MANAGEMENT CONSULTING GROUP PLCSAFE HARBOR POLICY RELATING TO PERSONAL INFORMATION TRANSFERRED FROM EU TO USAIntroduction:Management Consulting Group PLC (“MCG”) is a publicly traded entity on the London Stock Exchange, its offering include a number of leading specialist consultancies to include, Alexander Proudfoot, Ineum Consulting and Kurt Salmon Associates. MCG and is subsidiaries adhere to the Safe Harbor Agreement concerning the transfer of personal data from the European Union (“EU”) to the United States. We subscribe to the Safe Harbor principles published by the US Department of Commerce with respect to all such personal data. If any conflicts arise between this policy and the published principles the principles shall supersede the policy.
Definitions:Personal Information – means any information that is:1) transferred from the EU to the USA.2) Is recorded in any media or other form;3) Is about, or pertains to a specific individual;4) Information which would allow someone to link an individual to such information.Sensitive Personal Information – means any personal information that:1) reveals race,2) ethnic origin;3) sexual orientation;4) political opinions; 5) religious or philosophical beliefs;6) trade union membership.7) Or any information that concerns an individuals health or wellbeing.Principles:Notice MCG shall inform an individual of the purpose for which it collects and uses the Personal Information and types of non-agent third parties, if any, to which MCG discloses or may disclose such information. Company shall provide the individual with the choice and the means for limiting the use and disclosure of their Personal Information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Information to MCG, or as soon as practicable thereafter, and in any event before the Company uses or discloses the Information for a purpose other than for which it was originally collected. (Note: Such disclosures are currently contained in all group employment applications and employment agreements).
ChoiceMCG will offer individuals the opportunity to opt out when ever their personal information is:1) to be disclosed to a third party;2) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.For Sensitive Personal Information, MCG will give individuals the opportunity to affirmatively or explicitly opt out or opt in to the disclosure of information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. Company shall treat Sensitive Personal Information from an individual the same as the individual would treat and identify it as Sensitive Personal Information. (Note: sometimes in the course of dealings with clients, especially ones which are federal or state agencies we are requested to provide certain information regarding national origin for security purposes. Some clients in order to comply with EEOC regulations will seek racial background of our consultants. Other than those specific instances we have no anticipation that such Sensitive Personal Information would ever be disclosed.)
Onward TransfersPrior to disclosing Personal Information to a third party, MCG shall notify the individual of such disclosure and allow the individual the choice (opt out) of such disclosure. MCG shall ensure that any third party for which Personal Information may be disclosed subscribes to the Principles or are subject to law providing the same level of privacy protection as is required by the Principles and agree in writing to provide an adequate level of privacy protection.
Data Security MCG shall take reasonable steps to protect the Information from MCG loss, misuse and unauthorized access, disclosure, alteration and destruction. MCG has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the Information from loss, misuse, unauthorized access or disclosure, alteration or destruction. MCG cannot guarantee the security of Information on or transmitted via the Internet.
AccessMCG shall allow an individual access to their Personal Information and allow the individual to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of person other than the individual would be violated. This is accomplished via our Knowledge management function.
Contact InformationQuestions, comments or complaints regarding MCG’s Safe Harbor Policy or data collection and processing practices can be mailed or emailed to:MCGAttn: Director of Legal Affairs1355 Peachtree St NE, Suite 700Atlanta, GA 30309 USAstevehitchcock@mcgplc.comEffective date: 1 July 2006