AlixPartners, LLP: Privacy Shield Policy
AlixPartners, LLP and its U.S. subsidiaries, as listed below, (collectively, “AlixPartners”) respect your privacy. AlixPartners has certified that it abides by the EU- U.S. Privacy Shield (“Privacy Shield”) principles as agreed between the U.S. Department of Commerce and the European Commission regarding the processing of Personal Data transferred from the European Economic Area (“EEA”) to the United States (“Privacy Shield Principles”). This Privacy Shield Policy (“Policy”) outlines our general policy and practices for implementing and complying with the Privacy Shield Principles for Personal Data, including the ways in which we collect, use and protect Personal Data.
For purposes of this Policy:
“Personnel” means any current, former or prospective employee of AlixPartners, or any of its EEA affiliates, who is located in the EEA. For purposes of this Policy only, “Personnel” also includes any independent contractor of AlixPartners, or any of its EEA affiliates, who is located in the EEA.
“Personal Data” means any information, including Sensitive Data, that (i) is transferred to AlixPartners in the U.S. from the EEA, (ii) is recorded in any form, (iii) relates to an identified or identifiable individual (including Personnel), and (iv) can be linked to that individual.
“Sensitive Data” means Personal Data specifying medical and health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sex life, the commission or alleged commission of any offense, any proceedings for any offense committed or alleged to have been committed by the individual or the disposal of such proceedings, or the sentence of any court in such proceedings.
In connection with AlixPartners’ processing of Personal Data, AlixPartners adheres to the EU-U.S. Privacy Shield Framework Principles issued by the U.S. Department of Commerce (the “Principles”). For more information about the Principles, please visit the Department of Commerce’s Privacy Shield website. AlixPartners commits to be subject to the Principles for all Personal Data received from the EEA in reliance on Privacy Shield.
For purposes of this Policy, the current AlixPartners, LLP US subsidiaries that are adhering to the Principles currently include: AlixPartners, LLC; AlixPartners Forensic Services, LLC; AlixPartners Asia, LLC; AlixPartners International, Inc.; AlixPartners International, LLC; AP Services, LLC; Evidence Exchange, LLC; AlixPartners Canada, Inc.; AlixPartners Finance Company, LLC; The System Advisory Group, LLC.
AlixPartners receives Personal Data: (i) in connection with AlixPartners’ client relationships including without limitation promotion and delivery of services, marketing and sales and client administration (such as contract negotiations and file maintenance); (ii) from third parties in connection with the claims management services pages of AlixPartners’ website; (iii) directly from individuals when, for example, they visit AlixPartners’ website and provide Personal Data to AlixPartners or contact AlixPartners through other media, such as email or telephone, (iv) directly from Personnel . From its website, AlixPartners receives contact and professional data, including name, title, employer, work address, telephone number, and email address. In connection with client engagements, AlixPartners may serve as a Data Processor to AlixPartners’ clients. In its capacity as a Data Processor, AlixPartners may receive Personal Data that is relevant to the services AlixPartners is providing, such as Personal Data about our client’s employees, customers, and agents.
AlixPartners obtains and processes Personal Data for the following purposes: (i) in connection with the provision of its consulting services, (ii) the management and operations of the firm, its functions and activities, (iii) Personnel communications, (iv) maintaining a global directory, (v) carrying out obligations under employment contracts and employment, tax and benefits laws, and in connection with other working relationships or arrangements, (vi) development and training programs, (vii) recruiting and hiring job applicants, (viii) assessing qualifications and performance, (ix) performing background checks and verifying references, (x) managing Personnel headcount, (xi) managing Personnel performance, (xii) determining Personnel compensation or payment, (xiii) managing the Personnel termination process, (xiii) other general human resources purposes, and (xiv) other lawful purposes.
AlixPartners notifies Personnel about the types of third parties to whom AlixPartners discloses Personal Data, Personnel’s right to access their Personal Data, the choices Personnel have for limiting the use and disclosure of their Personal Data, and how to contact AlixPartners about its practices concerning Personal Data. Relevant information also may be found in privacy notices pertaining to specific data processing activities, including in notices and other materials provided to Personnel and in connection with AlixPartners’ claims management services.
Please direct any inquiries or complaints regarding our compliance with the Principles to the point of contact listed in the “How to Contact AlixPartners” section below. If AlixPartners does not resolve your complaint, you may submit your complaint free of charge to JAMS, an alternative dispute resolution provider based in the United States, JAMS, Company’s designated Privacy Shield dispute resolution provider. Under certain conditions specified by the Principles, you may also be able to invoke binding arbitration to resolve your complaint.
AlixPartners may disclose Personal Data to comply with or respond to lawful requests made by public authorities, including: to meet national security or law enforcement requirements; to comply with governmental, professional and legal obligations or inquiries; carry out investigations and perform internal administrative activities.
AlixPartners is subject to the investigatory and enforcement powers of the Federal Trade Commission. If AlixPartners shares Personal Data with a third-party service provider that processes the data solely on AlixPartners’ behalf, then AlixPartners will be liable for that third party’s processing of Personal Data in violation of the Principles, unless AlixPartners can prove that it is not responsible for the event giving rise to the damage.
In circumstances in which AlixPartners maintains Personal Data about individuals with whom AlixPartners does not have a direct relationship because AlixPartners obtained the Personal Data as a data processor for its clients or third parties using the claims management services, those clients and third parties are responsible for providing the relevant individuals with certain choices with respect to the clients’ or third parties’ use or disclosure of the individual’s Personal Data.
AlixPartners may disclose Personal Data without offering an opportunity to opt out (i) to service providers the firm has retained to perform services on its behalf, (ii) if it is required to do so by law or legal process, (iii) to law enforcement or other government authorities, (iv) when AlixPartners believes disclosure is necessary to prevent physical harm or financial loss, or (v) in connection with an investigation of suspected or actual illegal activity. AlixPartners also reserves the right to transfer Personal Data in the event it sells or transfers all or a portion of its business or assets (including in the event of a reorganization, dissolution or liquidation). Should such a sale or transfer occur, AlixPartners will use reasonable efforts to direct the transferee to use the Personal Data in a manner that is consistent with AlixPartners’ privacy policies.
AlixPartners uses Personal Data only for the purposes indicated in this Policy unless it has a legal basis, such as consent, to use it for other purposes. Where required by law, AlixPartners obtains prior opt-in consent at the time of collection for the processing of (i) Personal Data for marketing purposes and (ii) Sensitive Data.
Accountability for Onward Transfer of Personal Data
AlixPartners may share Personal Data with non-affiliated parties as indicated in the “Choice” section above. AlixPartners also may share Personal Data as specified in notices and other materials AlixPartners may provide to Personnel or others and in connection with AlixPartners’ claims management services.
Except as permitted or required by applicable law, AlixPartners requires non-affiliated parties to whom it discloses Personal Data and who are not subject to the European Union Data Protection Directive 95/46 or an adequacy finding to either (i) subscribe to the relevant Principles or (ii) contractually agree to provide at least the same level of protection for Personal Data as is required by the relevant Principles.
AlixPartners takes reasonable and appropriate measures to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into due account the risks involved in the processing and the nature of personal data.
Data Integrity & Purpose Limitation
AlixPartners takes reasonable steps to ensure that the Personal Data the firm processes are (i) relevant for the purposes for which they are to be used, (ii) reliable for their intended use, and (iii) accurate, complete and current. In this regard, AlixPartners may rely on its Personnel and clients and third parties using the claims management services (with respect to Personal Data of individuals with whom AlixPartners does not have a direct relationship) to update and correct Personal Data to the extent necessary for the purposes for which the information was collected or subsequently authorized by the other individuals. Personnel and individuals (and clients or third parties, as appropriate) may contact AlixPartners as indicated in the “How to Contact AlixPartners” section below to request that AlixPartners update or correct relevant Personal Data.
Where appropriate, AlixPartners provides individuals with reasonable access to the Personal Data AlixPartners maintains about them. AlixPartners also provides a reasonable opportunity for individuals to correct, amend or delete that information where it is inaccurate, as appropriate. AlixPartners may limit or deny access to Personal Data where providing such access is unreasonably burdensome or expensive under the circumstances, or as otherwise permitted by the Principles. The right to access Personal Data also may be limited in some circumstances by local law requirements. Individuals may request access to their Personal Data by contacting AlixPartners as indicated in the “How to Contact AlixPartners” section below.
In circumstances in which AlixPartners maintains Personal Data about individuals with whom AlixPartners does not have a direct relationship because AlixPartners obtained the data as a data processor, those clients and third parties are responsible for providing the relevant individuals with access to their Personal Data and the right to correct, amend or delete the information where it is inaccurate. In these circumstances, the relevant individuals should direct their questions to the appropriate party from which AlixPartners obtained the Personal Data. When an individual is unable to contact the appropriate party, or does not obtain a response, AlixPartners will provide reasonable assistance in forwarding the individual’s request to the appropriate party.
Recourse, Enforcement and Liability
AlixPartners has established procedures for periodically verifying implementation of and compliance with the Principles. AlixPartners conducts an annual self-assessment of its Personal Data practices to verify that the attestations and assertions the firm makes about its privacy practices are true and that the firm’s privacy practices have been implemented as represented.
Individuals (other than Personnel) may file a complaint concerning AlixPartners’ processing of their Personal Data with AlixPartners’ General Counsel, whose contact information is below. If AlixPartners does not resolve your complaint, you may submit your complaint free of charge to JAMS, an alternative dispute resolution provider based in the United States, you may submit your compliant free of charge to AlixPartners’ alternative dispute resolution provider based in the United States, JAMS, Company’s designated Privacy Shield dispute resolution provider. Under certain conditions specified by the Principles, you may also be able to invoke binding arbitration to resolve your complaint. AlixPartners is subject to the investigatory and enforcement powers of the Federal Trade Commission.
Personnel may file a complaint concerning AlixPartners’ processing of their Personal Data with the firm’s Human Resources Department. AlixPartners will take steps to remedy any issues arising out of a failure to comply with the Principles. Please contact AlixPartners as specified below to address any complaints regarding the firm’s Personal Data practices. If an AlixPartners’ Personnel complaint cannot be resolved through AlixPartners’ internal processes, AlixPartners will cooperate with the relevant EEA data protection authority, as appropriate.
In circumstances in which AlixPartners maintains Personal Data about individuals with whom AlixPartners does not have a direct relationship because AlixPartners obtained the data as a data processor for its clients or third parties using the claims management services, individuals may submit complaints concerning the processing of their Personal Data to the relevant client or third party, in accordance with the client’s or third party’s dispute resolution process. AlixPartners will participate in this process at the request of the client, third party or individual.
How to Contact AlixPartners
To contact AlixPartners with questions or concerns about this Policy or AlixPartners’ practices concerning Personal Data:
Attention: General Counsel
2000 Town Center, Suite 2400
Southfield, Michigan, MI 48075
Effective Date: August 8th, 2016