PRIVACY STATEMENT

(1) In this Privacy Notice, references to we , us or our means McAllister Davis & Goldstein Inc. ("MDG") and/or the MDG Offices. References to you and your are to users of our Websites. In this Privacy Notice Personal Information is information relating to you, which can be used to personally identify you (either directly or indirectly).

(2) McAllister Davis & Goldstein operates this Website, which provides the "Service". This page is used to inform website visitors regarding our policies with the collection, use, and disclosure of Personal Information if anyone decided to use our Service. If you choose to use our Service, then you agree to the collection and use of information in relation with this policy. The Personal Information that we collect are used for providing and improving the Service. We will not use or share your information with anyone except as described in this Privacy Policy.

(3) This Privacy Notice:

-describes how we collect, use and otherwise handle Personal Information that you provide or make available to us, or that we collect from you, when you use our Websites,
-explains the circumstances in which we may transfer this to others; and
-explains about the rights that you have in relation to this Personal Information.

In this Privacy Statement, "Personal Data or Personal Information" means information that (either in isolation or in combination with other information held by MDG) enables you to be identified as an individual or recognized directly or indirectly. With respect to California residents, references to “personal information” in this Privacy Statement means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household, subject to certain exceptions set forth in the California Consumer Privacy Act of 2018 (the CCPA), as amended. If you provide us with Personal Data relating to other persons (such as family members, work colleagues, employees, etc.), you are responsible for ensuring the relevant individuals are made aware of the terms of this Privacy Statement and that you are legally entitled to provide us with their Personal Data. You are also responsible for ensuring that their Personal Data is accurate and up-to-date. Unless we specifically state otherwise, the MDG is the controller of the Personal Data we process, and is therefore responsible for ensuring that the systems and processes we use are compliant with data protection laws, to the extent applicable to us.

The data controller for the Services is:

McAllister Davis & Goldstein Inc.
244 5th Avenue, New York, NY 10001, United States.

MDG personnel are required to comply with this Privacy Statement and associated MDG policies when dealing with Personal Data and must also complete data protection training where appropriate to their role.

(4) The terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, unless otherwise defined in this Privacy Policy. Our Privacy Notice must be read together with any other legal notices or terms and conditions provided or made available to you on other pages of our Websites. The transfer of your Personal Information to and between MDG Firms as described in this Privacy Notice, may involve your Personal Information being sent outside of the U.S., to locations that may not provide the same level of protection as those where you first provided the information. MDG is an international law firm comprised of multiple offices and affiliated entities in numerous jurisdictions. Details regarding our offices and affiliated entities can be found on our Website. Your personal information may be transferred to or shared across our integrated computer networks with one or more of MDG’s offices and other countries that may not be subject to data protection laws similar to those prevailing in the jurisdiction in which such information is provided to or received by us. However, all of our offices adhere to the same procedures with respect to your personal information, including this Privacy Statement.

While our offices in the Netherlands, Belgium, France and Germany are in the European Economic Area ("EEA"), not all of our offices are in countries that have the same data protection laws as the EEA. That said, with regard to our office in the UK, the UK has incorporated the wording of the GDPR with the UK GDPR and the Data Protection Act 2018 and following Brexit, the European Commission has issued an adequacy decision that allows data flows between the EEA and the UK to continue and remain safe. When we transfer personal information (i) from within the EEA to countries located outside the EEA that have not received an adequacy decision from the European Commission, or (ii) from the UK to countries that are not recognized as offering an adequate level of protection by the Information Commissioner’s Office, including within MDG offices and affiliated entities and with our service providers, we have implemented adequate safeguards to appropriately protect such transfer of personal information, including on the terms of a valid data transfer agreement incorporating the European Commission’s standard contractual clauses or as permitted under applicable data protection laws. These safeguards are designed to protect your privacy rights and provide you with remedies in the unlikely event that your personal information is misused. You may ask for further information on the safeguards that we have put in place to safeguard the transfer of your personal information to countries outside of the EEA or the UK by contacting us at DataProtection@mdg-lawyers.com.

(5) However, we will only transfer your Personal Information outside of the U.S.: where the transfer is to a place that is regarded by the U.S. Administration as providing adequate protection for your Personal Information; or where we have put in place appropriate safeguards to ensure that your Personal Information is protected; or the above does not apply but we are still legally permitted to do so, for example if the transfer is necessary for the establishment, exercise or defence of legal claims. You can request further detail about the safeguards that we have in place in respect of transfers of Personal Information outside of the U.S. and where applicable a copy of the standard data protection clauses that we have in place, by contacting us here. Our Sites are hosted on servers in the United States. If you are located in a non-US jurisdiction, the transfer of Personal Data is necessary to provide you with the requested information and/or to perform any requested transaction. When you submit personal information to us you are transferring your data across borders. With respect to transfers originating from the European Economic Area and Switzerland to the United States and other non-EEA jurisdictions, we implement standard contractual clauses approved by the European Commission, and other appropriate solutions to address cross-border transfers as required or permitted by Articles 46 and 49 of the General Data Protection Regulation or other relevant laws. Where required by such laws, you may request a copy of the suitable mechanisms we have in place by contacting us as detailed below.

(6) It is our policy to retain your Personal Information for the length of time required for the specific purpose or purposes for which it was collected. However, we may be obliged to store some Personal Information for a longer time, taking into account factors including: legal obligation(s) under applicable law to retain data for a certain period of time; statute of limitations under applicable law(s); (potential) disputes and guidelines issued by relevant data protection authorities. If you would like to find out how long we keep your Personal Information for a particular purpose you can contact us.
The purposes for which we use Personal Data, and the legal bases for such processing, are as follows:

-To provide legal advice and respond to inquiries we use basic data, registration data, client service data, and device data. We need to process your information in this way in order to perform our obligations under our contracts with our clients.

-To manage our business operations and administer our client relationships we use basic data, special categories of data, registration data, marketing data and client service data. This processing is necessary in order to perform our obligations under our contracts with our clients (e.g. issuing and processing invoices) and suppliers (e.g. managing the supply of goods and services to the Firm).

-To make our Sites more intuitive and easy to use we use device data. It is necessary for our legitimate interests to monitor how our Sites are used to help us improve the layout and information available on our Sites and provide a better service to our Site users.

-To protect the security and effective functioning of our Sites and information technology systems we use basic data, registration data, transaction data, and device data. It is necessary for our legitimate interests to monitor how our Sites are used to detect and prevent fraud, other crimes and the misuse of our Sites. This helps us to ensure that you can safely use our Sites.

-To expand and maintain our list of contacts, better understand how people use our services and improve the strength of our relationships with clients and other third parties we use basic data, interaction data and device data. It is necessary for our legitimate interests to keep your information accurate and up-to-date with the aim of improving the overall client experience and our relationship with you.

-To provide relevant marketing such as providing you with information about events or services that may be of interest to you including legal services, legal updates, client conferences or networking events, and groups of specific interest (e.g. specific types of networking groups) we use marketing data, basic data, special categories of data, registration data, client service data, and device data. It is necessary for our legitimate interests to process this information in order to provide you with tailored and relevant marketing, updates and invitations.

-To address compliance and legal obligations, such as complying with the Firm's tax reporting obligations, checking the identity of new clients and to prevent money laundering and/or fraud we use compliance data, basic data, registration data, transaction data, and device data. This processing is necessary for the purposes of complying with legal requirements to which we are subject.

-To consider individuals for employment and contractor opportunities and manage on-boarding procedures we use job applicant data and compliance data. The processing is necessary for the purposes of recruitment and on-boarding and for complying with legal obligations to which we are subject and which may be subject to a relevant local recruitment privacy policy.

(7) As MDG is an international legal practice, operating from multiple jurisdictions, various countryspecific requirements may apply to your use of our Websites. You can view country specific privacy information as part of this Privacy Notice here.

Collection of Personal Data

(8) For a better experience while using our Service, we may require you to provide us with certain personally identifiable information, including but not limited to your name, phone number, and postal address. The information that we collect will be used to contact or identify you. The types of information that we may collect from you, depending on how you use our Websites is: your name; your email address; your address (business and personal); your landline and mobile telephone numbers (business and personal); any information that you choose to provide to us when filling out a contact form on our Websites; your IP address and other technical information which tells us about how you use our Websites; your geographic location (country/territory where you are living and/or working); your job title, role and the name of your employer; the industry sector in which you work; and the content of your C.V. and covering letter (where you apply for a vacancy with us on our Websites).

(9) We may use your Personal Information for our business purposes as follows: to manage our business; to communicate with you; to enable corporate transactions to take place; for record keeping, statistical analysis, internal reporting and research purposes; to ensure network and information security; to notify you about changes to our services; to investigate any complaint you make; to provide evidence in any dispute or anticipated dispute between you and us; to analyse how our Websites are being used; to customise various aspects of our Websites to improve your experience; to host, maintain and otherwise support the operation of our Websites; for the detection and prevention of fraud and other criminal offences; for risk management purposes; for document retention/storage purposes; for database management purposes; to protect the rights, property, and/or safety of MDG, its personnel and others; and to ensure the quality of the services we provide to our users.

You have control regarding our use of Personal Data for direct marketing. In certain markets, you will need to expressly consent before receiving marketing. In all markets, you can choose to not receive such communications at any time. If you no longer wish to receive any marketing communications, remain on a mailing list to which you previously subscribed, or receive any other marketing communication, please follow the unsubscribe link in the relevant communication or contact us as per below.

(10) If you choose not to provide Personal Information requested by us, we may not be able to provide you with the information and/or services you have requested or otherwise fulfil the purpose(s) for which we have asked for the Personal Information. Aside from this, your visit to our Websites will remain unaffected.

(11) We process your personal information where we need to do so: to comply with our legal and regulatory obligations and for our legitimate interests in: responding to your queries; providing services and/or information to you; recruiting personnel; and our internal business purposes. You can object to processing based on our legitimate interests at any time by contacting us here. We consider that the risk to your data protection rights in connection with Personal Information that we process on the basis of our legitimate interests is not excessive or overly intrusive. We have also put in place protections for your rights by ensuring proper retention periods and security controls. If you would like to find out more about the legal grounds on which we process your Personal Information for a particular purpose you can contact us here. Whilst we continue to process your Personal Information, we will ensure that it is treated in accordance with this Privacy Notice. Otherwise, we securely erase your information once this is no longer needed.

(12) Where permissible under applicable laws, we may combine information that you have provided to us with other information that we already hold about you and which we have collected for a compatible purpose. MDG shares your Personal Information with MDG Offices.

Data Security

(13) We have implemented technical and organizational security measures in an effort to safeguard the personal information in our custody and control. Such measures include:

-restricting access to Personal Data to staff and service providers on a need-to-know basis;

-a formal Information Security Management System (ISMS) aligned with ISO 27001 and 27002:2013.

The ISMS is a comprehensive set of policies and procedures for deploying, managing and securing the Firm's Information Technology infrastructure; utilizing a defense-in-depth approach to protecting our internal Firm and client data.

(14) While we endeavour to always protect our systems, sites, operations and information against unauthorized access, use, modification and disclosure, due to the inherent nature of the Internet as an open global communications vehicle and other risk factors, we cannot guarantee that any information, during transmission or while stored on our systems, will be absolutely safe from intrusion by others.

Service Providers

(15) We may employ third-party companies and individuals due to the following reasons:

-To facilitate our Service;

-To provide the Service on our behalf;

-To perform Service-related services; or

-To assist us in analyzing how our Service is used.

(16) We want to inform our Service users that these third parties have access to your Personal Information. The reason is to perform the tasks assigned to them on our behalf. We share your Personal Information with our third party service providers based in the U.S. who act on our behalf to: provide support services in relation to our Websites for the purposes of hosting and maintaining our Websites, providing data storage, assisting us with database management, and in order to assist us with related tasks or processes.

(17) All of our service providers are bound by written contract to process Personal Information provided to them only for the purpose of providing the specific service to us and to maintain appropriate security measures to protect your Personal Information.

(18) We acknowledge that the information you provide may be confidential. We do not sell, rent, distribute or otherwise make Personal Information commercially available to any third party, except that we may share information with our service providers for the purposes set out in this Privacy Notice. We will maintain the confidentiality of and protect your information in accordance with our Privacy Notice and all applicable laws.

Links to other sites

(19) Our Service may contain links to other sites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by us. Therefore, we strongly advise you to review the Privacy Policy of these websites. We have no control over, and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Changes to this Privacy Policy

(20) We may update our Privacy Policy from time to time. Thus, we advise you to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page. These changes are effective immediately, after they are posted on this page.

Contact Us

(21) If you wish to request further information or exercise any of the above rights, or if you are unhappy with how we have handled your Personal Information, contact us here:

McAllister Davis & Goldstein Inc.
244 5th Avenue, New York, 10001 NY, USA
Email: privacy@mdg-lawyers.com.

Before assessing your request, we may request additional information in order to identify you. If you do not provide the requested information and, as a result we are not in a position to identify you, we may refuse to action your request. We will generally respond to your request within one month of receipt of your request. We can extend this period by an additional two months if this is necessary taking into account the complexity and number of requests that you have submitted.

Notice to Residents of the EU, EEA and Switzerland

(22) If you reside or otherwise find yourself in the European Economic Area, European Union, or Switzerland, MDG is committed to respecting your rights as a data subject under the applicable laws of these countries. If you have a privacy concern or questions about how your personal information is used, please contact us at privacy@mdg-lawyers.com.

If you are in the European Economic Area (EEA) you have the following rights:

-Access. Subject to certain exceptions , you have the right to request a copy of the Personal Data we are processing about you, which we will provide to you in electronic form. At our discretion we may require you to prove your identity before providing the requested information. If you require multiple copies of your Personal Data, we may charge a reasonable administration fee.

-Rectification. You have the right to require that any incomplete or inaccurate Personal Data that we process about you is amended.

-Deletion. You have the right to request that we delete Personal Data that we process about you, unless we are required to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims.

-Restriction. You have the right to request that we restrict our processing of your Personal Data where:

+you believe such data to be inaccurate;

+our processing is unlawful; or

+we no longer need to process such data for a particular purpose, but where we are not able to delete the data due to a legal or other obligation or because you do not want us to delete it.

-Portability. You have the right to request that we transmit the Personal Data we hold in respect of you to another controller, where this is:

+personal information which you have provided to us; and

+we are processing that data on the basis of your consent or in order to perform our obligations under contract to you (such as to provide legal services).

-Objection. Where the legal justification for our processing of your Personal Data is our legitimate interest, you have the right to object to such processing on grounds relating to your particular situation. We will abide by your request unless we have compelling legitimate grounds for the processing which override your interests and rights, or if we need to continue to process the data for the establishment, exercise or defence of a legal claim.

-Withdrawing Consent. If you have consented to our processing of your Personal Data, you have the right to withdraw your consent at any time, free of charge This includes cases where you wish to opt out from marketing messages that you receive from us.

If you are in the EEA you also have the right to lodge a complaint with the local data protection authority if you believe that we have not complied with applicable data protection laws.

Please note that some of these rights may be limited where we have an overriding interest or legal obligation to continue to process the personal information or where data may be exempt from disclosure due to reasons of legal professional privilege or professional secrecy obligations.

(23) Consistent with our values, we observe the following privacy principles when collecting or processing your personal information: information will be processed fairly and in accordance with applicable law; information will be collected for specified and legitimate purposes, and will not be processed in ways that are incompatible with those purposes; information collection and use will be limited to what is relevant for the specified purposes and will not be excessive. We will limit the amount and type of information gathered to what is necessary for the uses and purposes defined in this Privacy Policy.

(24) We will only collect and process personal information about you where we have a lawful basis. Lawful bases include consent (where you have given consent), contract (where we must process your personal information based on a contract we have with you, for example, to deliver requested products or services), and legitimate interests (where processing is necessary for the purposes of compelling legitimate interests of MDG that are not overridden by your rights).

(25) Data subjects in the European Union, European Economic Area, and Switzerland may be asked to provide their clear and unambiguous consent for collection, processing, and transfer of their personal information. Where we process personal information based on consent, consent can be withdrawn at any time. We will keep your personal information as accurate, complete, and up-to-date as necessary and practical, and we will take reasonable steps to correct or delete personal information that is inaccurate or incomplete. If you think that your information is inaccurate or incomplete, please contact us.

(26) Information will only be kept where it is necessary for the purposes for which it was collected and processed. Those purposes are defined in this Privacy Policy.

We are required by law to comply with many regulations that require us to keep information, including your personal information, for different time periods. We must evaluate any request to change or delete information, including your information, prior to fulfilling such request to make sure that the requested change or deletion meets legal regulatory requirements and does not change our other information or make it less secure. We will keep information for as long as is necessary to comply with legal or regulatory obligations.

(27) Your information will be deleted or amended if we receive a relevant request from you, if we are permitted by law to do so, and if making the change does not risk making other information less secure or risk changing other information. We have taken appropriate measures to prevent unauthorized access, loss, use, or damage to your personal information.

(28) International Transfers of Personal Information: If you are located outside the United States and you interact with our Sites or provide your personal information, then your personal information may be transferred to the United States. If you are located in the European Economic Area, European Union, or Switzerland, please note that the United States currently is not on the list of countries that the European Commission considers adequate regarding the protection of personal information.

California Consumer Privacy Act Disclosures

(29) Any terms defined in the California Consumer Privacy Act of 2018, as amended from time to time, including by the California Privacy Rights Act of 2020 and its implementing regulations ("CCP") have the same meaning when used in these disclosures. These disclosures do not reflect our collection, use, or disclosure of California residents’ personal information, or data subject rights, where an exception or exemption under the CCPA applies.

(30) If you are a California resident, you have the following rights, subject to certain exceptions as set forth in the CCPA:

-Right to Know. You have the right to receive information from us regarding (i) the categories of personal information we have collected about you, (ii) the categories of sources from which we have collected your personal information, (iii) the business or commercial purposes for which we have collected, shared, or sold your personal information, (iv) the categories of third parties to whom we disclose your personal information, and (v) the specific pieces of personal information we collected about you, in each case, in the 12 months preceding your “right to know” request.

-Right to Delete. You have the right to request the deletion of the personal information that you provided to us. Please note that in certain instances we may not be able to process your request, such as (i) due to the existence of a legal obligation, (ii) to detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities, (iii) in order to complete a transaction for which your personal information was collected, or (iv) to enable solely internal uses that are reasonably aligned with your expectations and context.

-Right to Correct. You have the right to request correction of inaccurate personal information that we maintain about you, taking into account the nature of the personal information and the purposes of the processing of the personal information.

-Right to Non-Discrimination. You have the right to be free from discrimination by us as a result of you exercising your privacy rights conferred under the CCPA including an employee’s, job applicant’s, or independent contractor’s right not to be retaliated against for the exercise of their CCPA rights.

If you wish to exercise these rights, you must submit a request by emailing CCPA_Requests@mdg-lawyers.com. The CCPA requires us to verify requests we receive when one is seeking to exercise certain of the rights listed above. We may ask you to provide certain information as proof of your identity such as a copy of your driver’s license or passport and a recent utility or credit card bill in order for us to verify your request. If you are a MDG employee or otherwise have a relationship with us, we verify you by directly confirming with you, otherwise we verify through a service provider that uses information about you to ask questions the answers to which will help us determine if you are who you say you are. If you have an authorized agent submit a request, MDG may require you to (i) provide the authorized agent signed permission to do so, (ii) verify your own identity directly with MDG, and (iii) directly confirm with MDG that you provided the authorized agent permission to submit the request.

(31) MDG has collected the following types of personal information about California residents in the preceding 12 months:

-Identifiers. Includes your real name, any previous names or preferred name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.

-Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). Includes your name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

-Protected classification characteristics under California or federal law. Includes your age, race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, and genetic information (including familial genetic information).

-Internet or other electronic network activity. Includes browsing history, search history, information on your interaction with a website application, or advertisement.

-Professional or employment-related information. Includes your professional or employment-related information, including your resume, interview records, identity documents for work eligibility verification in the United States, Bar information, offer letter, employment dates, position, salary, bonuses, benefits information, attendance records, performance evaluations and employee relations information (e.g., disciplinary records).

(32) In general, with respect to categories of personal and sensitive personal information about website visitors, we retain each category as long as needed or permitted in light of the purpose(s) for which it was obtained and any additional time periods necessary for the compliance with laws, exercise or defense of legal rights, and archiving, back-up and deletion processes.

(33) Disclosures for a Business or Commercial Purpose. In the preceding 12 months, MDG has disclosed the categories of personal information listed above to its service providers for specific, limited business purposes, including for conducting background checks for job applicants, processing payroll, detecting data security incidents and troubleshooting software use, among other purposes listed in the Information Usage section of this Privacy Statement, which can be found above.

(34) No Sharing/Selling of Personal Information with Third Parties. MDG does not “sell” or “share” any of your personal information that is collected (as such terms are defined by the CCPA). MDG therefore does not have actual knowledge that it sells or shares the personal information of consumers under 16 years of age.

(35) Compliance with Section 7027(m). MDG does not use or disclose sensitive personal information for purposes other than those specified in Section 7027(m) of the implementing regulations of the CCPA.

Business or Commercial Purpose for Collecting Personal Information

(36) We do not have actual knowledge that we sell or share for cross context behavioural advertising, the personal information of California residents under 16 years of age.

Exercise CCPA Rights

(37) Methods of Submission and Instructions: To submit a request to exercise your rights to know, delete or correct, please email privacy@mdg-lawyers.com.

(38) Verification: Only you, or someone legally authorized to act on your behalf, may make a request related to your personal information. You may designate an authorized agent by taking the steps outlined under "Authorized Agent" further below. In your request or in response to us seeking additional information, you, or your authorized agent, must provide sufficient information to allow us to reasonably verify that you are, in fact, the person whose personal information was collected which will depend on your prior interactions with us and the sensitivity of the personal information being requested. We may ask you for information to verify your identity and, if you do not provide enough information for us to reasonably verify your identity, we will not be able to fulfil your request. We will only use the personal information you provide to us in a request for the purposes of verifying your identity and to fulfill your request.

(39) Authorized Agents: You can designate an authorized agent to make a request under the CCPA on your behalf if:

The authorized agent is a natural person or a business entity and the agent provides proof that you gave the agent signed permission to submit the request; and You directly confirm with MDG that you provided the authorized agent with permission to submit the request.

(40) If you provide an authorized agent with power of attorney pursuant to Probate Code sections 4121 to 4130, it may not be necessary to perform these steps and we will respond to any request from such authorized agent in accordance with the CCPA.

Contact Us

If you have any questions or comments about these disclosures or our practices, please contact us at:

Email address: privacy@mdg-lawyers.com

Postal address:
Office of General Counsel - Data Privacy

McAllister Davis & Goldstein Inc.
244 5th Avenue, New York, NY 10001, USA.

[Last Updated: August 01, 2023]
Home
Derivatives
Private Equity
Investment Funds
M&A
Investor Relations
Banking
Tax
Restructuring
Employment
Energy
Data & Technology
IP
Healthcare
Real Estate
Antitrust
Environment
Research
Terms
Privacy
Cookies
Pro Bono
Pay Transparency
Disclaimer
Alumni
Attorney Advertising

Privacy Statment




In this Privacy Notice, references to we, us or our means McAllister Davis & Goldstein Inc. ("MDG") and/or the MDG Offices. References to you and your are to users of our Websites. In this Privacy Notice Personal Information is information relating to you, which can be used to personally identify you (either directly or indirectly).

This page is used to inform website visitors regarding our policies with the collection, use, and disclosure of Personal Information if anyone decided to use our Service, this Website. If you choose to use our Service, then you agree to the collection and use of information in relation with this policy. The Personal Information that we collect are used for providing and improving the Service.