privacy
notice

The purpose of this Privacy Notice is to provide information about how Epiq collects, uses and processes personal information in connection with our business including the provision of our website at https://epiqsolutions.com , with whom we share information, and your rights and choices with respect to the information. This Privacy Notice also describes some of the security measures we take to protect your information, and how you may contact us.

1 ABOUT US

Epiq's website and products and services are made available by EPIQ Design Solutions LLC. EPIQ Design Solutions LLC is a limited liability company established under the laws of Delaware with its headquarters at 3740 Industrial Ave., Rolling Meadows, IL 60008.

Except as stated otherwise, Epiq and its UK affiliate, EPIQ Design Solutions UK Limited, may each be an independent controller of your personal data. EPIQ Design Solutions UK Limited (company no.: 14694112) is a company established under the laws of the United Kingdom with its registered office at 3rd floor, 1 Ashley Road, Altrincham, Cheshire, WA14 2DT, UK.

2 HOW TO CONTACT US

If you have any questions about this Privacy Notice or want to exercise your rights as a data subject set out in this Privacy Notice, you can contact us using the following methods:

On our website

Email

Send us an email at: webmaster@epiqsolutions.com.

Post

Write to us at: 3740 Industrial Ave., Rolling Meadows, IL 60008 USA

Telephone

Call us at: (+1) 847-598-0218

3 PERSONAL INFORMATION WE COLLECT

Epiq collects and processes personal data that you, as the data subject, provide to us. You may give us your personal data directly, for example, when you purchase our products, contact us with enquiries, complete forms on our website, subscribe to receive our marketing communications or provide feedback to us.

Information collected automatically: Epiq collects certain information automatically when you visit our website. Like many websites, we also collect information that your browser sends whenever you visit our site (“Log Data”). This Log Data may include information such as your Internet Protocol (IP) address, browser type, browser version, the pages of our website that you visit, the time spent on those pages and other statistics. In addition, we may use third-party service providers who collect, monitor and analyze Log Data in order to help us improve our website and product and service offerings.
Internet Usage Information: This may include, but is not limited to, browsing history, search history, and information regarding your interaction with a web site, application, or advertisement. We collect this information for the purpose of tracking the use of the web site. For further information, see section 6, Cookies, below.
Identifiers and Contact Information: This may include, but is not limited to, name, postal address, Internet Protocol (IP) address, email address, telephone number, and similar identifiers.

For job applicants and employees, this may also include other information such as social security number/social insurance number, date of birth, driver's license number, passport number, or other similar identifiers.
Personal Records: This may include, but is not limited to, education, employment, employment history, other information required for background checks, credit card number, banking information or any other financial information.
Third Parties: We may also process your personal data obtained from any third parties we work with in relation to our recruitment activities, including without limitation, recruitment agencies, background check providers, credit reference agencies and your referees.

If you visit one of our offices or other locations, we may process personal data that you volunteer in connection with your visit and any inquiries you make. For example, you may volunteer personal data when you are signing in as a guest at our facility.

4 HOW WE USE INFORMATION WE COLLECT

Epiq may use the personal information we collect about you or that you provide to us for the following purposes:

Responding to requests for information, including requests made through forms found on our websites.
Providing products and services, performing our contracts, and otherwise operating our business.
Processing employment applications, evaluating candidate employment qualifications, and contacting individuals regarding employment opportunities where appropriate.
Performing human resources functions for Epiq and its employees.

Providing marketing, partner or corporate communication notices.

Preparing and submitting bids and proposals to customers, including government and private sector entities.
Managing our relationship with you and the organization you represent

Protecting Epiq, its employees, and its business partners against cybersecurity and other security events, espionage, fraud, insider threats, and other unlawful activity, and claims and other liabilities.

Protecting Epiq's personnel and property.
Exercising Epiq's legal rights.
Complying with and enforcing applicable legal requirements, industry standards, and Epiq's policies.

Except in rare circumstances where we are required by law to disclose or otherwise process your personal information, we will only process your personal information as necessary for the purposes explained to you when the information is collected or as otherwise described in this notice.

Where we are required by law to collect your personal data, or we need to collect your personal data under the terms of a contract we have with you (for example, to provide products and services you have requested from us), and you fail to provide that personal data when we request it, we may not be able to perform the contract we have or are trying to enter into with you.

5 HOW WE SHARE INFORMATION WE COLLECT

Epiq only shares personal data with others when we are legally permitted to do so. We do not sell, lease, rent, or license the personal information we collect to third parties.

Epiq may disclose personal information to third parties in the following circumstances:

To third-party service providers to facilitate the services they provide.

To submit bids for proposals from the government or commercial customers.

To perform contractual services for customers (including, for example, with a subcontractor or a prime contractor for which we are a subcontractor).

To protect Epiq's rights, privacy, safety, or property, and that of its customers, employees, its affiliates, users, and others.

To support an investigation of cybersecurity and other security events, espionage, fraud, insider threats, and other illegal activity.

In the event of a merger, sale, transfer, or other disposition of all or any portion of Epiq's business assets or stock.

When requested by law enforcement or other government authorities.

When required by law, regulation, court order, or other legal process and for any other legal purpose.

Epiq routinely requires the third-party business partners to which it provides personal information to protect and maintain that information in confidence, and not to license, sell or otherwise transfer such information except as directed by Epiq.

6 COOKIES

To enrich and optimize your online experience, Epiq uses “cookies”, similar technologies and third-party service providers to display personalized content, appropriate advertising, and store your preferences on your computer.

Cookies are text files containing small amounts of information which are downloaded to your browser and accessed by the website operator or third parties when you visit a website or another website that recognises the cookie.

Epiq may use cookies mainly to improve and analyze your experience and for marketing purposes. Because we respect your right to privacy, you can choose not to allow some types of cookies. You can click on the different category headings on the site to find out more and change your default settings depending on the type of cookie:

Necessary, Always active

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in, or filling in forms. You can learn more about necessary cookies on the website.

Analytics

These cookies help Epiq to understand how visitors engage with the website. It may use a set of cookies to collect information and report site usage statistics. In addition to reporting site usage statistics, data collected may also be used, together with some of the advertising cookies described, to help show more relevant ads across the web and to measure interactions with the ads we show. You can learn more about analytics cookies on the website.

These cookies make our ads more engaging and valuable to site visitors. Some common applications of cookies are to select advertising based on what's relevant to a user; to improve reporting on ad campaign performance; and to avoid showing ads the user has already seen. You can learn more about advertisement cookies on the website.

Functionality

Functionality cookies are optional for the website to function. They are usually only set in response to information provided to the website to personalize and optimize the site visitor's experience as well as remember a visitor's chat history. You can learn more about functionality cookies on the website.

Blocking some types of cookies may negatively impact the your experience on the site and limit the services Epiq is able to provide. You can also set your browser to refuse cookies before entering Epiq's website, with the drawback that certain features of the Epiq's website may not function properly without the aid of cookies.

7 SECURING INFORMATION

Epiq is committed to maintaining the security of the information collected on our website and we have implemented information security policies, rules and technical measures to prevent the loss of, misuse of, disclosure of, alteration of, destruction of, and unauthorized access to the personal information you provide. However, no Internet-based information system is completely secure and Epiq cannot eliminate all security risks associated with the electronic transfer and storage of information, including your personal information. Epiq accepts no liability for events for which Epiq is not responsible or for which Epiq does not have control. If you have reason to believe that your interaction with Epiq is no longer secure, please immediately notify Epiq using the contact information above.

8 THIRD-PARTY WEBSITES

Epiq's website contains links to websites operated by third parties to provide users additional information. These links include links to social media services (such as LinkedIn, Twitter, Facebook, Instagram and YouTube). Epiq does not control these third-party sites and services and is not responsible for the content of these websites or the products, services, or actions of the third parties operating them. The privacy policies of these third-party websites and services govern your use of and sharing of data with them and Epiq does not control and is not responsible for these privacy policies. If you link to or from our website using other websites, you should carefully review the privacy policy on those third-party sites to determine what rules may apply to the use and disclosure of your personal information by the operators of those sites.

9 CHANGES TO OUR PRIVACY NOTICE

We will update this Privacy Notice from time to time to reflect any changes or proposed changes to our use of your personal data, or to comply with changes in applicable law or regulatory requirements. We encourage you to review this Privacy Notice periodically to keep up to date on how we use your personal data. Changes are effective on the date Epiq posts the revised Privacy Notice to its website and the revised Privacy Notice supersedes all previous versions of the Privacy Notice.

10 GDPR

If you are located within the UK where the UK General Data Protection Regulation (“UK GDPR”) applies, or the European Union or another country that has adopted the EU General Data Protection Regulation (“GDPR”), the following applies:

You have the right to access, modify, rectify, limit and/or delete any personal information as well as a right of opposition to the processing of your personal data. If you wish to exercise your rights, you can contact us via the contact information in section 2 above.

You also have the right to lodge a complaint with a supervisory authority. In the United Kingdom, the regulatory authority is the Information Commissioner's Office (“ICO”). Contact details for the ICO can be found on its website at https://ico.org.uk. You can find a list of contact details for all EU supervisory authorities at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

For data processing based on your consent, you have the right to withdraw your consent to the processing of your data at any time. The withdrawal does not affect the lawfulness of processing based on your consent before its withdrawal. If you would like to withdraw your consent, please contact us via the contact information at section 2 above.

You have the right to object to the processing of your personal data, and we will comply with your request, if we are: (i) relying on our own or someone else's legitimate interest to process your personal data, except if we can demonstrate compelling legal grounds for the processing; or (ii) processing your personal data for direct marketing purposes.

Purpose for Processing. Epiq collects and processes your personal data for the purpose of communicating with you regarding the business of Epiq, its subsidiaries, or affiliates. Your personal data may also be processed as necessary for entering into, or performance of, a contract between you as the data subject and us as the data Controller. For these reasons, if you choose not to provide personal information, you may not be able to do business with us or access our facility. We also process your personal data to comply with regulatory requirements for export control, screening of visitors to our premises, and various other requirements.

Legal Basis for Processing. The legal basis for processing your personal data is that it is in our legitimate interest or a third party's legitimate interest to a) use personal data in such a way to ensure that we provide our products and services in an effective, safe and efficient way. b) to provide access to our website in a secure and effective way and so that we can make improvements to our website. c) so we can respond to enquiries to provide a good standard of service and improve our customer services. or d) to send marketing by email to certain business users of our website(s) and our products and services.

It is also necessary for us to use your personal data to perform our obligations in accordance with any contract that we may have with you for fulfilment of our services or where it is necessary for compliance with a legal obligation imposed on us, such as a court order, or to enforce our legal rights or to protect the rights of third parties.

Where we use your personal data in connection with recruitment, it will be in connection with us taking steps at your request to evaluate your candidacy for employment at Epiq, or where it is in our legitimate interest to use personal data in such a way to ensure that we can make the best recruitment decisions.

Third Party Data Processing: Where necessary, for the purpose set out above, we may transfer personal data to countries outside the UK and the EEA.

Non-EEA countries do not have the same data protection laws as the UK and the EEA. In particular, non-EEA countries may not provide the same degree of protection for your personal data, may not give you the same rights in relation to your personal data and may not have a data protection supervisory authority to help you if you have any concerns about the processing of your personal data. However, when transferring your personal data outside the UK or the EEA, we will comply with our legal and regulatory obligations in relation to your personal data, including having a lawful basis for transferring personal data and putting appropriate safeguards in place to ensure an adequate level of protection for the personal data. We will take reasonable steps to ensure the security of your personal data in accordance with applicable data protection laws.

When transferring your personal data outside the UK or the EEA, we will, where required by applicable law, implement at least one of the safeguards set out below. Please contact us if you would like further information on the specific mechanisms used by us when transferring your personal data outside the UK or the EEA.

Adequacy decisions

We may transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the UK Government and/or European Commission (as applicable).

Model clauses

Where we use certain service providers, we may use specific standard contractual clauses approved by the UK Government and/or European Commission which give personal data the same protection it has in the UK and/or Europe.

Transfer of Information to the U.S.: Epiq is headquartered in the United States of America and the State of Illinois, and its business information systems are primarily located in the U.S. If you are not located in the U.S., we want to advise you that any personal information you provide through Epiq's website and third-party online services will be transferred out of your country and to the U.S. By providing personal information through Epiq's website and third-party online services, you expressly consent to the transfer of this information to the U.S. and other countries in which we or our affiliates may operate in support of our customers. If you do not want your personal information to be transferred to the U.S. or to other countries in which we or our affiliates may operate in support of our customers, please do not use Epiq's website(s) and third-party online services or provide personal information.

Data Retention: In respect of personal data that we process in connection with the supply of our products and services, we may retain your personal data for up to six years from the date of supply of the relevant products and services and in compliance with our data protection obligations. We may then destroy such files without further notice or liability.

Where we process personal data in connection with the registration and use of a business account, we may retain your personal data for up to six years from the date that the relevant account is terminated (and in compliance with our data protection obligations). We may then destroy such files without further notice or liability.

Where we process any other personal data, we will retain relevant personal data for up to three years from the date of our last interaction with you (and in compliance with our data protection obligations). We may then destroy such files without further notice or liability.

If any personal data is only useful for a short period (e.g. for a specific activity, promotion or marketing campaign), we will not retain it for longer than the period for which it is used by us.

11 CCPA

This California Privacy Notice applies to “Consumers” as defined by the California Consumer Privacy Act (“CCPA”) as a supplement to the privacy notice above. To aid in readability, in some places we have abbreviated or summarized CCPA terms or language. Terms defined in the CCPA that are used in this notice shall have the same meaning as in the CCPA. For more information on this notice or your California privacy rights please contact us using the contact information above.

Personal Information We Collect: Please see section 3, above, for a description of the categories of personal information we may collect from Consumers as defined by the CCPA.

Using and Sharing Personal Information: As described in our privacy notice above, we may use and share personal information with third parties for a business purpose.

As permitted by applicable law, we do not treat de-identified data or aggregate consumer information as personal information and we reserve the right to convert, or permit others to convert, your personal information into de-identified data or aggregate consumer information.

California Privacy Rights: California Consumers have the right to exercise their rights under the CCPA via an authorized agent who meets the agency requirements of the CCPA and related regulations. As permitted by the CCPA, any request you submit to us is subject to an identification process. Please provide sufficient information for us to reasonably verify you are the Consumer about whom we collected personal information. If we cannot comply with a request, we will explain the reasons in our response. We will use personal information provided in your request only to verify your identity or authority to make the request and to track and document request responses, unless you also gave it to us for another purpose.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive or clearly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Access to Specific Information and Data Portability Rights: You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Additionally, you have the right to make or obtain a transportable copy, no more than twice in a twelve-month period, of your personal information that we have collected in the period that is 12 months prior to the request date and are maintaining. Once we receive and confirm your request, we will disclose to you:

The categories of personal information we have collected about you.

The categories of sources from which we collected your personal information.

The business or commercial purposes for our collecting or selling your personal information, or that no sale occurred.

The categories of third parties to whom we have shared your personal information.

The specific pieces of personal information we have collected about you.

A list of the categories of personal information disclosed for a business purpose in the prior 12 months, or that no disclosure occurred.

A list of the categories of personal information sold about you in the prior 12 months, or that no sale occurred.

If we sold your personal information, we will explain.

The categories of your personal information sold, if any.

The categories of third parties to which we sold personal information, if any, by categories of personal information sold for each third party.

Deletion Request Rights: Except to the extent we have a basis for retention under CCPA, you may request that we delete your personal information that we have collected directly from you and are maintaining. Our retention rights include, without limitation, to complete transactions and services you have requested or that are reasonably anticipated, for security purposes, for legitimate internal business purposes, including maintaining business records, to comply with law, to exercise or defend legal claims, and to cooperate with law enforcement.

Do Not Sell: We do not sell your personal information as such is defined under the CCPA, and until such time as we change this policy by updating this notice, will treat personal information collected under that policy as subject to a “do not sell” request. In the last twelve (12) months, we have not sold any personal information.

Ours and Other's Rights: Notwithstanding anything to the contrary, we may collect, use and disclose your personal information as required or permitted by applicable law. In addition, our response to your request is subject to non-infringement on our or any other person's rights and applicable law.

Changes to Our Privacy Notice: We reserve the right to amend this notice at our discretion and at any time. Changes to this notice will be identified on our website.

Contact Information: If you have any questions or comments about this notice, our privacy policy, the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us using the above contact information or using the Contact Form on the website.