Privacy Policy
Concord respects your privacy and is committed to maintaining and responsibly using any information we collect from you on our website. Concord will not distribute or sell any of your information to other parties and by visiting www.concorddt.com you are accepting the practices described in this privacy policy.
Disclaimer
Concord expressly disclaims any duty to update or revise the materials on this site, although we may modify the materials at any time without notice.
By your use of this site, you acknowledge that your use is at your own risk and that you assume full responsibility for all costs associated with all necessary servicing or repairs of any equipment you use in connection with your use of this site. You further acknowledge that Concord shall not be liable for any damages or any kind related to your use of this site. You agree to defend, indemnify and hold Concord harmless from and against any and all claims, damages, costs and expenses, including attorneys’ fees, arising from or related to your use of the site.
Safe Harbor Policy
Introduction
Concord (hereinafter collectively referred to as the “Company,” “we,” “us” or “our”) is an independent provider of litigation support, online managed review and e-Discovery services for the legal industry. We support the majority of the AmLaw 100 Law Firms and the Legal Departments for many Fortune 500 Corporations. The Company adheres both to the U.S.-EU Safe Harbor Framework, including the Safe Harbor Principles concerning the transfer of personal data from the European Union (“EU”) to the United States of America, as well as to the U.S.-Swiss Safe Harbor Framework, including the Safe Harbor Principles concerning the transfer of personal data from Switzerland to the United States (hereafter collectively referred to as the “Safe Harbor Principles.”). Accordingly, we follow the Safe Harbor Principles published by the U.S. Department of Commerce with respect to all such data. If there is any conflict between the policies in this privacy policy and the Safe Harbor Principles, the Safe Harbor Principles shall govern. This privacy policy outlines our general policy and practices for implementing the Safe Harbor Principles, including the types of information we gather, how we use it and the notice and choice affected individuals have regarding our use of and their ability to correct that information. This privacy policy applies to all personal information received by the Company whether in electronic, paper or verbal format.
Data Gathering Activities
The Company gathers data on individuals in a variety of ways both on-line and off-line in the course of its business. This occurs principally when the Company gathers information from its customers in order to bill to the customers the services performed by the Company for such customers.
The Company not only obtains personal information provided by customers at the Company’s specific request, but it may also obtain personal information indirectly from customers and other individuals that visit the Company’s website. The Company’s website may place a “cookie” on the visitor’s computer which not only provides enhanced functionality (by, for example, not requiring passwords to be re-entered but also permits the Company to gather information about, among other things, pages viewed and products purchased by the visitor. The Company also record the IP addresses of website visitors which may, in certain instances, be unique to an individual. Visitors to the Company’s website consent to the Company’s use of cookies and its recording of IP addresses.
The Company may also obtain from its customers data on individuals described in documents or communications that the Company processes for its customers (hereafter “Third Party Data”). The Company also obtains personal information from its employees (hereafter called “Human Resources Data. This privacy policy does not apply to Human Resources Data unless it is transferred from the E.U. or Switzerland to the Company.
This privacy policy also does not cover Third Party Data to the extent that it is not received from the E.U. or Switzerland or, in the event that it is, it is received only by the Company acting as an agent to perform task(s) on behalf of and under the instructions of the customer that disclosed the information.
Definitions
“Personal Information” or “Information” means information that (1) is transferred from the EU or Switzerland to the United States; (2) is recorded in any form; (3) is about, or pertains to a specific individual; and (4) can be linked to that individual. Personal information does not include information that is encoded, anonymized, or publicly available information that has not been combined with non-public personal information. Personal Information does not include information that pertains to or is about a specific individual, but from which that individual could not reasonably be identified.
“Sensitive Personal Information” means personal information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, trade union membership or that concerns an individual’s health.
Principles
Notice
Company shall inform an individual of the purpose for which it collects and uses the Personal Information and the types of non-agent third parties to which the Company discloses or may disclose that Information. Company shall provide the individual with the choice and means for limiting the use and disclosure of their Personal Information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Information to the Company, or as soon as practicable thereafter, and in any event before the Company uses or discloses the Information for a purpose other than for which it was originally collected.
Choice
The Company will offer individuals the opportunity to choose (opt out) whether their Personal Information is (1) to be disclosed to a third party or (2) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. For Sensitive Personal Information, the Company will give individuals the opportunity to affirmatively or explicitly (opt out) consent to the disclosure of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. Company shall treat Sensitive Personal Information received from an individual the same as the individual would treat and identify it as Sensitive Personal Information.
Onward Transfers
Prior to disclosing Personal Information to a third party, Company shall notify the individual of such disclosure and allow the individual the choice (opt out) of such disclosure. Company shall ensure that any third party for which Personal Information may be disclosed subscribes to the Principles or are subject to law providing the same level of privacy protection as is required by the Principles and agree in writing to provide an adequate level of privacy protection. This obligation with regard to onward transfers does not apply to disclosures required by law, regulation, or judicial or administrative order, to disclosures made at the request of law enforcement authorities investigating criminal activities, to disclosures to credit bureaus, or to the Company’s professional advisers such as its lawyers and accountants.
Data Security
Company shall take reasonable steps to protect the Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Company has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the Information from loss, misuse, unauthorized access or disclosure, alteration or destruction. Company cannot guarantee the security of Information on or transmitted via the Internet.
Data Integrity
Company shall only process Personal Information in a way that is compatible with and relevant for the purpose for which it was collected or authorized by the individual. To the extent necessary for those purposes, Company shall take reasonable steps to ensure that Personal Information is accurate, complete, current and reliable for its intended use.
Access
Company shall allow an individual access to their Personal Information and allow the individual to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated. The individual seeking access to or to amend such information will need to provide sufficient identifying information, such as name, address, birth date, and other identifying information that the Company may request as a security precaution.
Enforcement
Company uses a self-assessment approach to assure compliance with this privacy policy and periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented and accessible and in conformity with the Safe Harbor Principles. Any complaints regarding use and disclosure of Personal Information by the Company in accordance with these Principles must first be communicated in writing and in sufficient detail addressed as indicated in the “Contact Information” section below. The Company will then attempt to resolve the complaint. If a complaint or dispute cannot be resolved through our internal process, we agree to dispute resolution using the European Union’s Data Protection Authorities or, in the case of information received from Switzerland, the Swiss Federal Data Protection and Information Commissioner as a third party resolution provider.
Amendments
This privacy policy may be amended from time to time consistent with the requirements of the Safe Harbor Principles. We will post any revised policy on this website, and use of the website constitutes consent to such changes..
Information Subject to Other Policies
The Company is committed to following the Principles for all Personal Information within the scope of the Safe Harbor Agreement. However, certain information is subject to policies of the Company that may differ in some respects from the general policies set forth in this privacy policy.
Contact Information
Questions, comments or complaints regarding the Company’s Safe Harbor Policy or data collection and processing practices can be mailed or emailed to:
Concord
Attn: Legal Department
1321 W. 12th Street
Los Angeles, CA 90015
Effective date: September 1, 2014