Skip to Main Content
Services Talent Knowledge
Site Search
Menu
Home page
Services Talent Knowledge
Firm Facebook
Firm Linkedin
Firm Twitter
Firm Instagram
Firm YouTube
Close Menu

Featured Industries

New & Emerging Industry Practice Areas

Practice Areas

Privacy Policy

Last Revised: June 1, 2025

PRIVACY POLICY

This Privacy Policy (“Policy”) of Barclay Damon LLP, a New York limited liability partnership (“our,” “us,” or “we”), applies to each individual from whom we receive personal information (“you” or “your”). This Policy relates to our Terms of Use, which incorporates this Policy. 

The full view of this Policy is provided below. For your convenience, you may use the following links to go directly to the different sections of this Policy: 

INTRODUCTION

HOW WE COLLECT PERSONAL INFORMATION

OUR NOTICES TO YOU

OUR NOTICES REGARDING CERTAIN JURISDICTIONS

COOKIES – TRACKING TECHNOLOGIES

MISCELLANEOUS

1.    INTRODUCTION

1.1    Scope

The purpose of this Policy is to provide an explanation of how we collect and use personal information as well as other details about our information practices. You accept this Policy by using this website or otherwise providing personal information to us. 

We are a law firm authorized to practice law in certain jurisdictions. In this Policy, we may refer to jurisdictions, such as California, where certain consumer privacy laws are in place. Our reference to these jurisdictions does not indicate whether we are authorized to practice law in these jurisdictions. Furthermore, if you are a client or prospective client, you agree not to provide us with any sensitive information or details concerning your legal matter until we provide our approval following our conflict-of-interest search. If we establish a client-lawyer relationship with you, you may provide us with information that is regulated by the applicable rules of professional conduct for the practice of law (“Privileged Information”). In the event of a conflict between the rules of professional conduct and any part of this Policy, the rules of professional conduct will control and prevail. Nothing in this Policy will be implemented in a way that violates applicable law relating to Privileged Information or the practice of law.   

1.2    Meaning of “Share” and Other Words

  • “Share.” According to the California Consumer Privacy Act and its regulations (collectively, the “CCPA”), the word “share” generally means to provide personal information to a third party for the purpose of cross-context behavioral advertising. Since this definition of “share” is quite different from the ordinary meaning of this word, we placed this word in quotations (shown as “share”) throughout this Policy for better understanding. 
  • Other Defined Terms. In this Policy, we use certain words that have specific meanings, such as “automated profiling,” “personal information,” “process,” “sensitive personal information,” “sell,” “share,” and “targeted advertising” (which means the same as “cross-context behavioral advertising” under the CCPA). For the full list of words and definitions, please see the Definitions at the end of this Policy. 

1.3    Updates. We may update this Policy from time to time, so please review this Policy webpage periodically. 

2.    HOW WE COLLECT PERSONAL INFORMATION

2.1    Through Our Environment. The following is a list of the resources and property that we and our affiliates may use to collect your personal information, which, depending on the nature of your interactions with us, may not include all of the examples listed below (collectively, our “Environment”): 

  • The website displaying this Policy, including any web portals controlled by us or our affiliates that are connected to this website (collectively, our “Website”). 
  • Our social channels, if any, that enable you to communicate with us. 
  • Our mobile applications, if any, that enable you to communicate with us. 
  • Our phone systems and video communication systems that enable you to communicate with us. 
  • Any surveys, forms, and other materials used to collect any answers, feedback, or information that you may provide when visiting with us in person at any facility or venue. 
  • Any computers, access control systems, and security cameras located at any facility or venue that we use. 

2.2    Automatically Through Tracking Technologies. Depending upon your location, our Website may use tracking technologies to automatically collect or process certain types of personal information. These technologies may be out of view or beneath your screen. For more details, please see Cookies – Tracking Technologies.

3.    OUR NOTICES TO YOU

3.1    Categories of Personal Information. The following is a list of the categories of personal information that we collect: 

  • Identifiers, such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
  • Personal information of the type described in the definition of “records” in § 1798.80(e) of the California Civil Code. 
  • Characteristics of protected classifications under California or federal law.
  • Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Internet or other electronic network activity information, including, browsing history, search history, and information regarding a consumer’s interaction with an internet website application or advertisement.
  • Geolocation data.
  • Audio, electronic, visual, or similar information.
  • Professional or employment-related information.
  • Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99).

3.2    Categories of Receivers of Personal Information. In each of the categories of personal information listed above, we may disclose your personal information to the following third-party receivers: 

  • Suppliers of Technology Resources – third parties that provide software, software-as-a-service, or other technology resources connected to our Environment. 
  • Contractors – third parties that provide, lease, or license products, services, data centers, or other facilities to us, such as customer support providers, payment processing consultants, order fulfillment contractors, product developers, event managers, information technology consultants, cyber security advisors, computer programmers, business advisors, auditors, accountants, and attorneys.  
  • Corporate Affiliates – third parties that control us, that we control, or that are under common control with us, such as our subsidiaries and sister entities. 
  • Legal Authorities – legal authorities, such as courts, judicial authorities, law enforcement authorities, or governmental authorities (including federal, state, or local authorities) involved in or relating to any civil, criminal, or regulatory inquiry, investigation, search warrant, subpoena, summons, order, injunction, or mandate issued by any such legal authority. 

3.3    Categories of Sources of Personal Information. For each of the categories of personal information listed above, we may obtain your personal information from the following categories of sources:

  • You – You may send us your personal information when you use our products, services, or Environment. For example, you may provide your personal information to us by phone, email, text message, online form submission, in-person discussion, or other communications. 
  • Your Devices – We may pull your personal information from your devices and browsers through Cookies, as described in Cookies – Tracking Technologies
  • Our Affiliates – Our affiliates may collect your personal information for our Business Purposes. 
  • Public Sources – We may collect your personal information from publicly accessible sources of information, including publishers of public records, news media, and online content. 

3.4    Our Business Purposes. In each of the categories of personal information listed above, we may collect, use, or disclose your personal information for the following purposes as well as our operational purposes or other purposes described in our notices to you, provided that our use of your personal information is necessary and proportionate to achieve the purpose for which we collected or processed your personal information or for another purpose that is compatible with the context in which we collected your personal information (collectively, our “Business Purposes”): 

  • Quality and Safety – undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us, or to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by us. 
  • Security – helping to ensure security and integrity to the extent the use of your personal information is reasonably necessary and proportionate for these purposes.
  • Services – performing services on our behalf, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on our behalf. 
  • Short-Term Use – short-term, transient use, including non-personalized advertising shown as part of your current interaction with us, provided that your personal information is not disclosed to another third party and is not used to build a profile about you or otherwise alter your experience outside the current interaction with us. 
  • Incident Investigation – preventing, detecting, and investigating security incidents that compromise the availability, authenticity, integrity, or confidentiality of stored or transmitted personal information. 
  • Resistance to Illegal Action – resisting malicious, deceptive, fraudulent, or illegal actions directed at us and to prosecute those responsible for those actions.
  • Physical Safety – ensuring the physical safety of natural persons. 
  • Non-Inference – a purpose other than inferring characteristics about you that involves any collection or processing of your sensitive personal information. 
  • Auditing – auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards. 
  • Debugging – debugging to identify and repair errors that impair existing intended functionality. 
  • Marketing – providing to you, advertising and marketing services other than targeted advertising, provided that, for the purpose of advertising and marketing, we will not combine the personal information of opted-out individuals that we receive with personal information that we receive from another person or that we collect from our own interaction with individuals. 
  • Internal Research – undertaking internal research for technological development and demonstration.

3.5    Explanation of Your Personal Information Rights

  • Right to Know. You have the right to request that we disclose the following to you: 
    • Confirmation – whether we are collecting, using, storing, disclosing, analyzing, deleting, modifying, or otherwise processing your personal information. 
    • Categories of Personal Information – the categories of personal information that we have collected about you. 
    • Categories of Receivers – the categories of third parties to whom we have disclosed your personal information.  
    • Categories of Sources – the categories of sources from which we have collected your personal information. 
    • Categories of Sales/Sharing – the categories of any of your personal information that we have sold to third parties or “shared” with third parties. 
    • Categories of Third Parties Involved in Sales/Sharing – the categories of any third parties to whom we have sold or with whom we have “shared” your personal information. 
    • Purpose – our business or commercial purpose for doing any of the following activities: collecting your personal information, selling it, “sharing” it, or processing it for targeted advertising. 
    • Portability/Access – the specific pieces of personal information that we have collected about you, which may be requested in a portable, and to the extent technically feasible, readily usable format that enables you to transmit the personal information to another entity without hindrance. 
  • Right to Request Deletion. You have the right to request that we delete your personal information that we have collected. 
  • Right to Request Correction. You have the right to request that we correct any inaccurate personal information about you that we maintain. 
  • Right to Opt Out. You have the right, at any time, to take the following steps: 
  • Direct any business not to sell your personal information. 
  • Direct any business not to “share” or process your personal information for targeted advertising purposes. 
  • Opt out of automated profiling for advertising.  
  • Opt out of automated profiling conducted in furtherance of decisions that produce legal or similarly significant effects concerning you. 
  • Right of Non-Discrimination. You have the right to be free of discrimination related to your exercise of any of your rights provided in this Policy or otherwise under applicable law. 
  • Right to Authorize an Agent. To exercise your rights described above, you have the right to authorize another person to provide us with your requests. 

3.6    Methods to Submit Requests and Appeals

To exercise your rights described above, you may send us your request or appeal by writing or emailing us at the following address or by calling the toll-free number shown below:  

Barclay Damon LLP
Barclay Damon Tower
125 East Jefferson Street
Syracuse, New York 13202
Attn.: Privacy Policy
Email Address: privacy@barclaydamon.com
Phone: 1-888-345-6202

For certain requests, we may require identity verification in accordance with applicable law. 

4.    OUR NOTICES REGARDING CERTAIN JURISDICTIONS

4.1    California Consumer Privacy Act. To the extent that we are subject to the CCPA, we provide the following notices to California residents: 

  • Sale/Share Notice. We do not sell or “share” personal information or sensitive personal information of California residents, if any is collected. Also, we do not have actual knowledge of selling or “sharing” personal information of California residents under 16 years of age. 
  • Sensitive Personal Information Notice. We do not use or disclose sensitive personal information of California residents for purposes other than those that are reasonably necessary and proportionate as permitted by the CCPA. These permitted purposes include the following: 
    • Our purposes that are necessary to perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services. 
    • Our purposes of quality and safety, security, services, short-term use, incident investigation, resistance to illegal action, physical safety, and non-inference, as described in the section, Our Business Purposes.  
  • Right to Limit Use/Disclosure of Sensitive Personal Information. As a California resident, you have the right, at any time, to direct any business that collects your sensitive personal information to limit its use of your sensitive personal information to the extent permitted by the CCPA. 
  • Categories of Sensitive Personal Information. In the operations of our business, we collect sensitive personal information in accordance with applicable law from individuals, some of whom could be California residents, within the following categories: 
    • Workforce data
    • Client relationship data
    • Vendor relationship data
  • 12-Month Notices. During the past 12 months, we have collected from individuals (some of whom could be California residents), the types of personal information described in the sections, Categories of Personal Information and Categories of Sensitive Personal Information. Also, during the past 12 months, we have disclosed personal information to the types of third parties described in the section, Categories of Receivers of Personal Information

4.2    California Shine the Light Law. Under California Civil Code Section 1798.83 (a California law also known as Information-Sharing Disclosure, Shine the Light), if you are a California resident and your business relationship with us is primarily for personal, family, or household purposes, you may request certain data regarding our disclosure, if any, of your personal information to third parties for their direct marketing purposes. To make such a request, please use one of the methods described in the section, Methods to Submit Requests and Appeals. You may make this request up to once per calendar year. In accordance with this California law, you have the right to receive, by email, the following details: a list of the categories of personal information disclosed to third parties for their direct marketing purposes during the immediately preceding calendar year, the third parties’ names and addresses, and any other information required by this law. 

4.3    United States Federal Laws. We may enter into a contract with you (or engage in a transaction with you) that involves our receipt of information from you that is governed or regulated by federal laws and regulations of the United States. Nothing in this Policy will eliminate or decrease any of our obligations under these federal laws. In the event of a conflict between any part of this Policy and any requirements of these federal laws, the requirements of the federal laws will control. 

4.4    Europe

4.4.1    Scope. If we expand our business activities to bring us within the scope of the European General Data Protection Regulation ((EU) 2016/679)) (the “GDPR”), we will comply with the applicable requirements of the GDPR.

4.4.2    Legal Bases for Processing. Also, if we expand and fall within the scope of the GDPR as described above, we may process your personal information as follows: 

  • Upon your consent for us to process your personal information for one or more specific purposes. 
  • As necessary for us to process your personal information to perform a contract to which you are a party or to take steps at your request before entering into a contract. 
  • As necessary for us to process your personal information to comply with a legal obligation to which we are subject. 
  • As necessary for us to process your personal information for purposes of our legitimate interests pursued by us or a third party (which includes our Business Purposes), except where the interests are overridden by your interests or fundamental rights and freedoms require protection of personal information, particularly if you are a child. 
  • For another necessity that arises for which such processing is permitted under the GDPR. 

4.4.3    Complaint to Supervisory Authority. Furthermore, if we expand and fall within the scope of the GDPR as described above and you have any concerns regarding our processing of your personal information, you have the right to lodge a complaint with the supervisory authority established for your location in the European Economic Area, the United Kingdom, or Switzerland. 

5.    COOKIES – TRACKING TECHNOLOGIES

5.1    Cookies. There are software-related technologies that involve the use of trackers to monitor or track activity (“Cookies”). Some Cookies include small data files that websites may store in the web browser of your device, such as your computer or smartphone. 

5.1.1    Essential Cookies. Depending upon your location and in accordance with applicable law, we may use essential Cookies, sometimes referred to as “necessary cookies” or “strictly necessary cookies,” for one or more of the following purposes: (a) to perform a contract to which you are a party; (b) to take steps at your request before entering into a contract; and (c) to process your personal information as necessary for purposes of our legitimate interests. These purposes may include, for example, our use of essential Cookies for the following functions: 

  • To save pieces of information you have entered during online transactions at our Website, such as items you have added to a shopping cart, as well as names, addresses, usernames, passwords, and other text you have entered into forms on our Website.  
  • To verify whether you are logged-in to an account on our Website for authentication and security purposes. 
  • To operate with adequate security, speed, and electronic performance. 

5.1.2    Nonessential Cookies. Also, depending upon your location, we may use nonessential Cookies, sometimes referred to as “marketing cookies,” “advertising cookies,” “functional cookies,” “performance cookies,” “targeting cookies,” “analytics cookies,” or “customization cookies.” We may use these nonessential Cookies for our Business Purposes, including studying how you interact with our Website and spend time viewing particular content on our Website. For example, we may use nonessential Cookies to record your browsing history, such as the particular buttons you have clicked and the particular webpages you have visited. This helps us personalize your experience, improve our Website, enhance our products and services, and identify new products or services that may be in demand. 

5.1.3    How to Change Cookie Settings. There are several ways for you to stop or limit our use of certain types of Cookies. You may use the Privacy Preferences hyperlink at the bottom of our Website to disable certain types of Cookies. Also, you may use your web browser’s settings to disable, limit, or delete certain Cookies. Please keep in mind, however, that our Website may no longer work properly if you disable, limit, or delete Cookies. 

5.1.4    Our Territorial Settings. We may configure certain Cookies so that they do not track or monitor individuals in certain jurisdictions or territories. 

5.2    Do Not Track Signals. Industry standards regarding “Do Not Track” signals are evolving, and we may not separately respond to or take any action with respect to your web browser settings for these types of signals. 

6.    MISCELLANEOUS 

6.1    Leaving Our Environment. Our Website may provide buttons or hyperlinks that enable you to leave our Website and connect with platforms controlled by third parties, such as third-party websites, social media venues, and mobile applications. By clicking and using these buttons and hyperlinks, you may leave our Website, which may enable the applicable third party to collect, use, and disclose your personal information. We do not control these third-party platforms, and they are not part of our Environment. We encourage you to review the privacy policies of these third-party platforms and exercise caution before providing your personal information to them. 

6.2    Unsubscribing. Our Environment may enable you to subscribe to, opt in to, or signup for our marketing communications, such as emails or text messages that include our newsletters, updates, or other marketing messages. 

  • Email Opt-Out. To opt out of our emails, you may click the unsubscribe or opt-out link in our emails. 
  • Text Message Opt-Out. To opt out of our text messages, you may reply, “STOP” or click the unsubscribe or opt-out link in our text messages. Depending on your cellular service carrier, your carrier might charge you certain message or data fees related to our text messages.
  • Non-Marketing Communications. Even if you opt out or unsubscribe to receiving our marketing communications, we may continue to send you non-marketing communications related to services that you have engaged us to perform, and we may also do so to perform any contractual obligations that we still owe to you. 

6.3    Transfers of Personal Information to Non-United States Territories. Unless prohibited by applicable laws or our contractual obligations, we may transfer your personal information from the United States to any other country, where it may be stored and processed for the uses described in this Policy. 

6.4    Deidentified Information. With respect to any deidentified information derived from your personal information, we retain the right to collect, process, use, store, sell, disclose, and distribute the deidentified information in accordance with applicable laws. If we exercise this right, we will maintain and use the deidentified information and will not attempt to reidentify it, with the exception that we may reidentify the information only to determine whether our deidentification processes satisfy the requirements of applicable laws. 

6.5    User Terms. If we receive personal information through any web portal or mobile app that we own or operate, and the portal or app provides a link to any user terms (e.g., end-user terms or license terms), please carefully review the user terms to understand how the portal or app collects and uses personal information. 

6.6    Law Enforcement and Legal Claims. Nothing in this Policy will prevent or restrict us from: 

  • Complying with federal, state, or local laws, or complying with a court order or subpoena to provide information.
  • Complying with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, or local authorities. 
  • Cooperating with law enforcement agencies concerning conduct or activity that we or our affiliates or associates reasonably and in good faith believe may violate federal, state, or local law. 
  • Cooperating with a government agency request for emergency access to your personal information if a natural person is at risk or in danger of death or serious physical injury, provided that: (a) the request is approved by a high-ranking agency officer for emergency access to your personal information; (b) the request is based on the agency’s good faith determination that it has a lawful basis to access the information on a nonemergency basis; and (c) the agency agrees to petition a court for an appropriate order within three days and to destroy the information if that order is not granted. 
  • Exercising or defending legal claims. 
  • Using or disclosing your personal information for the purposes listed above. 

6.7    Definitions. In this Policy, we use the words and phrases “including,” “includes,” “such as” and “e.g.” in a non-limiting fashion, and the following terms (whether used in capitalized or lowercase form) will have the following meanings given to them:  

“affiliates” means our third-party technology suppliers, contractors, corporate affiliates, service providers, processors, vendors, licensors, lessors, and other third parties with whom we have a business relationship. 

“automated profiling” (referred to in some jurisdictions as “profiling”) means any form of automated processing of personal information to evaluate, analyze, or predict personal aspects concerning any identified or identifiable individual’s economic situation, health, personal preferences, interests, reliability, behavior, location, or movements. 

“biometric information” means an individual’s physiological, biological, or behavioral characteristics (including information pertaining to an individual’s deoxyribonucleic acid (DNA)), that is used or is intended to be used, singly or in combination with each other or with other identifying data, to establish individual identity. Biometric information includes: (a) imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted; (b) keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information; and (c) information based on an individual’s retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry, which is used to identify the individual, excluding any item of such information that is not deemed biometric information according to specific exclusions set forth in applicable law. 

“business” means a sole proprietorship, partnership, limited liability company, corporation, association, person other than a consumer, or other legal entity. 

“consumer” (referred to in some jurisdictions as “data subject”) means a natural person. 

“deidentified” (referred to in some jurisdictions as “pseudonymized”) means information that cannot reasonably be used to infer information about, or otherwise be linked to, a particular consumer, provided that the business that possesses the information satisfies the requirements of applicable law related to the use of deidentified information. 

“personal information” (referred to in some jurisdictions as “personal data”) means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household, but personal information does not include: (a) publicly available information as defined or characterized by applicable law; (b) lawfully obtained, truthful information that is a matter of public concern; or (c) consumer information that is deidentified. 

“process” or “processing” means any operation or set of operations performed, whether by manual or automated means, on personal information or on sets of personal information, such as the collection, use, storage, disclosure, analysis, deletion, or modification of personal information.

“security and integrity” means the ability of: (a) networks or information systems to detect security incidents that compromise the availability, authenticity, integrity, and confidentiality of stored or transmitted personal information; (b) businesses to detect security incidents, resist malicious, deceptive, fraudulent, or illegal actions and to help prosecute those responsible for those actions; and (c) businesses to ensure the physical safety of natural persons. 

“sell,” “selling,” “sale,” or “sold’’ means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to a third party for monetary or other valuable consideration, excluding any of the foregoing activities that are not deemed to be a sale according to specific exclusions set forth in applicable law. 

“sensitive personal information” means: (1) personal information that reveals: (a) a consumer’s social security, driver’s license, state identification card, or passport number; (b) a consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; (c) a consumer’s precise geolocation, including any data that is derived from a device and that is used or intended to be used to locate the consumer within a geographic area that is equal to or less than the area of a circle with a radius of 1,850 feet, except as prescribed by applicable law; (d) a consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership; (e) the contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication; or (f) a consumer’s genetic data; (2) the processing of biometric information for the purpose of uniquely identifying a consumer; (3) personal information collected and analyzed concerning a consumer’s health; and (4) personal information collected and analyzed concerning a consumer’s sex life or sexual orientation. Sensitive personal information that is “publicly available” (as described above) will not be considered sensitive personal information or personal information.

“share,” “shared,” or “sharing” means sharing, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to a third party for targeted advertising, whether or not for monetary or other valuable consideration, including transactions between a business and a third party for targeted advertising for the benefit of a business in which no money is exchanged.

“targeted advertising” (referred to in some jurisdictions as “cross-context behavioral advertising”) means the targeting of advertising to a consumer based on data that is derived from the consumer’s behavior across distinctly branded platforms (e.g., websites, applications, and other venues) beyond the business or distinctly branded platform with which the consumer intentionally interacts. The definition of targeted advertising does not include advertising based on your activities within our Environment, nor does it include other advertising activities that are not deemed to be targeted advertising according to specific exclusions set forth in applicable law. 

“verifiable request” means a request that is made by you, by you on behalf of your minor child, by a natural person or a person authorized by you to act on your behalf, or by a person who has power of attorney or is acting as a conservator for you, and that we can verify, using commercially reasonable methods, pursuant to applicable law. 

End of Privacy Policy

© 2025 Barclay Damon LLP