AlixPartners, LLP and its affiliated companies (collectively referred to as “AlixPartners”, “we”, “us” and “our”) are fully committed to respecting the privacy rights of individuals, and to compliance with data protection laws in all jurisdictions in which we operate.

The purpose of this privacy policy is to explain how and why we collect, use, transfer (“Process”) and protect personal data relating to our:

· clients and prospective clients, including their current/former personnel and shareholders;

  • business contacts;
  • subscribers;
  • visitors to www.alixpartners.com and other AlixPartners owned domains (“Websites”);
  • suppliers;
  • visitors to our offices; and

· other individuals who interact with our services and Websites, or whose personal data it is necessary for us to process in order to provide our services.

This policy also provides information about the rights and choices these individuals have in relation to the use of their personal data. “Personal Data” means any information which relates to an identified or identifiable individual. As our business evolves, we may make changes to the ways in which we process personal data, and we reserve the right to modify this policy from time to time. We therefore recommend that you check this page periodically to ensure you are aware of any changes. If we do make any such changes, we will amend the date at the top of this policy to reflect the date that such update occurred. If we make material changes to our information practices and your privacy rights may be affected, we will endeavour to bring these to your attention before these changes take effect.

It is also important to read this policy together with any other privacy policy or fair processing notice we may provide when we are collecting or processing personal data about you, so that you are fully aware of how and why we are using your data. This policy supplements such other notices and privacy policies, and is not intended to override them.

If you submit personal data on our Websites, you agree to the collection and use of such personal data as described in this policy. You are not obliged to supply any personal data via the Websites but may choose to complete an online form, join a mailing list, or send us an enquiry. If you do so, we will use that information for the purpose for which it was provided, and in accordance with this policy. If you do not agree to the processing detailed below, please do not submit your personal data via the Websites.

Who we are

AlixPartners operates worldwide as a limited liability partnership organized under the laws of Delaware, USA. It has affiliated companies operating in Europe, the Middle East, Asia, North America and South America. For more information on AlixPartners’ international operations, including contact information, click here .

For the purposes of the data protection laws which apply to our operations, the relevant AlixPartners group company (or companies) with which you are dealing will act as a “Data Controller” or “Business” in relation to your personal data. This means that AlixPartners determines both the purpose for which, and the means by which, personal data is processed.

There may also be situations when we represent our clients in which we process personal data on behalf of, and at the direction of, our clients. Such processing is subject to our client agreements and professional responsibilities. Those situations are not covered by this policy.

Why do we collect Personal Data?

We collect and use personal data in the course of our business activities for a variety of purposes, as further described in this section. We will only process the personal data that is necessary in order to achieve these purposes, which include:

  • providing professional services to our clients;

· gaining a better understanding of our clients’ needs, and making continuous improvements to our services and Websites;

· establishing and administering business relationships with contacts of the firm or our personnel;

· complying with our legal, regulatory and contractual obligations and enforcing our rights;

· notifying individuals about resources, services, news, opportunities, offers and events which we believe will be of interest to them;

  • procuring services and managing our relationships with suppliers;
  • addressing inquiries and requests we receive from individuals;

· where you have provided your consent, tailoring your experience of the Websites to provide you with material of greatest interest to you;

· where you have provided your consent, measuring and improving the effectiveness of our marketing initiatives;

· managing events and meetings, including those hosted by the firm at our premises; and

  • enhancing, developing and reorganising our business.

We also collect personal data in connection with our recruitment activities. The collection and processing of personal data for these purposes is addressed in our Recruitment Privacy Policy.

The Personal Data that we collect

 

Personal data relating to you that we process may include the following:

 

Identity Data”: including first name, maiden name, last name, username or similar identifier, marital status, title, social media handle, date of birth, gender, photograph, likeness, image, your job function, your employer or department;

Contact Data”: including email address, billing address, postal address, and telephone numbers including frequency of contact (these details may relate to your work or to you as an individual, depending on the nature of our relationship with you or the company you work for);

Financial and Payment Data”: including bank account, other payment method details and other information needed for processing payments and fraud prevention;

Transaction Data”: including details about payments to and from you and other details of services you have received from us (or, if you are a supplier, details of services you provide to us), including the dates they occurred;

Professional Data”: including your employer, job title, email address, phone number, addresses, and areas of specialism/expertise;

Professional History Data”: including your professional experience, previous employers, positions, locations, and contacts within AlixPartners;

Client Data”: including information about how you use our services and Websites, and any other information you provide to us in the course of our contractual or client relationship with you or is otherwise voluntarily provided by you, as well as personal data which can include Identity, Contact, Financial, Transaction and Profile Data relating to you and/or your family members, beneficiaries, employees or employers, or other third parties about whom we are required to process personal data by law, or under the terms of a contract we have with you;

Attendance Data”: including details of your attendance at any of our premises or any events we host that you attend, including CCTV footage, meeting recordings, and other information relating to access to our premises or services obtained through electronic means, such as swipe card records, WiFi connections, or visitor logs;

Special Category Data”: including data from which we can infer an individual’s race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data (e.g. fingerprint or voice print), physical or mental health or condition, sexual life or orientation, or data relating to actual/alleged criminal offences committed and any penalty or sentence imposed;

Screening Data”: including data we are required by law to collect in connection with our client due diligence and onboarding procedures, and may include ownership of corporate and other legal entities, information which reveals a conflict of interest with another client of the firm, data revealed from conducting anti-money laundering, proceeds of crime and terrorist financing checks, government sanctions list checks, and politically exposed persons checks (i.e. checks relating to individuals with prominent roles in government, the judiciary, courts, central banks, embassies, state-owned enterprises or the military, including family members and associates of such persons);

"Profile Data”: including information about you, provided by you on our electronic portals and platforms such as your usernames and passwords, purchases or orders made by you, your interests, biography, profile settings, date of registration and current state of registration, account status and level of access, and information from forms you complete including enquiries you make to us, responses to surveys and feedback you provide to us;

Usage Data”: including information about your use of our Websites, as well as our local area networking facilities (including WiFi) and similar electronic services, such as information collected when you visit our Websites, electronic portals and platforms including your referral website, pages you visit, actions you take, information on last viewed/visited site and details of the content viewed, including when and how many times the content was viewed, patterns of page visits, time details per visit (e.g. visit duration, number of visits, time spent on each page, frequency of visits), details about the path followed with special reference to the sequence of pages visited, interactions, functionalities and modules used, and chat messages;

Marketing and Communications Data”: including your marketing and communication preferences, such as your preferred language of communication and content, alert and display preferences, content type and desired frequency of email alerts, content that interests you (including industry sectors, topics and jurisdictions), information about events to which you or your colleagues are invited, and your personal data and preferences to the extent that this information is relevant to organising and managing those events (this may include your dietary requirements but excludes any Special Category Data); and

Technical Data”: including:

· The Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;

· Information about your visit to our Websites, such as the full Uniform Resource Locators (URL), clickstream to, through and from our Websites (including date and time), services viewed or searched for, page response times, download errors, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from a page, any phone number used to call our central switchboard number, and direct dials or social media handles used to connect with our consultants or other employees; and

· Location data which we may collect through our Websites and which provides your real-time location in order to provide location services (where requested or agreed to by you), or deliver content or other services that depend on knowledge of your location. This information may also be collected in combination with an identifier associated with your device, to enable us to recognise your mobile browser or device when you return to the Websites. Delivery of location services will involve reference to one or more of the following: (a) the coordinates (latitude/longitude) of your location; (b) look-up of your country of location by reference to your IP address against public sources; and/or (c) your Identifier for Advertisers (IFA) code for your Apple device, or the Android ID for your Android device, or a similar device identifier. For more information on the use of cookies and device identifiers on the Websites, visit our Cookies page.

In the tables below we have set out in further detail the types of information may collect for our various business activities, where or from whom we get this information, and why we require this information. In some instances, it will be necessary for you provide personal data to us so that we can provide services to you (or your employer), respond to a request that you make to us, and/or comply with our legal, regulatory or contractual obligations.

Providing our services to clients and services to visitors to our premises

Purpose/Activity

Types of Data

Data Source(s)

Lawful Basis for Processing

To deliver client services and visitor services to you, including providing consulting services, technology products and solutions, and conference facilities

Identity Data

Contact Data

Financial Data

Services Data

Attendance Data

Profile Data

Usage Data

Technical Data

Marketing and Communications Data

Professional Data

Directly from the individual

Provided by client or another business contact

Generated by the firm in the course of providing the relevant service or administering client relationship

Legitimate Interest (ensuring we provide the best possible client and visitor services, and ensuring that we can secure prompt payment of any fees and costs incurred in relation to our services)

Legal or regulatory obligation

Performance of a contract

Managing our relationship with you, including notifying you about changes to our terms of business

Identity Data

Contact Data

Profile Data

Marketing and Communications Data

Professional Data

Directly from the individual

Provided by client or another business contact

Generated by the firm in the course of providing the relevant service or administering client relationship

Legitimate Interest (ensuring we are able to notify clients about changes to our terms of business)

Legal or regulatory obligation

Performance of a contract

Invoicing and accounting, managing fees, charges and payments, and the collection and recovery of sums owed

Identity Data

Contact Data

Financial Data

Services Data

Professional Data

Directly from the individual

Provided by client or another business contact

Generated by the firm in the course of providing the relevant service or administering client relationship

Performance of a contract

Legitimate Interest (ensuring we can manage fees, payments and charges and recovery monies owed to us)

CCTV and other monitoring for security and health and safety

Identity Data

Contact Data

Attendance Data

Professional Data

Special Category Data

Directly from the individual

Provided by client or another business contact

Security and access systems controlled by AlixPartners or the third party managing our premises

Legitimate Interests (maintaining public health and safety, ensuring the security of our premises, assisting in the prevention of crime and facilitating the apprehension of offenders)

To respond to requests and interact with governmental or regulatory agencies

Identity Data

Contact Data

Services Data

Professional Data

Special Category Data

 

Legal or regulatory obligation

Performance of a contract

Public Interest

To manage and protect our business, to test, monitor and improve security, test, diagnose and troubleshoot issues with our systems and conduct maintenance, data hosting, and management of our premises and facilities

Identity Data

Contact Data

Attendance Data

Profile Data

Usage Data

Technical Data

Marketing and Communications Data

Professional Data

Directly from the individual

Provided by client or another business contact

Systems controlled by AlixPartners or the third parties managing or supporting our premises, systems, equipment or technologies

Legitimate Interest (ensuring we can protect, develop and improve our business)

Legitimate Interest (ensuring the efficient and secure operation of our business, including the security and administration of our offices, facilities, IT systems and data)

Legitimate Interest (maintaining the security of our data, systems and equipment, prevention of crime and facilitating the apprehension of offenders)

Recording or monitoring telephone or video calls made or received by our networks, or of events that we organise

Identity Data

Contact Data

Professional

Data

Services Data

Special Category Data

Directly from the individual

Systems controlled by AlixPartners or the third parties managing or supporting our premises, systems, equipment or technologies

Legitimate Interest (ensuring that we can accurately record information, opinions, and advice)

Legitimate Interest (monitoring compliance with our policies and procedures, complying with applicable laws and regulations, prevention and detection of crime, and monitor effective use of the firm’s networks and systems)

Consent (where you provide consent for events or meetings to be recorded)

Marketing and Business Development Activities

Purpose/Activity

Types of Data

Data Source(s)

Lawful Basis for Processing

To identify products, services and content that may be of interest to you and to send you relevant communications (including by post, email, social media or social networking websites) or to contact you by other means to inform you about our services

Identity Data

Contact Data

Services Data

Attendance Data

Profile Data

Usage Data

Technical Data

Marketing and Communications Data

Professional Data

Professional History Data

Special Category Data

Directly from the individual

Provided by client or another business contact

Generated by the firm in the course of providing the relevant service or administering client relationship

Legitimate Interest (promoting our products and services and seeking to develop our business)

Consent

To invite you to events that we or our partners organise including talks, seminars, conferences and promotional events, and managing your participation in them

Identity Data

Contact Data

Services Data

Attendance Data

Profile Data

Usage Data

Technical Data

Marketing and Communications Data

Professional Data

Professional History Data

Special Category Data

Directly from the individual

Provided by client or another business contact

Generated by the firm in the course of providing the relevant service or administering client relationship

Legitimate Interest (promoting our products and services and seeking to develop our business)

Consent

Client Onboarding and Due Diligence

Purpose/Activity

Types of Data

Data Source(s)

Lawful Basis for Processing

To onboard you as a client or to open a new matter for you, including conducting sanctions screening, anti-money laundering, anti-terrorism, fraud and other appropriate background checks

Identity Data

Contact Data

Financial Data

Services Data

Professional Data

Professional

History Data

Screening Data

Special Category Data

Directly from the individual

Provided by the client or another business contact

Public registers of company directors and shareholdings

Credit reference agencies

Regulatory bodies

Government departments and agencies

Verification services providers

Searches of publicly available information

Legal or regulatory obligation

Legitimate Interest (prevention or detection of crime and ensuring we do not deal with the proceeds of any criminal activities)

Performance of a contract

To conduct checks to determine whether we could have a conflict of interest in providing services to an actual or potential client, including checks on potential adverse parties in litigation matters

Identity Data

Contact Data

Financial Data

Services Data

Professional Data

Professional History Data

Special Categories of Personal Data

Directly from the individual

Provided by the client or another business contact

Public registers of company directors and shareholdings

Searches of publicly available information

Legal or regulatory obligation

Legitimate Interest (ensuring all relevant parties are made aware of potential conflicts of interest which may arise in the provision of our services)

Performance of a contract

 

Engaging with Suppliers

We may process your personal data if you supply goods or services to AlixPartners. For the purposes of this policy, the term “Supplier” shall include any vendor, representative(s) of a vendor, or any other parties providing goods or services to AlixPartners. However, this policy does not apply to Fixed Term Workers, Interns, Independent Contractors, Subcontractors, or Employment Agency Workers (collectively “Third Party Suppliers” or “TSPs”). If you are a TSP, you will receive a separate privacy notice during your onboarding process.

Purpose/Activity

Types of Data

Data Source(s)

Lawful Basis for Processing

To appoint you as a supplier, including conducting checks for potential conflicts of interest, sanctions screening, anti-money laundering, anti-terrorism, fraud and other appropriate background checks

 

Identity Data

Contact Data

Financial Data

Transaction Data

Professional Data

Screening Data

Special Category Data

Directly from the individual

Provided by the supplier or another business contact

Public registers of company directors and shareholdings

Credit reference agencies

Regulatory bodies

Government departments and agencies

Verification services providers

Searches of publicly available information

Performance of a contract

Legal or regulatory obligation

Legitimate Interest (prevention or detection of crime and ensuring we do not deal with the proceeds of any criminal activities)

Legitimate Interest (ensuring we are aware of potential conflicts of interest which may arise in the procurement of your services)

Managing fees, charges and payments to suppliers and administering supplier relationships

Identity Data

Contact Data

Financial Data

Transaction Data

Professional Data

Directly from the individual

Provided by the supplier or another business contact

Performance of a contract

Legitimate Interest (ensuring we can manage fees, payments and charges and administer supplier relationships efficiently)

Where a supplier is granted access to our systems or premises, to manage and protect our business, to test, monitor and improve security, test, diagnose and troubleshoot issues with our systems and conduct maintenance, data hosting, and management of our premises and facilities

Identity Data

Contact Data

Attendance Data

Profile Data

Usage Data

Technical Data

Professional Data

Directly from the individual

Provided by the supplier or another business contact

Systems controlled by AlixPartners or the third parties managing or supporting our premises, systems, equipment or technologies

Legitimate Interest (ensuring the efficient and secure operation of our business, including the security and administration of our offices, facilities, IT systems and data)

Legitimate Interest (maintaining the security of our data, systems and equipment, prevention of crime and facilitating the apprehension of offenders)

Information you submit via the Websites

Purpose/Activity

Types of Data

Data Source(s)

Lawful Basis for Processing

To manage and protect our Websites, to test, monitor and improve security, test, diagnose and troubleshoot issues with our systems and conduct maintenance, data hosting, and management of our systems

Identity Data

Contact Data

Usage Data

Technical Data

Directly from the individual

Systems controlled by AlixPartners or the third parties managing or supporting our premises, systems, equipment or technologies

Legitimate Interest (ensuring the effective and secure operation of our Websites)

Delivering relevant content to you via our Websites, and monitoring and measuring the effectiveness of the content that we provide

Identity Data

Contact Data

Usage Data

Technical Data

Directly from the individual

Systems controlled by AlixPartners or the third parties managing or supporting our premises, systems, equipment or technologies

Legitimate Interest (promoting our content, products and services and seeking to develop our business)

Improving our Websites, services, content, marketing efforts, communications and visitor experiences and relationships through data analytics

Usage Data

Technical Data

Systems controlled by AlixPartners or the third parties managing or supporting our premises, systems, equipment or technologies

Legitimate Interest: (understanding how visitors interact with our Websites, gaining insights into their user experience and seeking continuous improvement to develop our business)

We may also produce, use, store and share aggregated information such as statistical or demographic data, either for us to use for our own internal purposes, or to share with third parties. Aggregated information may be derived from personal data but is no longer considered personal data under data protection laws once individual identifiers have been removed. We may, for instance, aggregate data regarding our users’ navigation of the Websites to understand the proportion of visitors that access particular Website features or content. However, if we combine aggregate data with your personal data so that we can directly or indirectly identify you, we would treat this combined data as personal data and use it in accordance with this policy (or such other notice we may send to you which relates to such processing).

Disclosure and International Transfers of Personal Data

We may share your personal data between AlixPartners entities and to certain third parties on a confidential basis, where this is necessary for the legitimate purposes set out in this policy. This may involve transferring personal data to entities located outside of the UK, Switzerland, the EU or the EEA, including countries which do not provide the same level of protection for personal data. In such cases, we will put in place appropriate measures designed to ensure that such personal data is given adequate protection at its destination, in compliance with applicable laws. This may include the European Commission’s Standard Contractual Clauses, which can be found here . We may also provide personal data to organisations certified under the EU-US Data Privacy Framework (“DFT”).

A list of the countries in which AlixPartners entities are located and who may receive Personal Data is available on our Websites.

AlixPartners does not sell, license or otherwise distribute your personal data; nor do we share your personal data with unaffiliated third parties for their independent use, except where:

· you have provided your express consent or specific instructions for us to do so;

· we are required to do so to comply with legal or regulatory obligations;

· we are permitted to do so by law;

· such disclosure is otherwise described in this policy.

We may share your personal data with our professional advisors and other trusted third party service providers (for example, companies that provide web-hosting services, cloud storage providers, mailing vendors, analytics providers). Where we do share your personal data we require the receiving entity or individual to respect its confidentiality, ensure it is kept securely and only be used in accordance with applicable laws. We permit such recipients to use the data we share only for limited, specified purposes and in accordance with our instructions.

We may also share your personal data with advisers, services providers, potential transactional partners or other third parties if we consider, or enter into negotiations or complete any transaction whereby we sell, transfer or merge parts of our business or assets. Alternatively, we may choose to acquire other businesses or merge with them. In the event of such a change to our business, the new owners or the combined organisation may use your personal data in the same way as set out in this policy.

Security

Having regard to the state of the art, the costs of implementation and the nature, scope, context and purpose of processing as well as the risk of varying likelihood and severity for the rights and freedoms of individuals, we implement and maintain appropriate technical, organisational and physical safeguards to ensure a level of security which is appropriate to the risk of processing your personal data. We take reasonable measures to restrict access so that only those who require such access to your personal data in order to fulfil the purposes set out in this policy are granted such access. We ensure that individuals who have regular access to personal data are obliged to protect its confidentiality and receive appropriate training regarding their rights and obligations when processing personal data.

However, no information system can be completely secure and we cannot guarantee the protection of any personal data you choose to transmit to our Websites.

Children’s Privacy

AlixPartners is committed to compliance with the Children’s Online Privacy Protection Act (“COPPA”). The AlixPartners Websites are not intended for use by children under the age of 16. We do not knowingly collect personal data from children under the age of 16 for the purposes set out in this policy and request that such individuals do not submit any personal data to us via our Websites. We recommend that schools and parents remind their children to handle their personal data securely and responsibly on the Internet, supervise their children’s online activities and consider the use of other means to provide a child-friendly online environment.

Linking to other websites

The Websites contain links to other websites which are not operated by AlixPartners. These links are provided solely as a convenience to you. If you use these links, you will leave our Websites and this policy will not apply to the site you navigate to. We have not reviewed these sites or their privacy policies, have no control over them, and assume no responsibility for the contents provided by third parties. If you decide to access any of these sites you should understand that you do so at your own risk, and we strongly suggest you review their privacy policies to ensure you are comfortable with their use of your personal data.

Retention of your personal data

We will only retain your personal data as reasonably necessary to achieves the purposes for which we collected it, including for the purposes of complying with any legal, regulatory, tax, accounting or reporting requirements. The duration will vary depending on the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. We may retain your personal data for a longer period in the event that we receive a complaint, or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

We will respond promptly and in accordance with our obligations to delete your data if we receive a valid request to do so. To exercise your data rights, see the “Your data rights” section below.

Your data rights

As an international firm AlixPartners operates in a number of jurisdictions which require differing levels of protection for personal data, and which confer various rights which individuals may exercise in relation to their data. Depending upon the applicable law, you may have the right:

· to know the: (i) specific pieces of personal data collected; (ii) categories of personal data; (iii) categories of sources of personal data; (iv) business or commercial purpose for collecting personal data; (v) categories of personal data disclosed for a business purpose; (vi) categories of third parties to whom the personal data is shared;

· to request access to certain personal data relating to you that we process;

· to have personal data corrected, for example if it is incomplete or inaccurate;

  • to opt-out of receiving marketing communications at any time;

· to request that personal data is deleted, subject to exceptions that may apply under applicable laws;

  • to object to the processing of personal data;

· to receive a copy of personal data which you have provided to us in a commonly used electronic format (commonly known as “data portability”). This right only applies if the processing is carried out by automated means and is either: (a) is based on your consent; or (b) necessary for the performance of a contract;

· to withdraw your consent, where you have provided personal data voluntarily or otherwise consented to its use;

· not to be discriminated against if you exercise any rights conferred on you by the California Consumer Privacy Act of 2018;

· to bring a complaint to a Data Protection Authority. If you are in the European Union, this will be the Data Protection Authority in the country in which you are located. If you are in the United Kingdom, this will be the Information Commissioner’s Office . If you are in Switzerland, this will be the Federal Data Protection and Information Commissioner .

If you would like to find out which of these rights apply to you or wish to exercise any of these rights, please select the appropriate link below and complete the form:

If you are in the UK, Switzerland, or the European Economic Area (EEA), please click here.

If you are in Argentina, please click here.

If you are in California, please click here.

If you are in any other jurisdiction, please click here.

California residents may also exercise their rights by calling our toll-free number (844) 441-9869 and entering the PIN 605300 when prompted. You may also appoint an agent to submit a request on your behalf.

If you seek to exercise your rights, we may request that you prove your identity to us by providing us with a copy of a valid means of identification. This is a security measure designed to ensure that we do not disclose personal data to anyone who is not entitled to receive it. We may also request that you provide us with further information in order help us respond to your request efficiently.

You will generally not have to pay a fee in order to access your personal data. However, we may charge you a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

We try to respond to all legitimate requests within one month and in any event in compliance with our legal obligations. However, it could take us longer to respond if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Should you have any questions regarding your privacy rights or anything else set out in this policy, please contact [email protected] .

If you are in Singapore you can also contact Ee Li Szie ([email protected]) or Wing Chung ([email protected]).

The Data Controller for the Websites is AlixPartners, LLP of 2000 Town Center, Suite 2400, Southfield, Michigan, 48075, United States of America. Our Website server is based in the United States of America.