Epiq Class Action & Claims Solutions, Inc. and its affiliates and subsidiaries (“Epiq”) have made a commitment to collect, use and disclose personal information in compliance with applicable law and in such a manner that a reasonable person would consider appropriate in the circumstances.


Scope of Policy


Epiq, as a service provider acting on behalf of and under the direction of its clients, may collect, use and disclose personal information related to Claims, Claimants, or other parties providing information through this site (the “Data”), as directed by its clients, and as authorized by applicable law, in order to provide its Case Management Services on behalf of such clients. Epiq complies with the General Data Protection Regulation (GDPR) as a data processor, and with the EU-U.S. Privacy Shield Framework and the Swiss–U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, respectively. Epiq has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. This Privacy Policy is based on the principles and rules set out in all applicable privacy legislation.


Accountability


Epiq has designated a Privacy Director who is responsible for our compliance with this Policy. The Privacy Director may be contacted as described below.

Epiq
Attn: Privacy Director
11 Old Jewry
London EC2R 8DU
U.K.
privacyshield@epiqglobal.com


Claims Data Collected


On behalf of its clients who are the data controllers, Epiq may collect Data from claimants, from its clients and from third parties. The Data may include:

  • Identity information, such as name, address, email address and other contact information for claimants and other related parties;
  • Banking and financial account information;
  • Publicly available information about you, related parties, and other related information related to your Claim(s); and
  • Other information that you may disclose to or share with us online, over the phone, or otherwise related to your Claim(s).

Uses and Disclosures


Epiq will identify the purposes for which Epiq collects personal information at or before the time the information is collected from individuals. Epiq may choose to identify such purposes orally or in writing. Written notification will be used whenever practical to do so.

On behalf of its clients, Epiq may collect, use and disclose Data for the following purposes:

  • To initiate, process, review, investigate, assess, validate, settle, finalize, and otherwise administer Claims, according to the terms and conditions of the Class Action Settlement Agreements as approved by the Courts
  • For reporting, auditing and analytics purposes, including to provide with reports on Claims and to audit Claims on behalf of its clients;
  • To communicate with you regarding your Claim(s);
  • To verify your identity;
  • For fraud detection and verification purposes, and to otherwise protect us, our clients and others from fraud, error and other harm;
  • To improve our services and operations that we use to provide claims management and related services, and to provide training to relevant personnel; and
  • In order to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena.

We may also use de-identified information and aggregate information relating to Claims for research, analytics, and related purposes.

In carrying out the activities and purposes described above on behalf of its clients, Data may be processed by Epiq, including other affiliated Epiq entities, who perform services or provide support relating to the Claims Management Services. Data may also be disclosed to third parties as set forth below:

  • Adjusters, assessors, valuators and service providers engaged by Epiq to perform services or functions related to the Claims Management Services;
  • Authorized representatives and other service providers acting on our behalf; and
  • Other third parties where necessary to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena.

Epiq may also disclose the Data to its clients, who have control over the Data.


Consent


Your consent to the collection, use, or disclosure of your personal information can be express through written, electronic or any other method. The choice to provide Epiq with your consent is always yours, however, your decision to withhold such consent may limit our ability to provide you with certain services.


Safeguards


Epiq has implemented measures designed to secure personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. All personal information is stored on our secure servers behind firewalls.

Epiq’s security measures include:

  • Education and training to relevant staff to ensure they are aware of our privacy obligations when handling personal data;
  • Administrative and technical controls to restrict access to personal data on a ‘need to know’ basis;
  • Technological security measures, including firewalls, multi-factor authentication, encryption and anti-virus software;
  • Physical security measures, such as staff security passes to access our premises;
  • Reasonable precautions for the disposal or destruction of personal information that may consist of securely shredding physical documents and deleting electronically stored information in a manner that prevents it from being readily recovered.

If we find out there has been a breach of our security safeguards and there is a real risk of significant harm to you, you will be notified unless otherwise prohibited by law.


Access and Correction


You may request access to, or the correction of the personal information collected and processed by Epiq as part of the Claim Services, information about the ways in which that information is being used and a description of the individuals and organizations to whom that information has been disclosed, by making a written request to our Privacy Director. You may be required to verify your identity.

Because we are acting for and on behalf of our clients, we will provide them with your request and will work with them as needed to respond to your request. In some situations, we or our clients may not be able to provide access to certain personal information. This may be the case where, for example, disclosure would reveal personal information about another individual, the personal information is protected by solicitor/client privilege, the information was collected for the purpose of an investigation or where disclosure of the information would reveal confidential commercial information. We may also be prevented by law from providing access to certain personal information. When an access request is refused, we will notify you in writing, document the reasons for refusal and outline further steps, which are available to you.


Cross-Border Transfers


Epiq and any of its subsidiaries or affiliated companies may transfer your personal information across national borders to fulfil any of the above purposes, including but not limited to the United States.


Cookies


Epiq may also use cookies and other mechanisms to collect personal information about individuals when they visit or interact with us online. Cookies are unique identifiers, which are used to customize your website experience. Most web browsers automatically accept cookies, but you can usually change your browser to prevent or notify you whenever you are sent a cookie. This gives you the chance to decide whether or not to accept the cookie. We use the information in cookies to help us improve our website and our services, and for fraud detection and verification purposes. If you do not accept a cookie, there may be limitations on your use of some site functions. To read about our cookie notice, click here.


Analytics


We use automated devices and applications operated by third parties, including Google Analytics (https://policies.google.com/privacy) to evaluate the usage of our website and services, in order to improve our website and services, performance and user experiences. These third parties may use cookies and other tracking technologies to perform their services. We do not share your personal information with these third parties, but they may collect your IP address as part of their services.


Contact Information


We will, on request, provide information regarding our complaint procedure. Any inquiries, complaints or questions regarding this Policy should be directed in writing to our Privacy Director as follows:

Epiq
Attn: Privacy Director
11 Old Jewry
London EC2R 8DU
U.K.
privacyshield@epiqglobal.com

Important changes to our privacy policies and practices will be reflected in this Privacy Policy in a timely manner. We may add, modify or remove portions of this Policy when we feel it is appropriate to do so.


Version: July 2019