Last Updated: 08-16-2024
Forvis Mazars, LLP ("Forvis Mazars"), a Delaware Limited Liability Partnership, complies with the EU-U.S. Data Privacy Framework (“DPF”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information that is transferred from the European Economic Area ("EEA") to the United States within the scope of its certification.
Forvis Mazars, LLP and all subsidiaries, parent entities, divisions, departments, and affiliates of Forvis Mazars, LLP respect the privacy of the information you have entrusted to us. This EU-US DPF Privacy Notice applies to both the online and offline collection of personal information that we process in connection with our website and services.
Forvis Mazars has certified that it adheres to the DPF Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, recourse, enforcement and liability. If there is any conflict between the terms in this notice and the DPF Principles, the Principles shall govern.
Forvis Mazars complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF as set forth by the U.S. Department of Commerce. Forvis Mazars has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern.
To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, visit https://www.dataprivacyframework.gov.
Personal Information
Forvis Mazars receives and processes personal information from or relating to Forvis Mazars, LLP and other legally separate entities in the context of the provision of products, services, and support to these entities, acting as a data processor with respect to this information. Personal information received by Forvis Mazars will be treated in accordance with their instructions or pursuant to Forvis Mazars contractual arrangements with them, consistent with the DPF requirements. Instances information can be collected may include:
Contact Information– Information such as name, employer, job title, address, phone number, email address and/or other pertinent information. This information can be collected if provided during marketing efforts, event registration and/or other similar instances.
Client Information – Information of clients engaging Forvis Mazars Assurance, Tax, Advisory or other service lines. This can consist at times of personal information which is related to your client relationship with Forvis Mazars.
Employment/Applicant Information – Information of Forvis Mazars personnel or prospective applicants that can consist of name, email address, physical address, phone and/or qualifications.
For more details on Personal Information, please see Forvis Mazars’ Privacy Policy at https://www.forvismazars.us/privacy-policy.
Individual Rights
Where appropriate individuals have rights under the DPF to access their personal information and to request limited use, disclosure, deletions, additions and/or corrections of their personal information. Please contact us using the information below if you wish to exercise these rights and we will refer any requests to relevant data controllers and support them as needed in responding to your request. For more details on Individual Rights, please see Forvis Mazars’ Privacy Policy at https://www.forvismazars.us/privacy-policy.
Disclosures of Personal Information
Forvis Mazars will disclose personal information only as authorized by the relevant data controller. We may use a limited number of third-party service providers to assist us in providing our services or in meeting internal business operation needs. These third parties will access information only to perform tasks on our behalf.
Forvis Mazars is accountable for the onward transfer of data to third party service providers or agents who assist us in providing services. Forvis Mazars maintains contracts with these third parties in compliance with our DPF obligations and other obligations and accepts liability if those parties fail to meet these obligations and we are responsible for the event giving rise to the damages.
Personal Information may also be disclosed as part of a corporate transaction such as a sale, divestiture, reorganization, merger or acquisition.
Disclosures of personal information may also be required to law enforcement, regulatory, or other government agencies for purposes of national security, professional bodies or to other third parties, in each case to comply with legal or regulatory obligations or requests and professional standards. Forvis Mazars will notify the applicable data controller of any such request unless prohibited by law.
For more details on Disclosures of Personal Information, please see Forvis Mazars’ Privacy Policy at https://www.forvismazars.us/privacy-policy.
Data Security
Forvis Mazars strives to maintain industry standard administrative, technical, physical and organizational safeguards. These safeguards implemented to assist in protecting data from unauthorized, accidental or unlawful disclosure, destruction, loss or modification.
Questions and Complaints
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Forvis Mazars commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. In compliance with the DPF Principles, Forvis Mazars commits to resolve complaints about our collection or use of your personal information. EU and UK individuals with inquiries or complaints regarding our DPF policy should first contact Forvis Mazars at:
Forvis Mazars Privacy Office
Forvis Mazars, LLP
4350 Congress Street, Suite 900
Charlotte, NC 28209
704.367.7020
Email: privacy.notice@us.forvismazars.com
Forvis Mazars has further committed to refer unresolved DPF complaints to the American Arbitration Association, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://go.adr.org/dpf_irm.html for more information or to file a complaint. The services of the American Arbitration Association are provided at no cost to you. It is also possible, under certain conditions (i.e., those set forth in Annex I of the Data Privacy Framework Principles), to invoke binding arbitration with regard to Data Privacy Framework complaints that have not been resolved by other means.
Forvis Mazars has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Data Privacy Framework complaints concerning human resources data transferred from the EU in the context of the employment relationship and the UK Information Commissioner’s Office (ICO) with regard to unresolved Data Privacy Framework complaints concerning human resources data transferred from the UK in the context of the employment relationship.
The U.S. Federal Trade Commission (FTC) has jurisdiction over Forvis Mazars’ compliance with the DPF and Forvis Mazars is subject to the investigatory and enforcement powers of the FTC. This notice may be amended to be consistent with the requirements of the EU-U.S. Data Privacy Framework and the UK Extension to the EU-U.S. Data Privacy Framework. When we update this Notice, we will also revise the "Last Updated" date at the top of this page.