Privacy Policy

A&O Shearman values your privacy and cares about the way in which your personal information is treated. 

This Privacy Policy describes A&O Shearman's privacy practices specifically in relation to the Peerpoint service (see peerpoint.com (or such other Peerpoint website as we may operate from time to time) for more information on Peerpoint). In particular, this Privacy Policy describes our privacy practices with respect to personal information we collect from or about applicants who wish to join Peerpoint and from clients and other third parties who use Peerpoint services (including by visiting our website). A separate privacy policy will be provided to applicants who go on to become a Peerpoint employee or consultant or an employee of A&O Shearman. This Privacy Policy does not cover the processing of personal information by Peerpoint employees or consultants in the provision of legal services.

A&O Shearman make use of your personal information in relation to the provision, or potential provision, of Peerpoint services and as otherwise described in this Privacy Policy.

In addition to our Privacy Policy, your use of the Peerpoint website is subject to our Legal Notices.

This policy describes:

  1. what personal information we collect about you
  2. how we obtain your personal information
  3. how we use cookies and analytics
  4. how and on what basis we use your personal information
  5. marketing and other emails
  6. how long we keep your personal information 
  7. who we share your personal information with 
  8. how we protect your personal information
  9. which countries we transfer your personal information to
  10. your rights regarding your personal information
  11. who are the data controllers
  12. changes to our Privacy Policy
  13. who to contact with questions or concerns

A&O Shearman refers to Allen Overy Shearman Sterling LLP, its subsidiaries and the other partnerships, corporations, undertakings and entities which are authorized to practice using a name which includes “Allen Overy Shearman Sterling” or “A&O Shearman”. See the section entitled ‘Who are the data controllers’ below for more information on the entities that control and process personal data in A&O Shearman.

Peerpoint Privacy Policy

1. What personal information do we collect about you?

In this Privacy Policy, where we use the term ‘personal information’, we use this term to describe information that is about you and which identifies you. We collect and generate personal information during the course of your use of Peerpoint services (including the Peerpoint website).

If you contact us as a client, prospective client, applicant or prospective applicant regarding the provision of our services or, to a lesser extent if you use our website, the personal information that we process may include:

  • Basic information about you, such as your full name (including name prefix or title), the company you work for, your title or position and your relationship to a person
  • Contact information, such as your postal address, email address and phone number(s)
  • Financial information, such as payment-related information
  • Technical information to the extent that it constitutes personal information, including your IP address and other online identifiers, and information about your access to and use of the Peerpoint website (such as your access dates/times or what areas of the website you have visited)
  • Information you provide to us for the purposes of attending meetings and events, including access and dietary requirements, and information generated by us in connection with your attendance, such as CCTV and access records
  • Identification and background information provided by you or collected as part of our business acceptance processes
  • Information provided to us by or on behalf of our clients or generated by us in the course of providing services to them, which may include special categories of data
  • Any other information relating to you (or other individuals) which you may provide to us or a third party may provide to us, or that is otherwise obtained or generated by us in the course of the activities covered by this Privacy Policy

If you use the Peerpoint website as an applicant or otherwise apply to join Peerpoint, then the personal information that we process will also include:

  • Applicant information, such as your educational and employment history, CV, information about qualifications and training, skills and experience, results, hobbies and interests, language skills, professional licenses and memberships, personal statements, answers to questions relevant for the role you have applied for, interview notes, references and outcome of application
  • Employment preferences, such as willingness and eligibility to relocate, desired remuneration, availability, job specifications and requirements
  • General information, such as your date of birth, gender, marital and family status, maiden name, place of birth, residency, nationality, immigration status and work authorization
  • Information necessary to complete background checks (to the extent permitted in your jurisdiction) and information obtained as a result of the check, which may include criminal records information
  • Government and other official identification numbers, such as social security or national insurance number, passport number, tax identification number or other government issued identification number
  • Other identification and background information provided by you or collected as part of our application, hiring and placement processes, which may include photographs
  • Health-related information, as permitted or required by applicable law, for instance where we need to know this information to make adjustments to our application processes
  • Diversity-related information including in relation to disabilities, ethnicity, sexuality, religion and social background. The diversity data collected and processed will depend on, and only be collected in accordance with, applicable local laws. Where applicable, it will form part of the application process and will be apparent at the point of collection
  • Information you provide to us for the purposes of attending interviews and other events, including access and dietary requirements

Before providing us with personal information about another individual you must (unless otherwise agreed) have the appropriate and necessary permissions to share such personal information with us for the purposes described in this Privacy Policy and any other applicable privacy notices.

If we do not collect, or you do not provide, your personal information to us, we may not be able to receive or process your application, provide the Peerpoint services to you or respond to your communications.

2. How we obtain your personal information

  • We collect personal information about you and others as necessary in the course of your interactions with Peerpoint regarding the provision of services to you, which may include through your use of the Peerpoint website
  • We collect personal information from you when you contact or communicate with us (including through the website, by email, phone or otherwise)
  • We collect your personal information while monitoring the Peerpoint website and our other technology tools (such as email)
  • We gather personal information about you when you provide it to us, or interact with us directly, for instance engaging with our staff
  • We may collect or receive personal information about you from other sources, such as from our clients or from publicly available sources (such as LinkedIn)

If you apply to join Peerpoint, we also obtain your personal information as follows:

  • We collect your personal information when you apply to join Peerpoint.
  • We collect your personal information during interviews and assessment exercises.

3. How we use cookies and analytics

Our website uses a number of cookies and web-based analytics tools, such as Google Analytics, that tracks and reports on the manner in which the Peerpoint website is used to help us to improve it. The analytics tools do this by placing small text files called ‘cookies’ on your device. Cookies enable a website to recognize and remember your device when you visit the site. The information that some of the cookies collect, such as the number of visitors to the site, the pages visited and the length of time spent on the site, is aggregated and anonymous.

Our Peerpoint application website also uses cookies that are necessary to enable you to effectively use the online application system and which are deleted when you log out.

For information on how to disable and/or clear cookies, including third-party cookies, on your device please follow the instructions in the links below:

  • Internet Explorer (IE)
  • Google Chrome
  • Safari (desktop)
  • Safari (mobile)
  • Firefox
  • Opera
  • Netscape


    • More information on managing your cookie settings can be found at www.allaboutcookies.org.

    4. How we use your personal information and on what basis we use your personal information

    A&O Shearman collects and processes personal information about you in a number of ways, including through the provision of the Peerpoint services and your use of our Peerpoint website. We have set out below the principal purposes for which A&O Shearman uses your personal information and the legal basis (as set out in data protection law) that we rely on to justify this use of personal information.

    Purpose: For diversity and equality monitoring purposes.

    Legal Basis: We may process diversity information for our legitimate interests (i.e., to ensure the diversity of our consultants and employees) and for compliance with legal obligations to which we are subject. We will request your consent in circumstances where it is required by applicable law.

    Purpose: To audit and monitor the use of the Peerpoint website and Peerpoint services, and our other technology tools.

    Legal Basis: For our legitimate business purposes (i.e., the provision of the Peerpoint website and Peerpoint services, as well as to improve and ensure the security of these resources) We may request your consent in circumstances where a legal justification over and above legitimate interests is required by applicable law (e.g., in relation to the use of certain cookies.

    Purpose: To provide information requested by you and to communicate with you.

    Legal Basis: For our legitimate business purposes (i.e., to provide information that you request and otherwise communicate with you in connection with Peerpoint) We may request your consent in circumstances where a legal justification over and above legitimate interests is required by applicable law.

    Purpose: To organize and host seminars, training and other events.

    Legal Basis: For our legitimate business purposes (for example, we run events to enable potential applicants to better understand the application process and what it is like to work for A&O Shearman as a Peerpoint consultant; we will also collect data to facilitate your visit to our premises and maintain the security of our premises) We may also process personal information to ensure compliance with the firm's legal obligations to provide appropriate access to its premises and comply with health and safety requirements.

    Purpose: To improve the Peerpoint website, Peerpoint services and application process for you and our clients and prospective clients.

    Legal Basis: For our legitimate business purposes (i.e., the provision and improvement of our Peerpoint website, Peerpoint services and application process).

    Purpose: To manage and administer our relationship with our Peerpoint clients and prospective clients.

    Legal Basis: For our legitimate business purposes (ie to build and maintain strong relationships with our clients).

    Purpose: To provide information about our users and related usage information to third parties providing support for the Peerpoint website, Peerpoint services and application process.

    Legal Basis: For our legitimate business purposes (ie the provision and support of the Peerpoint website, Peerpoint services and application process).

    Purpose: To fulfil our legal, regulatory and risk management obligations, including establishing, exercising or defending legal claims.

    Legal Basis: For our legitimate business purposes and for compliance with legal obligations to which we are subject.

    5. Marketing and other emails

    From time to time, we may wish to send you information about Peerpoint and the products and services which A&O Shearman offers and we believe you may be interested in. We will use your personal information for this purpose. If you do not wish to receive these communications, or if you are already receiving these communications from A&O Shearman and you no longer wish to do so, please email us at info@peerpoint.com.

    We may also use a relationship management tool, where permitted by applicable local law, to assess the strength of the relationship between individuals in A&O Shearman and our clients or potential clients based on the frequency of email contact between them. We use that information in order to assess, analyze and improve the services that we provide.

    6. How long we keep your personal information

    Your personal information will be retained in accordance with our global data retention policy which categorizes all of the information held by A&O Shearman and specifies the appropriate retention period for each category of data. Those periods are based on the requirements of applicable data protection laws and the purpose for which the information is collected and used, taking into account legal and regulatory requirements to retain the information for a minimum period, limitation periods for taking legal action, good practice and A&O Shearman’s business purposes.

    7. Who we share your personal information with

    We are an international law firm and any information that you provide to us may be shared with and processed by any entity in the worldwide network of A&O Shearman and our associated firms. You can see a list of our offices by clicking here.

    A&O Shearman and Peerpoint’s recruitment applications website is powered by Kenexa. Our service provider, Infinite Talent, serves as a processor for A&O Shearman and will have access to personal information in the course of providing software and support for our recruitment system.

    We also share your personal information with certain trusted third parties in accordance with contractual arrangements in place with them, including:

    • Our professional advisers and auditors
    • IT and other service providers
    • Third parties involved in hosting or organizing interviews, training or other events

    You can login to our Peerpoint recruitment applications website using LinkedIn. If you use this service, you should review Linkedin’s privacy policy for more information on how they deal with your personal information.

    Where necessary, or for the reasons set out in this policy, personal information may also be shared with regulatory authorities, courts, tribunals, government agencies and law enforcement agencies. While it is unlikely, we may be required to disclose your information to comply with legal or regulatory requirements. We will use reasonable endeavors to notify you before we do this, unless we are legally restricted from doing so.

    If in the future we re-organize or transfer all or part of our business, we may need to transfer your personal information to new A&O Shearman entities or to third parties through which the business of A&O Shearman will be carried out.

    We do not sell or rent personal information or otherwise share it with any third party in return for monetary compensation, except with your prior permission.

    8. How we protect your personal information

    We use a variety of technical and organizational measures to help protect your personal information from unauthorized access, use, disclosure, alteration or destruction consistent with applicable data protection laws.

    This includes the use of data loss protection tools in order to protect A&O Shearman, our employees, clients and suppliers from cyber threats and loss of sensitive information.

    A&O Shearman’s document management and email systems are certified to the internationally recognized ISO/IEC 27001 security standard. This is an independently verified certification that information security is managed in line with international best practice.

    When we engage a third-party service provider to collect or otherwise process personal information on our behalf, the third-party is selected carefully and will be required to have appropriate security measures in place.

    9. Which countries we transfer your personal information to

    In order to administrate your application, we may need to transfer your personal information to locations outside the jurisdiction in which you submit it or where you are viewing the website for the purposes set out in this Privacy Policy. This may entail a transfer of your information from a location within the European Economic Area (“EEA”) to outside the EEA, or from outside the EEA to a location within the EEA. Please see the section entitled ‘Who we share your personal information with’ for more detail on how your personal information may be shared with A&O Shearman offices and third-party service providers.

    The level of data protection in countries outside the EEA may be less than that offered within the EEA. Where this is the case, we will implement appropriate measures to ensure that your personal information remains protected and secure in accordance with applicable data protection laws. EU standard contractual clauses) are in place between all A&O Shearman entities that share and process personal information. Where our third-party service providers process personal information outside the EEA in the course of providing services to us, our written agreement with them will include appropriate measures, usually standard contractual clauses.

    Please contact us using the details at the end of this Privacy Policy if you would like to see a copy of the safeguards applied to the export of your personal information.

    10. Your rights regarding your personal information

    The European Union’s General Data Protection Regulation and other applicable data protection laws provide certain rights for data subjects.

    You are entitled to request a copy of the information we hold about you and information about how we process it. You may also have a right in accordance with applicable data protection law to have it rectified or deleted, to restrict our processing of that personal information, to stop unauthorized transfers of your personal information to a third party and, in some circumstances, to have your personal information transferred to another organization. You may also have the right to lodge a complaint in relation to A&O Shearman’s processing of your personal information with a local supervisory authority.

    If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations.

    Your objection (or withdrawal of any previously given consent) could mean that we are unable to perform the actions necessary to achieve the purposes set out above (see section entitled ‘How we use your personal information’) or that you may not be able to make use of the services and products offered by us. Please note that even after you have chosen to withdraw your consent we may be able to continue to process your personal information to the extent required or otherwise permitted by law, in particular in connection with exercising and defending our legal rights or meeting our legal and regulatory obligations.

    We must ensure that your personal information is accurate and up to date. Therefore, please advise us of any changes to your information by emailing us at info@peerpoint.com. You may also update certain categories of information using your account on our recruitment application website (where applicable).

    11. Who are the data controllers

    There are a number of entities through which A&O Shearman provides legal and other services and the identity of the relevant data controller will depend on the location where those services are provided. Please click here for details of which A&O Shearman entity will be the data controller in each country and, where necessary having regard to local applicable data protection or privacy laws, a country-specific privacy notice.

    In certain circumstances, Allen Overy Shearman Sterling LLP, Allen Overy Shearman Sterling US LLP or another A&O Shearman entity may also be a controller of your personal information, for example certain personal information processed using, or accessible via, global systems.

    12. Changes to our Privacy Policy

    Any changes we make to this Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by email. The updated Privacy Policy will take effect as soon as it has been updated or otherwise communicated to you.

    This Privacy Policy was last updated in May 2024.

    13. Who to contact with questions or concerns

    Peerpoint Questions: If you have questions about Peerpoint or need additional assistance with the Peerpoint website or application process, please contact info@peerpoint.com.

    Privacy Questions/Complaints: If you have questions, complaints or need further information about our Privacy Policy or practices, please contact:

    Chief Privacy Officer

    A&O Shearman

    68 Donegall Quay

    Belfast

    Northern Ireland

    BT1 3NL

    Email: DataPrivacy@aoshearman.com

    Show more