Effective date: January 2020
Introduction
Grant Thornton LLP (“Grant Thornton” or “we”) is a national professional services firm which provides assurance, tax, financial advisory, and consulting services to private and publicly-traded businesses, government organizations, as well as to individuals (the “Services”). This Privacy Statement outlines our general policy and practices for protecting personal information that we collect through our Web site at www.grantthornton.com and other Web sites (each, a “Site”) that we operate and in connection with the provision of the Services. This Privacy Statement explains the types of information we gather through our Sites and in connection with our Services, how we use that information, and the choices individuals may exercise regarding our use of, and their ability to correct, that information. By submitting personal information to us, you are consenting to use of your personal information (including any disclosures, processing, and transfers of your information to third parties by Grant Thornton) in accordance with this Privacy Statement. Any consent you provide is entirely voluntary. If you do not accept this Privacy Statement, then you should not submit any personal information to Grant Thornton through this Site or in connection with any Services.
Grant Thornton and certain subsidiaries (Grant Thornton Corporate Finance LLC and Grant Thornton Financial Advisors LLC) participate in the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield programs administered by the U.S. Department of Commerce regarding our collection, use, and retention of personal information transferred from the European Union, the United Kingdom and Switzerland to the United States. Grant Thornton’s participation in the Privacy Shield programs applies to the collection, use, and retention of any personal information transferred from the European Union, European Economic Area, the United Kingdom and Switzerland whether through our Sites or in connection with providing our Services or operating and administering our business. To learn more, please visit Privacy Shield Notice.
Notice, Choice and Use
In order to use this Site, you do not need to send us any personal information. You may voluntarily provide us directly or via our service providers with personal information, such as your name and contact information, by submitting your resume or work history information, subscribing to publications, joining our mailing lists, participation in online surveys or self-assessment tools, registering on the “Log In” page, registering for events (e.g., webcasts, seminars, or conferences), requesting access to specific content, responding to a survey, submitting requests to meet with Grant Thornton representatives or by submitting requests through our “Contact Us” or “Submit RFP” mailboxes. In some instances, we or our service providers using online identification technologies, such as cookies and beacons, may automatically collect certain types of information when you visit our Sites or through the emails we exchange. We may use the personal information you submit through the Site to respond to your requests, send you information about Grant Thornton’s services or events, send you administrative information or notices, send you information about our services, advertise our services to you on other sites or social media platforms, provide a more personalized experience, improve our Site, and for our internal business purposes. If you no longer wish to receive promotional communications from us, you may at any time request that we discontinue sending you such materials by contacting us using the contact information listed below.
We do not seek sensitive personal information on this Site except where we are required to do so as part of the recruitment process. If you choose to apply for a job through our Site, we may collect information such as your name, address and other contact information, work and educational experience, licenses and certifications, and other personal information. Your decision to submit such information is entirely voluntary. We may use this information to process and evaluate your application for employment and to communicate with you about employment opportunities. We may also retain and use this information to identify, and communicate with you about, future potential employment opportunities with us. If we elect to make an offer of employment, this information may become part of the employee file and may be used for other employment and work-related purposes.
In connection with providing Services, Grant Thornton enters into contracts with its clients that describe the purpose for which information (including personal information) is collected and used. Companies that engage Grant Thornton are responsible for obtaining, as required pursuant to law or regulation, consents from parties that provided the company with their personal information, which will be transferred to and used by Grant Thornton to perform the Services requested. Individuals that engage Grant Thornton will be asked to consent to provide their personal information to us to perform the Services requested.
Our legal basis for processing any personal information provided to us is either that (i) you have expressly consented to the practices described in this Privacy Statement by voluntarily providing your personal information to Grant Thornton; (ii) such processing is necessary for the performance of a contract where Grant Thornton has been engaged to provide Services; (iii) to meet legal, regulatory or professional standards obligations; or (iv) to perform activities in furtherance of our lawful and legitimate interests. Examples of such lawful and legitimate interests for use of data in our possession or control include: conducting internal administrative activities, marketing our services and analyzing our marketing efforts, and enhancing and personalizing a visitor’s experience on our Sites.
We do not use profiling or make any decisions based solely on the automated processing of your personal information. We retain personal information for only so long as necessary for the intended purpose for which it was collected, unless a longer retention period is required or permitted by law or our document retention policies based on professional standards and best practices. We may also store your name, email address, and other contact information such as company, title and industry in a customer relationship management tool and use it to manage our relationship with you and/or your company.
Site Logging and IP addresses
As is the case with many commercial Web sites, Grant Thornton automatically logs certain information about visitor access to a Site, which may include a visitor’s internet protocol address, browser type, language, internet service provider, pages and content viewed, referring/exit pages, and/or operating system, as well as date and time stamps. A visitor’s IP address may be used for IT security and systems diagnostic purposes. It may also be used in aggregate form to understand Site usage trends and performance analysis.
Cookies
We use “cookies” which are small data files stored on a visitor’s computer or internet-enabled device that serve a number of purposes such as enhancing your on-line experience when visiting our Sites by remembering elections made, content accessed or downloaded, and responses to forms and surveys. The use of “cookies” is common practice for most Web sites; however, most Web browsers include settings that allow users to decline cookies. If you do not accept our cookies, you may not be able to fully experience some of our Site’s functionality. After you finish browsing our Sites, it is possible for you to delete cookies from your system if you choose to do so.
Further information about managing cookies can be found in your browser’s help file or through sites such as www.allaboutcookies.org or www.cookiecentral.com.
The list below details the types of cookies used on our Web Sites:
| Cookie type |
Description |
Duration |
| Personalization |
We personalize the content we present to you in order to provide a more relevant and valuable experience. This cookie allows us to track the types of content you frequently view and to present similar content.
|
Persistent
Deleted after 2 years
|
| Analytics |
We track activity on our Sites such as pages viewed, time on site, return vs new visitor, and other such analytical measures. We use this cookie to better understand how our Sites are performing. |
Persistent
Deleted after 2 years
|
| Performance |
We track the technical performance of our Sites, including how quickly our pages load, site errors, and other performance-related measures. This cookie helps us identify technical issues related to a Site's performance. |
Persistent
Deleted after 2 years
|
| Survey |
We have a Site visitor survey embedded on most of the pages on our Sites. Visitors who elect to complete the survey provide valuable feedback about their on-site experience. We use this cookie to determine if we have already presented the survey to you, if you have already completed the survey, or if you have chosen to stop seeing the survey. |
Session
Deleted when you close your browser
|
| Social |
We have social sharing options on most of the pages on our Sites. Visitors are able to submit our web pages to popular social sharing sites such as Twitter, LinkedIn, Facebook, and others. Our social sharing service uses this cookie to aggregate the number of times the service is being used. |
Persistent
Deleted after 1 year |
| Marketing |
We, and our marketing partners, track the performance of the marketing efforts for our Sites. We may also use remarketing efforts to encourage return visits to our Web Site. This cookie helps us identify which marketing efforts are driving visitors to our Sites and to help identify visitors so that we may market across the broader Internet. |
Persistent
Deleted after 2 years
|
| Other third party |
We also use a variety of third party tools and widgets on our Sites to provide additional functionality such as onsite search. Use of these tools or widgets may place a cookie on your device to enable functionality, to make their service easier to use, and to ensure your experience is presented properly on our Web Sites' pages. |
Varies |
| Cookie acceptance banner |
We show a cookie banner on some of our Sites to inform visitors that we use cookies to personalize content, to provide social media features, and to analyze our traffic. We also share information about your use of our Site with our social media, advertising, and analytics partners. |
Persistent
Deleted after 180 days
|
BY NAVIGATING ON OUR SITES, YOU AGREE THAT WE CAN PLACE THESE COOKIES AS EXPLAINED ABOVE ON YOUR COMPUTER OR INTERNET ENABLED DEVICE.
Google Analytics
We use the services of Google Analytics, a Web analytics service provided by Google, Inc. (“Google”). This analytical tool uses cookies and other similar technologies to help analyze how visitors use the Sites. For more information about the collection and use of data through Google Analytics, please refer to
www.google.com/policies/privacy/partners. Google offers the ability to opt -out from tracking through Google Analytics cookies. For more information, visit
http://tools.google.com/dlpage/gaoptout. Google has developed the Google Analytics Opt-out Browser Add-on to provide Web site visitors with more choice on how their data is collected by Google Analytics. The add-on communicates with the Google Analytics JavaScript (ga.js) to indicate that information about the Web site visit should not be sent to Google Analytics. The Google Analytics Opt-out Browser Add-on does not prevent information from being sent to the Web site itself or to other Web analytics services.
Web Beacons
We or our digital media service providers also use Web beacons; a small transparent image also referred to as a tracking pixel to help us better understand the effectiveness of our content and advertisement, the interests of our visitors, and to improve visitor experience on the Sites. These beacons allow us to determine which visitors have come to this Site after viewing an advertisement we have served on third party Web sites. We also work with such third parties to collect data so that we can determine the effectiveness of our ads and serve ads targeted to your interests. The use of Web beacons does not provide us with any personal information and we do not use this technology to access your personal information. It is used only to compile aggregated data about visitors to this Site.
Web beacons do not place information on your device, but may work in conjunction with cookies to monitor activity. You have the option to render some Web beacons unusable by rejecting their associated cookies. The Web beacon may still record an anonymous visit from your IP address, but cookie information will not be recorded.
Email communications
In some of our newsletters and other email communications, we may monitor recipient actions such as email open rates through embedded links within the messages. We collect this information to gauge visitor interest and to enhance future visitor experiences.
If you do not wish us to confirm whether you have opened, clicked on or forwarded our communications, you will need to unsubscribe, as it is not possible for us to send these emails without tracking enabled. Registered subscribers can update their communication preferences at any time by following the instructions in the individual email communications you receive from us.
Do Not Track Signals
Some Web browsers incorporate a “do-not-track” or similar feature that signals to Web sites with which the browser communicates that a visitor does not want to have his or her online activity tracked. As of the effective date of this Privacy Statement, not all browsers offer a “do-not-track” option, and “do-not-track” signals are not yet uniform. For this reason, Grant Thornton does not currently respond to “do-not-track” signals.
Third-party Web Services
We at times use Web services from third-parties on this Site to present content within the pages of this Site, e.g. to display videos and social content, to conduct surveys, etc. We cannot prevent these Web services from collecting information on your usage of this embedded content and recommend that you review their respective terms of use and privacy policies for further information.
Social Sharing
We provide visitors the capability to share links to our content via social media and email. This capability connects the visitor directly with their third-party social media sites and email service provider. No personal information, IDs or passwords are made available to or stored by Grant Thornton in connection with this activity. After the content sharing is initiated, all interactions are directly between the user and their respective social media platform or email provider. We recommend reviewing the respective terms of use and privacy policies of your social media sites and email service provider for further information.
Form Auto Fills
We provide visitors the convenience of auto filling Web Site forms with their contact information from LinkedIn. Auto filling forms is voluntary and only provides Grant Thornton with the basic contact information requested in the form. No other personal information, IDs or passwords are made available to or stored by Grant Thornton in connection with this activity. We recommend reviewing the LinkedIn privacy policy for further information at
www.linkedin.com/legal/privacy-policy.
Disclosures and Transfers
Grant Thornton will not disclose an individual’s personal information to third parties, except as set forth in this Privacy Statement, when we have permission to make the disclosure, to advertise our services to you on other sites or social media platforms, or as necessary to fulfill the purpose for which the information was submitted. We also may use or disclose personal information as we believe to be necessary or appropriate (i) under applicable law (including to meet a national security or law enforcement requirement); (ii) to comply with legal process or professional standards; (iii) to protect our rights, privacy, safety or property and/or those of our affiliates or clients; or (iv) in a merger, acquisition or asset sale. We will not transfer the personal information you provide to any third parties for their own direct marketing use. Our service providers will disclose an individual’s personal information to us when the service provider collects the information on our behalf.
Grant Thornton may use third-party service providers to provide administrative, marketing, or operational services to Grant Thornton. Such entities may be located within or outside the United States and, depending upon the services, they may have access to personal information in connection with their services. We require all such service providers to protect the information we entrust to them and to use such information only as necessary to provide services to us.
Additionally, Grant Thornton may disclose and transfer personal information to resource service providers and to other member firms of Grant Thornton International Ltd. (“GTIL”), or within Grant Thornton. Grant Thornton may also disclose and transfer personal information to GT US Shared Services Center India Private Limited and/or the Grant Thornton Knowledge and Capability Center India Private Limited, our affiliates located in Bangalore, India.
The transfers described above may result in data passing from one jurisdiction to another, including to and from the United States, and possibly other countries outside of the European Economic Area, some of which may not have been deemed by the European Commission to ensure an adequate level of protection for personal information.
Accordingly, the level of safeguards and legal protections provided in such other non-European countries may not be as stringent as those under European data protection standards or the privacy laws of some other countries, possibly including your home jurisdiction. Please see our
Privacy Shield Notice for further information.
Third-Party Sites
This Privacy Statement does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third party operating any Web site or service to which the Site links. The inclusion of a link on our Site does not imply endorsement of the linked site or service by us or by our affiliates.
Data Security
The security of your personal information is important to us. We seek to use reasonable physical (e.g. key card office entry, locking doors), technical (e.g. password protection, network firewalls, laptop encryption, authentication mechanisms), and administrative safeguards (e.g. confidentiality agreements, training, procedures that limit access to and use of data) to protect the information we process. However, no method of transferring data over the Internet or storing electronic data is completely secure. Therefore, while we strive to use reasonable and appropriate means to protect your personal information, we cannot guarantee absolute security.
Data Integrity
We process personal information only in ways compatible with the purpose for which it was collected, as subsequently authorized by the individual, or as otherwise permitted by applicable law. To the extent necessary for such purposes, we take reasonable steps to make sure that personal information is accurate, complete, current, and otherwise reliable with regard to its intended use.
Access and Correction
If an individual becomes aware that information we maintain about that individual is inaccurate, or if an individual would like to update or review his or her information, the individual may contact us using the contact information below. We will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate. We may limit or deny access to personal information where providing such access would be unreasonably burdensome or inappropriate under the circumstances. All requests to access or change personal information will be handled in accordance with applicable legal requirements.
Visitors who choose to register with this Site may correct and update their user profiles or unsubscribe from certain communications at any time. Visitors who would like to access or change their profiles should contact us at
webrequests@us.gt.com.
In addition, if you are a resident of Europe, you may have certain rights under European data protection law with respect to your personal information, including the right to request access to, correct, amend, delete, limit the use of, or withdraw your consent for the processing of your personal information. You also may have the right to receive a copy of your personal information in a commonly used and machine-readable format and to transmit such information to another controller.
To request deletion of, access to or to make changes to information, or to otherwise exercise any of your rights in this paragraph, please send us an email at
privacy.questions@us.gt.com. Grant Thornton will take steps to address your request to the extent consistent with and permitted by laws, regulations and professional standards applicable to Grant Thornton and our own internal policies. If you are a client and request that we delete or limit the use of your personal information required to perform our Services, we may not be able to complete our engagement.
Notice to California Residents under CCPA
Pursuant to the California Consumer Privacy Act (CCPA), Grant Thornton makes the following disclosures regarding the personal information collected from a “consumer” within the last twelve (12) months:
| Category of personal information |
Category of source from which data is collected |
Purpose of collection |
Category of third parties to whom data is potentially disclosed |
| Contact information (such as first and last name, e-mail address, mailing address or phone number), and current employer and job title |
Directly from “consumer”; directly or indirectly from our clients or their agents |
To respond to requests; to send information about Grant Thornton’s services or events; to send administrative information or notices; to advertise our services on other Web sites; to communicate in connection with an engagement |
Service providers; marketing vendors; our affiliates in Bangalore, India; other member firms of GTIL |
| Name, address and other contact information, work history, educational experience, licenses and certifications, other professional or employment-related information, full or partial Social Security number, gender, race, ethnicity, citizenship, veteran and disability status |
From “consumer” |
To create an account on Grant Thornton’s online job board; to process applications for employment and communicate about employment opportunities; to evaluate information for employment opportunities |
Service providers; our affiliates in Bangalore, India; background check vendors |
| Automatically collected information from activity on our Sites such as browser information, IP address, and browser type |
Cookies and other tracking technologies (see above) |
To personalize content on our Sites; to track activity on and technical performance of our Sites; to evaluate our marketing efforts; to improve our Sites |
None |
| Personal information collected in the course of providing services and in connection with pre-engagement activities |
Directly from “consumer”; directly or indirectly from our clients or their agents |
To fulfill a contract for services; to perform pre-engagement activities; to enforce our rights arising from any contract, including billing and collections |
Service providers; our affiliates in Bangalore, India; other member firms of GTIL |
Grant Thornton has not sold the personal information of any “consumer” in the twelve (12) months preceding the effective date of this Privacy Statement.
If you are a California resident, under the CCPA you have the right to request:
- the categories and specific pieces of personal information Grant Thornton has collected about you
- the categories of sources from which your personal information is collected
- the business or commercial purpose of collecting or selling your personal information
- the categories of third parties with whom Grant Thornton shares your personal information
- the categories of personal information that Grant Thornton has sold about you and the categories of third parties to whom the personal information was sold (if applicable)
- deletion of your personal information
- an opt-out of having your personal information disclosed or sold to third parties.
To submit a request, or designate an authorized agent to make a request under the CCPA on your behalf, please contact us at
privacy.question@us.gt.com, (844) 488-6060, or complete the web form located
here. To verify your identity when you submit a request, we will match the identifying information you provide us to the personal information we have about you. If you have a past or current relationship with Grant Thornton, we will also verify your identity through our existing records.
Grant Thornton will respond to requests as required by applicable law. We reserve the right to deny a request from an agent that does not submit sufficient proof that the agent has been authorized to act on your behalf. In addition, Grant Thornton will not discriminate against you in the event you exercise any of the aforementioned rights under CCPA, including, but not limited to, by:
- denying services to you
- charging different fees or rates for services, including through the use of discounts or other benefits or imposing penalties
- providing a different level or quality of services to you
- suggesting that you will receive different rates for services or services at a different level or quality
This Privacy Statement is available to consumers with disabilities. To access this Privacy Statement in an alternative downloadable format, please
click here.
Enforcement and Dispute Resolution
We will investigate and attempt to resolve complaints and disputes regarding our use and disclosure of personal information in accordance with this Privacy Statement. We encourage interested persons to raise any concerns with us using the contact information below. Any employee who we determine is in violation of our privacy policies will be subject to disciplinary process.
If you are a resident of Europe and your inquiry with Grant Thornton has not been satisfactorily addressed, or if you believe we are processing your personal information not in accordance with applicable law or this Privacy Statement, you may file a complaint to the Data Protection Authority in your country of residence.
If you are a California resident, you may file a complaint with the California Attorney General’s Office pursuant to the CCPA.
Merger, Change in Ownership and Other Business Transitions
In the event Grant Thornton goes through a business transition, such as a merger, or the acquisition or sale of all or a portion of its assets, your personal information may be among the assets transferred.
Privacy Statement Changes
Grant Thornton reserves the right to amend or modify this Privacy Statement from time to time. We will post any revised Privacy Statement on this Site, or a similar Web site that replaces this Site. By continuing to use any of our Sites, you agree that the terms of this Privacy Statement as of the effective date will apply to information previously collected or collected in the future as permitted by law.
Minors
This Site is not designed for or directed at persons 18 years of age or younger, and we do not intentionally collect information from anyone under the age of 18 through this Site.
How to Contact Us
Questions, comments or complaints about Grant Thornton LLP’s Privacy Statement, Privacy Shield certification, or data collection and processing practices can be e-mailed to
privacy.questions@us.gt.com, or by writing to us using the contact details below:
Corporate Mailing Address:
Grant Thornton LLP
Privacy Office - Risk, Regulatory & Legal Affairs
171 N. Clark Street, Suite 200
Chicago, IL 60601
