Epiq Class Action & Claims Solutions, Inc. and its affiliates and subsidiaries (“Epiq”) have made a commitment to collect, use, and disclose personal information in compliance with applicable law and in such a manner that a reasonable person would consider appropriate in the circumstances.
SCOPE OF POLICY
Epiq, as a service provider acting on behalf of and under the direction of its clients, may collect, use, and disclose personal information related to Claims, Claimants, or other parties providing information through this site (the “Data”), as directed by its clients, and as authorized by applicable law, in order to provide its Case Management Services on behalf of such clients. Epiq complies with the General Data Protection Regulation (GDPR) as a data processor. This Privacy Policy is based on the principles and rules set out in all applicable privacy legislation.
ACCOUNTABILITY
Epiq has designated a Privacy Director who is responsible for our compliance with this Policy. The Privacy Director may be contacted as described below.
Epiq UK Ltd.
Attn: Privacy Director
The South Quay Building, 5th floor
77 Marsh Wall
London, E14 9SH United Kingdom
privacy@EpiqGlobal.com
CLAIMS DATA COLLECTED
On behalf of its clients who are the data controllers, Epiq may collect Data from claimants, from its clients, and from third parties. The Data may include:
- identity information, such as name, address, email address, and other contact information for claimants and other related parties;
- banking and financial account information;
- the IP address from which you access our website; and
- other information that you may disclose to or share with us online, over the phone, or otherwise related to your Claim(s).
USES AND DISCLOSURES
Epiq will identify the purposes for which Epiq collects personal information at or before the time the information is collected from individuals. Epiq may choose to identify such purposes orally or in writing. Written notification will be used whenever practical to do so.
On behalf of its clients, Epiq may collect, use, and disclose Data for the following purposes:
- To initiate, process, review, investigate, assess, validate, settle, finalize, and otherwise administer Claims, according to the terms and conditions of the Class Action Settlement Agreements as approved by the Courts;
- For reporting, auditing, and analytics purposes, including to provide with reports on Claims and to audit Claims on behalf of its clients;
- To communicate with you regarding your Claim(s);
- To verify your identity;
- For fraud detection and verification purposes, and to otherwise protect us, our clients and others from fraud, error, and other harm;
- To improve our services and operations that we use to provide claims management and related services, and to provide training to relevant personnel; and
- In order to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena.
We may also use de-identified information and aggregate information relating to Claims for research, analytics, and related purposes.
In carrying out the activities and purposes described above on behalf of its clients, Data may be processed by Epiq, including other affiliated Epiq entities, who perform services or provide support relating to the Claims Management Services. Data may also be disclosed to third parties as set forth below:
- Adjusters, assessors, valuators, and service providers engaged by Epiq to perform services or functions related to the Claims Management Services;
- Authorized representatives and other service providers acting on our behalf; and
- Other third parties where necessary to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena.
Epiq may also disclose the Data to its clients, who have control over the Data.
CONSENT
Your consent to the collection, use, or disclosure of your personal information can be expressed through written, electronic, or any other method. The choice to provide Epiq with your consent is always yours, however, your decision to withhold such consent may limit our ability to provide you with certain services.
LIMITING USE, DISCLOSURE, AND RETENTION
Personal information will not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law.
Upon our clients’ direction, we will destroy, erase, or make anonymous documents or other records containing personal information as soon as it is reasonable to assume that the original purpose is no longer being served by retention of the information and retention is no longer necessary for a legal or business purpose. We will take due care when destroying personal information so as to prevent unauthorized access to the information.
ACCURACY
The personal information Epiq collects will be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used. Epiq will, on an ongoing basis, take reasonable steps to ensure the accuracy and completeness of personal information under its care and control. Individuals who provide their personal information to Epiq must do so in an accurate and complete manner. Epiq’s goal is to minimize the possibility that inaccurate information is used to make a decision about any individual whose personal information Epiq processes.
SAFEGUARDS
Epiq has implemented measures designed to secure personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. All personal information is stored on our secure servers behind firewalls.
Epiq’s security measures include:
- Education and training to relevant staff to ensure they are aware of our privacy obligations when handling personal data.
- Administrative and technical controls to restrict access to personal data on a ‘need to know’ basis.
- Technological security measures, including firewalls, multi-factor authentication, encryption, and anti-virus software.
- Physical security measures, such as staff security passes to access our premises.
- Reasonable precautions for the disposal or destruction of personal information that may consist of securely shredding physical documents and deleting electronically stored information in a manner that prevents it from being readily recovered.
If we find out there has been a breach of our security safeguards and there is a real risk of significant harm to you, you will be notified unless otherwise prohibited by law.
ACCESS AND CORRECTION
You may request access to, or the correction of, the personal information collected and processed by Epiq as part of the Claim Services, information about the ways in which that information is being used, and a description of the individuals and organizations to whom that information has been disclosed, by making a written request to our Privacy Director. You may be required to verify your identity.
Because we are acting for and on behalf of our clients, we will provide them with your request and will work with them as needed to respond to your request. In some situations, we or our clients may not be able to provide access to certain personal information. This may be the case where, for example, disclosure would reveal personal information about another individual, the personal information is protected by solicitor/client privilege, the information was collected for the purpose of an investigation, or where disclosure of the information would reveal confidential commercial information. We may also be prevented by law from providing access to certain personal information. When an access request is refused, we will notify you in writing, document the reasons for refusal, and outline further steps, which are available to you.
CROSS‐BORDER TRANSFERS
Epiq and any of its subsidiaries or affiliated companies may transfer your personal information across national borders to fulfil any of the above purposes, including, but not limited, to the United States.
COOKIES
Epiq may also use cookies and other mechanisms to collect personal information about individuals when they visit or interact with us online. Cookies are unique identifiers, which are used to customize your website experience. Most web browsers automatically accept cookies, but you can usually change your browser to prevent or notify you whenever you are sent a cookie. This gives you the chance to decide whether or not to accept the cookie. We use the information in cookies to help us improve our website and our services, and for fraud detection and verification purposes. If you do not accept a cookie, there may be limitations on your use of some site functions.
ANALYTICS
We use automated devices and applications operated by third parties, including Google Analytics (http://www.google.com/intl/en/policies/privacy) to evaluate the usage of our website and services, in order to improve our website and services’ performance and user experiences. These third parties may use cookies and other tracking technologies to perform their services. We do not share your personal information with these third parties, but they may collect your IP address as part of their services.
CONTACT INFORMATION
We will, on request, provide information regarding our complaint procedure. Any inquiries, complaints, or questions regarding this Policy should be directed in writing to our Privacy Director as follows:
Epiq UK Ltd.
Attn: Privacy Director
The South Quay Building, 5th floor
77 Marsh Wall
London, E14 9SH United Kingdom
privacy@EpiqGlobal.com
Important changes to our privacy policies and practices will be reflected in this Privacy Policy in a timely manner. We may add, modify, or remove portions of this Policy when we feel it is appropriate to do so.