Privacy Policy
Lindemann Miller Bowen LLP Privacy Policy
You agree to the terms of this Privacy Policy (“Policy”) when you provide your personal data to us, whether our website, by email, in person, or over the phone. Further notices highlighting certain uses we wish to make of your personal data together with the ability to opt in or out of selected uses may also be provided to you when we collect personal data from you.
This Policy does not apply to, and Lindemann Miller Bowen LLP (“LMB”) is not responsible for, third-party websites that may be accessible through links from this website. They will have their own privacy policies to which your use of those websites will be subject
1. Who we are and what we do
LMB is a law firm and Illinois Limited Liability Partnership. LMB provides legal advice and related legal services to its clients.
2. What personal data we collect about you
We may collect and process different types of personal data in the course of operating our business and providing our services. These include:
- Basic personal details such as your name and job title;
- Contact data such as your telephone number and postal or email address;
- Financial data such as payment-related information or bank account details;
- Demographic data such as your address, preferences, or interests;
- Website usage and other technical data such as details of your visits to our website or information collected through cookies and other tracking technologies;
- Personal data provided to us by or on behalf of our clients or generated by us in the course of providing our services, which may, where relevant, include special categories of personal data;
- Identification and other background verification data such as a copy of passports or utility bills or evidence of beneficial ownership or the source of funds to comply with client due diligence/“know your client”/anti-money laundering laws and collected as part of our client acceptance and ongoing monitoring procedures;
- Recruitment-related data such as your curriculum vitae, your education and employment history, details of professional memberships, and other information relevant to potential recruitment to LMB;
- Data that you may provide to us in the course of registering for and attending events or meetings, including access and dietary requirements; and
- Any other personal data relating to you that you may provide.
3. How we obtain the personal data about you
We may collect or receive your personal data:
- Where you provide it to us directly, for example by corresponding with us by email, or via other direct interactions with us such as completing a form on our website;
- Where we monitor use of, or interactions with, our website, any marketing we may send to you, or other email communications sent from or received by LMB;
- Third-party sources, for example, where we collect information about you to assist with “know your client” checks as part of our client acceptance procedures or where we receive information about you from recruitment agencies for recruitment purposes; or
- Publicly available sources – we may, for example, use such sources to help us keep the contact details we already hold for you accurate and up to date or for professional networking purposes, e.g. LinkedIn.
4. How we use your personal data
We will only use your personal data where we are permitted to do so by applicable law. Under EU and UK data protection law, the use of personal data must be justified under one of a number of legal grounds. The principal legal grounds that justify our use of your personal data are:
- Contract performance: where your information is necessary to enter into or perform our contract with you.
- Legal obligation: where we need to use your information to comply with our legal obligations.
- Legitimate interests: where we use your information to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights.
- Legal claims: where your information is necessary for us to defend, prosecute or make a claim against you, us, or a third party.
- Consent: where you have consented to our use of your information (you will have been presented with a consent form or facility in relation to any such use and may withdraw your consent through an unsubscribe or similar facility).
We may use your personal data in the following ways. In each case, we note the grounds that we rely on to use your personal data.
- To provide our legal and other services to you and to conduct our business – to administer and perform our services, including to carry out our obligations arising from any agreements entered into between you and us (including our retention agreement entered into before we provide legal services);
Legal grounds: contract performance, legitimate interests (to enable us to perform our obligations and provide our services to you), consent. - To facilitate use of our website and to ensure content is relevant – to respond to requests for information or inquiries from visitors to our website and to ensure that content from our website is presented in the most effective manner for you and for your device;
Legal grounds: legitimate interests (to allow us to provide you with the content and services on the website), consent, contract performance. - For marketing and business development purposes – to provide you with details of new services, legal updates, and invites to seminars and events where you have chosen to receive these. We will provide an option to unsubscribe or opt-out of further communication on any electronic marketing communication sent to you or you may opt out by contacting us as set out in section 12 below;
Legal grounds: legitimate interests, consent.
- For research and development purposes – analysis in order to better understand your and our clients’ services and marketing requirements and to better understand our business and develop our services and offerings;
Legal grounds: legitimate interests (to allow us to improve our services). - For recruitment purposes – to enable us to process applications for employment and to assess your suitability for any position for which you may apply at LMB;
Legal grounds: legitimate interests (to ensure that we can make the most appropriate recruitment decisions for LMB), contract performance (in order for us to take steps at your request to enter into a contract with you). - To fulfil our legal, regulatory, or risk management obligations – to comply with our legal obligations (performing client due diligence/“know your client”, anti-money laundering, anti-bribery, sanctions or reputational risk screening, identifying conflicts of interests); for the prevention of fraud and/or other relevant background checks as may be required by applicable law and regulation and best practice at any given time (if false or inaccurate information is provided and fraud is identified or suspected, details may be passed to fraud prevention agencies and may be recorded by us or by them); to enforce our legal rights, to comply with our legal or regulatory reporting obligations and/or to protect the rights of third-parties;
Legal grounds: legal obligations, legal claims, legitimate interests (to cooperate with law enforcement and regulatory authorities, to ensure that you fall within our acceptable risk profile and to assist with the prevention of crime and fraud). Where we process special categories of personal data we may also rely on substantial public interest (prevention or detection of crime) or legal claims. - To ensure that we are paid – to recover any payments due to us and where necessary to enforce such recovery through the engagement of debt collection agencies or taking other legal action (including the commencement and carrying out of legal and court proceedings);
Legal grounds: contract performance, legal claims, legitimate interests (to ensure that we are paid for our services). - To inform you of changes – to notify you about changes to our services or this Policy;
Legal grounds: legitimate interests (to ensure we can notify you about changes to our service, Policy, etc). - To reorganize or make changes to our business – In the event that we undergo a re-organization (for example if we merge, combine, or divest a part of our business), we may need to transfer some or all of your personal data to the relevant third-party (or its advisors) as part of any due diligence process or transfer to that re-organized entity or third-party your personal data for the same purposes as set out in this Policy or for the purpose of analyzing any proposed re-organization;
Legal grounds: legitimate interests (in order to allow us to change our business).
5. Who we share your personal data with
We may share your personal data with a variety of the following categories of third-parties:
- Our professional advisors (e.g. legal, financial, business, risk management or other advisors), bankers and auditors;
- Our insurers and insurance brokers;
- Third-party service providers, including our SaaS platform providers;
- Other third-party external advisors or experts engaged in the course of the services we provide to our clients and with their prior consent, such as barristers, local counsel and technology service providers and document review platforms.
We may also process your personal data to comply with our regulatory requirements or in the course of dialogue with our regulators as applicable, which may include disclosing your personal data to government, regulatory or law enforcement agencies in connection with inquiries, proceedings or investigations by such parties anywhere in the world or where compelled to do so. Where permitted, or unless to do so would prejudice the prevention or detection of a crime, we will direct any such request to you or notify you before responding.
6. Which countries we transfer your personal data to
As a law firm with clients in multiple countries, we cannot limit our processing of an individual’s personal data to the country in which that individual is based. In the course of providing our services, we will likely need to transfer personal data to locations outside the jurisdiction in which you provide it or where you are viewing our website. If you are based in the European Economic Area (EEA), this will mean that your personal data may be transferred to, accessible from, and/or stored at, a destination outside the EEA such as the United States or other countries in which data protection laws may not be as comprehensive as in the EEA.
Regardless of the location of our processing, we will implement the data protection safeguards that we deploy inside the EEA and implement appropriate measures to ensure that your personal data is protected in accordance with applicable data protection laws. LMB has a data sharing agreement in place signed by all LMB entities which includes EU standard contractual clauses. Similarly, where a third-party service provider processes the personal data of EEA or UK residents on our behalf, we will ensure that appropriate measures are in place to ensure an adequate level of protection for your personal data, usually by including EU standard contractual clauses in our agreements with such third party service providers (alongside other supplementary technical or contractual measures where necessary).
Please contact us as directed below if you would like to see a copy of the specific safeguards applied to the export of your personal data.
7. How long we keep your personal data
We will retain your personal data for as long as is necessary to fulfill the purpose for which this data was collected and any other permitted linked purpose (for example certain transaction details and correspondence related to any legal services we provide may be retained until the time limit for claims in respect of the transaction has expired or in order to comply with regulatory requirements regarding the retention of such data). If your personal data is used for two purposes, we will retain it until the purpose with the latest period expires; but we will stop using it for the purpose with a shorter period once that period expires. Our retention periods are also based on our business needs and good practice.
8. How we protect your personal data
We recognize that information security is an integral element of data privacy. While no data transmission (including over the Internet or any website) can be guaranteed to be secure from intrusion, we implement a range of commercially reasonable physical, technical and procedural measures to help protect personal data from unauthorized access, use, disclosure, alteration, or destruction in accordance with data protection law requirements.
Information that you provide to us is stored on our or our service providers’ secure servers and accessed and used subject to our security policies and standards, or those agreed with our service providers.
Everyone at LMB and any third-party service providers we may engage that process personal data on our behalf (for the purposes listed above) are also contractually obligated to respect the confidentiality of personal data.
Alongside our role, please also note that where we have given you (or where you have chosen) a password which enables you to access certain online folders or websites, you are responsible for keeping this password confidential and for complying with any other security procedures that we notify you of. We ask you not to share a password with anyone.
9. What rights you have in relation to your personal data
If you have any questions about our use of your personal data, you should first contact us via the details provided in section 12 below. Under certain circumstances and in accordance with EU or other applicable data protection laws, you may have the right to require us to:
- provide you with further details on the use we make of your information;
- provide you with a copy of information that we hold about you;
- update any inaccuracies in the personal data we hold;
- delete any personal data that we no longer have a lawful ground to use;
- where processing is based on consent, to withdraw your consent so that we stop that particular processing;
- object to any processing based on the legitimate interests’ ground unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights; and
- restrict how we use your information whilst a complaint is being investigated.
You may also ask us not to process your personal data for marketing purposes. We will inform you if we intend to disclose your information to any third-party service provider for this purpose. As indicated in section 4 above, you can exercise your right to prevent such processing at any time by contacting us at [email protected].
We are also required to take reasonable steps to ensure that your personal data remains accurate. In order to assist us with this, please let us know of any changes to the personal data that you have provided to us by contacting us at [email protected] that we provide.
While it is our policy to respect the rights of individuals, please be aware that your exercise of these rights is subject to certain exemptions to safeguard the public interest (e.g. the prevention or detection of crime), our interests (e.g. the maintenance of legal privilege) and some of these rights may be limited (for example the right to withdraw consent) where we are required or permitted by law to continue processing your personal data to defend our legal rights or meet our legal and regulatory obligations.
If you contact us to exercise any of these rights, we will check your entitlement and respond in most cases within a month.
If you are not satisfied with our use of your personal data or our response to any exercise of these rights, you have the right to complain to the relevant Supervisory Authority (data protection regulator).
10. Who is the data controller of your personal data
In the case of the firm’s clients, the attorney responsible for our work on a given matter you assigned to the firm is responsible for complying with this Policy and our internal policies and practices related to your data. Please contact [email protected] for more information about the controller of specific data.
11. How we use cookies and similar technologies
When you visit our website we may, but do not currently, send a cookie to your computer. This is a small data file stored by your computer to help improve functionality or tailor information to provide visitors with more relevant pages. We may also analyze website traffic to identify what visitors find most interesting so we can tailor our website accordingly.
12. How you can contact us
If you have a concern or a question about how we have processed your personal information, please contact [email protected].
13. How we may update this Policy
We may change the content of our website and whether and how we use cookies without notice and consequently our Privacy and Cookie Policy may change from time to time in the future. We therefore encourage you to review them when you visit the website to stay informed of how we are using personal data.
This Policy was last updated in August 2024.