Updated: May 22, 2018
This Privacy Notice explains how Covington collects, uses, shares and otherwise processes your personal data collected on our website, mobile apps and in connection with our blogs, client alerts and other communication services (the “Services”). The processing of personal data in connection with client relationships are addressed in engagement agreements between Covington and our clients.
We may provide supplemental privacy notices on specific occasions when we are collecting or processing personal data about you. Those supplemental notices should be read together with this Privacy Notice.
Information we collect about you
You may choose to provide information directly to us through various sections of our Services, including:
- Contact details for news, publications and marketing communications and events
- Career information, such as contact details, employment history, and qualifications.
- Contact details for alumni communications
Our systems may also collect information about your browser or mobile device automatically. We may use cookies, web beacons, and similar devices to help us understand your activity on our Services, as well as email communications. Data we collect automatically includes the type of web browser or mobile device you you’re your operating system, your IP address, and general geographical location.
How and why we use your information
We will use your personal data for the following purposes:
- To inform you about our services, new legal and policy developments, relevant information in the industries we serve, and our marketing events.
- To evaluate you as a candidate for employment with our firm.
- To provide alumni communications.
- For analysis to improve this website, our services and for market research.
- For other reasons, with your consent.
Please note that we may use or disclose personal data if we are required by law to do so or if we reasonably believe that use or disclosure is necessary to protect our rights and/or to comply with judicial or regulatory proceedings, a court order or other legal process.
Sharing your information
We may share your information in the following circumstance:
- Other Covington Offices: For users residing in the EU, these offices may be in countries that offer a lower level of privacy protection than your home country. We have put into place contractual safeguards approved by the European Commission to protect your information.
- Service Providers: We may share your information with entities that provide services to us, including companies that provide web analytics, advertising, email distribution, and other services. These entities are limited in their ability to use your information for purposes other than providing services for us.
- Other Parties When Required by Law or as Necessary to Protect Our Services: There may be instances when we disclose your information to legal advisors and public authorities, such as court and law enforcement agencies.
- Other Parties in Connection With a Transfer of Assets: If we make a sale or transfer of assets, or are otherwise involved in a merger or transfer, we may transfer your information to one or more third parties as part of that transaction.
- Other Parties With Your Consent: In addition to the sharing described in this privacy notice, we may share information about you with other third parties when you consent to such sharing.
Third-Party Content, Functionality, and Services
Some of the content, functionality, and services on the Services may be provided by third parties that are not affiliated with Covington. For example, on our blogs we enable you to share certain materials on the Website with others through services such as Facebook and Twitter. These third parties may collect or receive certain information about your use of the Services, including through the use of cookies, web beacons, and similar technologies. These entities may collect this information over time and combined with information collected from different websites and online services. We are not responsible for the privacy practices of these entities.
Children’s Information
We do not knowingly collect or store personally identifiable information about children under the age of 16, unless permitted by law. If we learn that we have collected personally identifiable information from a child under age 16, we will delete that information from our database.
Privacy Rights of European Visitors
Legal Grounds. We will process your personal data only (1) with your consent; (2) to perform a contract between you and us; (3) to comply with a legal obligation; or (4) where we have a legitimate interest to do so, balancing this interest against your interests and fundamental rights. These legitimate interests are administrative functions within Covington, marketing activities, and complying with your requests for information.
Access, Correction and Deletion. If you reside in the EU, you may exercise your Personal Data rights under GDPR through the contact information shared below. Specifically you have the following rights subject to the exceptions allowed by law:
- To access your information
- To rectify or update your information
- To erase your information, subject to our need to retain certain information for legal or other purposes
- To receive a copy of your information
- To object to or restrict its processing
How we protect your information
We use physical, technical and administrative measures to protect your information against loss, theft and unauthorized use, disclosure or modification. While we strive to protect the information we maintain, we cannot ensure or warrant the security of any information that you transmit to us since no method of data transmission or storage is 100% secure.
How long will we retain your information?
We will only retain your personal data for as long as necessary to fulfil the purposes for which it was collected and processed, including for the purposes of satisfying any legal, regulatory, accounting or reporting requirements.
To determine the appropriate retention period for your personal data, we will consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your it and whether we can achieve those purposes through other means, and the applicable legal requirements
In some circumstances we may anonymize your personal data so that it can no longer be associated with you, in which case it is no longer personal data.
Upon expiration of the applicable retention period we will securely destroy your personal data in accordance with applicable laws and regulations.
Changes to this privacy notice
We may update this Privacy Notice at any time, and we will make an updated copy of any such Privacy Notice available on our website.
Further information
Should you have any questions about this Privacy Notice or inquiries regarding your personal data rights you can contact us at privacy@cov.com or at the address below.
Privacy Officer
Covington & Burling LLP
850 10th St NW
Washington, DC 20001
Users residing in the European Economic Area have a right to lodge a complaint to the supervisory authority for data protection in their country.
Cookies, Web Beacons, and Similar Technologies
We — as well as certain third parties that provide content, functionality, or services on the Website — use a variety of technologies to learn more about how people use the Website. This section provides more information about some of those technologies and how they work. Please find below a list of the cookies we use:
NECESSARY COOKIES
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
__cfduid
Provider: covingtonburlingblogs.com
Expiry: 1 year
Type: HTTP Cookie
Used by the content network, Cloudflare, to identify trusted web traffic.
CookieConsent
Provider: insideprivacy.com
Expiry: 1 year
Type: HTTP Cookie
Stores the user’s cookie consent state for the current domain.
wordpress_test_cookie
Provider: insideprivacy.com
Expiry: Session
Type: HTTP Cookie
Used to check if the user’s browser supports cookies.
JSESSIONID
Provider: linkedin.com
Expiry: Session
Type: HTTP Cookie
Preserves users states across page requests.
PREFERENCE COOKIES
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
lang
Provider: linkedin.com
Expiry: Session
Type: HTTP Cookie
Set by LinkedIn when a web page contains an embedded “Follow us” panel.
STATISTIC COOKIES
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
_ga
Provider: insideprivacy.com
Expiry: 2 years
Type: HTTP Cookie
Registers a unique ID that is used to generate statistical data on how the visitor uses the website.
_gid
Provider: insideprivacy.com
Expiry: Session
Type: HTTP Cookie
Registers a unique ID that is used to generate statistical data on how the visitor uses the website.
_gat
Provider: insideprivacy.com
Expiry: Session
Type: HTTP Cookie
Used by Google Analytics to throttle request rate.
_dc_gtm_UA-#
Provider: insideprivacy.com
Expiry: Session
Type: HTTP Cookie
Used by Google Tag Manager to control the loading of a Google Analytics script tag.
MARKETING COOKIES
Marketing cookies are used to track visitors across websites. The intention is to display content that is relevant and engaging for the individual user.
cov.vuture.net_VxSessionId
Provider: cov.vuture.net
Expiry: Session
Type: HTTP Cookie
Used by Vuture (email marketing communications) to track responses to marketing campaigns and track the visitor’s website journey.
intEmailHistoryId
Provider: cov.vuture.net
Expiry: 1 year
Type: HTTP Cookie
Used by Vuture (email marketing communications) to track responses to marketing campaigns and track the visitor’s website journey.
security/tracker.gif
Provider: cov.vuture.net
Expiry: Session
Type: Pixel Tracker
Used by Vuture (email marketing communications) to track responses to marketing campaigns and track the visitor’s website journey.
r/collect
Provider: doubleclick.net
Expiry: Session
Type: Pixel Tracker
Used to send data to Google Analytics about the visitor’s device and behaviour. Tracks the visitor across devices and marketing channels.
form/displays.htm
Provider: forms.aweber.com
Expiry: Session
Type: Pixel Tracker
Used by AWeber for its email signup form.
collect
Provider: google-analytics.com
Expiry: Session
Type: Pixel Tracker
Used to send data to Google Analytics about the visitor’s device and behaviour. Tracks the visitor across devices and marketing channels.
leo_auth_token
Provider: linkedin.com
Expiry: Session
Type: HTTP Cookie
Used by the social networking service, LinkedIn, for tracking the use of embedded services.
visit
Provider: linkedin.com
Expiry: 2 years
Type: HTTP Cookie
Used by the social networking service, LinkedIn, for tracking the use of embedded services.
bcookie
Provider: linkedin.com
Expiry: 2 years
Type: HTTP Cookie
Used by the social networking service, LinkedIn, for tracking the use of embedded services.
bscookie
Provider: linkedin.com
Expiry: 2 years
Type: HTTP Cookie
Used by the social networking service, LinkedIn, for tracking the use of embedded services.
lidc
Provider: linkedin.com
Expiry: Session
Type: HTTP Cookie
Used by the social networking service, LinkedIn, for tracking the use of embedded services.
UID
Provider: scorecardresearch.com
Expiry: 2 years
Type: HTTP Cookie
Collects information of the user and his/her movement, such as timestamp for visits, most recently loaded pages and IP address. The data is used by the marketing research network, Scorecard Research, to analyse traffic patterns and carry out surveys to help their clients better understand the customer’s preferences.
UIDR
Provider: scorecardresearch.com
Expiry: 2 years
Type: HTTP Cookie
Collects information of the user and his/her movement, such as timestamp for visits, most recently loaded pages and IP address. The data is used by the marketing research network, Scorecard Research, to analyse traffic patterns and carry out surveys to help their clients better understand the customer’s preferences.
_twitter_sess
Provider: twitter.com
Expiry: Session
Type: HTTP Cookie
Collects anonymous data related to the user’s visits to the website, such as the number of visits, average time spent on the website and which pages have been loaded, with the purpose of personalising and improving the Twitter service.
personalization_id
Provider: twitter.com
Expiry: 2 years
Type: HTTP Cookie
Collects anonymous data related to the user’s visits to the website, such as the number of visits, average time spent on the website and which pages have been loaded, with the purpose of personalising and improving the Twitter service.
guest_id
Provider: twitter.com
Expiry: 2 years
Type: HTTP Cookie
Collects anonymous data related to the user’s visits to the website, such as the number of visits, average time spent on the website and which pages have been loaded, with the purpose of personalising and improving the Twitter service.
external_referer
Provider: twitter.com
Expiry: 6 days
Type: HTTP Cookie
Collects anonymous data related to the user’s visits to the website, such as the number of visits, average time spent on the website and which pages have been loaded, with the purpose of personalising and improving the Twitter service.
ct0
Provider: twitter.com
Expiry: Session
Type: HTTP Cookie
Collects anonymous data related to the user’s visits to the website, such as the number of visits, average time spent on the website and which pages have been loaded, with the purpose of personalising and improving the Twitter service.
VISITOR_INFO1_LIVE
Provider: youtube.com
Expiry: 179 days
Tries to estimate the users’ bandwidth on pages with integrated YouTube videos.
YSC
Provider: youtube.com
Expiry: Session
Registers a unique ID to keep statistics of what videos from YouTube the user has seen.
GPS
Provider: youtube.com
Expiry: Session
Type: HTTP Cookie
Registers a unique ID on mobile devices to enable tracking based on geographical GPS location.
PREF
Provider: youtube.com
Expiry: 8 months
Type: HTTP Cookie
Registers a unique ID that is used by Google to keep statistics of how the visitor uses YouTube videos across different websites.
Cookies. Cookies are small text files that websites and other online services use to store information about users on the users’ own computers. Cookies may be used to store a unique identification number tied to your computer so that a website can recognize you as the same user across different visits to the website. You can configure your Internet browser to warn you each time a cookie is being sent or to refuse cookies completely.
We and the third parties that provide content, functionality, or business services on the Website may use cookies to collect information about your browsing activities in order to provide you with more relevant content and promotional materials, on and off the Website, and help us understand your interests and improve the Website.
Web beacons. We, along with our third-party partners, may also use technologies called web beacons that communicate information from your Internet browser to a web server. Web beacons can be embedded in web pages, videos, or emails, and can allow a web server to read certain types of information from your browser, check whether you have viewed a particular web page or email message, and determine, among other things, the time and date on which you viewed the web beacon, the IP address of your computer, and the URL of the web page from which the web beacon was viewed. We and our partners use web beacons for a variety of purposes, including to analyze the use of the Website and in conjunction with cookies to improve the Website and to provide you with more relevant promotion materials.