Subscribe

  • How Can We Help You?

    Global Problem Solving from Covington: Deal with Complex Problems Anywhere in the World

Privacy Notice

  • Privacy Notice

Last updated: November 19, 2025

This Privacy Notice explains how Covington (the “Firm”) collects, uses, discloses and otherwise processes your personal data when you visit our website, attend a firm event, visit our offices or locations, or interact with us, including through any events, interactions, websites, or apps that link to this Privacy Notice (collectively, the “Services”). We may also provide supplemental privacy notices in certain instances when we are collecting or using personal data for purposes beyond those described below. Those supplementary notices should be read together with this Privacy Notice. We may also provide you with additional notice such as required by applicable law.

Personal Data We Collect

When you use our Services, we may collect the following categories of personal data about you, including directly from you:

  • Identifiers, such as your name, email address, physical address, telephone number, social media handle, and similar identifiers.
  • Professional or employment-related information, such as organization, job title or role, education information, social media information, and other professional information.
  • Commercial information, such as payment information and services purchased, obtained, or considered.
  • Geolocation information, such as your zip code or location information derived from your internet or other electronic network activity information.
  • Audio, electronic, visual, or similar information, such as processing to protect the safety and integrity of Firm offices, such as CCTV, audio or video recording information, or event recordings and photographs.
  • Inferences drawn from any of the information we collect, such as information used to create a profile about your interests and preferences.
  • Other information, such as dietary preferences, accessibility information, and any other information you provide directly to us.

We may also collect electronic and network activity information automatically when you use the Services, including the Firm’s guest Wi-Fi network, such as: Internet Protocol (“IP”) address; Media Access Control address; device type and identifiers; mobile carrier; browser type and operating system; sites and apps visited before and after visiting, or while viewing, the Services; time zone setting and location; pages you view and links you click on within the Services; information collected through cookies, web beacons, pixels, Local Shared Objects, and similar technologies; information about your interactions with email messages such as whether the message was received, opened, or forwarded.

Some of the personal data we collect may be considered sensitive personal data under applicable law. We only use sensitive personal data as permitted by law or to complete your request.

Without this personal data, we are not able to provide you with all of the requested Services.

How We Collect Your Personal Data

We may collect personal data from the following sources:

  • Directly from you, such as when you subscribe to a newsletter, register for an event, engage or otherwise interact with us, or contact us.
  • From your organization, employer, or colleagues, such as when your organization registers you to an event or your colleague provides us with your contact information.
  • Service providers and third parties, such as internet service providers; providers of security systems and similar technologies; public registers; verification service providers; data analytics providers, such as those that provide cookies and similar technologies; or other vendors with which we contract to host events or provide us with certain support.
  • Social media platforms, such as when you interact with us on LinkedIn.

We may also collect personal data about you from publicly available sources, such as company websites or public communications.

How We Use Your Personal Data

We may use the personal data we collect from or about you to provide our Services and for the following business purposes:

  • To perform services, such as to provide legal services, in connection with billing and administrative activities, to manage subscriptions including from our blog posts, and provide you with other aspects of the services;
  • To respond to your inquiries or correspondence, such as when you contact us to attend a webinar;
  • To plan and administer events we host or run, such as our use of your contact information to manage Firm sponsored forums and conferences;
  • In connection with the Firm’s legal, compliance, and professional obligations;
  • To contact you, including to send you legal insights, updates, marketing, advertising, and other communications that we believe are relevant to you;
  • To manage your accounts and send you invoices, statements, or related administrative messages;
  • To develop and improve our Services, such as to understand how the website functions;
  • To understand how you use the Services and to personalize your experience, such as to display content that is more relevant to your interests when you visit the Firm’s website or blogs;
  • To keep our Services safe and secure, such as to monitor for fraud, illegal activities, and to keep our firm and client information secure; and
  • As otherwise necessary to comply with legal obligations and to exercise and defend against legal claims.

In jurisdictions where a legal basis is required in order to process personal data collected and used for these activities, we may rely on the fact that the relevant processing serves as a legitimate interest of the Firm, is the product of a legal obligation applicable to the Firm, or takes place with your consent, or the processing concerns data manifestly made public by yourself. The legitimate interests served may include the processing of personal data to develop and improve our Services, to keep our Services safe and secure, to understand how you use the Services, and to plan and administer events. For example, we rely on performance of a contract in situations where we need to process your personal data to provide you with legal services. Alternatively, we rely on your consent to provide you with subscription alerts.

How We Disclose Personal Data

As otherwise consistent with our ethical obligations, we may disclose the following personal data about you to the following categories of third parties:

  • Authorized Third Parties and Service Providers: We may disclose your personal data with entities that provide services to us, including companies that provide technology related services, external advisors, and auditors.
  • Other Parties When Required by Law or as Necessary to Protect Our Services: Consistent with our ethical obligations or with your consent, there may be instances when we disclose your personal data to outside consultants and public authorities, such as court and law enforcement agencies.
  • Business Transactions: We may disclose your personal data in connection with a merger, acquisition, or similar corporate transaction, or in the event of insolvency, bankruptcy, or corporate reorganization.
  • Other Parties with Your Consent: In addition to the disclosures described in this Privacy Notice, we may disclose information about you with other third parties when you consent to such disclosures.

Third-Party Content, Functionality, and Services

Some of the content, functionality, and services may be provided by third parties that are not affiliated with the Firm. For example, on our blogs, we enable you to share certain materials on the website with others through services such as Facebook and LinkedIn. These third parties may collect or receive certain information about your use of the Services, including through the use of cookies, web beacons, and similar technologies. These entities may collect this information over time and combine it with information collected from different websites and online services. We are not responsible for the privacy practices of these entities, and you use these services at your own risk; it is recommended that you read their privacy notices.

Children’s Information

We do not knowingly collect or store personal information from children under the age of 18, unless permitted by law. If we learn that we have collected personally information from a child under age 18, we will delete that information.

Security

We use reasonable organization, technical and administrative measures to protect personal data. No data transmission or storage system can be guaranteed to be 100% secure.

International Transfers

We may transfer your personal data to recipients located outside your resident jurisdiction, such as when we share information with Covington offices in other countries. These recipients may be in countries that offer a lower level of privacy protection than your home country. Within Covington, we have implemented measures, such as standard data protection contractual clauses, to ensure that transferred information remains protected and secure to the same standard no matter which of the Firm's offices your data is processed or accessed from. With respect to other parties, we implement various safeguards and controls to protect your personal data, including as appropriate contractual controls, where required by law.

Your Privacy Rights

Depending on the jurisdiction in which you live, you may have the following rights subject to the exceptions allowed by law:

  • To access your personal data or other information about our data processing practices, such as a copy of our transfer clauses.
  • To rectify or update your personal data.
  • To erase your personal data.
  • To receive a copy of your personal data.
  • To object to or restrict the processing of your personal data, including for marketing purposes.
  • To withdraw your consent, such as where we have relied upon your voluntarily consent to process your personal data.
  • To appeal a decision we have made with respect to your rights request.
  • To lodge a complaint with the supervisory authority, Attorney General, or similar authority for data protection or privacy in your country or state.

To exercise your privacy rights, including your right to appeal a decision we made on your request, please email us at privacy@cov.com, call us at 1-888-678-5231, or contact us at the address listed at the end of this Privacy Notice. In order to protect your personal data from unauthorized access or deletion, we may ask you to provide additional information so that we can verify your identity. You may also designate an authorized agent to exercise these rights on your behalf in which case we will require documentation attesting that the person acting as your agent is authorized to act on your behalf.

We will not retaliate against you for exercising these rights.

Opt Out Rights

We do not sell your personal data for money, but there may be occasions where we disclose your personal data collected through cookies and similar technologies (“cookies”) with advertising partners for the purposes of targeting or displaying advertisements to you based on your activity across other sites and services (“targeted advertising”). To opt out of the sharing of your cookie-based personal data for these targeted advertising purposes, please click the “Do Not Sell or Share My Personal data” link at the footer of our sites. You may also have the ability to reject or toggle off optional cookies through cookie banners or preference centers on relevant properties. Because our practices differ across different properties, you may need to exercise your choices separately for each property.

We also support the Global Privacy Control ("GPC"), which is a browser-based opt-out preference signal that can communicate your privacy preferences to the websites you visit. For more information on how the GPC works, please visit their website here. Because the GPC is browser-based, note that you should enable the signal separately for each browser and/or device from which you would like to be opted-out.

Retention Periods

We will only retain your personal data for as long as necessary to fulfil the purposes for which it was collected and processed, including for the purposes of satisfying any legal, regulatory, accounting or reporting requirements.

To determine the appropriate retention period for your personal data, we will consider the following criteria: (i) the amount, nature, and sensitivity of the personal data, (ii) the potential risk of harm from unauthorized use or disclosure, (iii) the purposes for which we process your it and whether we can achieve those purposes through other means, and (iv) any applicable legal requirements.

Subject to applicable law, in some circumstances we may anonymize your personal data so that it can no longer be associated with you, in which case it is no longer personal data.

Changes to this Privacy Notice

We may update this Privacy Notice at any time, and we will make an updated copy of any such Privacy Notice available on our website with an updated Effective Date.

Further Information

The data controller for all activities covered by this Privacy Notice is:

Covington & Burling LLP
One CityCenter
850 Tenth Street, NW
Washington,
DC 20001 - 4956

Should you have any questions about this Privacy Notice, or how your personal data is processed, or inquiries regarding your personal data rights you can contact us at privacy@cov.com or at the address below.

Data Protection & Privacy
22 Bishopsgate
London
EC2N 4BQ

Further information about Covington offices can be found here.



Cookies, Web Beacons, and Similar Technologies

We — as well as certain third parties that provide content, functionality, or services on the Website — use a variety of technologies to learn more about how people use the Website, including cookies, pixels, and related technologies (collectively, “cookies”). This section provides more information about some of those technologies and how they work. Please find below a list of the cookies we use:

 

Cookies. Cookies are small text files that websites and other online services use to store information about users on the users’ own computers. Cookies may be used to store a unique identification number tied to your computer so that a website can recognize you as the same user across different visits to the website. You can configure your Internet browser to warn you each time a cookie is being sent or to refuse cookies completely.

We and the third parties that provide content, functionality, or business services on the Website may use cookies to collect information about your browsing activities in order to provide you with more relevant content and promotional materials, on and off the Website, and help us understand your interests and improve the Website.

Web beacons. We, along with our third-party partners, may also use technologies called web beacons that communicate information from your Internet browser to a web server. Web beacons can be embedded in web pages, videos, or emails, and can allow a web server to read certain types of information from your browser, check whether you have viewed a particular web page or email message, and determine, among other things, the time and date on which you viewed the web beacon, the IP address of your computer, and the URL of the web page from which the web beacon was viewed. We and our partners use web beacons for a variety of purposes, including to analyze the use of the Website and in conjunction with cookies to improve the Website and to provide you with more relevant promotion materials.