Last updated: September 14, 2022

Wilson Sonsini Goodrich & Rosati Professional Corporation is the premier legal advisor to technology, life sciences and other growth enterprises worldwide.

This Privacy Policy describes how, along with our subsidiaries and affiliates (collectively referred to as “WSGR”, “the firm”, “we”, “us” or “our”), WSGR processes Personal Information when we provide legal services to clients, we manage our business and other relationships, you visit our offices or you use our websites, mobile applications, newsletters or otherwise communicate with us (collectively, the “Services”).  We are committed to ensuring the privacy and integrity of the Personal Information you share with us or we otherwise collect as we provide these Services.

Throughout this Privacy Policy, “Personal Information” means any information relating to an identified or identifiable individual.

  1. Information We Collect

In most cases, we collect Personal Information directly from you. However, we may also obtain Personal Information about you from third parties or automatically when you interact with our Services.

Where applicable, we indicate whether and why you must provide us with your Personal Information, as well as the consequences of failing to do so. If you do not provide Personal Information when requested, you may not be able to benefit from the Services if that information is necessary to provide such Services or if we are legally required to collect it.

Below is a description of the different types of Personal Information we process and the sources from which we obtain them:

  • Clients.If you are a client of our firm, we collect your name, contact details, payment information and any other information you provide to us or we otherwise obtain from third parties (e.g., from public bodies, from the opposing party etc.) when providing legal services to you. The type of information we collect from our clients varies depending on the matter and may include information about our clients’ employees, customers, and vendors (e.g., name, contact details), communications with our client, information provided by our client, and any other information that may be relevant for the matter, including Personal Information about criminal offenses, if applicable.
  • WSGR business partners and vendors.We may receive contact details and payment information from business partners’ and vendors’ employees in furtherance of the relevant partner or vendor relationship.
  • WSGR office visitorsIf you visit one of our offices in the United States, we may ask you to register for your visit and ask you to provide your name, title, company, email, type of visitor, and the name of whom you are visiting. We may also ask you to provide responses to certain COVID-19 symptom and exposure screening questions and ask you to confirm your COVID-19 vaccination status. We use responses to these COVID-19 screening and vaccination status questions only to control entry to our offices.
  • EventsWe collect Personal Information about you if you choose to register for an event sponsored by our firm. This Personal Information may include your name, address, title, company, phone number, and email address, as well as specific information relevant to the event for which you are registering.
  • Newsletters and informational programs.As part of our value-added services, we are pleased to offer a wide selection of newsletters, client alerts, and programs on topics of interest to our clients and others. If you sign up to receive our client alerts and newsletters focusing on key legal, regulatory, and industry trends, and our invitations to informational programs and networking events, we will ask you to provide your first and last name, company, email address and the practice areas and industries that you are interested in.
  • CommunicationsIf you choose to contact us for any purpose, we will collect your contact details, your name, and the content, date and time of your message, as well as our reply and any follow up action we take in relation to your inquiry.
  • On-demand learning.If you decide to use our on-demand learning tools, we will collect your registration information, such as your email address, password, first and last name, company, mailing address, country and, optionally, your phone number, title, bar qualification, CLE and bar membership number. You may also use our email support tool if you have questions regarding the on-demand learning, by providing your first and last name, email address, phone number and the content, date and time of your communications.  You may leave any comment by clicking on the “Have a comment?” button and entering your message into the comment box.
  • When you register on our Alumni website, we ask you to provide your first and last name, email address, password, country of residence, state/province, city and last primary WSGR office location. You may also choose to provide additional information, such as your WSGR Employee ID, your current employer and your position/title. If you previously used another WSGR alumni website, we may obtain certain Personal Information from that website. Via the website, we may collect your posts, chat on forums, and responses to online surveys we conduct to gain a better understanding of our Alumni network and to assist current employees in their professional development. If you use your social network credentials (e.g., LinkedIn credentials) to log in to the Alumni website, we may collect your name, email address and other basic information from the relevant social network.
  • Job applicants.If you apply for a job with us via our website, you will be asked to enter or upload your first and last name, resume and transcripts, phone, email address, law school, graduation year, application office, department, and position. You may also provide your middle name, address, country, search firm, search firm recruiter, search firm email, reference(s), a cover letter, writing sample, deal sheet and additional transcripts.
  • Other sources.We may receive Personal Information about you from other sources, including third parties that help us update, expand, and analyze our records, identify new customers, or prevent or detect fraud. We may also receive information about you from social media platforms, for example when you interact with us on those platforms or access our social media content. The information we may receive is governed by the privacy settings, policies, and/or procedures of the relevant social media platform, and we encourage you to review them.
  1. Cookies and Similar Technologies

We collect Personal Information via cookies, pixel tags, or similar technologies on our Services (collectively referred to as “cookies”). Cookies are small pieces of data that may be stored in and retrieved from your web browser while you browse a website. Through the use of cookies, we may collect your device IP address, unique device ID, hardware and software type, Internet service provider, serving domain, geographical area, location data, browser type and settings data (such as screen resolution, color depth, time zone settings, browser extension and plugins) operating system, referring URLs, search history, information on actions taken or interaction with our digital assets (e.g., page views) and dates and times of actions.

Where required by applicable law, we obtain your consent to use cookies. You can customize your preferences regarding the use of cookies on our websites via our cookie preferences panel.

The type of cookies we may use include:

  • Strictly necessary cookies. These cookies are strictly necessary to make our Services available to you; for example, to manage traffic on our website and for security purposes. We cannot provide you with the Services without this type of cookies.
  • Performance cookies. We use cookies for analytics purposes in order to improve our Services. We use third party analytics providers, including Google Analytics, to help us understand how users engage with the Services. Google Analytics uses first-party cookies to track user interactions and understand how users use our Services. This information is used to compile reports and to help us improve our Services.
  • Marketing cookies. These are used to provide customized content and information to you on the Services. We use third-party service providers such as Marketo Munchkin to personalize website content based on visitors’ actions and browsing history, to measure campaign effectiveness, and to improve our Services.

Most web browsers allow you to manage cookies through the browser settings. Be aware that, if you do not agree to certain cookies, your experience on our Services may be diminished and some features may not work as intended depending on the cookie. To find out more about cookies, you can visit www.aboutcookies.org or www.allaboutcookies.org.

  1. Use of Personal Information

We may use your Personal Information for the follow purposes:

  • To provide legal services to our clients, including to advise clients on legal matters, represent them in the context of legal proceedings such as court proceedings, arbitration and settlement, and dealings with regulatory authorities; to file patent applications; to manage and collect information for potential or actual litigation proceedings, including e-Discovery; to conduct due diligence in the context of IPOs, mergers and acquisitions and other transactions; and to process payments and advance payments on behalf of our clients.
  • For marketing purposes, including to send client alerts, newsletters and other communications to our clients and business contacts. We will send you communications that are relevant to you, based for example on the practice areas and industries you select when you subscribe to receive our communications. We may also use your Personal Information to register you for, and confirm your attendance at, events; furnish biographical details to other attendees; provide you with the opportunity to participate in on-demand learning; and assess the effectiveness of our events, promotional campaigns, and publications.
  • To manage our business relationships with customers, clients, vendors and suppliers, business partners, office visitors, cooperating law firms and other contractors, including processing invoices and sending service-related communications.
  • To manage our Alumni network, including to maintain our Alumni website and provide users with a relevant experience, verify eligibility and operate the Alumni directory.
  • For recruitment purposes, including to evaluate job applications, invite you for a job interview and arrange for travel.
  • To communicate with you, and respond to your inquiries.
  • For other business purposes, such as to provide, operate and improve our products and services; perform data analyses; detect, prevent, and respond to actual or potential fraud, illegal activities, or intellectual property infringement; secure our facilities; defend our legal rights; and comply with our legal obligations and internal policies.
  1. Legal grounds for using Personal Information

If you are located in the European Economic Area, we only process your Personal Information when we can rely on a valid legal ground such as:

  • Execution of a Contract. We need your Personal Information to provide you with our Services, including to provide legal services, to operate our website, to evaluate your job application or to otherwise respond to your queries.
  • Compliance with a Legal obligation. We are required or allowed to collect and use your Personal Information, for example to detect fraud or to comply with our tax, accounting and anti-money laundering obligations.
  • Legitimate interest. We or a third party, have a legitimate interest in processing your Personal Information. For example, we have a legitimate interest in using your Personal Information to conduct business analytics or to improve the safety, security and performance of our products and services. We only rely on our or a third party’s legitimate interests to process your Personal Information when these interests are not overridden by your rights and interests.
  • Consent. You have consented to the use of your Personal Information, for example to send you newsletters or for the use of certain cookies.
  1. Disclosure of Personal Information

We may disclose Personal Information about you as described below:

  • With WSGR affiliates, subsidiaries, offices and representatives around the world as needed to provide legal services.
  • With third party contractors engaged by WSGR in the course of business (e.g., accountants, insurance companies, banks, auditors, WSGR’s network of external legal counsel and other professional experts, advisors and/or consultants engaged by WSGR).
  • With government agencies, regulators or courts, as required by applicable law and/or in the context of legal proceedings.
  • As necessary to provide legal services to our clients, including opposing counsel.
  • With event partners or co-sponsors.
  • With vendors and service providers who perform services on our behalf, including dealers, distributors, marketing and research agencies, with whom WSGR has a direct contractual relationship.
  • With social networks when you use your credentials to log in to some of our services (e.g., if you use your LinkedIn credentials to log in to our Alumni website).
  • When you use our Alumni website, your Personal Information may be available to other Alumni and members of the public (e.g., via the Alumni directory, your activity feed, or in comments or message boards). This information is public by default; you can change its visibility in the settings section of the Alumni website.
  • If you post other information to our website or mobile application, such as comments when using our on-demand learning tool, that information may be displayed and viewable by other users.
  • If you gave us your permission, or if we believe doing so is required or appropriate to (i) comply with laws, law enforcement requests, and legal process, such as a court order or subpoena; (ii) respond to your requests; or (iii) protect your, our or others’ rights, property, or safety.
  • In case of merger, sale, or other asset transfers. If we are involved in a merger, acquisition, financing, due diligence, reorganization, bankruptcy or liquidation where the business will not continue as a going concern, receivership, sale of WSGR assets, or transition of our products or services to another firm, then your Personal Information may be transferred as part of such a transaction as permitted by law and/or contract.
  1. Your Rights and Choices

Depending on applicable law, you may have some rights and choices with respect to your Personal Information. Those rights may be limited by local law requirements. You may exercise these rights by contacting us as specified below.

  • Events. To update or correct the information you provide to us via our website for an event sponsored by us, you may contact the event coordinator via email or telephone. Marketing contacts for each event are listed on the WSGR Events page. You may also re-submit your Personal Information through the website by re-registering for the event.
  • Marketing. We allow you to opt out of future communications at any time by following the opt-out instructions contained in such communications.
  • European privacy rights. If you are located in the European Economic Area, you may have the following rights to the extent provided by law:
    • Request access to and receive information about the Personal Information we maintain about you, update and correct inaccuracies in your Personal Information, restrict or object to the processing of your Personal Information, have the information deleted, or exercise your right to data portability to easily transfer your Personal Information to another company.
    • Lodge a complaint with a supervisory authority, including in your country of residence, place of work or where an incident took place.
    • Withdraw any consent you previously provided to us regarding the processing of your Personal Information, at any time and free of charge. We will apply your preferences going forward and this will not affect the lawfulness of the processing before your consent withdrawal.
  • California Privacy Rights.If you are a Consumer receiving products or services for which we are a Business, as those terms and any other capitalized terms in this section are defined under the California Consumer Privacy Act of 2018 (California Civil Code §§ 1798.100 to 1798.199) and its implementing regulations, as amended or superseded from time to time (the “CCPA”), California law may permit you to request information regarding the:
    • Categories of Personal Information (as defined by applicable California law) Collected, Sold or Disclosed by us;
    • Purposes for which categories of Personal Information Collected by us are used;
    • Sources of information from which we Collect Personal Information; and
    • Specific pieces of Personal Information we have Collected about you.

In addition, if you are a Consumer you may:

  • Opt-out of the Sale or Disclosure of your Personal Information, in some circumstances;
  • Opt-out of receiving marketing communications from us; however, you may still receive administrative communications regarding the Services; and
  • Request deletion of your Personal Information by us and our Service Providers, in some circumstances.

The CCPA also provides Consumers with the right not to receive discriminatory treatment by a Business for the exercise of these rights regarding Personal Information.

Personal Information Collection, Disclosure, Use and Sale

Category of Personal Information Collected Categories of Sources of Collection Business or Commercial Purpose for Use Categories of Third Parties (If Any) With Whom Personal Information is Shared

A. Identifiers

Examples: Name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.

·   Directly from you, e.g., forms you complete or products and services you purchase.

·   Indirectly from you, e.g., from observing your actions on our Website or from your Devices.

·   Directly or indirectly from others including our affiliates, business partners and data resellers.

·   Public records from government entities.

·  Our business purposes, including specifically:

(1) Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.

(2) Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.

(3) Debugging to identify and repair errors that impair existing intended functionality.

(4) Short-term, transient use, provided that the personal information is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction.

(5) Performing services on behalf of the business or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.

(6) Undertaking internal research for technological development and demonstration.

(7) Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business.

·  Disclosure to a Third Party, bound not to further disclose such information and prohibited from selling such information.

·  Our commercial purposes, including specifically a sale of personal information in the context of events that we may sponsor with others.

·   Internet service providers.

·   Data analytics providers.

·   Government entities.

·   Operating systems and platform.

·   Social networks.

·   Affiliates.

·   Vendors and service providers.

·   Third parties integrated into our services.

·   Third parties as required by law and similar disclosures.

·   Other third parties for whom we have obtained your permission to disclose your Personal Information.

B. Categories of Personal Information in Cal. Civ. Code Section 1798.80(e)

Examples: Name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

·   Directly from you, e.g., forms you complete or products and services you purchase.

·   Indirectly from you, e.g., from observing your actions on our Website or from your Devices.

·   Directly or indirectly from others including our affiliates, business partners and data resellers.

·   Public records from government entities.

·  Our business purposes, including specifically:

(1) Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.

(2) Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.

(3) Debugging to identify and repair errors that impair existing intended functionality.

(4) Short-term, transient use, provided that the personal information is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction.

(5) Performing services on behalf of the business or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.

(6) Undertaking internal research for technological development and demonstration.

(7) Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business.

·  Disclosure to a Third Party, bound not to further disclose such information and prohibited from selling such information.

·  Our commercial purposes, including specifically a sale of personal information in the context of events that we may sponsor with others.

·   Internet service providers.

·   Data analytics providers.

·   Government entities.

·   Operating systems and platform.

·   Social networks.

·   Affiliates.

·   Vendors and service providers.

·   Third parties integrated into our services.

·   Third parties as required by law and similar disclosures.

·   Other third parties for whom we have obtained your permission to disclose your Personal Information.

C. Characteristics of Protected Classifications under California or Federal Law

Examples: Race or color, ancestry or national origin, religion or creed, age (over 40), mental or physical disability, sex (including gender and pregnancy, childbirth, breastfeeding or related medical conditions), sexual orientation, gender identity or expression, medical condition, genetic information, marital status, military and veteran status.

·   Directly from you, e.g., forms you complete or products and services you purchase.

·   Directly or indirectly from others, including our affiliates, business partners and data resellers.

·   Public records from government entities.

·  Our business purposes, including specifically:

(4) Short-term, transient use, provided that the personal information is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction.

(5) Performing services on behalf of the business or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.

·  Disclosure to a Third Party, bound not to further disclose such information and prohibited from selling such information.

·   Affiliates.

·   Third parties as required by law and similar disclosures.

·   Other third parties for whom we have obtained your permission to disclose your Personal Information.

D. Commercial Information

Examples: Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

·   Directly from you, e.g., forms you complete or products and services you purchase.

·   Directly or indirectly from others including our affiliates, business partners and data resellers.

·   Public records from government entities.

·  Our business purposes, including specifically:

(1) Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.

(4) Short-term, transient use, provided that the personal information is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction.

(5) Performing services on behalf of the business or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.

·  Disclosure to a Third Party, bound not to further disclose such information and prohibited from selling such information.

·   Government entities.

·   Affiliates.

·   Vendors and service providers.

·   Third parties integrated into our services.

·   Third parties as required by law and similar disclosures.

·   Other third parties for whom we have obtained your permission to disclose your Personal Information.

E. Biometric Information

Examples: Physiological, biological, or behavioral characteristics, including DNA, that can be used, singly or in combination with each other or with other identifying data, to establish individual identity, such as imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.

·   Directly from you, e.g., forms you complete or products and services you purchase.

·   Directly or indirectly from others, including our affiliates, business partners and data resellers.

·   Public records from government entities.

·  Our business purposes, including specifically:

(1) Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.

(2) Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.

(3) Debugging to identify and repair errors that impair existing intended functionality.

(4) Short-term, transient use, provided that the personal information is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction.

(5) Performing services on behalf of the business or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.

(7) Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business.

·  Disclosure to a Third Party, bound not to further disclose such information and prohibited from selling such information.

·   Government entities.

·   Operating systems and platforms.

·   Affiliates.

·   Vendors and service providers.

·   Third parties integrated into our services.

·   Third parties as required by law and similar disclosures.

·   Other third parties for whom we have obtained your permission to disclose your Personal Information.

F. Internet or Other Electronic Network Activity Information

Examples: Browsing history, search history, and information regarding a consumer’s interaction with an internet website, application or advertisement.

·   Directly from you, e.g., forms you complete or products and services you purchase.

·   Indirectly from you, e.g., from observing your actions on our Website or from your Devices.

·   Directly or indirectly from others including our affiliates, business partners and data resellers.

·   Public records from government entities.

·  Our business purposes, including specifically:

(1) Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.

(2) Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.

(3) Debugging to identify and repair errors that impair existing intended functionality.

(4) Short-term, transient use, provided that the personal information is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction.

(5) Performing services on behalf of the business or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.

(6) Undertaking internal research for technological development and demonstration.

(7) Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business.

·  Disclosure to a Third Party, bound not to further disclose such information and prohibited from selling such information.

·   Internet service providers.

·   Data analytics providers.

·   Government entities.

·   Operating systems and platforms.

·   Social networks.

·   Affiliates.

·   Vendors and service providers.

·   Third parties integrated into our services.

·   Third parties as required by law and similar disclosures.

·   Other third parties for whom we have obtained your permission to disclose your Personal Information.

G. Geolocation Data

Example: Precise physical location.

·   Directly from you, e.g., forms you complete or products and services you purchase.

·   Indirectly from you, e.g., from observing your actions on our Website or from your Devices.

 

·  Our business purposes, including specifically:

(1) Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.

(2) Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.

(3) Debugging to identify and repair errors that impair existing intended functionality.

(4) Short-term, transient use, provided that the personal information is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction.

(5) Performing services on behalf of the business or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.

(6) Undertaking internal research for technological development and demonstration.

·  Disclosure to a Third Party, bound not to further disclose such information and prohibited from selling such information.

·   Internet service providers.

·   Data analytics providers.

·   Government entities.

·   Operating systems and platforms.

·   Social Networks.

·   Affiliates.

·   Vendors and service providers.

·   Third parties integrated into our services.

·   Third parties as required by law and similar disclosures.

·   Other third parties for whom we have obtained your permission to disclose your Personal Information.

H. Sensory Information

Examples: Audio, electronic, visual, thermal, olfactory, or similar information.

·   Directly from you, e.g., forms you complete or products and services you purchase.

·  Our business purposes, including specifically:

(1) Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.

(3) Debugging to identify and repair errors that impair existing intended functionality.

(4) Short-term, transient use, provided that the personal information is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction.

(7) Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business.

·  Disclosure to a Third Party, bound not to further disclose such information and prohibited from selling such information.

·   Government entities.

·   Operating systems and platforms.

·   Affiliates.

·   Vendors and service providers.

·   Third parties integrated into our services.

·   Third parties as required by law and similar disclosures.

·   Other third parties for whom we have obtained your permission to disclose your Personal Information.

I. Professional or employment- related information

Examples: Job application or resume information, past and current job history, and job performance information, unless exempt.

·   Directly from you, e.g., forms you complete or products and services you purchase.

·   Indirectly from you, e.g., from observing your actions on our Website or from your Devices.

·   Directly or indirectly from others including our affiliates, business partners and data resellers.

·   Public records from government entities.

·  Our business purposes, including specifically:

(2) Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.

(3) Debugging to identify and repair errors that impair existing intended functionality.

(4) Short-term, transient use, provided that the personal information is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction.

(5) Performing services on behalf of the business or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.

·  Disclosure to a Third Party, bound not to further disclose such information and prohibited from selling such information.

·   Government entities.

·   Operating systems and platforms

·   Affiliates.

·   Vendors and service providers.

·   Third parties integrated into our services.

·   Third parties as required by law and similar disclosures.

·   Other third parties for whom we have obtained your permission to disclose your Personal Information.

J. Non-Public Education Information (as defined in 20 U.S.C. 1232g; 34 C.F.R. Part 99)

Examples: Records that are directly related to a student maintained by an educational agency or institution or by a party acting for the agency or institution.

·   Directly from you, e.g., forms you complete or products and services you purchase.

·   Indirectly from you, e.g., from observing your actions on our Website or from your Devices.

·   Directly or indirectly from others including our affiliates, business partners and data resellers.

·   Public records from government entities.

·  Our business purposes, including specifically:

(2) Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.

(4) Short-term, transient use, provided that the personal information is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction.

(5) Performing services on behalf of the business or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.

·  Disclosure to a Third Party, bound not to further disclose such information and prohibited from selling such information.

·   Government entities.

·   Operating systems and platforms

·   Affiliates.

·   Vendors and service providers.

·   Third parties integrated into our services.

·   Third parties as required by law and similar disclosures.

·   Other third parties for whom we have obtained your permission to disclose your Personal Information.

K. Inferences Drawn from Personal Information

Examples: Consumer profiles reflecting a consumer’s preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

·   Directly from you, e.g., forms you complete or products and services you purchase.

·   Indirectly from you, e.g., from observing your actions on our Website or from your Devices.

·   Directly or indirectly from others including our affiliates, business partners and data resellers.

·   Public records from government entities.

·  Our business purposes, including specifically:

(3) Debugging to identify and repair errors that impair existing intended functionality.

(4) Short-term, transient use, provided that the personal information is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction.

(5) Performing services on behalf of the business or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.

·  Disclosure to a Third Party, bound not to further disclose such information and prohibited from selling such information.

·   Government entities.

·   Operating systems and platforms

·   Affiliates.

·   Vendors and service providers.

·   Third parties integrated into our services.

·   Third parties as required by law and similar disclosures.

·   Other third parties for whom we have obtained your permission to disclose your Personal Information.

Such information may be used for the purposes for which it was collected or as otherwise permitted or required by applicable law.

We do not offer financial incentives to consumers based upon the retention or sale of a consumer’s personal information.

As of the date of last update and review of this Privacy Policy, we have no reason to believe that we have collected, disclosed, sold or otherwise processed the Personal Information of more than 10 million California Consumers.

You can make requests related to your California privacy rights by calling 877-482-9747 or by email to privacy@wsgr.com or in writing to Wilson Sonsini Goodrich & Rosati, Professional Corporation, 650 Page Mill Road, Palo Alto, CA 94304-1050. Please be aware that we do not accept or process requests through other means (e.g., via fax or social media).

We will review the information provided and may request additional information to ensure we are interacting with the correct individual. If you have an online account with us, you may be required to log-in to your account for identity verification. If you do not have an account with us, additional information to verify your identity may be required by law before we may take action upon such a request. This additional information may vary depending on the nature of your request and/or the nature of the information about which your request relates. In some cases, we may also be required by law to obtain a signed declaration under penalty of perjury from you that you are the subject of the request being made. If we suspect fraudulent or malicious activity on or from your account, we will delay taking action on your request until we can appropriately verify your identity and the request as authentic.

By law, we are not required to collect personal information that we otherwise would not collect in the ordinary course of our business, retain personal information for longer than we would otherwise retain such information in the ordinary course of our business, or reidentify or otherwise link information that is not maintained in a manner that would be considered personal information. If we have not requested specific additional information from you to verify your request, please do not send such information.

We generally will aim to avoid requesting additional information from you for the purposes of verification. However, if we cannot reasonably verify your identity or more information is needed for security or fraud-prevention purposes, we may consider any of the following factors, alone or in combination, in requesting additional information:

  • The type, sensitivity, and value of the personal information collected and maintained about the consumer, as applicable law requires a more stringent verification process for sensitive or valuable personal information;
  • The risk of harm to the consumer posed by any unauthorized access or deletion;
  • The likelihood that fraudulent or malicious actors would seek the personal information;
  • Whether the personal information to be provided by the consumer to verify their identity is sufficiently robust to protect against fraudulent requests or being spoofed or fabricated;
  • The manner in which the business interacts with the consumer;
  • Available technology for verification; and
  • Other factors that may be reasonable in the circumstances, are consistent with industry practice, are recommended by California government officials, or which may be required by law or regulation following the effective date of this Privacy Policy.

If your request is regarding household information, the same verification steps above are required before we can provide you with aggregate household information. For us to process a request for access to or deletion of specific pieces of information regarding your household, all members of the household must make the request, and we must be able to verify each household member.

In some cases, we may not have sufficient information about you or your household to be able to verify your identity or sufficiently differentiate you from another consumer or household to the degree of certainty required by law, in which case, we will not be able to act upon your request. In such cases, it may be unlikely that we would be able to identify you or your household in the future without collecting significantly more information or seeking to reidentify deidentified information. At this time, we do not intend to take such steps in response to a request made pursuant to this Privacy Policy and applicable law does not require that we do so. If, in the future, we determine a reasonable method to identify you or your household absent such steps, we will provide an update to you through this Privacy Policy and in response to any such request at that time.

Information that you submit for the purpose of allowing us to verify your identity in furtherance of a consumer-related or household-related request pursuant to California law will only be used by us, and our service providers if any, for that purpose and no other. Except where we are required by law to maintain such information for record-keeping purposes, we will take steps to delete any new personal information collected for the purpose of verification as soon as practical after processing your request.

Please also be aware that making any such request does not ensure complete or comprehensive removal or deletion of Personal Information or content you may have posted, and there may be circumstances in which the law does not require or allow us to fulfill your request, including, for example, where fulfilling your request may infringe upon the rights and freedoms of other consumers.

We reserve the right to charge a reasonable fee or take other appropriate action in response to requests from a consumer or household that are manifestly unfounded or excessive, in particular because of their repetitive character.

You may designate an authorized agent to make a request on your behalf pursuant to applicable law. We accept documentation of your designation in the form of a valid power of attorney and/or a notarized statement. You must submit evidence of your designation of an authorized agent in writing to: Wilson Sonsini Goodrich & Rosati, Professional Corporation, 650 Page Mill Road, Palo Alto, CA 94304-1050. We may require verification of your authorized agent in addition to the information for verification above for consumers and households.

  1. International Data Transfers

WSGR is an international law firm with offices in the U.S., Europe, UK and Asia. Your Personal Information may be transferred to countries that do not have the same data protection laws as the country in which you initially provided the information. To see a list of our offices and their contact details, click here.

If you are located in the European Economic Area, we rely on contracts approved by the European Commission to transfer your Personal Information to our offices around the globe. In addition, we may transfer your Personal Information:

  • To countries that have been deemed to provide an adequate level of protection of Personal Information by the European Commission;
  • To partners and vendors by relying on contracts approved by the European Commission ;
  • To U.S. based partners and vendors certified under the EU-U.S. Privacy Shield framework.

You may contact us to obtain a copy of the safeguards we use to transfer Personal Information outside the European Economic Area.

  1. Links to Other Websites

This website may link to websites maintained by outside organizations, including third-party social networks (such as Google+, Facebook, Twitter, LinkedIn) and our clients. Please be aware that these third-party websites are governed by their own privacy policies. Our firm is not responsible for the content or policies maintained by these websites. Please familiarize yourself with the privacy policy of any third-party website you visit, as it will govern any information you submit through that website.

  1. Security

We maintain administrative, technical and physical safeguards that are intended to appropriately protect Personal Information against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the Personal Information in our possession. However, because no information system can be 100% secure, we cannot guarantee the absolute security of your information.

  1. Data Retention

We take measures to delete your Personal Information or keep it in a form that does not permit identifying you when this information is no longer necessary for the purposes for which we process it, unless we are required by law to keep this information for a longer period.  For example, we keep client records for the length of the client relationship and for maximum 5 years after we close the matter. When determining the retention period, we take into account various criteria, such as the nature and length of our relationship with you, mandatory retention periods provided by law and the statute of limitations, the type of Services requested by or provided to you, the possible re-enrolment with our Services, and the impact on our Services if we delete some information from or about you.

  1. Changes to This Policy

We may make changes to this Privacy Policy. The “Last updated” date at the top of this page indicates when this Privacy Policy was last revised. If we make material changes, we may notify you via a notice posted on our website or other method. We encourage you to read this Privacy Policy periodically to stay up-to-date about our privacy practices.

  1. Contact Us

If you have any questions about this Privacy Policy, you may contact us at:

Wilson Sonsini Goodrich & Rosati, Professional Corporation
650 Page Mill Road
Palo Alto, CA 94304-1050
United States
privacy@wsgr.com

If you are located in the European Economic Area, the entity responsible for the processing of your Personal Information is Wilson Sonsini Goodrich & Rosati, LLP. If you have any questions about this Privacy Policy, or if you would like to exercise your rights to your Personal Information, you may contact us at:

Wilson Sonsini Goodrich & Rosati, LLP
Rue Montoyer 47
1000 Brussels
Belgium
privacy@wsgr.com