top of page

PRIVACY POLICY

This statement was last updated on October 26, 2025.
 

​Freiberger Haber LLP (“Freiberger Haber,” the “Firm,” “we,” “us,” or “our”) is committed to safeguarding the privacy of visitors to our website, our clients and prospective clients (and their contacts), suppliers and service providers (and their contacts), candidates for employment or engagement, and any other individuals whose personal information we obtain (collectively, “you”).

​

This Privacy Policy (the “Policy”) explains how we collect, use, share, and protect personal information and describes the rights and choices you may have. “Personal information” means information that identifies, relates to, describes, or can reasonably be linked to an individual or household, subject to applicable law.

​

Freiberger Haber LLP is the entity responsible for personal information we process and for ensuring such processing complies with applicable data protection laws, including (as applicable) the EU/UK General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act (“CCPA/CPRA”).

​

If you have questions about this Policy or our data practices, please contact us at:

Information We Collect

You are not required to submit personal information to browse our public website. However, you may choose to provide it (for example, by applying for a job, subscribing to updates, registering for events, or contacting us). In the course of our business, we may collect:

​

  • Identification data: name, title, employer, job title, professional affiliations.
     

  • Contact details: postal address, email, telephone numbers, social media handle (where appropriate).
     

  • Matter and service data: information relevant to the provision of legal services (which may include information about your employees, customers, vendors, or other individuals).
     

  • Regulatory and diligence data: information required for client onboarding and compliance (e.g., KYC/AML), such as date of birth, government ID details (where permitted), beneficial ownership, sanctions screening results, and other due-diligence data.
     

  • Financial and transaction data: billing details, bank account details (for payments you authorize), tax IDs where legally required.
     

  • Event/marketing preferences: dietary restrictions (which may reveal health or religious information if you choose to provide it), areas of interest, subscription settings, RSVPs.
     

  • Recruitment data: CV/resumé, application materials, interview notes, references, background-check results (where permitted by law), work authorization.
     

  • Cookie and device data: IP address, unique device identifiers, browser type, operating system, referral URLs, pages viewed, links clicked, approximate location/time zone, and similar technical data collected via cookies and similar technologies (see Cookies below).
     

Sources of Personal Information. We collect personal information:

​

  • Directly from you (forms, email, phone, meetings, events, job applications).
     

  • Automatically through our website and services (cookies, logs, analytics).
     

From third parties, such as clients, counterparties, professional advisors, referrals, recruitment firms, service providers, and public sources (e.g., corporate registries, professional/social networks, government lists).

How We Use Personal Information (and Legal Bases)

We use personal information for the following purposes (and, where GDPR applies, on these bases):

​

  1. Provision of legal services. To perform, manage, and administer client engagements; analyze and strategize matters; engage experts and other professionals; and use cloud and practice-management tools. (Contract performance; legitimate interests.)
     

  2. Client, matter, and vendor administration. Engagement letters, invoicing, payments, accounting, conflict checks, recordkeeping, vendor management. (Contract performance; legal obligations; legitimate interests.)
     

  3. Responding to inquiries and managing relationships. Handling requests, feedback, and support. (Contract performance; legitimate interests.)
     

  4. Marketing and events. Sending legal updates, invitations, and Firm news consistent with your preferences; managing subscriptions and opt-outs. (Legitimate interests; consent where required.)
     

  5. Website operation, improvement, and security. Operating, monitoring, and improving our site and IT systems; detecting, preventing, and responding to fraud and security incidents. (Legitimate interests; legal obligations.)
     

  6. Compliance and risk management. KYC/AML, sanctions screening, conflicts, regulatory and ethical obligations, statutory filings, law enforcement requests, and exercise/defense of legal claims. (Legal obligations; legitimate interests.)
     

  7. Recruitment and hiring. Evaluating candidates, administering hiring processes, performing background checks where permitted, and onboarding. (Contractual steps; legitimate interests; legal obligations.)
     

Where we rely on consent, you may withdraw it at any time (this does not affect processing prior to withdrawal).

Information Sharing

We may disclose personal information to:

​

  • Affiliates and professionals engaged by us (e.g., local counsel, experts) to provide services and manage matters.
     

  • Service providers/contractors under written agreements (e.g., IT, cloud hosting, document management, CRM/email platforms, analytics, payment processors, background-check providers, event venues). We require appropriate confidentiality, security, and data-processing commitments.
     

  • Opposing or related parties and their advisors when necessary to represent client interests (subject to obligations and applicable law).
     

  • Authorities and courts where required or appropriate (e.g., in response to valid legal process, to protect rights and safety, to comply with law/ethics).
     

  • Business transfers in connection with a reorganization, merger, or asset transfer, subject to this Policy.
     

We are not responsible for the privacy practices of third-party websites linked from our site. Review their policies before providing information.

​

No selling or sharing for cross-context behavioral advertising (CPRA). We do not “sell” or “share” personal information as those terms are defined under the CCPA/CPRA, including for individuals under 16.

Marketing Choices

Where permitted by law, we may send you client alerts, event invitations, and Firm updates. You can opt out at any time by using the unsubscribe link in our emails or by contacting us at info@fhnylaw.com. We will honor your choices promptly.

Your Rights

Individuals in the EEA/UK (GDPR)​

Subject to conditions and exceptions, you may have the rights to access, rectify, erase, restrict, object (including to direct marketing), and port your personal information, and to withdraw consent where we rely on it. You may also lodge a complaint with a supervisory authority in your country (or with the UK ICO).

To exercise these rights, contact [info@fhnylaw.com] and provide sufficient information to verify your identity and locate your data. We may request reasonable documentation where permitted by law.

​

California Residents (CCPA/CPRA)

Subject to exceptions, California residents may have the rights to Know/Access, Delete, Correct, and Non-Discrimination. We do not sell/share personal information for cross-context advertising. To submit a request, email [ccpa@fhnylaw.com] (placeholder) or write to us at the postal address above. We will take steps to verify your request. Authorized agents may submit requests with appropriate authorization and identity verification.

​

California “Shine the Light”

California residents may request information about our disclosure of personal information to third parties for their direct marketing during the preceding calendar year by contacting [info@fhnylaw.com]. (Please note that CCPA/CPRA and Shine the Light requests must be made separately.)

​

Limits and privileges. Some rights may be limited (e.g., where legal obligations apply or where disclosure would infringe privileges such as attorney–client or work-product protections).

Security

We implement administrative, technical, and physical safeguards designed to protect personal information—such as access controls, encryption in transit (where applicable), secure configurations, and staff confidentiality obligations. While we strive to protect information, no method of transmission or storage is completely secure. Email is not a secure medium; please avoid sending sensitive information by email unless encrypted or otherwise protected.

​

New York SHIELD Act. We maintain reasonable safeguards for personal information of New York residents consistent with the SHIELD Act’s administrative, technical, and physical requirements.

​International Data Transfers

We are based in the United States and may process information in the U.S. and other jurisdictions that may have different data-protection laws than your home country. Where GDPR/UK GDPR applies and data is transferred outside the EEA/UK to a country not deemed adequate, we implement appropriate safeguards (e.g., EU/UK Standard Contractual Clauses) and supplementary measures as needed. You may request a copy or summary of applicable safeguards by contacting us.

Cookies

Our website uses cookies and similar technologies to operate, measure, and improve performance; understand usage; and personalize content (where permitted). For details on the types of cookies we use, how long they persist, and how to manage your preferences, please review our Cookie Policy. You may adjust your browser settings to limit or delete cookies; doing so may affect site functionality.

Do Not Track

Our website does not currently respond to Do Not Track (DNT) signals. You can use browser-level controls and our cookie tools (where offered) to manage tracking technologies.imit or delete cookies; doing so may affect site functionality.

Information Retention

We retain personal information for as long as necessary for the purposes described in this Policy, consistent with our records-management schedules, client/matter needs, applicable limitation periods, and legal/regulatory requirements. We may retain data longer as necessary to establish, exercise, or defend legal claims, to comply with ethics/recordkeeping duties, or for archival purposes. Where feasible, we will de-identify or anonymize data when continued retention is required but identification is not.

Children’s Privacy

Our services are directed to adults in a professional context. We do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, contact info@fhnylaw.com so we can take appropriate action.

Changes to This Policy

We may update this Policy from time to time to reflect legal, technical, or business developments. When we make material changes, we will update the “Last updated” date above and, where practicable, provide additional notice (e.g., by posting a notice on our website). We encourage you to review this Policy periodically.

bottom of page