Skip to Main Content
Our Commitment to Diversity

Privacy Policy

Website Privacy and Security Statement
Effective: July 21, 2020

 
1. INTRODUCTION

K&L Gates is a fully integrated global law firm that comprises multiple affiliated entities (“K&L Gates” “we,” “us,” or “our”) practicing in a number of jurisdictions and subject to different local laws. Details of our structure and K&L Gates’s affiliated entities are available here.

K&L Gates respects your privacy and is committed to protecting your personal information according to this Privacy Policy.

This Privacy Policy applies to www.klgates.com or any other website in or to which this Privacy Policy is linked or referenced (collectively, the “Website”).

2. SCOPE
This Privacy Policy explains how K&L Gates handles your personal information when you use the Website or when you otherwise contact or interact with us through the Website. There are certain circumstances where different terms regarding how K&L Gates may handle your personal information may apply. If a service or data collection undertaken by us has its own terms regarding the handling of your personal information, those terms - not this Privacy Policy - applies. For instance:

  • Provision of legal services. When engaging with us for the provision of legal and other services, our engagement letters and agreements include specific terms in accordance with relevant national regulations.
  • Specific websites and services operated by K&L Gates. Certain services, such as client extranets, are governed by separate privacy and other terms.
  • Employee privacy notification. Separate notification is provided to employees regarding the processing of our employee’s personal data.

K&L Gates's Privacy Practices at a Glance

Purpose

Lawful basis

Relevant Personal Data

Retention period

Contact

Legitimate interest: to contact you after we have received your contacts

Name, phone, email address

24 months after last contact

Answer questions

Legitimate interest: to answer the questions you have send in through the contact form

Name, email address

24 months after last contact

Opt-in newsletter

Legitimate interest: to provide you with the newsletter you subscribed to

Name, email address

24 months from collection 

Recruitment

Legitimate interest: to reply on your job application

Name, phone number, email address, resume/CV

24 months after last contact

 

3. INFORMATION WE COLLECT

K&L Gates collects:

  • Contact information such as name, title, contact and business information, including phone number email and physical address, when you contact or interact with us.
  • Preferences and interests that you submit through different online forms available through the Website, webinars and events where you can register, including feedback forms in relation to these events. 
  • Your bar information for the purpose of awarding you continuing legal education (CLE) credits to the extent relevant in your jurisdiction. 
  • Online data collected when you browse or submit a search request through the Website, or when you connect to us from a social network such as Facebook, LinkedIn or Twitter. Information collected may include: IP address, and demographic information. For more information about this, please refer to our Cookie Policy
  • Recruitment information. If you apply for a position with K&L Gates, you may be required to provide the following information: name and job title, contact information, resume, employment history and education.
  • Automatically Collected Information. We may process information that is automatically collected when you use the Website. Information is automatically collected: 
    • Through Server Logs: A server log is a list of the activities that a server performs. Our servers automatically collect and store in server logs your search queries, Internet Protocol (IP) address, hardware settings, browser type, browser language, the date and time of your request and referral URL and certain cookies that identify your browser.
    • Through Data Collection Technology: We use cookies, pixel tabs (also known as web beacons, flash cookies and clear GIFs) and similar technology (“Data Collection Technology”) to automatically collect information about you when you use the Website. Please read our Cookie Policy to learn more about how K&L Gates uses Data Collection Technology.

 4. HOW WE USE YOUR INFORMATION

For the purposes of this Privacy Policy, to "process" personal information means to perform any operation on personal information, whether or not by automated means, such as collecting, recording, organizing, storing, adapting, using, disclosing, combining, erasing or destroying.

To process your information as described in this Privacy Policy, we rely on the following legal bases:

  • Performance of a contract: Where we need to perform the contract we have entered into with you.
  • Legitimate interest: Where it falls within the scope of our legitimate interests and your fundamental rights do not override those interests.
  • Legal or regulatory obligation: Where we need to comply with a legal or regulatory obligation.
  • Consent: From time to time, we may ask for your consent to use your information for certain specific reasons. You may withdraw your consent at any time by contacting us using the information provided below.

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

K&L Gates uses information collected for the following purposes based on our legitimate interests:

  • Responding to requests. To respond to your requests and applications;
  • Marketing and business development. To contact you and deliver information (including marketing material) to you that you have requested, including communications relevant to your use of the Website;
  • Events registration. For registration to our webinars and events;
  • Provide you access. To provide you with access to the Website and additional materials and information.
  • Website Security and Analytics. To monitor security threats and improve the performance and content of the Website and other online services, analyzing website usage and creating internal reports.
  • Business relationship. For managing and administering our relationship with you and your organization, including keeping records about our relationship.
  • Legal claims. For the establishment, exercise or defense of legal claims.

We also use your personal information when necessary for the performance of a contract or to comply with legal obligations in the following contexts:

  • Recruitment purposes;
  • Provide legal and other services to clients;
  • Apply for CLE certifications with the appropriate governing body in each legal jurisdiction;
  • Enforcing the Website Terms and Conditions of Use, and other agreements;
  • Comply with laws. To comply with laws such as anti-money-laundering rules, fraud prevention, tax, labor and other relevant national laws, including disclosures to courts and law enforcement;

We may also request your consent to use your personal information for other specific purposes.

5. WHEN WE DISCLOSE INFORMATION

As a fully integrated global law firm, K&L Gates may engage third-party contractors and vendors to help us accomplish our business objectives and serrvices. There are other circumstances where we are required by law to disclose personal information to third-parties, such as public bodies or judicial authorities.

K&L Gates affiliates.
We may disclose your personal information within our K&L Gates affiliates to provide legal and other services. Contact details of K&L Gates affiliated entities are available here and a list of our offices are available here.

Third-party contractors and vendors.
We use third-party contractors and vendors for the purposes listed above and for the following services: to help us operate the Website, assist us with hosting, storage, emergency recovery services, for the provision of screening services, courier, marketing, email, and analytic services, CLE services, credit reference services, debt collection and tracing services. We require these third-parties to treat personal information consistent with this Privacy Policy and each of them is required to enter into a legally binding agreement with K&L Gates.

Third parties engaged in the context of the provision of legal and other services to clients.
These third parties include regulators, corporate registries, public authorities, courts/tribunals, lawyers, private investigators, arbitrators, financial organizations, advisors and other professionals.

Law enforcement, judicial authorities, and third-parties.
Applicable law may require us and our service providers to disclose your information if it is necessary to comply with laws, court orders or government requests or when it is necessary for the prevention of illegal activity or other wrongdoing. In other circumstances, we may share your personal information to protect our legal rights or those of other parties, or for the establishment, exercise or defense of a legal claim.

Third-parties in the context of a business transfer.
We may transfer your personal information if we are involved, whether in whole or in part, in a merger, sale, acquisition, restructuring, dissolution, bankruptcy or other change of ownership or control. If a transfer occurs, we will require that the transferee use personal information in a manner that is consistent with this Privacy Policy and inform you, as the case may be, in accordance with applicable law.

Associations and professional bodies.
This includes, but is not limited to education, training and examining bodies.

Other third-parties based on your consent.
We may ask for your consent to share your information with other third parties. In any such case, we will make it clear why and how we want to share the information.

6. OPT-OUT OF MARKETING COMMUNICATIONS

You can opt-out of receiving direct marketing communications from K&L Gates at any time.

In addition to the "unsubscribe" link contained in each of our e-mail marketing communications, you may opt-out free of charge and at any time of receiving K&L Gates newsletters or other e-mail marketing communications from K&L Gates by sending an e-mail to privacy@klgates.com.  

Note that if you opt-out of our marketing communications, we may still send you service communications relating to the services we provide you via email (e.g. to inform you about changes to the services you requested from us, revisions of our terms and conditions or this Privacy Policy), as such service communications are necessary for the purposes of providing you with our services or complying with our legal obligations.

7. EU AND UK DATA PROTECTION

7.1 Certain Data Protection Rights

If you are a resident of the European Union ("EU") or the United Kingdom ("UK") or we process any of the above personal data through our European offices (or otherwise benefit from such rights by application of the EU General Data Protection Regulation), you have the following rights:

  • Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected, though we may need to verify the accuracy of the new information you provide to us.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal information to comply with local law.
  • Object to processing of your personal information where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • Request restriction of processing of your personal information. This enables you to ask us to suspend the processing of your personal information in the following scenarios: (a) if you want us to establish the information's accuracy; (b) where our use of the information is unlawful but you do not want us to erase it; (c) where you need us to hold the information even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your information but we need to verify whether we have overriding legitimate grounds to use it.
  • Request the transfer of your personal information to you or to a third party (commonly known as a "right to portability"). We will provide to you, or a third party you have chosen, your personal information in a structured, commonly used, machine-readable format. Note that this right only applies to information which you initially provided to us based on (i) your consent or (ii) the performance of a contract with you and where such information is being processed through automated means.
  • Withdraw consent at any time where we are relying on consent to process your personal information. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

If you would like to exercise your data protection rights, or to discuss any of the above rights, please contact us at privacy@klgates.com.

We will make reasonable efforts to comply with the aforementioned requests, unless such requests are prohibited by law, or there is a legitimate purpose to retain your personal data, in which case we will inform you without undue delay and in any case within 30 (thirty) days from the receipt of your request. We reserve the right to verify your identity before any request relating to your personal data processed by us.

If you are not satisfied with our answer or the way we process your personal data pursuant to this Privacy Policy, you have the right to lodge a complaint with a Data Protection Authority at the following website: https://edpb.europa.eu/about-edpb/board/members_en or with the Data Protection Authority in your Member State.

7.2 Information Retention

We will retain your personal information for the period necessary to fulfill the purposes for which you provided it to us, unless a longer retention period is required or permitted by law.

The criteria used to determine our retention periods include:

  • The length of time we have an ongoing relationship with you and provide services to you (for example, for as long as you are our client or keep using the Website);
  • Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep client records for a certain period of time before we can delete them);
  • Whether retention is advisable considering our legal position and for recordkeeping purposes (such as, for statutes of limitations, litigation or regulatory investigations).

7.3 Data Transfers Outside of the EU or UK

Whenever we transfer your personal data out of the EU or UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • European Commission Standard Contractual Clauses: We may use specific contracts approved by the European Commission which give personal information the same protection it has in Europe.
  • Privacy Shield. Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal information shared between the Europe and the US.
  • For additional information on the mechanisms used to protect your personal information, please contact us at privacy@klgates.com.

7.4 Data Controller

For the purposes of EU data protection law K&L Gates LLP is the data controller responsible for the personal information processed through in connection with the Website and has appointed its English LLP as a representative in the EU.  Please direct inquiries regarding EU or UK data protection to privacy@klgates.com or:

K&L Gates LLP
Attention:  Information Security
K&L Gates Center
210 Sixth Avenue
Pittsburgh, Pennsylvania 15222

For any individual whose personal data may be processed through one of our German offices, you can also direct your inquiries to:

K&L Gates LLP
Datenschutzbeauftragter
Markgrafenstr.42
10117 Berlin
datenschutz@klgates.com

8. SECURITY

K&L Gates takes precautions intended to help protect information that we process, but no system or electronic data transmission is completely secure. Any transmission of your personal information is at your own risk and we expect that you will use appropriate security measures to protect your personal information.

You are responsible for maintaining the security of your account credentials for the Website. K&L Gates will treat access to the Website through your account credentials as authorized by you. Unauthorized access to password-protected or secure areas is prohibited and may lead to criminal prosecution. We may suspend your use of all or part of the Website without notice if we suspect or detect any breach of security. If you believe that information you provided to us is no longer secure, please notify us immediately using the contact information provided below.

K&L Gates has earned ISO/IEC 27001 certification from the International Organization for Standardization, an independent, non-governmental international organization. ISO/IEC 27001 is a rigorous framework for information security management systems that is designed to ensure the accessibility, confidentiality and integrity of information.

9. INFORMATION FROM CHILDREN

The Website is not directed to or intended for use by minors under the age of 18. Consistent with the requirements of applicable law, if we learn that we have received any information directly from a minor without his or her parent's verified consent, we will use that information only to respond directly to that child (or his or her parent or legal guardian) to inform the minor that he or she cannot use the Website and subsequently will delete that information.

California Minors:  While the Service is not intended for anyone under the age of 18, if you are a California resident who is under age 18 and you are unable to remove publicly-available content that you have submitted to us, you may request removal by contacting us at: privacy@klgates.com. When requesting removal, you must be specific about the information you want removed and provide us with specific information, such as the URL for each page where the information was entered, so that we can find it. We are not required to remove any content or information that: (1) federal or state law requires us or a third party to maintain; (2) was not posted by you; (3) is anonymized so that you cannot be identified; (4) you don't follow our instructions for removing or requesting removal; or (5) you received compensation or other consideration for providing the content or information. Removal of your content or information from the Website does not ensure complete or comprehensive removal of that content or information from our systems or the systems of our service providers. We are not required to delete the content or information posted by you; our obligations under California law are satisfied so long as we anonymize the content or information or render it invisible to other users and the public.

10. LINKS TO OTHER WEBSITES AND SOCIAL MEDIA

For your convenience we may provide you with links to other websites. Please be aware that this Privacy Policy does not apply to these other websites. We recommend that you review the privacy and security policies of each website you visit before providing any personal information.

Information collected when you share content or access to social media platforms available on the Website such as Facebook, Twitter, LinkedIn, YouTube, and Google + will be associated with your account when you are logged into these social networks. By clicking on the symbol of the social network, new cookies and information about you will be collected through these platforms according to the respective privacy policies for those platforms.

We also use AddThis functionalities including the AddThis share button. By using these services your personal information such as IP address, mobile application ID, browser type, geo-location, keywords entered into the AddThis Toolbar search functionality will be transferred to Oracle America Inc's servers in the United States of America and its partners subject to its privacy policy. (See https://www.addthis.com/privacy/privacy-policy/)

11. CHANGES TO THIS PRIVACY POLICY

We reserve the right to modify this Privacy Policy from time to time. The "Effective Date" at the beginning of this Policy indicates when this Privacy Policy was last revised. If we modify this Privacy Policy, we will post the revised version on the Website, with an updated revision date at least thirty days prior to such changes being effective. Where such changes are substantial, we will also notify you by other means prior to the changes taking effect, such as by sending you an email notification. By continuing to use the Website thirty days after such revisions are in effect, you will be deemed to accept and agree to the revisions and to abide by them. If you would like a copy of the prior version, please contact us at privacy@klgates.com.

12. HOW TO CONTACT US
If you have any questions, comments, or concerns about how we handle your personal information, then you may contact us at privacy@klgates.com or write to us at:

K&L Gates LLP
Attention:  Information Security
K&L Gates Center
210 Sixth Avenue
Pittsburgh, Pennsylvania 15222

For any individual whose personal data may be processed through one of our German offices, you can also direct your inquiries to:

K&L Gates LLP
Datenschutzbeauftragter
Markgrafenstr.42
10117 Berlin
datenschutz@klgates.com

Like many organisations, K&L Gates must comply with the Australian Privacy Principles contained in the Privacy Act 1988 (Cth). K&L Gates is committed to maintaining the confidentiality and security of personal information we hold. This privacy policy outlines the manner in which we collect, hold, use and disclose personal information.

What is personal and sensitive information?

Personal information is any information or opinion (recorded in any form) about a person, whether true or not, from which that person may be identified.

Special provisions apply to the collection of personal information which is sensitive information. This includes health information and information about a person's race, ethnic origin, political opinions, membership of political, professional or trade associations, religious or philosophical beliefs, sexual preferences and criminal history.

In this privacy policy, all references to personal information include sensitive information unless indicated otherwise.

What types of personal information do we collect?

The types of personal information which we may collect and hold will depend on the type of services that we provide. We may collect the following personal information:

  • name, address, contact information, occupation and role; 
  • areas of interest in relation to our legal services or events; 
  • information about dealings with us or our clients; and 
  • information about third parties involved in or relevant to our client's affairs.

If you submit information on our online job board, we will also be collecting personal information such as your date of birth, professional interests, gender and academic results.

If you do not give us any of the personal information we request, it may affect our ability to meet our obligations to you or our clients or, in the case of information submitted via our online job board, it may affect your ability to participate in the recruitment process.

When you browse our website, our internet service provider makes a record of your visit and logs information for internal review and statistical purposes. We are then provided only with the country of origin of the user’s server address, date and time of visit to the site, and the pages viewed. At this stage, we have no plans to attempt to identify users of the website or their browsing activities, except where required by a law enforcement agency.

We may collect personal information in a number of ways including directly from you or from third parties such as our clients.

How do we hold your personal information?

We hold your personal information in hard copy and electronically.

To the extent required to comply with applicable privacy laws, we will take reasonable steps to:

  • make sure that the personal information that we collect, hold, use and disclose is accurate, complete and up to date; and 
  • protect the personal information that we hold from misuse, interference and loss and from unauthorised access, modification or disclosure.

What we use your information for

We collect personal information for the purposes of providing legal services or, in the case of the recruitment process, to participate in the recruitment process. We may also use your personal information to inform you about seminars or other events which may be of interest along with details of other products or services we provide.

Who do we disclose your information to?

We will disclose your personal information for the purpose for which it was collected and related purposes or with your consent. Where information is required to be disclosed by law, we will only disclose necessary information.

K&L Gates is a global law firm with offices worldwide. When you provide your information to us it may be transferred to K&L Gates or to our Related Entities (as defined in the Corporations Act 2001 (Cth)), or our service providers, including where these are located outside of Australia. By providing your information to us, you consent to its use in accordance with this privacy statement.

If you have disclosed personal information as part of the recruitment process, we will not disclose that personal information to any third party other than those described in this privacy statement without your consent.

Changes to the Privacy Policy

We reserve the right to review and amend this privacy policy from time to time and will notify you of any amendments by posting an updated version of the policy on this website.

How do we handle complaints?

If you have any concerns or complaints about the manner in which your personal information has been collected or handled by us, please advise us of your concern or complaint in writing and send it to our privacy officer at infoaus@klgates.com. Your concern or complaint will be considered or investigated and we will endeavour to respond to your complaint within 30 days.

It is our intention to use our best endeavours to resolve any complaint to your satisfaction. However, if you are unhappy with our response, you may contact the Office of the Australian Information Commissioner who may investigate your complaint further.

You can request access to the information we hold about you

Individuals wishing to request access to their personal information at K&L Gates, or request that we correct the personal information that we hold about you, may do so by written request to our privacy officer at infoaus@klgates.com. In some circumstances and in accordance with applicable privacy laws, K&L Gates may not permit you access to your personal information, or may refuse to correct your personal information, in which case we will provide you reasons for this decision.

If you have any queries about our privacy policy, or you require further information on how we handle personal information, please contact our privacy officer at infoaus@klgates.com.

Introduction
K&L Gates is a fully integrated global law firm that comprises multiple affiliated entities ("K&L Gates", "we", "us" or "our") practicing in a number of jurisdictions and subject to different local laws. Details of our structure and K&L Gates's affiliated entities are available here within the section marked "General".

K&L Gates respects your privacy and is committed to protecting your personal information according to this Privacy Notice.

This Privacy Notice applies to our relationship with UK partners and all persons employed or engaged by us in the UK and whether directly or indirectly ("employees").

In order to provide our services and manage our business we collect and manage data from members of K&L Gates and employees. This will include personal data. We are committed to protecting the privacy rights of individuals.

This Privacy Notice describes the ways in which we collect, manage, store and dispose of data relating to individuals within the firm. We may update it from time to time.

Our contact details and questions or problems
Our main UK office is at
One New Change
London
EC4M 9AF
Phone: +44 (0)20 7360 8200
Please direct inquiries, requests, complaints or concerns about the way in which we handle your data or relating to the exercise of your rights as set out below to

privacy@klgates.com

or

K&L Gates LLP
Attention: Information Security
K&L Gates Center
210 Sixth Avenue
Pittsburgh, Pennsylvania 15222
USA

You also have the right to lodge a complaint with the Information Commissioner's Office at Wycliffe House, Water Lane, Wilmslow SK9 5AF or https://ico.org.uk/ .

What information do we collect?
The information which we collect may include:

  • Name.
  • Home address. 
  • Telephone numbers. 
  • Email address. 
  • Other contact details. 
  • Documentation confirming your identity, such as a passport or driving licence. 
  • Your status as an employee or member of K&L Gates. 
  • Your status as a beneficial owner of K&L Gates where applicable. 
  • Financial information including bank account details. 
  • Details of your communications with us and attendances upon us. 
  • Publicly available information. 
  • Any information which you provide to us.

We may also collect sensitive information, including, where relevant:

  • Health data (relating to both physical and mental conditions and any disability); and
  • Racial or ethnic origin.

Why do we collect the information?
We collect data in order to

  • Engage your services in the course of our business. 
  • Provide you with employment. 
  • Comply with our legal obligations as employers, including those under the provisions of tax, national insurance, social security and health and safety legislation. 
  • Pay your wages or, as applicable, profits and drawings and account for deductions in respect of tax, national insurance and otherwise as required by law. 
  • Comply with our legal obligations to regulators. 
  • Manage our relationship with you. 
  • Process employment applications. 
  • Comply with our grievance and disciplinary procedures. 
  • Make appropriate business development plans to better support our clients' needs for legal services. 
  • Fulfil purposes ancillary to any of the above.

We may collect and process health data if it is relevant and necessary for the purposes of complying with our obligations as employers.

We may collect and process data relating to racial or ethnic origin either because it is necessary for the establishment, exercise or defence of legal claims or, subject to explicit consent, in order to respond to requests from our regulators for statistical information.

How will we use your information?
The following table sets out the information we collect and the legal basis upon which we collect it.

Purpose for obtaining the information Legal basis for using the information
Name, address, telephone, email and National Insurance numbers of employees of K&L Gates Performance of a contract of employment and for the purposes of tax and social security law. After termination of a contract, our legitimate interests in connection with the management of our business and the pursuit or defence of any legal claims.
Name, address, telephone, email and National Insurance numbers of members of K&L Gates Compliance with legal obligations relating to the obtaining and maintaining of corporate information for statutory purposes, including registration and filing at Companies House, and for the purposes of tax and social security law. After termination of a contract, our legitimate interests in connection with the management of our business and the pursuit or defence of any legal claims.
Training records Compliance with a legal obligation for regulatory purposes and performance of a contract of employment.
Make appropriate business development plans to better support our clients' needs for legal services. Performance of a contract of employment.

When we rely upon our legitimate interests we will balance any impact on you and your privacy rights and will not use your personal data where the impact on you would override our rights, unless we are otherwise permitted by law to process your personal data, for example, where you consent.

Information provided by you
In certain circumstances we are required to collect information from you in order to comply with our legal or regulatory obligations. This may, for example, include information relating to your identity. We may also be required to collect information from you in order to perform a contract with you. If you do not provide us with the information which we require we may be unable to employ you.

We may also be required to obtain data relating to disability or ethnic origin for the purposes of complying with regulatory information on diversity. Unless you are required by law to provide this information, you may withhold it if you wish to do so.

Sharing and disclosing data
In some limited circumstances we may share data which we collect from you with certain trusted third parties in accordance with contractual arrangements which we have in place or as required by law. These may include:

  • IT service providers.
  • Providers of data services such as email hosting, telephone answering, website hosting and online surveys. 
  • Our auditors and professional advisers. 
  • Providers of payroll services. 
  • Providers of online training materials and courses. 
  • Our insurers. 
  • Regulators and public bodies, including in connection with tax, VAT.

International transfers
We may use IT applications which are hosted outside the European Economic Area. We only transfer your Personal Data where the EU Commission has decided that the third country in question ensures an adequate level of protection in line with EU data protection standards, or where there are appropriate safeguards in place to protect your personal data.

Your rights
The data protection legislation provides individuals with whom we are dealing with the following rights.

Right to be informed
This Privacy Notice is provided to fulfil our obligation to tell individuals how we use their information.

Right of access
Individuals are entitled to ask us for a copy of any personal data which we hold relating to them. This right is known as a 'Subject Access Request'. If you wish to make a Subject Access Request you should email privacy@klgates.com. If possible, and to make sure we identify your request as soon as possible, we would ask you to try to include the term 'Subject Access Request' in the heading. Failure to do so does not affect your request, but it means that it will be flagged up at the first opportunity–

We will normally send you a copy of the information within one month of your request. However that period may be extended by two further months where necessary, taking into account the complexity and number of the requests. There is usually no charge. In exceptional circumstances we may charge but will discuss this with you if that applies.

Right to rectification
If the information we hold about you is inaccurate you should email privacy@klgates.com. The information will be checked and, where appropriate any inaccuracy rectified.

Right to erasure
In certain circumstances you may be entitled to ask us to erase your personal data. For further information you should email privacy@klgates.com.

Right to data portability
If you wish to move, copy or transfer the electronic personal data that we hold about you to another organisation, you should email privacy@klgates.com.

Right to object
You may object to your data being used for direct marketing.

You may also object to the continued use of your data in any circumstances where we rely upon consent as the legal basis for processing it.

Where we rely upon legitimate interests as the legal basis for processing your personal data, you may object to us continuing to process your personal data but you must give us specific reasons for objecting. We shall consider the reasons you give us but if we consider that there are compelling legitimate grounds for us to continue to process your data we may continue to do so. In that event we shall let you know the reasons for our decision.

If you wish to exercise your right to object to the use of your data under this section of our Privacy Notice you should email privacy@klgates.com.

Rights related to automated decision making including profiling
You may object to automated decision making, including profiling, in which case you should email privacy@klgates.com.

How long will we retain your information?
We will usually retain your information for six years from conclusion of the period of employment.

Data security
We implement a range of technical and organisational measures to protect your information and ensure confidentiality. We keep these under regular review.

Changes to this Privacy Notice
We may amend this Privacy Notice and any changes will take effect immediately and be binding on you. If we make any change which will significantly change our use of your data, we will notify you. Otherwise you should email privacy@klgates.com to check our policy from time to time to ensure that it meets your expectations.

This California Privacy Policy (“California Privacy Policy” or “Policy”) applies to “California Consumers” as defined below and supplements our General Privacy Policy.  In this Policy, “we,” “us,” and “our” refer to K&L Gates and “you” and “your” refer to California Consumers.  For purposes of this Policy, a “California Consumer” is an individual who is a California resident as defined by regulations of the California Franchise Tax Board.

This California Privacy Policy describes our online and offline practices regarding the collection, use, disclosure, and sharing of your personal information.  This Policy also explains certain rights that California Consumers have under the California Consumer Privacy Act (“CCPA”).  

Personal Information Disclosures

For purposes of this California Privacy Policy, “personal information” is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California Consumer or household.  Personal information does not include:

  • Publicly available information from government records.
  • Deidentified, aggregated, or anonymized information that is maintained in a form that is not capable of being associated with or linked to a California Consumer.
  • Information excluded from the CCPA’s scope, including: 
    • Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
    • Personal information covered by certain other privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

This California Privacy Policy does not apply to the following personal information:

  • Personal information that we collect when we are acting as a service provider to process information on behalf of clients to whom we provide legal services;
  • Personal information relating to our job applicants, partners, employees or contractors; or 
  • Personal information relating to an employee, owner, director, officer, or contractor of a company, partnership, sole proprietorship, nonprofit, or government agency that is doing business with us.    

How We Collect, Use and Share Personal Information

In the 12 months since this Policy was “Last Updated” as stated above, we may have collected personal information of a California Consumer, including Social Security number; identifiers; protected classifications; marital and dependent information; bank account information; tax return information; insurance policy information; audio, electronic information, video images or similar information; professional- or employment-related information, including state bar numbers; and education information that is not publicly available personally identifiable information (per the Family Educational Rights and Privacy Act (20 U.S.C. § 1232g, 34 C.F.R. pt. 99)).  As a law firm, the business or commercial purpose for which we would use that personal information is related to providing legal services.  We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.  Unless otherwise specified, we may share personal information with: service providers, as necessary to fulfill the business purpose for which we collected such personal information; government agencies, including law enforcement, when appropriate; consumer reporting agencies; or to any third party to whom you or your agents authorize us to disclose your personal information.

Sales of Personal Information

We have not sold your personal information for monetary or other valuable consideration in the 12 months prior to the date of this California Privacy Policy, and we will not sell your personal information without advance notice.  If we change our practices regarding the sales of personal information, we will notify you by updating this California Privacy Policy.  Furthermore, we do not sell the personal information of minors under 16 years of age without affirmative authorization.

Your Rights Under the CCPA

The CCPA provides specific rights to California Consumers in regard to their personal information.  Those rights and how you may exercise them are described below.

Your Right to Information About and Access to Your Personal Information 

You have the right to request that we disclose to you the following information covering the 12 months prior to your request (your “Request to Know”):

  • The categories of personal information that we collected about you in the prior 12 months.
  • The categories of sources from which we collected your personal information in the prior 12 months.
  • Our business or commercial purposes for collecting your personal information, as applicable, in the prior 12 months.
  • The categories of personal information about you that we shared or disclosed and the categories of third parties with which we shared or to which we disclosed your personal information, as applicable, in the prior 12 months.

You also have a right to request that we provide you with copies of the specific pieces of personal information that we collected about you in the 12 months prior to your request. 

Your Right to the Deletion of Your Personal Information 

You also may request that we delete (and direct our service providers to delete) the personal information that we have collected about you (your “Request to Delete”).  However, there are limits to your right to delete your personal information under the CCPA.  We may deny your Request to Delete your personal information when your personal information is needed for any of the following reasons, and we will tell you which reason or reasons apply if we do deny your request:

  • To complete the transaction for which the personal information was collected, provide a good or service that you requested, or to take actions that we reasonably anticipate in connection with our ongoing business relationship you or otherwise perform our contract with you.
  • To detect security incidents; protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
  • To debug to identify and repair errors that impair existing intended functionality.
  • To exercise free speech, ensure the right of another California Consumer to exercise that California Consumer’s right of free speech, or exercise another right provided for by law.
  • To comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
  • To engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, if you have provided informed consent.
  • To enable solely our internal uses that are reasonably aligned with your expectations based on your relationship with us. 
  • To comply with a legal obligation.
  • To make other internal use of your personal information in a lawful manner that is compatible with the context in which you provided the information.
How to Make Requests to Know or Requests to Delete 

You may exercise your disclosure or deletion rights described above by calling us toll-free at  844-916-1311, visiting  https://klgatesdsr.ethicspoint.com, or emailing us at privacy@klgates.com.  Please include in the Subject line the appropriate reference: “CCPA Request-to-Know” or “CCPA Request-to-Delete.”  Provide appropriate identification and contact information and a brief description of your request.

If you submit a request in a manner that is not one of the designated methods of submission, we will either treat your request as if it had been submitted in accordance with these designated methods or provide you with specific directions on how to submit the request or remedy the deficiencies in your request, if any.

Authorized Agents and Your Requests

You may use an authorized agent to submit a Request to Know or Request to Delete.  If you use an authorized agent, however, we will require that you (1) provide the authorized agent signed permission to submit the request, (2) verify your identity directly with us, and (3) directly confirm to us that you provided the authorized agent permission to submit the request.  These tasks will not apply if you have provided the authorized agent with power of attorney pursuant to California Probate Code sections 4000 to 4465.  For your protection, we may deny a request from an agent that does not submit proof that they have been authorized by you to act on your behalf.

How We Verify and Process Your Requests

Upon receiving your Request to Know or Request to Delete, we will confirm receipt of your request within 10 days and provide information about how we will process your requests.  

We will respond to your request within 45 days barring any unforeseen complications.  Should complications arise, we will respond to your request within 90 days and provide you with an explanation with the reason we will take more than 45 days to respond to your request. 

To process your request, we will ask you for information that allows us to verify your identity and we will use that information only for that purpose. The information we request and the degree of verification you will need to provide will depend on the scope of your request.  Requests for copies of specific pieces of your personal information may require additional information to verify your identity as compared to general Requests to Know.  The information that we will need to verify your identity for Requests to Delete will depend on the nature of your request.  For example, we may require a reasonably high degree of certainty for verification of a request to delete documents; by contrast, we may require only a reasonable degree of certainty for a request to delete browsing history.  

In some instances, we may not be able to honor your request.  For example, we will not honor your request if we cannot verify you identity or cannot verify that a person claiming to be your agent has the authority to make the request on your behalf.  

If there is no reasonable method by which we can verify your identity to the degrees of certainty as described above, we will state so in response to your request and explain why we have no reasonable method by which we can verify your identity.  The firm will generally avoid requesting additional information from you for purposes of verification.  If we do request additional information from you, it shall only be used for the purposes of (1) verifying your identity while you are seeking to exercise your rights under the CCPA, and (2) for security or fraud-prevention purposes.  We will delete any new personal information collected for the purposes of verification as soon as practical after processing your request, except as otherwise required by law.

In addition, we will not honor your request where an exception under the California law applies, such as where the disclosure of personal information would adversely affect the rights and freedoms of another California Consumer or where the personal information we have about you is not subject to the CCPA’s access or deletion rights.  We also will advise you in our response if we are not able to honor your request for these reasons.

Your Right to Be Free from Discrimination 

You have the right to be free from discrimination for exercising your rights under the CCPA. 

California "Shine the Light" Dislosures 

California Civil Code Section 1798.83 permits California residents to request certain information regarding our disclosures of personal information to third parties for their direct marketing purposes.  To make such request, please email us at privacy@klgates.com or at:

K&L Gates LLP
Attention: Information Security
K&L Gates Center
210 Sixth Avenue
Pittsburgh, PA 15222

Changes to this California Privacy Policy 

We reserve the right to amend this California Privacy Policy at our discretion and at any time.  When we do, we will post the revised Policy on this webpage indicating when the Policy was “Last Updated.”

Contact for More Information

If you have any questions or concerns about K&L Gates’ privacy policies and practices, please contact us at privacy@klgates.com or by telephone at 844-916-1311.

Return to top of page

Email Disclaimer

We welcome your email, but please understand that if you are not already a client of K&L Gates LLP, we cannot represent you until we confirm that doing so would not create a conflict of interest and is otherwise consistent with the policies of our firm. Accordingly, please do not include any confidential information until we verify that the firm is in a position to represent you and our engagement is confirmed in a letter. Prior to that time, there is no assurance that information you send us will be maintained as confidential. Thank you for your consideration.

Accept Cancel