Effective date: May 2019
Introduction Grant Thornton LLP (“Grant Thornton” or “we”) is a national professional services firm which provides assurance, tax, financial advisory, and consulting services to private and publicly-traded businesses, government organizations, as well as to individuals (the “Services”). This Privacy Statement outlines our general policy and practices for protecting personal information that we collect through our Web site at www.grantthornton.com and other Web sites (each, a “Site”) that we operate and in connection with the provision of the Services. This Privacy Statement explains the types of information we gather through our Sites and in connection with our Services, how we use that information, and the choices individuals may exercise regarding our use of, and their ability to correct, that information. By submitting personal information to us, you are consenting to use of your personal information (including any disclosures, processing, and transfers of your information to third parties by Grant Thornton) in accordance with this Privacy Statement. Any consent you provide is entirely voluntary. If you do not accept this Privacy Statement, then you should not submit any personal information to Grant Thornton through this Site or in connection with Services.
Grant Thornton participates in the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield programs administered by the U.S. Department of Commerce regarding our collection, use, and retention of personal information transferred from the European Union, the United Kingdom and Switzerland to the United States. Grant Thornton’s participation in the Privacy Shield programs applies to our collection, use, and retention of any personal information transferred from the European Union, European Economic Area, the United Kingdom and Switzerland whether through our Sites or in connection with providing our Services or operating and administering our business. To learn more, please visit www.grantthornton.com/privacy-policy/privacy-shield-notice.aspx.
Notice, Choice and Use In order to use this Site, you do not need to send us any personal information. You may voluntarily provide us with personal information, such as your name and contact information, by subscribing to publications, registering on the “Log In” page, registering for events (e.g., webcasts, seminars, or conferences), requesting access to specific content, responding to a survey, submitting requests to meet with Grant Thornton representatives or by submitting requests through our “Contact Us” or “Submit RFP” mailboxes. In some instances, we or our service providers using online identification technologies such as cookies and beacons may automatically collect certain types of information when you visit our Sites or through the emails we exchange. We may use the personal information you submit through the Site to respond to your requests, send you information about Grant Thornton’s services or events, send you administrative information or notices, send you information about our services, advertise our services to you on other sites or social media platforms, provide a more personalized experience, improve our Site, and for our internal business purposes. If you no longer wish to receive promotional communications from us, you may at any time request that we discontinue sending you such materials by contacting us using the contact information listed below.
We do not seek sensitive personal information on this Site except where we are required to do so as part of the recruitment process. If you choose to apply for a job through our Site, we may collect information such as name, address and other contact information, work and educational experience, licenses and certifications, and other personal information. Your decision to submit such information is entirely voluntary. We may use this information to process and evaluate your application for employment and to communicate with you about employment opportunities. We may also retain and use this information to identify, and communicate with you about, future potential employment opportunities with us. If we elect to make an offer of employment, this information may become part of the employee file and may be used for other employment and work-related purposes.
In connection with providing Services, Grant Thornton enters into contracts with its clients that describe the purpose for which information (including personal information) is collected and used. Companies that engage Grant Thornton are responsible for obtaining, as required pursuant to law or regulation, consents from parties that provided the company with their personal information, which will be transferred to and used by Grant Thornton to perform the Services requested. Individuals that engage Grant Thornton will be asked to consent to provide their personal information to us to perform the Services requested.
Our legal basis for processing any personal information provided to us is either that: (i) you have expressly consented to the practices described in this Privacy Statement by voluntarily providing your personal information to Grant Thornton, (ii) such processing is necessary for the performance of a contract where Grant Thornton has been engaged to provide Services, (iii) to meet legal, regulatory or professional standards obligations, or (iv) to perform activities in furtherance of our lawful and legitimate interests. Examples of such lawful and legitimate interests for use of data in our possession or control include: conducting internal administrative activities; marketing our services and analyzing our marketing efforts; and enhancing and personalizing a visitor’s experience on our Sites.
We do not use profiling or make any decisions based solely on the automated processing of your personal information. We retain personal information for only so long as necessary for the intended purpose for which it was collected, unless a longer retention period is required or permitted by law or our document retention policies based on professional standards and best practices. We may also store your name, email address, and other contact information such as company, title and industry in a customer relationship management tool and use it to manage our relationship with you and/or your company.
Site Logging and IP addresses
As is the case with many commercial Web sites, Grant Thornton automatically logs certain information about visitor access to the Site, which may include a visitor’s internet protocol address, browser type, language, internet service provider, pages and content viewed, referring/exit pages, operating system, as well as date and time stamps. A visitor’s IP address may be used for IT security and systems diagnostic purposes. It may also be used in aggregate form to understand Site usage trends and performance analysis.
CookiesWe use “cookies” which are small data files stored on a visitor’s computer or internet-enabled device that serve a number of purposes such as enhancing your on-line experience when visiting our Sites by remembering elections made, content accessed or downloaded, and responses to forms and surveys. The use of “cookies” is common practice for most Web sites; however, most Web browsers include settings that allow users to decline cookies. If you do not accept our cookies, you may not be able to fully experience some of our Site’s functionality. After you finish browsing our Sites, it is possible for you to delete cookies from your system if you choose to do so.
Further information about managing cookies can be found in your browser's help file or through sites such as www.allaboutcookies.org or www.cookiecentral.com/faq/.
The list below details the types cookies used on our Web Sites:
BY NAVIGATING ON OUR SITES, YOU AGREE THAT WE CAN PLACE THESE COOKIES AS EXPLAINED ABOVE ON YOUR COMPUTER OR INTERNET ENABLED DEVICE.
||We personalize the content we present to you in order to provide a more relevant and valuable experience. This cookie allows us to track the types of content you frequently view and to present similar content.
Deleted after 2 years
||We track activity on our Sites such as pages viewed, time on site, return vs new visitor and other such analytical measures. We use this cookie to better understand how our Sites are performing.
Deleted after 2 years
||We track the technical performance of our Sites, including how quickly our pages load, site errors, and other performance-related measures. This cookie helps us identify technical issues related to a Site's performance.
Deleted after 2 years
||We have a Site visitor survey embedded on most of the pages on our Sites. Visitors who elect to complete the survey provide valuable feedback about their on-site experience. We use this cookie to determine if we have already presented the survey to you, if you have already completed the survey, or if you have chosen to stop seeing the survey.
Deleted when you close your browser
||We have social sharing options on most of the pages on our Sites. Visitors are able to submit our web pages to popular social sharing sites such as Twitter, LinkedIn, Facebook, and others. Our social sharing service uses this cookie to aggregate the number of times the service is being used.
Deleted after 1 year
||We, and our marketing partners, track the performance of the marketing efforts for our Sites. We also may use remarketing efforts to encourage return visits to our Web Site. This cookie helps us identify which marketing efforts are driving visitors to our Sites and to help identify visitors so that we may market across the broader Internet.
Deleted after 2 years
|Other third party
||We also use a variety of third party tools and widgets on our Sites to provide additional functionality such as onsite search. Use of these tools or widgets may place a cookie on your device to enable functionality, to make their service easier to use, and to ensure your experience is presented properly on our Web Sites' pages.
. Google offers the ability to opt out from tracking through Google Analytics cookies; for more information, visit http://tools.google.com/dlpage/gaoptout
We or our digital media service providers also use Web beacons; a small transparent image also referred to as a tracking pixel to help us better understand the effectiveness of our content and advertisement, the interests of our visitors, and to improve the experience on the Sites. These beacons allow us to determine which visitors have come to this Site after viewing an advertisement we have served on third party Web sites. We also work with such third parties to collect data so that we can determine the effectiveness of our ads and serve ads targeted to your interests. The use of Web beacons does not provide us with any personal information and we do not use this technology to access your personal information. It is used only to compile aggregated data about visitors to this Site.
Web beacons do not place information on your device, but may work in conjunction with cookies to monitor activity. You have the option to render some Web beacons unusable by rejecting their associated cookies. The Web beacon may still record an anonymous visit from your IP address but cookie information will not be recorded.
In some of our newsletters and other email communications, we may monitor recipient actions such as email open rates through embedded links within the messages. We collect this information to gauge visitor interest and to enhance future visitor experiences.
If you do not wish us to confirm whether you have opened, clicked on or forwarded our communications, you will need to unsubscribe, as it is not possible for us to send these emails without tracking enabled. Registered subscribers can update their communication preferences at any time by following the instructions in the individual email communications you receive from us.
Do Not Track Signals
Some Web browsers incorporate a “do-not-track” or similar feature that signals to Web sites with which the browser communicates that a visitor does not want to have his or her online activity tracked. As of the effective date of this Privacy Statement, not all browsers offer a “do-not-track” option and “do-not-track” signals are not yet uniform. For this reason, Grant Thornton does not currently respond to “do-not-track” signals.
Third-party Web Services
Form Auto Fills
Disclosures and Transfers
Grant Thornton will not disclose an individual’s personal information to third parties, except as set forth in this Privacy Statement, when we have permission to make the disclosure, or as necessary to fulfill the purpose for which the information was submitted. We also may use or disclose personal information as we believe to be necessary or appropriate (a) under applicable law (including to meet a national security or law enforcement requirement), (b) to comply with legal process or professional standards, (c) to protect our rights, privacy, safety or property and/or those of our affiliates or clients; or (d) in a merger, acquisition or asset sale.
Grant Thornton may use third-party service providers to provide administrative or operational support to Grant Thornton. Such entities may be located within or outside the United States and, depending upon the services, they may have access to personal information in connection with their services. We require all such service providers to protect the information we entrust to them and to use such information only as necessary to provide services to us.
Additionally, Grant Thornton may disclose and transfer personal information to resource service providers and to other member firms of Grant Thornton International Ltd., or within Grant Thornton. Grant Thornton may also disclose and transfer personal information to GT US Shared Services Center India Private Limited (“GTSSC”) and/or the Grant Thornton Knowledge and Capability Center India Private Limited (“KCC”), our affiliates located in Bangalore, India.
The transfers described above may result in data passing from one jurisdiction to another, including to and from the United States, and possibly other countries outside of the European Economic Area, some of which may not have been deemed by the European Commission to ensure an adequate level of protection for personal information.
Accordingly, the level of safeguards and legal protections provided in such other non-European countries may not be as stringent as those under European data protection standards or the privacy laws of some other countries, possibly including your home jurisdiction. Please see our Privacy Shield Notice
for further information.
This Privacy Statement does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third party operating any Web site or service to which the Site links. The inclusion of a link on our Site does not imply endorsement of the linked site or service by us or by our affiliates.
The security of your personal information is important to us. We seek to use reasonable physical (e.g. key card office entry, locking doors), technical (e.g. password protection, network firewalls, laptop encryption, authentication mechanisms), and administrative safeguards (e.g. confidentiality agreements, training, procedures that limit access to and use of data) to protect the information we process. However, no method of transferring data over the Internet or storing electronic data is completely secure. Therefore, while we strive to use reasonable and appropriate means to protect your personal information, we cannot guarantee absolute security.
We process personal information only in ways compatible with the purpose for which it was collected, as subsequently authorized by the individual, or as otherwise permitted by applicable law. To the extent necessary for such purposes, we take reasonable steps to make sure that personal information is accurate, complete, current, and otherwise reliable with regard to its intended use.
Access and Correction
If an individual becomes aware that information we maintain about that individual is inaccurate, or if an individual would like to update or review his or her information, the individual may contact us using the contact information below. We will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate. We may limit or deny access to personal information where providing such access would be unreasonably burdensome or inappropriate under the circumstances. All requests to access or change personal information will be handled in accordance with applicable legal requirements.
Visitors who choose to register with this Site may correct and update their user profiles or unsubscribe from certain communications at any time. Visitors who would like to access or change their profiles should contact us at email@example.com
In addition, if you are a resident of Europe, you may have certain rights under European data protection law with respect to your personal information, including the right to request access to, correct, amend, delete, limit the use of, or withdraw your consent for the processing of your personal information. You also may have the right to receive a copy of your personal information in a commonly used and machine-readable format and to transmit such information to another controller.
To request deletion of, access to or to make changes to information, or to otherwise exercise any of your rights in this paragraph, please send us an email at firstname.lastname@example.org
. Grant Thornton will take steps to address your request to the extent consistent with and permitted by laws, regulations and professional standards applicable to Grant Thornton and our own internal policies. If you are a client and request that we delete or limit the use of your personal information required to perform our Services, we may not be able to complete our engagement.
Enforcement and Dispute Resolution
We will investigate and attempt to resolve complaints and disputes regarding our use and disclosure of personal information in accordance with this Privacy Statement. We encourage interested persons to raise any concerns with us using the contact information below. Any employee who we determine is in violation of our privacy policies will be subject to disciplinary process.
If you are a resident of Europe and your inquiry with Grant Thornton has not been satisfactorily addressed, or if you believe we are processing your personal information not in accordance with applicable law or this Privacy Statement, you may file a complaint to the Data Protection Authority in your country of residence.
Merger, Change in Ownership and Other Business Transitions
In the event Grant Thornton goes through a business transition, such as a merger, or the acquisition or sale of all or a portion of its assets, your personal information may be among the assets transferred.
Privacy Statement Changes
Grant Thornton reserves the right to amend or modify this Privacy Statement from time to time. We will post any revised Privacy Statement on this Site, or a similar Web site that replaces this Site. By continuing to use any of our Sites, you agree that the terms of this Privacy Statement as of the effective date will apply to information previously collected or collected in the future as permitted by law.
This Site is not designed for or directed at persons 18 years of age or younger, and we do not intentionally collect information from anyone under the age of 18 through this Site.
How to Contact Us
Questions, comments or complaints about Grant Thornton LLP’s Privacy Statement, Privacy Shield certification, or data collection and processing practices can be e-mailed to email@example.com, or by writing to us using the contact details below:
Corporate Mailing Address:
Grant Thornton LLP
Privacy Office - Risk, Regulatory & Legal Affairs
171 N. Clark, Suite 200
Chicago, IL 60601