Stout Risius Ross, LLC (and all affiliates and subsidiaries, collectively "Stout") values your privacy and is committed to complying with the applicable data privacy and security requirements in the countries in which it operates. Stout complies with internationally recognized standards of privacy protection and with various privacy laws globally including, but not limited to, the EU General Data Protection Regulation (GDPR).

What this Privacy Policy Covers

This Privacy Policy applies to our collection, use, and sharing of your personal data when you visit our websites, when you apply for employment with us, or when we provide valuation advisory, transaction opinions, investment banking, dispute consulting, management consulting, or other services (the "services") to you. This Privacy Policy applies only to data collected by Stout and does not apply to any other data or websites not owned or operated by Stout. This Privacy Policy also does not cover information we collect about you as an employee of Stout.  For more information about our privacy practices for employee information, please see our Employee Handbook.

Who is Collecting Data

Data will be collected by Stout Risius Ross, LLC (and all affiliates and subsidiaries, collectively "Stout").

Data We Collect

Stout collects the following categories of personal data:

Contact data and other identifiers: We may collect information about data subjects such as name and contact details (email, phone number, mailing address) in order to communicate and facilitate the provision of our services with our clients or potential clients and to respond to your requests. For example, contact details of individuals who work for or on behalf of the clients, in order to carry out the client’s engagement with Stout.

Services data: Personal data may be provided to us by clients to the extent required to perform the services. Stout may also acquire personal data from a third party at the direction of our client as required to perform services.

Employment Information:  We collect the information you choose to disclose if you apply for potential employment with Stout, such as your educational history, professional experience, and certain sensitive information such as race, age, citizenship, and any disabilities you may have.

Website visitor information and statistical analysis: When you visit our website, we may collect information about your visit such as your IP address and the pages you visited and when you use our services we may collect information on how you use those services. We may use cookies to collect this information.  Please see our Terms of Use and Cookies Policy for additional information.  We also use Google Analytics to help us gather statistical information about the visitors to our website and how they use the website on an anonymous, aggregate basis. We will not associate this data with your personally identifiable data unless required to do so to cooperate with law enforcement activity or other governmental request or to comply with law. Depending on the type of browser and device that you use, you may have the ability to control the type of information that Google Analytics use. To understand how Google Analytics collects and processes data, please visit www.google.com/policies/privacy/partners/.

Marketing information: We may collect information to respond to inquiries regarding our services or to provide you with information, reports, or updates. This information includes the contact data and website visitor information described above as well as information about your occupation or employer if you provide it to us.

Clients and other third parties who provide personal data to Stout must do so in compliance with applicable data privacy regulations.

Processing of Personal Data

We collect personal data to offer and administer our services and products. .The data you provide to us will be processed in accordance with the purposes specified in this Privacy Policy, namely:

• To provide the products or perform the services requested by clients and individuals pursuant to a letter of engagement, statement of work, or similar (where the processing is necessary for our legitimate business interests in conducting and managing our business).
• To provide the products or perform the services requested by clients and individuals using our website or web applications (where the processing is necessary for our legitimate business interests in conducting and managing our business).
• For complying with obligations provided by laws, current regulations and legislation (e.g. tax regulations) (where processing is based on a legal obligation)
• For legitimate business purposes to advise you through e-mail, phone call, electronic communication, or postal mailings, in the framework of our ordinary commercial relationship, about other products or services similar to the products or services we have provided to you and that we think will be of interest to you (where the processing is necessary for our legitimate business interests).
• For marketing purposes. For example, we may use your information to further discuss your interest in our services and to send you information regarding Stout promotions, events, products or services.
• For operating and improving Stout’s website and your customer experience. For example, we may collect and analyze data on your use of our website and process it for the purpose of improving our online experience. Please see our Terms of Use and Cookies Policy for additional information.
• For security purposes. For example, we may use your data to protect Stout and its third parties against security breaches and to prevent fraud and violation of Stout’s applicable agreements (where the processing is necessary for our legitimate business interests).

Whenever we process your personal data for our legitimate interests, we make sure to consider and balance any potential impact on you and your rights under data protection laws. Our legitimate business interests do not automatically override your interests - we will not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You have the right to object to this processing if you wish.

How Personal Data is Processed

Personal data is processed by Stout both manually and electronically in accordance with the above-mentioned purposes and in compliance with current regulations.

We permit only authorized Stout employees and third-party service providers to have access to your information. Such employees and third-party services providers are appropriately designated and trained to process data only according to the instructions we provide them

Storage of Personal Data

Stout will retain personal data for a reasonable period, taking into account legitimate business needs to capture and retain such information. Information will also be retained for a period necessary to comply with state, local, federal regulations, or country specific regulations and requirements, and in accordance with Stout’s Document Retention Schedule.

Disclosure/Sharing of Personal Data

We only share your personal data with your consent or in accordance with this Privacy Policy. We will not otherwise share, sell or distribute any of the information you provide to us except as described in this Privacy Policy.

• We share personal data among Stout affiliates and subsidiaries who act for Stout for the purposes set out in this Privacy Policy.
• Stout may share your information with external third parties, such as vendors, consultants and other service providers who are performing certain services on behalf of Stout, such as marketing services, website hosting, and new hire screening. Such third parties have access to personal data solely for the purposes of performing the services specified in the applicable service contract, and not for any other purpose. Stout requires these third parties to undertake security measures consistent with the protections specified in this Privacy Policy.
• Stout may be required to disclose personal data in response to lawful requests by public authorities, including meeting national security or law enforcement requirements.
• If Stout’s business enters into a joint venture with or is merged with another business entity, your information may be disclosed to our new business partners.

Cross – Border Transfers of Personal Data

Stout is a global firm. Personal data may be transferred, accessed and stored globally as necessary for the uses stated above in accordance with this Privacy Policy, and in compliance with local regulations.

Data concerning EU data subjects may be transferred to or processed in locations outside of the EU only where one of the following safeguards is in effect:

• Transfers to certain countries which the EU Commission has determined ensures an adequate level of protection;
• Transfers pursuant to standard contractual clauses or contract terms ensuring adequate data protection;
• Where required, Stout entities have entered into European Union Model Clause Agreements which allows for the processing of your personal data and for transfers of your personal data.

Automated Decision Making

Automated decisions are defined as decisions about individuals that are based solely on the automated processing of data and that produce legal effects that significantly affect the individuals involved.

Stout does not make automated decisions using personal data. If automated decisions are to be made, affected persons will be given an opportunity to express their views on the automated decision in question and object to it.

Your Choices

• Opt Out of Marketing Communications: If you are located in the EU, we will only send you marketing communications and updates about our products, services and events with your prior consent. You can withdraw your consent at any time. If you are not located in the EU, you may opt-out of receiving marketing communications and updates at any time. You can manage your receipt of marketing and non-transactional communications by clicking on the «unsubscribe» link located on the bottom of Stout’s marketing emails. Additionally, you may send a request to marketing@stout.com.
• Consequences of Not Providing Information: If you choose not to provide certain information, it may be an impediment to the exchange of information necessary for the execution of the contract or provision of services, and we may not be able to provide you with some services and you may not be able to participate in some of the activities on our website(s).

Third Party Websites or Other Services

We are not responsible for the privacy practices of any non-Stout operated websites, mobile apps or other digital services, including those that may be linked through Stout websites or services, and we encourage you to review the privacy policies or notices published thereon.

Notice to European Users

Individuals residing in the European Economic Area have the following rights concerning your data processed by Stout:

• Access: You have the right to access personal information that Stout holds about you.
• Rectification: You have the right to ask us to rectify information Stout holds about you if it is inaccurate or not complete.
• Erasure: You can request that Stout erase your personal data. We may keep basic data to identify you and retain it solely for preventing further unwanted processing.
• Restrict Processing: You have the right to ask Stout to restrict how we process your data. This means we are permitted to store the data but not further process it. We keep just enough data to make sure we respect your request in the future.
• Object to processing: Where processing is based on legitimate interests, you have the right to object to Stout processing your data. Stout will discontinue processing your data, unless we can demonstrate compelling legitimate grounds for the processing. We may keep basic data to identify you and retain it solely for preventing further unwanted processing.
• Portability: Where processing is based on consent or performance of a contract, you have the right to data portability. Stout must allow you to obtain and reuse your personal data for your own purposes in a safe and secure way without this effecting the usability of your data. This right only applies to personal data that you have provided to Stout as the Data Controller.
• Lodging Complaints: If we are not able to satisfactorily resolve your questions, concerns, or complaints, or if you believe that the processing of your personal data infringes on your rights under applicable data protection laws, you have the right, without prejudice to any other administrative or judicial remedies, to lodge a complaint with a supervisory authority, in particular, in the Member State of your habitual residence, place of work or place of the alleged infringement. Contact information for the supervisory authorities may be found here: EU Data Protection Authorities.

Please contact legal@stout.com to request access, rectification, or erasure, or to restrict processing, to object to processing, or to request data portability.

UK Residents: For the purposes of GDPR, the data controller is Stout Park Ltd (Company Number 8923987), 57 Grosvenor Street, London W1K 3JA, United Kingdom. We can be contacted at info@stout.uk or on +44 20 3405 3296.

Notice to Japanese Users

If we receive non-personally identifiable user information relating to individuals who reside in Japan from Google in connection with our use of Google Analytics, Stout will not merge that information with those user’s personally-identifiable information unless, prior to such processing, Stout has obtained all legally required consents from the user and have provided Google with accurate and complete information about the processing.

Please contact legal@stout.com if you have any questions, to restrict processing, or to object to processing.

Notice to California Residents

Shine the Light: Under California’s “Shine the Light” law, California residents have the right to ask us once a year if we have shared their personal information with third parties for their direct marketing purposes. To make a request, please contact us at legal@stout.com and specify you are making a Shine the Light request. 

California Consumer Privacy Act (“CCPA”): The CCPA creates privacy rights for California residents and requires businesses to make disclosures about their privacy policies and practices related to personal information. This section does not cover information we collect about you as an employee of Stout.  For more information about our privacy practices relating to employee information, please see our Employee Handbook.

Categories of Personal Information Collected: In the last twelve months, we have collected the following categories of personal information: identifiers; characteristics of protected classifications under California or U.S. law; occupation, professional, or employment-related information; and Internet or other electronic network activity information. For examples of the data points we collect, please see the “Data We Collect” section, above.

Sources of Personal Information: We have collected this information directly from you, passively when you visit our website or view our electronic communications, and from third parties such as our clients and business partners.  For more information, please see the “Data We Collect” section, above.

Categories of Personal Information Disclosed and Third Parties With Whom We Share This Information: We do not sell your personal information, but we may disclose it to third parties for a business purpose.  In the past twelve month, we have disclosed identifiers; professional, occupational and employment-related information, and Internet or other electronic network activity information to our third party marketing service providers.  We have also disclosed identifiers; characteristics of protected classifications under California or U.S. law; occupation, professional, or employment-related information; and educational information to the third party provider of background checks in connection with potential employment. For more information about the personal information we share, please see the “Disclosure/Sharing of Personal Data” section, above.

Your Rights: The CCPA gives you certain rights regarding your personal information:

• Right to Know: You may request no more than twice in a 12-month period that we provide you with copies of specific personal information we have collected, sold, or disclosed about you. However, under California law, we cannot provide you with certain sensitive information, despite your request (for example, we will not send you copies of your social security number even if it is something we collected).
• Right to Delete: You may request that we delete personal information we have collected about you, with certain exceptions.

To exercise your rights above, please submit a request by: emailing us at legal@stout.com, calling us at +1.833.204.0822 or fill out this form. Please describe your request with sufficient detail so we can properly respond to your request. As part of your request, please specify which right you are exercising and provide your name, contact information, and the type of request you wish to make. We may ask for additional information to verify your identity. The information you provide in your request and any follow up information we ask for from you will be used solely to verify your request.

Only you or an individual designated as your authorized agent to act on your behalf may make a request related to your personal information. You may also make a request on behalf of your minor child.

We may not discriminate against you if you choose to exercise your rights.

After receiving your request, we may need to contact you for further information and will notify you if your request has been granted or declined, or if an exception applies to your request.  We will try to respond to your request within 45 days. If we need more time, we will contact you with the reason we need more time and the extension period. We will deliver our written response by mail or electronically, at your option. In response to your request to know, we will only disclose the information we have collected in the 12 months prior to our receipt of your request. Our response will also explain the reasons we cannot comply with any request, if applicable.

We do not charge a fee to process or respond to your request unless your request is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate prior to completing your request.

Verifying, Changing, or Deleting Your Information

If the information you provided us is incorrect or if you have an issue with your information that we have collected, you can contact us as detailed at the end of this Privacy Policy and ask us to change, update or fix your information in certain cases. You can also request that we erase or delete all or some of your personal data or otherwise object to, limit, or restrict the use of such information (if we have no legal right or legitimate business interest in retaining such information).

Changes to This Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make changes to this Privacy Policy we will post them on our website and indicate the effective date of the change. If we make material changes to this Privacy Policy we will notify you by email or through the website.

Contact Us

Please contact us with questions, concerns, or complaints at:

Stout
150 West Second Street, Suite 400
Royal Oak, MI 48067
legal@stout.com

This Privacy Policy was updated January 6, 2020.