SmithGroup Companies, Inc. Privacy Policy

Effective Date: December 16, 2021

Executive Statement       

At SmithGroup Companies, Inc. (“SmithGroup"), we believe privacy is important. That is why we have established a comprehensive privacy program designed to help guide us with respecting and protecting your privacy rights. To protect your privacy, SmithGroup will endeavor to handle all personal data in a secure way and use it only as outlined in the sections below. This privacy Policy informs you of the personal data we collect, how we use it, and the measures we take to keep it safe. This Policy is our commitment to privacy and includes provisions on processing of personal data related to clients, consultants, applicants and employees. Information will only be shared with third parties when conducting normal and customary business operations, e.g. your insurance provider or your financial institution. In no instance will SmithGroup sell your information to third parties.

This Policy applies to all subsidiaries, business units and personal data-processing activities under the responsibility of SmithGroup Companies, Inc.

1. PRIVACY STATEMENT

SmithGroup has created this Policy to demonstrate a commitment to privacy. The following information discloses information gathering and dissemination practices by SmithGroup.

A.   EU-U.S. Privacy Shield

SmithGroup participates in and endeavors to comply with the EU-U.S. Privacy Shield Framework (“Framework”). SmithGroup is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on each Framework, to the Framework’s applicable Privacy Shield Principles (“Principles”). To learn more about the Privacy Shield Frameworks, visit the U.S. Department of Commerce’s Privacy Shield List.

SmithGroup is responsible for processing personal data it receives, under each Framework, and subsequently transfers to a third party acting as an agent on its behalf. SmithGroup endeavors to comply with the principles for all transfers of personal data from the EU, including the transfer liability provisions.

With respect to personal data received or transferred pursuant to each Framework, SmithGroup is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain circumstances, SmithGroup may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

SmithGroup commits to cooperate with the panel established by the EU Data Protection Authorities (“DPAs”), as applicable, and comply with the advice given by the authorities, with regard to human resources data transferred from the EU, as applicable in the context of the employment relationship.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact us at Privacy [at] SmithGroup.com.

B.   Information Collection and Use

This Policy applies solely to the role SmithGroup plays in collecting, using and storing data.

SmithGroup’s use of information collected shall be limited to the purpose of conducting our normal business operations.

Typically, information collection and usage falls into the following categories:  clients, consultants, applicants and employees, as follows:

Clients:  During the course of client interaction and project work, a wide range of information may be collected including, but not limited to, a client’s FEIN, financial institution, employee demographics, growth projections, etc. This information may be stored in a range of onsite and third party hosted environments.  This information is solely used for the purposes of executing SmithGroup’s contracted services.

Consultants:  During the course of project work, a wide range of information may be collected including, but not limited to, a consultant’s contact information, financial institution, prior work examples, etc.  This information may be stored in a range of onsite and third party hosted environments.  This information is solely used for the purposes of executing SmithGroup’s contracted services.

Applicants:  The application process collects personal information (such as, name, work history, home address, etc.). This information is solely used for evaluating and selecting applicants for employment.  Applicants may enter personal information directly through the application system and/or indirectly by contacting SmithGroup Human Resources staff.  This personal information may be stored in a range of onsite and third party hosted environments.

Employees (current and former):  During the course of employment, various personal information may be collected such as social security number, birth date, dependent information, employee performance, etc. This information is solely used for employment purposes and complying with local, state and federal requirements.  In addition, during the course of employment, SmithGroup may collect additional information related to employee project work, expertise, geographic location, etc. to improve the quality and efficiency of our projects.  This information may be stored in a range of onsite and third party hosted environments.

C. Information Processing

By providing your information to SmithGroup, you acknowledge and agree that the technical processing and transmission of your information, may involve transmissions over various networks, including the transfer of this information to the United States and/or other countries for storage, processing and use by SmithGroup, its affiliates, and their agents. 

D. Correction /Updating Personal Information

SmithGroup acknowledges that you have a right to access your information. If you seek to access, change or delete any information, unless otherwise prohibited by law, you may do so by logging into the appropriate system or by contacting SmithGroup at Privacy [at] SmithGroup.com.

E. Data Retention

Subject to Section D above, SmithGroup will retain information for as long as required for our business needs and operations.

F. Opt-Out

The opportunity to 'opt-out' of general mailings and notifications is provided via the Opt-Out mechanism attached to all SmithGroup e-mails.

G. Notification of Changes

SmithGroup may update this Policy to reflect changes to our information practices. If we make any material changes, we may notify you by email (the e-mail address specified in your account) or by means of a notice on this website prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices. Changes to the Policy are posted at www.smithgroup.com.

 

2. AUTOMATED DATA COLLECTION TECHNOLOGY

A. Information Collection and Use

SmithGroup may collect information about users automatically as they navigate through our online systems.

As is true of most websites, SmithGroup gathers certain information automatically. This information may include Internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the website.

SmithGroup and its partners may use cookies or similar technologies to analyze trends, administer the website, track users’ movements around the website, and to gather demographic information about our user-base as a whole. You can control the use of cookies at the individual browser level; if you choose to disable cookies, it may limit your use of certain features or functions on our website or services.

This information is used by SmithGroup for a number of purposes, including authentication, preferences, performance analytics and improving the overall system.

The technologies SmithGroup uses for this automatic data collection may include, without limitation:

Cookies (or browser cookies):   A cookie is a small file placed on the hard drive of the user's computer. Users may refuse cookies by activating the appropriate setting on their browser. However, if cookies are declined, users may be unable to access certain parts of the application. SmithGroup may issue cookies when users direct their browser to our application unless the user has adjusted their browser setting so that it will refuse cookies.

  • Web Beacons:   Pages of our applications and e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit SmithGroup, for example, to count users who have visited those pages, opened an e-mail or other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity). By disabling browser cookies, unique information associated with web beacons will also be disabled.

3. SECURITY MEASURES

A. Data Security

SmithGroup endeavors to follow best practices relative to data security, including NIST SP 800-171 guidelines.

4. DISCLOUSRE OF INFORMATION FOR LAW ENFORCEMENT

  • SmithGroup may disclose information as required by law, such as to comply with a subpoena, or similar legal or security process when we believe in good faith that disclosure is necessary to protect our rights, protect the safety of our users or others, investigate fraud, or respond to a government order or request.

5. OWNERSHIP AND ADMINISTRATION

This Policy is owned and administered by SmithGroup.

To ask questions or comment about this Policy and our privacy practices, contact us at: privacy [at] smithgroup.com.

SmithGroup Companies, Inc.
500 Griswold Street
Suite 1700
Detroit, MI  48226  USA

6. APPLICABLILITY

A. This Policy applies to the information gathering and dissemination practices for SmithGroup and supersedes all other policies, procedures, practices, and guidelines relating to the matters set forth herein.