint, or request more information, please contact us as explained below.
Answering Your Questions
If you have additional questions, email us at jdailey@DaileyLLP.com.