Privacy Policy
Table of Contents
1. Scope of This Policy
2. Personal Information We Collect
3. How We Use Personal Information
4. Who We Share Personal Information With
5. Your Choices
6. Cookies
7. Other Sites and Services
8. Data Security
9. Data Retention
10. Children’s Privacy
11. Changes to This Policy
12. Contact Us
13. US States Privacy Rights Notice
14. European Privacy Rights Notice
Last Updated: April 29, 2026
Dunn Isaacson Rhee LLP (“DIR”) and any affiliates (“we,” “us,” or “our”) respect your privacy and are committed to protecting the personal information you provide to us. This Privacy Policy describes how we process personal information (also referred to as “personal data” and other similar terms, as defined by data protection laws) that we collect through our digital or online properties or services that link to this Privacy Policy, as well as through other online and offline business activities arising out of the services we provide our clients (collectively, the “Service”).
1. Scope of This Policy
This Privacy Policy applies to personal information collected online and offline, including through our website, communications, events, and provision of legal services. This policy does not apply to information protected by the attorney-client privilege or attorney work product.
2. Personal Information We Collect
Information Collected Directly From You. We may collect the following categories of personal information directly from you:
Contact Information, such as first and last name, salutation or title, billing address, mailing addresses, phone number, professional title, and company name.
Demographic information, such as your city, state, country, and zip code.
Communications data based on our exchanges with you, including when you contact us through our website, social media, or otherwise.
Financial information, based on exchanges with clients, consultants, vendors, employees, and others.
Online identifiers and account information, such as your username or passwords for any of our websites or information systems.
Marketing data, such as your preferences for receiving our marketing communications and details about your engagement with them.
Internet Activity, such as IP addresses, browser types, and browsing behavior on our site.
Other data not specifically listed here, as described in this Privacy Policy or otherwise disclosed at the time of collection.
Information Collected Automatically. We may automatically collect information about you, your computer or mobile device, and your interactions over time with our services, such as:
Device data, such as your computer or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM or disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., Wi-Fi, LTE, 3G), and general location information such as city, state or geographic area.
Internet activity or electronic network activity information, such as how you interacted with our websites, emails, and other online content, including the pages you viewed, emails you opened, and links you clicked.
General location data is provided when you authorize us to access your device’s location.
Communication interaction data, such as your interactions with our email, chat messages, voicemail, text or other communications (e.g., whether you open and/or forward emails) – we may do this through use of pixel tags (which are also known as clear GIFs), which may be embedded invisibly in our emails.
3. How We Use Your Personal Information
We may use your personal information for the following purposes or as otherwise described at the time of collection:
Service delivery. We may use personal information to provide and operate the Service.
Firm operations. We may use personal information for the day-to-day operations of the firm, including security, facilities access, firm systems, compliance, and database use.
Client services. We may use personal information to perform legal services for our clients, administer their files and bill for and collect payments for those client services.
Hosting, events, employment. If you register for our events, or provide us information in seeking employment, we may use your personal information in connection with those activities.
Facility access and security. If you visit our offices, we may use your use personal information to register and host you, as well as to ensure the security of our physical offices.
Research and development. We may use your personal information for research and development, including to improve our services and develop new offerings. As part of this, we may create aggregated, de-identified, or anonymized data by removing personal identifiers. We may use and share such data with third parties for lawful business purposes and will not attempt to reidentify it.
Communication. We may use personal information to communicate with you, including to provide support for the Service and to respond to your requests, questions and feedback.
Compliance. We may use your personal information to comply with applicable laws, legal obligations, and lawful requests, including responding to subpoenas, investigations, or inquiries from government authorities.
Protection. We may use your information to protect our rights, your rights, and the rights, privacy, safety, or property of others, including in connection with legal claims. Additionally, we may use personal information to audit our internal processes for compliance with legal, contractual, or policy requirements; to enforce the terms and conditions governing the Service; and to prevent, detect, investigate, and deter fraudulent, unauthorized, harmful, unethical, or illegal activity, such as cyberattacks and identity theft.
Marketing. We, along with our service providers and any event co-sponsors, may collect and use your personal information to send you direct marketing communications, which may be tailored to your interests and preferences. You can opt out of these communications by following the instructions in the “Opt-Out of Communications” section below.
Service Improvement and Analytics. We may use your personal information to analyze how you interact with the Service, including which pages are visited and how users navigate the site, as well as engagement with our emails. This helps us improve the Service and enhance our broader business operations.
New or additional purposes. We may use your personal information for reasons not described in this Privacy Policy where permitted by law and when the reason is compatible with the purpose for which we originally collected it. In some cases, we may specifically ask you for your consent to collect, use or share your personal information, such as where required by law.
4. Who We Share Your Personal Information With
We do not “sell” personal information. We may, however, share your information with the following categories of third parties for the specific purpose of providing our services to you:
Any Affiliates.
Our service providers, including third parties that perform services on our behalf or assist in the operation of our services or our business, such as providers of IT and software solutions, mailing and marketing services, event management, and cyber and physical security. This also includes vendors that support our legal work—such as e-discovery providers, data management systems, deposition and litigation support services—as well as other professionals, consultants, and experts who assist us in representing our clients.
Third parties authorized by you, such as third parties that you have directed us to connect with on your behalf.
Our clients and related parties, such as potential clients, and other individuals or entities involved in our client matters or interactions, including their representatives, vendors, and advisors.
Event co-sponsors, such as third parties with whom we partner to organize or co-sponsor events.
Our professional advisors, such as legal, financial, insurance, accounting, and auditing professionals who provide services to us in the course of their professional engagements.
Regulatory and legal authorities, such as law enforcement, government agencies, or private parties, when we believe such disclosure is necessary or appropriate to comply with the law or to protect legal rights, safety, or property.
Business successors or acquirers, such as third parties involved in litigation over actual or potential business transactions, such as mergers, reorganizations, or acquisitions.
5. Your Choices
This section outlines the rights and choices available to all users. If you reside in a state that grants additional privacy rights (such as California or Virginia), please refer to the State Privacy Rights Notice section below for more information specific to your jurisdiction.
Opt-out of our communications. You may opt-out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or emailing us at privacy@dirllp.com. Please note that if you choose to opt-out of marketing-related emails, you may continue to receive service-related and other non-marketing emails.
Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
Declining to provide information. We need to collect personal information to provide certain services. If you do not provide the information we identify as required or mandatory, we may not be able to provide those services.
6. Cookies
We may use cookies and similar technologies to improve your experience, understand how our services are used, and support our marketing efforts. Cookies are small text files placed on your device when you visit our website. They serve a variety of functions, such as enabling site functionality, remembering your preferences, and analyzing site performance.
Types of cookies we may use include:Strictly Necessary Cookies – Essential for the website to function properly (e.g., enabling navigation between pages). These cannot be switched off.
Performance and Analytics Cookies – Help us understand how visitors interact with our website by collecting information such as page visits, traffic sources, and error logs.
Functional Cookies – Allow the website to remember your choices (e.g., language preference, region) and provide enhanced features.
Targeting or Advertising Cookies – Used to deliver relevant advertising and measure the effectiveness of marketing campaigns.
Managing Cookies.You can manage or disable cookies at any time through your browser settings. Please note that blocking some types of cookies may impact your experience on our website. For more information on how to manage cookies, see your browser’s “help” or “settings” section.Where required by law, we will request your consent before placing non-essential cookies on your device.
7. Other Sites and Services
Our website may include links to third-party websites, mobile apps, and online services, and our content may appear on sites or services that are not affiliated with us. These links and integrations do not imply our endorsement or any association with those third parties. We do not control, and are not responsible for, the content or practices of any third-party websites, apps, or services. We recommend reviewing the privacy policies of any third-party platforms you visit or use.
8. Data Security
We maintain reasonable administrative, technical, and physical safeguards to protect your personal information from unauthorized access or disclosure. However, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee the absolute security of your personal information.
9. Data Retention
We retain personal information as long as necessary for the purposes described in this policy, or as required by law or professional obligations.
10. Children’s Privacy
This website is not intended for individuals under the age of 18. If you are a parent or guardian and believe we have collected personal information from a child in a way that violates the law, please contact us immediately. If we become aware that we have collected personal information from a child without the necessary parental or guardian consent, we will take appropriate steps to delete the information in accordance with applicable legal requirements.
11. Changes to This Policy
We may update this Privacy Policy at any time. If we make significant changes, we will notify you by updating the effective date and posting the revised notice on our website or through other appropriate means. Changes will take effect when the updated Privacy Policy is posted (or as otherwise specified at the time). By continuing to use our website and services after the effective date, you acknowledge that the updated Privacy Policy applies to your use of the Service and your interactions with us.
12. Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:
Email:privacy@dirllp.com
Phone: +1 202-240-2900
13. US State Privacy Rights Notice
This section provides additional information for residents of U.S. states that have enacted privacy laws granting specific rights to individuals, including, but not limited to, the California Consumer Privacy Act (“CCPA”), the Virginia Consumer Data Protection Act (“VCDPA”), the Colorado Privacy Act (“CPA”), and the Connecticut Data Privacy Act (“CTDPA”) (collectively, the “State Privacy Laws”).
This section explains how we collect, use, and share “Personal Information” (as defined below) of residents covered by these laws, as well as the rights they may have. Please note:
Not all rights described below apply to all users; eligibility depends on your state of residence.
We may be unable to process requests if we cannot verify your identity or understand the request.
For purposes of this section, the following definitions apply:
“Personal Information” refers to data defined as “personal data,” “personal information,” or a similar term under applicable State Privacy Laws, and excludes any exempt information (e.g., publicly available data).
“Sensitive Personal Information” is defined according to the applicable State Privacy Laws and is subject to specific limitations and protections.
Your Privacy Rights
Depending on your state of residence, you may have some or all of the following rights. These rights are not absolute, and we may deny a request as permitted by law.
Right to Know / Information: You may request confirmation of whether we process your Personal Information and ask for
The categories of Personal Information we have collected.
The categories of sources of that information.
The business or commercial purposes for collecting it.
The categories of third parties with whom we share it.
The categories of Personal Information disclosed and to whom.
Right to Access: You may request a copy of the Personal Information we have collected about you.
Right to Correct: You may request correction of inaccurate Personal Information we hold about you.
Right to Delete: You may ask us to delete certain Personal Information we have collected from you.
Right to Appeal: You may have the right to appeal our decision if we deny your request.
Right to Nondiscrimination: You have the right to exercise the above rights without being discriminated against as prohibited under the State Privacy Laws.
How to Exercise Your State Privacy Rights
You may exercise your state privacy rights in the following ways:
Submit a Request: You may submit a request to know, access, appeal, correct, or delete your Personal Information by, for example, emailing us at privacy@dirllp.com.
Lodge a Complaint: Depending on your state privacy law, you may file a complaint with your state’s applicable enforcement authority if you are not satisfied with our rejection of your request. Where applicable, in our response rejecting your request, we will provide you with a mechanism through which you may contact the relevant authority.
To exercise your state privacy rights, we may need to verify your identity and confirm your residency before processing your requests. Verification may include providing government-issued identification, a sworn statement, or other information as permitted by law.
Some State Privacy Laws allow you to authorize an agent to submit a request on your behalf. To process such requests, we may need to verify both the agent’s identity and their authority to act for you. This may include requesting a copy of a valid power of attorney. If no power of attorney has been provided, we may require additional verification, such as your written and signed permission authorizing the agent, confirmation of your identity, and verification that you have permitted the agent to act on your behalf in connection with your privacy rights.
Personal Information We Collect, Use and Disclose
We have summarized the categories of Personal Information that we may collect and/or disclose based on (i) the categories listed in the section and (ii) those defined under the California CCPA. We use this information for the purposes described in the How We Use Your Personal Information section, except for Sensitive Personal Information, which is only used as permitted by law. This section reflects our current practices and those during the 12 months prior to the effective date of this Privacy Notice. Information you voluntarily provide (e.g., in webforms) may include additional categories not listed here. For more details on sources and purposes of collection, please refer to the relevant sections of this Privacy Policy.
| Personal Information (PI) We Collect | CCPA Statutory Category | Categories of Third Parties to Whom We “Disclose” PI for a Business Purpose |
|---|---|---|
| Contact data |
|
|
| Demographic data |
|
|
| Online identifiers and account information |
|
|
| Communications data |
|
|
| Marketing data |
|
|
| Audio, electronic, and visual information |
|
|
| Professional or Employment-related data |
|
|
| Data about others |
|
|
| Device data |
|
|
| Online activity data |
|
|
| General location data |
|
|
| Communication interaction data |
|
|
| Data derived from the above |
|
|
|
Other Sensitive Personal Information We do not require that you provide this information, but it may be revealed in identity data or other information we collect, or as voluntarily disclosed by you. |
|
|
14. European Privacy Rights Notice
The information provided in this “European Privacy Rights Notice” section applies only to individuals in the United Kingdom (“UK”), the European Economic Area (“EEA”), and Switzerland (hereafter collectively referred to as “Europe”).
Personal information: References to “personal information” throughout this Privacy Notice are equivalent to “personal data” (or the equivalent term) under and governed by European Privacy Law. “European Privacy Law” includes, but is not limited to: the Regulation (EU) 2016/679 (General Data Protection Regulation) (the “EU GDPR”), the UK General Data Protection Regulation, as incorporated into UK law by the Data Protection Act 2018 and the European Union (Withdrawal) Act 2018 (the “UK GDPR”), and the Swiss Federal Act on Data Protection (the “Swiss GDPR”)(collectively, the EU GDPR, the UK GDPR and the Swiss GDPR, the “GDPR”). Personal information under the GDPR does not include “anonymous data” (i.e., information where the identity of individual has been permanently and irreversibly removed); however, it does include pseudonymized and/or aggregated personal information.
Controller: DIR typically operates as an independent controller under European Privacy Law. This means that DIR is responsible for your personal information. DIR is a limited liability partnership with its principal place of business in Washington, DC. Information on DIR’s practice areas and firm can be found here.
Legal bases for processing. In respect of each of the purposes for which we use your personal information, European Privacy Law requires us to ensure that we have a legal basis for that use. The legal bases of our processing of your personal information as described in this Privacy Notice will depend on the type of personal information and the specific context in which we process it. However, the legal bases we typically rely on are set out in the table below. If you have questions about the legal basis of how we process your personal information, contact us at privacy@dirllp.com.
| Processing purpose Details regarding each processing purpose listed below are provided in the section above titled “How we use Personal Information.” | Categories of personal information involved Details regarding the categories of personal information listed below are provided in the section above titled “Personal Information We Collect.” | Legal basis |
|---|---|---|
| 1. Service delivery and operations: We need to process your personal information to operate the Service, including responding to your requests or inquiries, providing you with access to content or information you requested, etc. |
|
Processing is necessary to perform the contract governing our provision of our Service or to take steps that you request prior to signing up for the Service. |
| 2. For research and development: We may use your personal information for research and development purposes, including to analyze and improve our Service and our business. | Any and all data types relevant in the circumstances | These activities constitute our legitimate interests. We do not use your personal information for these activities where our interests are overridden by the impact on you. |
3. We may need to process your personal information for additional purposes, such as:
|
|
We rely on our legitimate interests to process your personal information when performing these processing activities. We do not use your personal information for these purposes where our interests are overridden by the impact on you. |
| 4. For marketing and advertising purposes: We and our third-party advertising partners may collect and use your personal information for marketing and advertising purposes. |
|
Processing is based on your consent where that consent is required by applicable law. Where such consent is not required by applicable law, we process your personal information for these purposes based on our legitimate interests in promoting our business. |
| 5. Compliance with legal obligations and protection purposes: We are subject to certain legal obligations that may oblige us to disclose your personal information to courts, law enforcement or regulatory authorities. | Any and all data types relevant in the circumstances. | Processing is necessary to comply with our legal obligations. Where Compliance with law is not applicable, we and any relevant third parties have a legitimate interest in participating in, supporting, and following legal process and requests, including through co-operation with authorities. We and any relevant third parties may also have a legitimate interest in ensuring the protection, maintenance, and enforcement of our and their rights, property, and/or safety. |
| 6. Further uses: We may use your personal information for reasons not described in this Privacy Notice. | Any and all data types relevant in the circumstances. |
We may process information based upon an original legal basis relied upon, if the relevant further use is compatible with the initial purpose for which the Personal Information was collected.
We may process information based upon consent, if the relevant further use is not compatible with the initial purpose for which the personal information was collected. |
Your rights. Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you may have the following rights under data protection laws:
Right of access: You may have the right to ask us for copies of your personal information.
Right to rectification: You may have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Right to erasure: You may have the right to ask us to erase your personal information in certain circumstances.
Right to restriction of processing: You may have the right to ask us to restrict the processing of your personal information in certain circumstances.
Right to object to processing: You may have the right to object to the processing of your personal information in certain circumstances.
Right to data portability: You may have the right to ask that we transfer the personal information you gave us to another organization, or to you, in certain circumstances.
Right to withdraw consent at any time: Where we are relying on consent to process your personal data, you have the right to withdraw your consent at any time. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.
Exercising These Rights. You may submit these requests by email to privacy@dirllp.com or at the following postal address: 401 9th Street NW, Suite 800, Washington, DC 20004 USA. We may request specific information from you to help us confirm your identity and process your request. Whether or not we are required to fulfill any request you make will depend on a number of factors, such as why and how we are processing your personal information. If we reject any request you may make (whether in whole or in part) we will let you know our grounds for doing so at the time, subject to any legal restrictions.
Your Right to Lodge a Complaint with Your Supervisory Authority. In addition to your rights outlined above, if you are not satisfied with our response to a request you make, or how we process your personal information, you can make a complaint to the data protection regulator in your habitual place of residence.
For users in the European Economic Area – the contact information for the data protection regulator in your place of residence can be found here: https://edpb.europa.eu/about-edpb/board/members_en
For users in the UK – the contact information for the UK data protection regulator is below:
The Information Commissioner’s Office
Water Lane, Wycliffe House Wilmslow - Cheshire SK9 5AF
Tel. +44 303 123 1113
Website: https://ico.org.uk/make-a-complaint/
For users in Switzerland – the contact information for the Swiss data protection regulator is below:
Federal Data Protection and Information Commissioner (FDPIC)
Feldeggweg 1, CH-3003 Bern, Switzerland
Tel. +41 58 462 43 95
Website: https://www.edoeb.admin.ch
Cross-border data transfer. We are headquartered in the U.S. and our service providers, advisers, partners or other recipients of data are also generally based in the U.S. This means that, if you use the Service, your personal information will necessarily be accessed and processed in the U.S. It may also be provided to recipients in other countries outside Europe. In such circumstances, those parties’ processing of your personal information will involve a transfer of your personal information outside of Europe where privacy laws may not be as protective as those in your state, province, or country. Where we share your personal information with third parties who are based outside Europe, we will take steps to transfer your personal information in accordance with applicable law.
You can obtain further information or a copy of or access safeguards under which your personal information is transferred outside of the EEA and/or UK by contacting us at privacy@dirllp.com.
.png)