Disclaimers & Notices
This website contains general information about Cravath, Swaine & Moore LLP and is not intended to serve as a source of legal advice for any purpose.
Neither receipt of information presented on this site nor any email or other electronic communication sent to Cravath, Swaine & Moore LLP or its lawyers through this site will create an attorney-client relationship, and no such email or communication will be treated as confidential. No user of this site should act or refrain from acting on the basis of information on this site without seeking legal advice from counsel in the relevant jurisdiction. Cravath, Swaine & Moore LLP expressly disclaims liability with respect to actions taken or not taken based on the contents of this site.
Our attorneys may be admitted to practice law in jurisdictions other than those listed on our website. Unless otherwise noted in their profiles, our attorneys are not licensed to practice in California.
Prior results do not guarantee a similar outcome.
Modern Slavery Statement
Privacy Notice
Cravath, Swaine & Moore LLP and our international office in London (together, “Cravath”, “we”, “us” and “our”) are committed to respecting your privacy. This includes dealing with your personal information responsibly and in accordance with the requirements of applicable data protection laws, and employing appropriate security measures to protect your personal information. We are a U.S.-headquartered law firm with an international office in London, UK. Further details of the relevant Cravath offices can be found here.
This privacy notice (this “Notice”) describes the ways in which we collect, use and share the personal information you provide to us, or that we otherwise collect or receive in the course of operating our business and our websites, cravath.com and alumni.cravath.com (our “Sites”). It also sets out how we store and protect such information, and describes certain rights you may have with respect to the personal information that we hold about you.
This Notice applies to users and visitors of our Sites. It also covers processing of personal data about our individual clients and any client representatives, representatives of our service providers and vendors and individuals who contact, are contacted by, or interact with, us in the normal course of business (e.g., through attendance at our events).
If you provide personal information to us relating to other individuals, please make sure that person is aware that you have provided us with their personal data and they have consented to your sharing their personal data with us. You are responsible for communicating the terms of this Notice to them.
About This Privacy Notice
This Notice describes:
- what personal information we collect about you and how we obtain it;
- how and on what basis we use your personal information;
- with whom we share your personal information;
- how we transfer your personal information internationally;
- how long we keep your personal information and how we protect it;
- your rights regarding your personal information; and
- whom to contact with questions or concerns.
Personal Information that We Collect About You
“Personal information” is any information relating to you from which you can be identified either directly (e.g., via your name) or indirectly (e.g., via your IP address). The personal information that we collect may include:
- Identity Information, such as your full name, job title and date of birth;
- Contact Information, such as your email address, mailing address and telephone and fax numbers;
- Professional Information, such as your education and qualification details, previous and current employment details and similar data submitted through our career or alumni websites or other application methods;
- Verification Information, such as your proof of address, work authorization, copy of a personal identification card or passport, financial information and other information as required to validate your identity and background;
- Technical Information, such as your internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our Sites;
- Financial Information, such as your bank account and payment card details and billing address;
- Usage Information, such as information about how you use our Sites, products and services;
- Audio-Visual Information, such as your photograph and audio and visual content involving you, including video image monitoring of our workplace for security purposes;
- Marketing Information, such as your preferences in receiving marketing from us and our third parties;
- Communications Information, such as your communications preferences and any feedback or survey responses;
- Health-related Information, such as information relating to dietary requirements, medical conditions or a disability, where we may need to make adjustments to our premises; and
- Other Information, including facilities access and information related to you which you or other sources may provide to us.
How We Collect Your Personal Information
We collect personal information about you in the following ways:
- Through your use of our Sites, including monitoring and analyzing our technology tools and services and email communications sent to and from Cravath;
- As part of our business acceptance procedures, including our client acceptance processes, anti-money laundering, financial, credit and conflicts checks and as necessary in the course of rendering legal services;
- When you provide us information or when you interact with us directly, such as by attending our events, signing up for newsletters, webinars and publications or interacting with us on our digital platforms and/or by submitting applications; and
- Through publicly available sources such as company registries, LinkedIn, registries maintained by financial services or other regulatory authorities, court reports, social media, news and other internet-based resources.
How We Use Your Personal Information
We may use your personal information in a number of ways, including:
- to provide and improve our Sites;
- to provide legal services to our clients;
- to follow up with you on a job application;
- to manage our business and commercial relationships with our clients, suppliers and vendors, including for professional networking purposes, events, due diligence and conflict checks;
- to engage in marketing and business development activities in relation to the services we provide and the promotion of those services, including sending you newsletters, publications, surveys, legal updates, marketing communications and other information that may be of interest to you (you may choose at any time not to receive marketing materials from us by emailing us at privacy@cravath.com);
- to provide alumni communications;
- to comply with our legal and regulatory obligations, or to establish, exercise or defend our legal rights;
- to manage and analyze usage and performance of our Sites or our other online services;
- to improve the services we offer;
- to respond to any requests, or investigate any complaints you may have, or to notify you about any changes to our services or our Sites;
- to protect the security of and manage access to our premises; and
- to prevent and respond to actual or potential fraud or illegal activities.
If you do not provide us with certain information when requested, we may not be able to perform some of the purposes listed above.
Our Legal Bases for Using Your Personal Information
In certain jurisdictions, we require a legal basis to process your personal information. Where applicable, we process personal information on the basis:
- that we have your consent;
- we need to in order to take steps to enter into a contract with you or to perform our obligations under a contract with you, including a contract to provide legal services;
- we need to in order to comply with our legal and regulatory obligations, or to establish, exercise or defend our legal rights; or
- it is required for our legitimate business interests, including in promoting, improving and providing our Sites and services, some further examples of which are listed in the How We Use Your Personal Information section, above.
Cookies
Cookies are small text files that are stored on your computer or mobile device when you access our Sites and enable our web server to recognize your device and browsing preferences.
We only use cookies to assist you in accessing our Site and to collect information that will help us to improve the quality of your browsing experience. We use the information that we collect through our use of cookies only for our own analysis of how visitors use our Sites.
Our website uses the following cookies:
| Cookie Name | Source | Expiry | Purpose | Cookie Type |
|---|---|---|---|---|
| useCookies | cravath.com | 1 year | This cookie is used to remember a user’s choice about cookies on cravath.com. If a user has previously indicated a preference, that preference will be stored in this cookie. | Strictly Necessary |
| _ga | Google Analytics | 2 years | This cookie is used to generate statistical data on how the visitor uses the website. | Analytical/Performance |
| _ga_# | Google Analytics | 2 years | This cookie is used to generate statistical data on how the visitor uses the website. | Analytical/Performance |
| _gid | Google Analytics | 24 hours | This cookie is used to generate statistical data on how the visitor uses the website. | Analytical/Performance |
| _gat_# | Google Analytics | 1 minute | This cookie is used by Google Analytics to control the rate at which visitor use data is requested. | Functional |
| {sitesURL}_VxSessionId | Vuture | Session | This cookie is only used to support back-end processes and is not accessed by an ordinary visitor to our website. | Strictly Necessary |
| ASPSESSIONID???? | ASP.net | Session | This cookie uniquely identifies the user during the course of the user’s visit. | Strictly Necessary |
Cookies can be disabled by changing the settings on your browser, though some parts of the Sites may not function well if you choose to do so.
For more information on cookies, visit www.allaboutcookies.org.
How We Share Your Personal Information
We share personal information among our offices, including our offices in New York, Washington, D.C. and London, as well as any office(s) we may open in the future.
We may also share your personal information with third parties outside of Cravath, including:
- third party agents or contractors that are subject to confidentiality requirements, in connection with the processing of your personal information for the purposes described in this Notice (e.g., IT and communications service providers, cloud service providers or suppliers or vendors who provide support services to us);
- third parties relevant to the legal services that we provide, including counterparties to transactions or litigation, other professional service providers, regulators, authorities, governmental institutions and stock exchanges;
- social media sites such as LinkedIn and other third parties for advertising, marketing and public relations purposes;
- regulatory authorities, courts, tribunals, government agencies or law enforcement agencies to the extent required by law, regulation or court order (i.e., if we are under a duty to disclose your personal information in order to comply with any legal obligation); and
- third parties such as our professional advisors and legal and regulatory authorities, courts and tribunals, as required to establish, exercise or defend our legal rights.
We do not sell information to third parties.
Transfers of Personal Information
Due to our global nature, we may transfer your personal information internationally. The data protection and privacy laws in the countries to which your personal information is transferred may be less than offered within your home country. Where this is the case, we will take appropriate measures to ensure that your personal information remains protected and secure in accordance with applicable data protection laws. You can obtain more details about the protection given to your personal information when it is transferred outside your home country to our other office and third parties by contacting us in accordance with the Contact Information section below.
How Long We Retain Your Personal Information
How long we retain your personal information will vary depending on a number of factors, including:
- the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal data;
- the purpose for which we are using it – we will need to keep the data for as long as is necessary for that purpose and whether we can achieve those purposes through other means; and
- legal obligations – laws or regulations may set a minimum period for which we have to keep your personal information.
We will keep your personal information for the period required by law or for the period necessary to fulfil the purpose outlined in the How We Use Your Personal Information section. We will also keep your personal information where we need to do so to take or defend legal proceedings or in connection with any investigation.
In some circumstances we may anonymize your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
How We Protect Your Personal Information
We have put in place various technical and organizational measures intended to protect your personal information from unauthorized access, use, disclosure, alteration or destruction consistent with applicable data protection laws. We also have policies in place to ensure personal information is kept secure on our networks. However, the transmission to us of information via the internet or a mobile phone network connection may not be completely secure and any transmission is at your own risk. We cannot guarantee that your personal information will be 100% secure.
Independent auditors, who confirm and certify our operations, review these measures periodically. Accordingly, we operate an Information Security Management System which complies with the requirements of the internationally recognized information technology security standard ISO/IEC 27001:2022, certificate #IS 595233.
Security of Your Personal Information
If you are a client of Cravath, information provided to us, including via our website, may be protected by confidentiality, attorney-client privilege, the attorney work product doctrine and other similar protections (whether in the United States or elsewhere). Nothing in this notice is intended to affect such protections for existing clients. If you are not a client of Cravath, your communications with us are not eligible for such protections except for certain limited special circumstances.
Your Rights Regarding Your Personal Information
Subject to the provisions of applicable local laws and regulations from time to time, you may be entitled to:
- request details regarding our processing of your personal information, and access to the personal information that we hold about you;
- withdraw your consent to our processing of your personal information (where we process such personal information on the basis of your consent). Please note, however, that we may still be entitled to process your personal information if we have another legitimate reason (other than consent) for doing so or to the extent required by law;
- receive certain personal information in a structured, commonly used and machine-readable format and/or request that we transmit the data to a third party where this is technically feasible. Please note that this right only applies to personal information which you have provided to us;
- request that we correct, delete, restrict the processing of your personal information or stop unauthorized transfers of your personal information to a third party; and
- object to, and to request that we block, delete or restrict our processing of your personal information, subject to certain exceptions; and
- lodge a complaint with the relevant data protection authority if you think that any of your rights have been infringed by us.
There may be circumstances where we cannot, or are entitled not to, respond to your request to exercise your rights above (e.g., where data protection law exempts us from compliance with your request). We will inform you of this, where relevant, at the time you make your request.
In order to protect your personal information from unauthorized access or deletion, we may ask you to provide additional information so that we can verify your identity. You may also designate an authorized agent to exercise these rights on your behalf in which case we will require documentation attesting that the person acting as your agent is authorized to act on your behalf.
We will not discriminate against you for exercising these rights.
Changes to Our Privacy Notice
We regularly review this Notice. As such, it may change from time to time, and we encourage you to review it periodically. The date of the last change will be indicated by the date listed at the top of the Notice. Any future changes will be reflected with an updated version of this Notice which will be available on our Sites.
Contact Information
If you would like further information on the collection, use, disclosure, transfer or processing of your personal information, or would like to discuss your entitlement to, or exercise of, any of the rights listed above, please email us at privacy@cravath.com.
United Kingdom Candidate Privacy Notice
Issued: September 2024
This privacy notice explains how Cravath, Swaine & Moore LLP (“Cravath”, “the Firm”, “we”, “us” and “our”) collects, uses and discloses your personal data. In this notice, “you” means a candidate or prospective employee, or anyone who has applied for a job at our London office.
This privacy notice describes:
- what personal data we collect about you and how we obtain it;
- how and on what basis we use your personal data;
- with whom we share your personal data;
- how we transfer your personal data internationally, including to our U.S. offices;
- how long we keep your personal data and how we protect it;
- your rights regarding your personal data; and
- whom to contact with questions or concerns.
For the purposes of data protection law, Cravath is a controller in respect of your personal data.
This privacy notice does not and will not form part of any contract of employment or other contract to provide services and may be amended at any time.
This privacy notice may change from time to time, and we encourage you to review it periodically. The date of the last change will be indicated by the date listed at the top of the privacy notice. Please take the time to read and understand this privacy notice. If you have any questions, please contact us using the method set out in the Contacting us section below.
Personal data collected
We may collect and process the following personal data about you:
- Information that you provide to us or any office of the Firm (i.e., our affiliates). This includes information about you that you give to us by filling out your profile details or forms or by communicating with us, whether face-to-face, by phone, email or otherwise during the recruitment process. This information may include your:
- Identity Data, such as your full name, pronouns and date of birth;
- Background Data, such as your nationality, residency, visa information, marital status, gender and other background information you provide as part of your application;
- Contact Data, such as your home address, home telephone number, mobile telephone number and work and personal email address;
- Professional Data, such as your education history, including your transcripts and diplomas, CV and qualification details, including class credit and bar or SRA admission information, information about your previous employment and information from your answers to questions relevant to the role you applied for;
- Verification Data, such as your passport details, social security number, national insurance number and photograph;
- Financial Data, such as your bank account details;
- Audio-Visual Data, such as your photograph and audio and visual content involving you;
- Health-related Data, such as information relating to medical conditions or a disability, where we may need to make adjustments to the recruitment process;
- Other Data that you may provide to us in the course of the recruitment process.
- Information we may collect or generate about you. This includes your:
- Recruitment-related Data, such as your work authorization, language fluency, travel details, dietary requirements, information relating to the support and management of your work (including any adjustments that you may need for work), feedback notes, information from interview notes and outcome of application;
- Video Data that we collect through video image monitoring of our workplace for security purposes including visual images and personal appearance; and
- Contact Data and Verification Data as set out above, as part of the recruitment process.
- Information we may obtain from other sources, such as background check agencies, professional or other accrediting bodies, former employers, educational institutions and publicly available sources, including social media sites. This information includes your:
- Screening Data from the results of your background check, which may include information on any criminal records;
- Reference Data from your former employers or nominated referees; and
- Identity, Contact and Professional Data, including your photograph, from publicly available sources such as LinkedIn.
How and on what basis we use your personal data
Your personal data may be stored and processed by us for the purposes listed in the table below. For each purpose, we have set out the legal basis we rely upon to use your data and the type of data we process.
| Purpose | Legal basis | Type of personal data |
|---|---|---|
| To identify and process your application | Our legitimate interests in assessing your application for a career at the Firm | Identity Data Background Data Contact Data Professional Data Verification Data Recruitment-related Data Reference Data |
| To verify your identity and perform background and screening checks | Our legitimate interests in identifying you | Identity Data Background Data Professional Data Verification Data Screening Data |
| To communicate with you and provide you with information on our recruitment processes and the Firm and to host and organise seminars and other events that you might attend |
Our legitimate interests in promoting our recruitment process and the Firm | Identity Data Contact Data Recruitment-related Data |
| To process and reimburse expenses relating to our recruitment process | Our legitimate interests in reimbursing certain costs of people who apply to a job with us |
Identity Data |
| To monitor our recruitment processes | Our legitimate interests in improving our recruitment processes | Recruitment-related Data |
| To monitor and maintain the security of our premises | Our legitimate interests in protecting our premises | Video Data |
| To provide appropriate access to our premises or adjustments to our recruitment process | Legal obligation | Identity Data Health-related Data |
We may also process your personal data to establish, exercise or defend our legal rights or for the purpose of legal proceedings or legal or regulatory compliance where it is in our legitimate interests to protect our business.
If you do not provide us with certain information when requested, we may not be able to perform some of the purposes listed above.
Disclosure of your personal data to third parties
We may disclose your personal data to our affiliates, for the purposes of:
- our legitimate business interests or the legitimate business interests of any of our affiliates relating to, for example, the management and administration of the Firm’s business, including the protection of our reputation, assets or business opportunities;
- benchmarking recruitment practices; and
- the administration and maintenance of the databases storing personal data relating to job applicants.
We will take steps to ensure that the personal data is accessed only by employees of the Firm that have a need to do so for the purposes described in this privacy notice.
We may also share your personal data with the following third parties:
- to third-party agents and contractors for the purpose of providing services to us, including IT and communications providers and background check providers. These third parties will be subject to confidentiality requirements and they will only use your personal data as described in this privacy notice;
- to legal and regulatory authorities, courts, tribunals, government or law enforcement agencies to the extent required by law – for example, if we are under a duty to disclose your personal data in order to comply with any legal obligation; and
- third parties such as our professional advisors and legal and regulatory authorities, courts and tribunals, as required to establish, exercise or defend our legal rights.
Transfers of personal data outside the UK
Due to the global nature of the Firm and our business, we may transfer and store your personal data at a destination outside the UK. Your personal data may also be processed by individuals operating outside the UK who work for our affiliates or for one of the third parties referenced above.
When we transfer your personal data outside the UK, we will ensure that it is protected in a manner that is consistent with how your personal data will be protected by us in the UK. This can be done in a number of ways, for instance:
- the country that we send the data to might be approved by the UK Secretary of State as offering an adequate level of protection for personal data; or
- we may have entered into a contract based on “standard contractual clauses” approved by the Information Commissioner’s Office, to ensure your personal data remains secure.
In other circumstances, the law may permit us to otherwise transfer your personal data outside the UK without implementing standard contractual clauses, such as by relying upon statutory derogations where available and appropriate, including where you have provided your explicit consent; the transfer is necessary for the performance of a contract between you and us or the transfer is necessary for the establishment, exercise or defence of legal claims. In all cases, however, we will ensure that any transfer of your personal data is compliant with data protection law.
You can obtain more details about the protection given to your personal data when it is transferred outside the UK (including a copy of the standard contractual clauses which we have entered into with recipients of your personal data) by contacting us in accordance with the Contacting us section below.
Protection of personal data
The Firm takes appropriate measures to ensure that your personal data remains protected and secure. These measures include a variety of security measures and technologies to help protect your personal data from unauthorised access, use, disclosure, alteration or destruction. We also have policies in place to ensure personal data is kept secure on our networks.
Additionally, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. Our third-party service providers are carefully selected in accordance with our policies and procedures to ensure they put in place appropriate safeguards when processing your personal data, including being subject to a duty of confidentiality.
Retention of personal data
How long we hold your personal data will vary. The exact retention period will be determined by the following criteria:
- the amount, nature and sensitivity of the personal data, and the potential risk of harm from unauthorised use or disclosure of your personal data;
- the purpose for which we are using your personal data – we will need to keep the data for as long as is necessary for that purpose and whether we can achieve those purposes through other means; and
- legal obligations – laws or regulations may set a minimum period for which we have to keep your personal data.
For example, we will keep your personal data for the period required by law or for the period necessary to fulfil the purpose outlined in the table above under How and on what basis we use your personal data section. We will also keep your personal data when we need to do so to take or defend legal proceedings or in connection with any investigation.
In some circumstances, we may anonymise your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you.
Your rights
Depending on the circumstances, you have a number of legal rights in relation to the personal data that we hold about you. These rights may include:
- the right to obtain information regarding our processing of your personal data, and access to the personal data which we hold about you;
- the right to withdraw your consent to our processing of your personal data at any time (when we process such personal data on the basis of your consent). Please note, however, that we may still be entitled to process your personal data if we have another legitimate reason (other than consent) for doing so or to the extent required by law;
- the right to receive personal data in a structured, commonly used and machine-readable format and/or to request that we transmit the data to a third party where this is technically feasible. Please note that this right only applies to personal data which you have provided to us;
- the right to request that we correct your personal data if it is inaccurate or incomplete;
- the right to request that we erase your personal data in certain circumstances. Please note that there may be circumstances when you ask us to erase your personal data but we are legally entitled to retain it;
- the right to object to, and the right to request that we restrict, our processing of your personal data in certain circumstances. Again, there may be circumstances when you object to, or ask us to restrict, our processing of your personal data but we are legally entitled to continue processing your personal data and/or to refuse that request; and
- the right to lodge a complaint with the UK data protection regulator (the UK Information Commissioner’s Office) if you think that any of your rights have been infringed upon by us.
You can exercise your rights by contacting us using the details set out in the Contacting us section below.
There may be circumstances where we cannot, or are entitled not to, respond to your request to exercise your rights above (e.g., where data protection law exempts us from complying with your request). We will inform you of this, when relevant, at the time you make your request.
Contacting us
If you would like further information on the collection, use, disclosure, transfer or processing of your personal data or the exercise of any of your rights, please address questions, comments and requests to Privacy@cravath.com.
You can contact the Information Commissioner’s Office at the address and number below or by searching their website at www.ico.org.uk.
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
United Kingdom Regulatory Notice
Cravath, Swaine & Moore LLP is a limited liability partnership formed under the laws of the State of New York.
We employ or engage solicitors and other lawyers registered with the Solicitors Regulation Authority (the “SRA”). However, the LLP itself is not regulated by the SRA.
The SRA can be contacted at: Solicitors Regulation Authority, The Cube, 199 Wharfside Street, Birmingham, B1 1RN. The individual standards and requirements that apply to our solicitors and other SRA-registered lawyers are contained in the SRA’s Standards and Regulations which can be viewed at: https://www.sra.org.uk/solicitors/standards-regulations.
As the LLP is not regulated by the SRA, the SRA’s compulsory insurance scheme does not apply to the LLP and its clients will not have access to the SRA Compensation Fund.
