Privacy Statement

Gallet Dreyer & Berkey, LLP (“GDB,” the “Firm,” “we,” “us,” or “our”) is committed to safeguarding the privacy of visitors to our website, contacts for our clients and prospective clients, contacts for suppliers of goods and services to the Firm, candidates for employment or engagement, and any other individuals about whom the Firm obtains personal information (each, “you”).  Please read the following statement, which sets out the principles governing the Firm’s use of personal information that we may obtain about you, to understand how the Firm collects, uses, and otherwise processes your personal information as well as the rights that you have in relation to our processing of that information (the “Privacy Statement”).  In this Privacy Statement, “personal information” means information that (either in isolation or in combination with other information held by the Firm) enables you to be identified or recognized.  With respect to California residents, references to “personal information” in this Privacy Statement means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household, subject to certain exceptions set forth in the California Consumer Privacy Act of 2018 (the CCPA), as amended. 

GDB is the data controller in relation to any personal information that the Firm processes about you and is responsible for ensuring that such processing complies with applicable data protection laws, including the European Union General Data Protection Regulation (the “GDPR”) and the CCPA. Your privacy is important to us. Please be aware that Firm personnel are required to comply with the Firm’s data privacy practices as set out in this Privacy Statement and other data privacy-related Firm policies. 

If you have any comments or questions in connection with this Privacy Statement, or for further information on our processing activities and your rights in relation to your personal information, please contact us via email at info@gdblaw.com or by mail to:

Attn: Privacy Officer

Gallet Dryer & Berkey, LLP

845 Third Avenue, 5th Floor

New York, NY 10022-6601 

 

Information Collection

Although you are not required to provide any personal information on the public areas of our website, you may choose to do so by completing, e.g., a newsletter or webinar sign-up form. Should you do so, we may, for example, keep a record of your name, email address, and any other information you voluntarily provide to us. 

Additionally, we may collect the following categories of personal information from you in the course of business, including through your use of the website, when you contact or request information from us, when we provide services to you or receive services from you:

  • Identification data, such as name, gender, title, job title, or address.
  • Contact information, including your phone number(s), email address and social media account or handle where appropriate.
  • Financial data, such as bank account information and invoicing details.
  • Event registration or mailing list data, such as dietary requirements (which may reveal information about your health or religious beliefs), preferences and interests, subscriptions, downloads, and usernames/passwords.
  • Job applicant data, such as identification data and contact information, resumé and other data provided by you or third parties (e.g., recruiters) on our website or offline in connection with job openings.
  • Legal and regulatory compliance data as required for purposes such as know your client, anti-money laundering, and market abuse regulations requirements, or as part of our client onboarding process, which may include passport or other identification data, taxpayer identification, EIN and social security number, date of birth, home address, and other due diligence data.
  • Other service data, such as personal information relevant to the provision or receipt of services, in relation to any of your employees, customers or vendors, and client feedback.
  • Cookie and device data, such as information about your visit to our website, Internet Protocol address, device identifier, browser type and version, operating system and network, location and time zone setting. 

We may supplement the information that you provide to us with information that we receive or obtain from other sources, such as from our staff or personnel, clients, professional advisers, partners, and agents of GDB, third parties with whom we interact, and publicly available sources. 

Sources of Personal Information Collected. We obtain categories of personal information listed below from the following categories of sources: 

  • Directly from you, such as when you complete forms.
  • Indirectly from you, such as observing your actions on our website, and from publicly available sources.
  • Third parties. 

Information Usage

We may use your personal information for the following purposes and, for each purpose, based on the following legal grounds:

  • Provision of legal services – We use personal information submitted to us on the website or during the course of our engagement, regardless of the media used, such as identification data, contact details, and other service data that we may process in connection with the provision of services. The Firm’s work for you may also involve providing such information to third parties, such as expert witnesses and other professional advisers in order to represent your interests most effectively, as well as the use of software, platforms and other tools that are hosted in the cloud by third party service providers. This processing is necessary for us to perform our contract with you.
  • Administration of client and vendor relationships – We use identification data, contact details, financial data, and other service data, including for the processing of invoices, the updating of client records, and the management of our vendor relationships. This processing is necessary to perform our contract with you.
  • Addressing client inquiries/feedback – We use identification data, contact details, and other service data for this purpose. This process is necessary to perform our contract with you. It may also be necessary for our legitimate interests to establish or maintain a relationship with you; it is also in your interest to receive a response from us when you contact us.
  • Sending relevant marketing messages and inviting you to events/seminars – We use identification data, contact details, cookie and device data, and mailing list data to communicate with you by way of email alerts and mail to provide you with information about our events, seminars, or services that may be of interest to you. This processing is necessary for our legitimate interest to send you tailored marketing messages, client newsletters, and invitations to relevant events and seminars.
  • Improving our website – We use cookie and device data to improve the functionality and user-friendliness of our website. This processing is necessary for our legitimate interests to constantly monitor and improve our online presence and services to you.
  • Keeping our website and IT systems and processes safe – We use identification data, contact details, financial data, cookie and device data, and other service data. This processing is necessary to perform our contract with you and to ensure the security and confidentiality of your data. It is also necessary for our legitimate interests to prevent illegal activities, including fraud, which could harm you and us.
  • Complying with legal or regulatory inquiries/requests – We use identification data, contact details, financial data, cookie and device data, and legal and regulatory compliance data (including for anti-money laundering or fraud detection purposes, statutory returns and fulfillment of the Firm’s ethical obligations). This processing is necessary for the purpose of complying with legal requirements that apply to the Firm.
  • Recruitment – Personal information about job applicants is collected and processed for purposes of screening, identifying, and evaluating candidates for positions; record-keeping related to hiring processes; analyzing the hiring process and outcomes; and conducting background checks, where and to the extent permitted by applicable law. If you are hired by the Firm, this data will be transferred to our employee record files for the purpose of your employment. This processing is necessary in order to take steps at the request of the job applicant in the context of recruitment prior to entering into a contract. In addition, job applicant data and legal and regulatory compliance data may be used as necessary to comply with legal, regulatory, and corporate governance requirements. 

Information Sharing

We may share your personal information with the following categories of recipients:

  • Other entities within GDB to provide legal services to you and to administer any service provided to you that the Firm agrees to undertake;
  • Professional advisers, partners, and agents of GDB to provide you with local legal services, as required, and to administer our relationship with you;
  • Vendors that will process your personal information on our behalf and under our written instructions to carry out their services during the course of our business, such as IT service providers, financial institutions, customer relationship management databases and other platforms, software, tools and solutions that are hosted in the cloud, third party companies providing us with business analytics and statistics to assist with our marketing campaigns, and third party venues in which we may host events and seminars;  
  • Any law enforcement, regulatory, or government agency requesting personal information in connection with any inquiry, subpoena, court order, or other legal or regulatory procedures, with which we would need to comply. We may also share personal information to establish or protect the Firm’s legal rights, property, or safety, or the rights, property, or safety of others, or to defend against legal claims; and
  • Any third party connected with business transfers; we may transfer your personal information to third parties in connection with a reorganization, restructuring, merger, acquisition, or transfer of assets of the Firm, provided that the receiving party agrees to treat your personal information in a manner consistent with this Privacy Statement. 

We are not responsible for the data policies or procedures or content of any linked websites. We recommend that you check the privacy and security policies of each website you visit. 

Marketing Choices

We may send you direct marketing messages including by way of email alerts and mail provided that we have a lawful ground to do so. If you no longer wish to receive our email alerts, to be part of a mailing list, or to receive any marketing communications, you can opt-out of such communications at any time by clicking on the unsubscribe link in the relevant communication or contacting us at info@gdblaw.com.

Your Rights

If you are in the European Economic Area (the “EEA”) or the United Kingdom (the “UK”), you have the following rights: 

  • Access. You have the right to request a copy of the personal information that we are processing about you. If you require additional copies, we may need to charge a reasonable fee;
  • Rectification. You have the right to require the correction of any mistake in the personal information, whether incomplete or inaccurate, that we hold about you;
  • Deletion. You have the right to require the erasure of personal information concerning you in certain situations, such as where we no longer need it or if you withdraw your consent (where applicable);
  • Portability. You have the right to receive the personal information concerning you that you have provided to us, in a structured, commonly used, and machine-readable format and have the right to transmit that data to a third party in certain situations;
  • Objection. You have the right to (i) object at any time to the processing of your personal information for direct marketing purposes and (ii) object to our processing of your personal information where the legal ground of such processing is necessary for legitimate interests pursued by us or by a third party. We will then abide by your request unless we can demonstrate compelling legal grounds for the processing;
  • Restriction. You have the right to request that we restrict our processing of your personal information in certain circumstances, such as when you contest the accuracy of that personal information; and
  • Withdrawal of consent. If we rely on your consent (or explicit consent) as our legal basis for processing your personal information, you have the right to withdraw that consent at any time. “Explicit consent” would be required if the Firm relies on consent as the condition to lawfully process “special categories of personal data,” as defined in the GDPR. 

If you are in the EEA, you also have the right to lodge a complaint with the local data protection authority, such as la Commission Nationale de l’Informatique et des Libertés (“CNIL”) in France, if you believe that we have not complied with applicable data protection laws, including the GDPR. Please click here for a list of local data protection authorities in EEA countries. If you are in the UK, you have the right to lodge a complaint with the Information Commissioner’s Office, who can be contacted here.

Please note that some of these rights may be limited where we have an overriding interest or legal obligation to continue to process the personal information or where data may be exempt from disclosure due to reasons of legal professional privilege or professional secrecy obligations. 

If you are in the EEA or the UK and would like to exercise any of those rights, please:

  • Email us at info@gdblaw.com;
  • Provide enough information to identify yourself (e.g., name, email address, etc.);
  • Provide proof of your identity and address (a copy of your driver’s license or passport and a recent utility or credit card bill); and
  • Provide the information to which your request relates. 

If you are a California resident, you have the following rights, subject to certain exceptions as set forth in the CCPA:

  • Right to Know. You have the right to receive information from us regarding (i) the categories of personal information we have collected about you, (ii) the categories of sources from which we have collected your personal information, (iii) the business or commercial purposes for which we have collected, shared, or sold your personal information, (iv) the categories of third parties to whom we disclose your personal information, and (v) the specific pieces of personal information we collected about you, in each case, in the 12 months preceding your “right to know” request.
  • Right to Delete. You have the right to request the deletion of the personal information that you provided to us. Please note that in certain instances we may not be able to process your request, such as (i) due to the existence of a legal obligation, (ii) to detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities, (iii) in order to complete a transaction for which your personal information was collected, or (iv) to enable solely internal uses that are reasonably aligned with your expectations and context.
  • Right to Correct. You have the right to request correction of inaccurate personal information that we maintain about you, taking into account the nature of the personal information and the purposes of the processing of the personal information.
  • Right to Non-Discrimination. You have the right to be free from discrimination by us as a result of you exercising your privacy rights conferred under the CCPA including an employee’s, job applicant’s, or independent contractor’s right not to be retaliated against for the exercise of their CCPA rights. 

If you wish to exercise these rights, you must submit a request by emailing info@gdblaw.com or by calling +1 (212) 935-3131 (during normal business hours (ET), Monday through Friday, except public holidays).  The CCPA requires us to verify requests we receive when one is seeking to exercise certain of the rights listed above.  We may ask you to provide certain information as proof of your identity such as a copy of your driver’s license or passport and a recent utility or credit card bill in order for us to verify your request.  If you are a GDB employee or otherwise have a relationship with us, we verify you by directly confirming with you, otherwise we may verify through a service provider that may use information about you to ask questions the answers to which will help us determine if you are who you say you are.  If you have an authorized agent submit a request, the Firm may require you to (i) provide the authorized agent signed permission to do so, (ii) verify your own identity directly with the Firm, and (iii) directly confirm with the Firm that you provided the authorized agent permission to submit the request.

GDB has collected the following types of personal information about California residents in the preceding 12 months:

  • Identifiers. This may include your real name, any previous names or preferred name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
  • Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). This may include your name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
  • Protected classification characteristics under California or federal law. This may include your age, race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, and genetic information (including familial genetic information).
  • Internet or other electronic network activity. This may include browsing history, search history, information on your interaction with a website application, or advertisement.
  • Professional or employment-related information. This may include your professional or employment-related information, including your resume, interview records, identity documents for work eligibility verification in the United States, Bar information, offer letter, employment dates, position, salary, bonuses, benefits information, attendance records, performance evaluations and employee relations information (e.g., disciplinary records). 

Disclosures for a Business or Commercial Purpose.  In the preceding 12 months, GDB has disclosed the categories of personal information listed above to its service providers for specific, limited business purposes, including for conducting background checks for job applicants, processing payroll, detecting data security incidents and troubleshooting software use, among other purposes listed above.

No Sharing/Selling of Personal Information with Third Parties. The Firm does not “sell” or “share” any of your personal information that is collected (as such terms are defined by the CCPA) except with vendors authorized by GDB, such as our external marketing firm. The Firm therefore does not have actual knowledge that it sells or shares the personal information of consumers under 16 years of age. 

Compliance with Section 7027(m). GDB does not use or disclose sensitive personal information for purposes other than those specified in Section 7027(m) of the implementing regulations of the CCPA.

California “Shine the Light” Notice

If you are a California resident, you may request information about our compliance with the Shine the Light law by contacting us in the following ways: emailing info@gdblaw.com or by calling +1 (212) 935-3131. Please note that the CCPA and Shine the Light are different laws offering different rights and requests must be made separately.

Security

We implement security measures designed to protect your information from unauthorized access. We protect your information from potential security breaches by implementing certain technological security measures, including encryption, firewalls, and secure technology. However, these measures do not guarantee that your information will not be accessed, disclosed, altered, or destroyed by breach of such firewalls and secure server software. By using our website, you acknowledge that you understand and agree to assume these risks. We are not responsible for circumvention of any privacy settings or security measures contained on the website.  

Cookies

As you navigate through and interact with our website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including the website you came from (known as the “referring URL”), the type of browser you use, the device from which you connected to the website, the time and date of access, and other information that does not personally identify you. We track this information to help us improve our website and to deliver a better and more personalized service by using cookies, or small text files which include an anonymous unique identifier. Cookies are sent to a user’s browser from our servers and are stored on the user’s computer hard drive. Sending a cookie to a user’s browser enables us to collect information about that user and keep a record of the user’s preferences when utilizing our website, both on an individual and aggregate basis. GDB may use both persistent and session cookies; persistent cookies remain on your computer after you close your session and until you delete them, while session cookies expire when you close your browser. You may refuse to accept browser cookies by activating the appropriate setting on your browser. You may set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. However, if you select this setting you may be unable to access certain parts of our website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our website.

Do Not Track

Please note that we do not support “Do Not Track” browser settings at this time.

Children’s Privacy

Our website is not intended for children under 16 years of age. No one under age 16 may provide any personal information to the website. We do not knowingly collect or solicit information from anyone under the age of 16. If you are under 16, do not use or provide any information on this website or through any of its features or provide any information about yourself to us, including your name, address, telephone number, email address, or any username you may use.

Information Retention

Your personal information is only stored and retained for as long as necessary for the purposes set out in this Privacy Statement.  In determining the appropriate retention period, we consider the nature and duration of our relationship with you, the type of services provided, and the impact on our services if certain information is deleted.  In all cases, the Firm may retain personal information for additional time as required by applicable law; to establish, exercise or defend our legal rights; or, for other legitimate business purposes, including archiving and historical purposes. 

Notification of Changes

GDB reserves the right to change this policy and our Terms of Use at any time. It is our policy to post any changes we make to our Privacy Statement on this page. The date the Privacy Statement was last modified is identified at the bottom of the page. You are responsible for visiting our website and this Privacy Statement to check for any changes. We encourage you to review this Privacy Statement periodically to be informed of how we use your personal information. 

Last Updated: October 30, 2025