Privacy Policy – Sloane & Associates

This Privacy Policy explains how Sloane & Associates LLC processes personal data collected through its website. It applies to visitors located anywhere in the world, with specific provisions for visitors located in the European Economic Area, the United Kingdom, and Switzerland.

1. Data controller

Sloane & Associates LLC, with registered offices at 1326 Madison Avenue, New York, NY (United States), is the data controller for personal data processed through this website.

2. Privacy contact

Questions about this Policy or about the processing of personal data should be addressed to Tilly Bernstein at privacy@lawsloane.us. Requests are answered within thirty (30) days where the law so requires.

3. Data we collect

We collect only what is necessary for the purposes described below.

– Information you provide through the contact form: first name, last name, email address, company or family office (optional), matter (optional), jurisdiction concerned (optional), and the content of your message.

– Technical information generated by our server when you visit the website: IP address, user-agent string, date and time of access, and pages requested. This information is logged for security and operational purposes.

– Strictly necessary cookies that allow the website to function. We do not use analytics cookies, advertising cookies, or third-party tracking pixels. See our Cookie Policy for details.

4. Purposes and legal bases

We process personal data for the following purposes, on the legal bases indicated.

– Responding to your enquiry — basis: your consent, given by submitting the contact form, in accordance with Article 6(1)(a) of the General Data Protection Regulation.

– Performing a conflict-of-interest check before any substantive engagement — basis: our legitimate interest in protecting current and prospective clients from conflicts of interest, and our professional obligation to perform such checks.

– Operating and securing the website — basis: our legitimate interest in maintaining a functional and secure online presence.

– Complying with legal and regulatory obligations — basis: compliance with applicable law, including U.S. and European data protection requirements.

5. Recipients

Personal data collected through the website is accessed only by authorised personnel of the firm, and is not transferred or sold to third parties. We may disclose information to comply with a valid legal request, court order, or regulatory inquiry, or to protect the rights, property, or safety of the firm, our clients, or others.

Our website is hosted by Web Hosting Canada, located in Canada. The European Commission has determined that Canada provides an adequate level of data protection for personal data of EU origin (adequacy decision of 20 December 2001), which forms the legal basis for the transfer of data to that jurisdiction.

6. Retention

Contact form submissions and related correspondence are retained for twenty-four (24) months from the date of the last exchange, after which they are deleted unless an active engagement requires longer retention. Server logs are retained for twelve (12) months for security purposes.

7. Your rights

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have the right to access your personal data, to obtain rectification or erasure of inaccurate data, to restrict or object to processing, to receive your data in a portable format, and to withdraw your consent at any time. You also have the right to lodge a complaint with the supervisory authority of your country of residence.

If you are located in the United States, the rights available to you may vary depending on your state of residence. California residents have rights under the California Consumer Privacy Act, including the right to know, the right to delete, and the right to opt out of certain sharing. To exercise any of these rights, contact Tilly Bernstein at the address indicated in section 2.

8. Updates

This Policy may be updated to reflect changes in applicable law or in our practices. The current version is dated below; previous versions are available on request.

9. Effective date

Effective date: May 11, 2026. Last reviewed: May 11, 2026.