Why We Process Personal Data and How it is Shared


We process personal data for a variety of reasons, depending on our relationship with you. We only process personal data for the purposes for which it was obtained and avoid processing it for other purposes. If we share your data with third parties, they are required to act only on our instructions and only for the purposes that we communicate to them.

In certain situations, Kobre & Kim may be required to disclose personal data in response to lawful requests by public authorities, including those made in accordance with national security or law enforcement requirements. This further includes circumstances in which we believe, in good faith, that disclosure is necessary to protect our rights, safeguard your safety or the safety of others, investigate fraud, or respond to requests made by administrative agencies.

Your personal data will not normally be disclosed to third parties, except as identified below and in connection with the fulfillment of our obligations to you and other purposes identified in this policy. This includes, without limitation, disclosures authorized through the terms of any retainer we may have with you.

We may receive information about you from other sources, including publicly available databases or third parties from whom we have purchased data. We use this data to supplement the information we already have about you for research and analysis purposes, or  in order to perform the legal services for which we have been engaged. We may also use this information to distribute materials to you that may be of interest with respect to your business activities or relationship with the firm.

If you provide us with the personal data of others, or if others provide us with your personal data, we will only use that data for the specific reason for which it was provided to us and in compliance with this privacy policy. You may withdraw your consent for us to use your personal data (i.e., "opt-out") at any time by contacting us at privacypolicy@kobrekim.com and following the instructions in Section 1.5 of this policy. Examples of the types of personal data that may be obtained from public databases, or third parties include your name, title, company, and personal or company activities that are either made public or accessible through third-party resources.

This privacy policy covers the following data processing activities:

  1. Performing activities relevant to legal services you have requested from us
    1. We process data related to this purpose as part of a contractual or pre-contractual obligation to you. When we perform investigations of others on your behalf, we do so legally and in the public interest or on the basis of our identified legitimate interests. If you object to this processing, we may not be able to provide you with these services.
    2. Due to the nature of our casework, we may process any type of relevant personal data, as long as it is relevant to your request. This can be data provided to us by you, or it may be obtained from publicly available databases or third parties from whom we have purchased data. We use this data to supplement the data we already have about you for research and analysis purposes, in order to perform the legal services for which we have been engaged. If you provide us with the personal data of others, or if others provide us with your personal data, we will only use that data for the specific reason for which it was provided to us and in compliance with this privacy policy.
    3. We may share this data with third party service providers we engage for the purposes of the legal services requested from us. These people may have access to your personal data, but only for the duties outlined in the contractual or pre-contractual obligation. We will share with service providers to fulfill our obligations to you and other express purposes as permitted by you. This includes, without limitation, disclosures authorized through the terms of any retainer we may have with you.
  2. Performing legally-obligated activities
    1. We are required by law to conduct certain activities, such as conflict(s) checks, client due diligence, and employee screening. If you object to this processing, we may not be able to work with you.
    2. We may process any type of personal data in order to meet a legal obligation, whether provided to us by you or a third party. However, we will only process the data we are legally obligated to process.
    3. We will only share this data with others if legally obligated to do so.
  3. Processing financial data as required or requested
    1. In order to do business with you as part of a contractual or pre-contractual obligation, we will process your financial data so that we can either collect funds owed to us or pay funds owed to others.
    2. The following categories of data are used for this purpose:
      1. Name
      2. Contact data
      3. Products and services rendered
      4. Banking and funds transfer data
    3. We will only share this data if it is necessary to do so for the stated contractual or pre-contractual agreements.
  4. Identifying business opportunities and making business referrals
    1. We process data in order to identify business opportunities and provide a high quality of services for our clients as part of a legitimate interest.
    2. The following categories of data are used for this purpose:
      1. Name
      2. Contact data
      3. Professional details, such as company name, position, etc.
      4. Business and personal relationships

    3. We share this data with a third party that hosts our customer relationship management (CRM) system.
  5. Direct marketing
    1. We process data in order to keep our clients, business partners and other interested parties up to date with relevant data and business activities, either with their explicit consent or as part of a legitimate business interest, depending on the relationship. If you would like to discontinue receiving these communications, you may update your email preferences by using the “Unsubscribe” link found in emails we send to you or by contacting us at unsubscribe@kobrekim.com.
    2. The following data is used for this purpose:
      1. Name
      2. Contact data
      3. Marketing preferences selected by the individual
    3. We share this data with a third party that hosts our customer relationship management (CRM) system.
  6. Responding to your questions and concerns
    1. We process data in order to satisfy general requests we receive from individuals as part of a legitimate business interest.
    2. We only use the personal data that you supply to us for this purpose.
    3. We do not share this data with third parties without your consent.
  7. Considering your suitability for employment
    1. We process data in order to consider you for employment with us as part of a legitimate business interest.

    2. We use the following data for this purpose:
      1. Data that you provide directly to us
      2. Data that you have authorized a third party to share with us
      3. Data that you authorize us to obtain
      4. Publicly available data

    3. We may share this data with:
      1. Third-party companies who provide candidate interview and assessment services to us
      2. Suppliers who undertake background screening on our behalf (credit checking agencies, criminal record bureaus, etc.)
      3. Academic institutions (universities, colleges, etc.) in validating data you have provided
      4. Other third-party suppliers (or potential suppliers) who provide services on our behalf in connection with our employment process
  8. Monitoring for criminal acts and ensuring data security
    1. We process data that we receive directly from you when interacting with our data technology resources and when visiting our offices as part of a legitimate interest to maintain security.
    2. The following categories of data are used for this purpose: electronic identifiers (i.e. Internet Protocol addresses, etc.); metadata associated with your electronic identifier (request, date stamp, etc.); CCTV footage.
    3. We share this data with third parties that monitor our network for suspicious activity and law enforcement if we believe a crime has been committed.
  9. Understanding how individuals interact with our website
    1. We process data that is recorded when you visit our website for the purposes of analyzing trends in the aggregate and administering the website so that we can best serve you as part of a legitimate interest. You can control or block the use of cookies at the individual browser level. However, disabling or deleting cookies may limit your use of certain features or functions on our website.
    2. Using a unique identifier (Internet Protocol address or cookie) we process data related to the way you interact with our website, which includes browser type, internet service provider (ISP), referring/exit pages, the files viewed on our website (e.g., HTML pages and graphics), operating system, date/time stamp, and/or clickstream data.
    3. We share this data with various third parties, which can be found in our Cookie Policy.