EU-US Privacy Shield
In compliance with the Privacy Shield Principles, Forensic Risk Alliance commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Forensic Risk Alliance at:
Forensic Risk Alliance
c/o Privacy Complaints Department
Kacey Murphy/Gregory Mason
40 Westminster Street
Providence, RI 02903
Forensic Risk Alliance has further committed to cooperate with EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU in the context of the employment relationship. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the EU DPAs for more information or to file a complaint. The services of EU DPAs are provided at no cost to you.
Forensic Risk Alliance complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
Under certain conditions, more fully described on the Privacy Shield website at https://www.privacyshield.gov, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
Forensic Risk Alliance’s participation in the Privacy Shield applies to personal data received from the EU/EEA. Forensic Risk Alliance will comply with the Privacy Shield Principles in respect of such personal data. Some types of Personal Information may be subject to additional privacy-related requirements and policies, which are consistent with the Privacy Shield Principles.
Types of data Forensic Risk Alliance can potentially process generally falls into 2 categories.
1) Personal Information from Client Engagements: Forensic Risk Alliance provides professional consulting services to its clients. Forensic Risk Alliance’s clients may send Personal Information to it for processing on their behalf as part of the consulting services they have purchased. For example, Forensic Risk Alliance may receive Personal Information such as name, email address, employment information or financial data. Forensic Risk Alliance uses any such Personal Information to perform services for its clients and to administer and manage its relationships with its clients.
In the event that a client engagement involves a transfer of Personal Information from the EU to the United States, the relevant clients are responsible for providing appropriate notice, where required, to the individuals whose Personal Information may be transferred to Forensic Risk Alliance, including providing individuals with certain choices with respect to the use or disclosure of their Personal Information, and obtaining any requisite consent. Forensic Risk Alliance handles such Personal Information in accordance with its clients’ instructions.
2) Personal Information Regarding Forensic Risk Alliance Employees: Forensic Risk Alliance may transfer Personal Information regarding Forensic Risk Alliance personnel. This Personal Information may include, without limitation, business contact information, employee ID, job role and reporting line, demographic information, work history, compensation and performance ratings. Forensic Risk Alliance uses such information to administer and manage its business.
Choice and Accountability for Onward Transfer
Information Security and Data Integrity
Forensic Risk Alliance is ISO 27001 certified has reasonable security policies and procedures in place to protect Personal Information from unauthorized loss, misuse, alteration, or destruction. Forensic Risk Alliance’s ISO 27001 certification can be found here https://www.forensicrisk.com/expertise/certifications/certification-iso27001/
Despite Forensic Risk Alliance’s best efforts, however, security cannot be absolutely guaranteed against all threats. To the best of Forensic Risk Alliance’s ability, access to your Personal Information is limited to those who have a need to know.
Forensic Risk Alliance shares Consumer Personal Information with its affiliates and subsidiaries. Forensic Risk Alliance may disclose Consumer Personal Information without offering an opportunity to opt out, and may be required to disclose the Personal Information, (i) to third-party Processors the company has retained to perform services on its behalf and pursuant to its instructions, (ii) if it is required to do so by law or legal process, or (iii) in response to lawful requests from public authorities, including to meet national security, public interest or law enforcement requirements. Forensic Risk Alliance also reserves the right to transfer Personal Information in the event of an audit or if the company sells or transfers all or a portion of its business or assets (including in the event of a merger, acquisition, joint venture, reorganization, dissolution or liquidation).
If Forensic Risk Alliance holds your Personal Information, under most circumstances you have the right to reasonable access to that data to correct any inaccuracies. You can also make a request to update or remove information about you by contacting firstname.lastname@example.org, and Forensic Risk Alliance will make all reasonable and practical efforts to comply with your request, so long as it is consistent with applicable law and professional standards.
Resource, Enforcement and Liability
Forensic Risk Alliance commits to resolve complaints about your privacy and its collection or use of your Personal Information in compliance with the EU-US Privacy Shield Principles. Please contact Forensic Risk Alliance at: email@example.com should you have a Privacy Shield-related (or general privacy-related) complaint.
If you are a resident of the EU/EEA, and you have a complaint related to this Policy that cannot be resolved with Forensic Risk Alliance directly, you may report your claim to the EU/EEA Data Protection Authorities located in your jurisdiction. As further explained in the Privacy Shield Principles, a binding arbitration option will also be made available to you in order to address residual complaints not resolved by any other means.
Forensic Risk Alliance is subject to the investigatory and enforcement powers of the US Federal Trade Commission (FTC).
Questions and Comments
If you have questions or concerns regarding this policy or Forensic Risk Alliance’s Personal Information processing policies, please contact Forensic Risk Alliance at: firstname.lastname@example.org.