Crowe LLP and Crowe Healthcare Risk Consulting LLC (collectively, “Crowe”) comply with the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Crowe has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. This Notice only applies to personal information within the scope of Crowe’s Privacy Shield certification.
Crowe's participation in the Privacy Shield program applies to all personal information that we receive from the European Union, United Kingdom and Switzerland. Crowe collects and receives personal information from the European Union, United Kingdom and Switzerland in connection with client engagements for audit, tax and other professional services and the administration of the client relationship. We also collect and receive personal information related to current, former, and prospective personnel in connection with personnel relationship and/or from other member firms of Crowe Global in connection with employment or internship opportunities. We may also collect personal information from individuals located in the European Union, United Kingdom and Switzerland who voluntarily provide such information through Crowe's Web sites in connection with events or media alerts. Please see the Privacy Statement on our external Web site at www.crowe.com/privacy-policy for more information regarding how we use information collected through our Web sites. In addition, we may collect personal information regarding third parties, such as service providers and contractors, and their personnel in connection with the management and administration of the business relationships with such third parties.
In some instances, we disclose personal information to third parties in the course of operating our business, including our provision of services to clients and our personnel and business relationships. Crowe is responsible for ascertaining that these third parties provide at least the same level of privacy protection as is required by the Privacy Shield Framework. If a third party fails the required Privacy Shield Framework privacy protections, we may be responsible for such third party’s acts if (i) the third party failed to meet its privacy protection obligations, and (ii) we were responsible for the event giving rise to the damage.
The Federal Trade Commission has jurisdiction over Crowe's compliance with the representations made in this notice and the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Frameworks. Crowe may be required to disclose personal information to law enforcement, regulatory or other government agencies, or other third parties, in each case to comply with legal, regulatory, or national security obligations or requests.
Individuals have the right to access their personal information, and to correct, amend or delete such information where it is inaccurate or processed unlawfully, as described in the Privacy Shield Principles. To exercise these rights, please email us at [email protected].
Crowe is committed to responding to any inquiries and resolving any complaints about your privacy and our collection or use of your personal information. Crowe is also committed to cooperating with data protection authorities (DPAs) in the European Union and the United Kingdom and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and complying with the advice given by such authorities with regard to data transferred from the European Union, United Kingdom and Switzerland. To submit an inquiry please contact Crowe by email at [email protected].
With respect to any dispute that cannot be resolved through our internal processes you may file a complaint (i) with your data protection authority with appropriate jurisdiction, if the dispute involves personnel data, and (ii) the Judicial Arbitration and Mediation Services (“JAMS”), which can be contacted at https://www.jamsadr.com/eu-us-privacy-shield, if the dispute relates to any other personal information covered by the certification. Under certain circumstances, you may have the ability to engage in binding arbitration through the Privacy Shield Panel. Please see the Privacy Shield website (https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint) for more information on conditions giving rise to binding arbitration.
This policy may be amended or modified from time to time consistent with the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Frameworks. If there is any conflict between the terms in this Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, please visit www.privacyshield.gov. To view Crowe’s certification, please visit www.privacyshield.gov/list.