Evercore Global Privacy Notice

Date effective and last updated: January 30, 2024

Evercore respects your privacy and is committed to protecting your personal information. This privacy notice will inform you as to how we collect, share, use and look after your personal information, both online and offline, and tells you about your privacy rights and how the law protects you.

This privacy notice is provided in a layered format so you can click the arrows to reveal further detail. Please also use the following table contents to click through to the specific areas set out below. Alternatively, you can download a pdf version of the full privacy notice here.

  1. IMPORTANT INFORMATION
  2. PERSONAL INFORMATION WE HOLD ABOUT YOU, AND THE PURPOSES FOR WHICH WE USE IT
    • Visitors to this website
    • Visitors to Evercore’s offices
    • Our business contacts
    • Our suppliers and professional advisors
    • Parties with whom we conduct business (including clients, counterparties and potential clients and counterparties)
    • Our investors
  3. DATA SHARING
  4. DATA SECURITY
  5. DATA RETENTION
  6. IF YOU ARE LOCATED IN THE UNITED KINGDOM OR EUROPE
    • Important information
    • Lawful basis
    • Sharing personal information with third parties
    • Transfers of personal information outside of UK and Europe
  7. IF YOU ARE LOCATED IN THE DIFC
  8. IF YOU ARE A CALIFORNIA RESIDENT
  9. IF YOU ARE LOCATED IN CHINA
  10. IF YOU ARE LOCATED IN HONG KONG, JAPAN, OR SINGAPORE
  11. YOUR RIGHTS IN RELATION TO YOUR PERSONAL INFORMATION
  12. HOW TO CONTACT US

1. Important Information

Evercore respects your privacy and is committed to protecting your personal information.

This privacy notice describes how we collect and use personal information about you during and after your relationship with us in accordance with applicable laws.

It applies to Evercore’s business contacts, suppliers and professional advisors, parties with whom Evercore conducts business (including clients, counterparties and potential clients and counterparties) and investors and any associated individuals, family members of our employees, and former employees, independent contractors, owners, directors and officers (“alumni”). Evercore Inc. is responsible for this website. This website is not intended for children and we do not knowingly collect data relating to children.

The Evercore Group is made up of different legal entities, details of which can be found in the exhibits to Evercore Inc.’s latest 10-K filing which can be found here. This privacy notice is issued on behalf of the Evercore Group so when we mention “Evercore,” “we,” “us” or “our” in this privacy notice, we are referring to the relevant company in the Evercore Group responsible for processing personal information relating to you.

This notice applies to Evercore’s business contacts, suppliers and professional advisors, parties with whom Evercore conducts business (including clients, counterparties and potential clients and counterparties) and investors and any associated individuals. This notice does not form part of any contract of services.

It is important that you read this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you so that you are aware of how and why we are using such information.

We reserve the right to update this privacy notice at any time. If we make any changes, we will post the updated notice here and change the date at the top of this webpage, accordingly, we encourage you to periodically review this page to learn about any such updates.

2. Personal Information We Hold About You And Purposes For Which We Use It

Personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

There are more sensitive types of personal information which require a higher level of protection under certain applicable laws. We do not collect such mores sensitive information about you except for information about religious beliefs in the context of dietary requirements and, where applicable, health information in the event that we have to give you first aid on site for events and meetings that you voluntarily provide to us. Nor do we collect any information about criminal convictions and offences unless revealed by due diligence conducted to comply with a legal obligation or given to us in connection with our role, or potential role, as financial advisor in connection with a transaction, in order to comply with a legal obligation.

We may process your personal information without your knowledge or consent where this is required or permitted by law.

Please click on the relevant section to see the categories of personal information about you that we collect, use and store, and the purposes of processing.

3. Data Sharing

We share your personal information with third parties as described above and only as necessary, including third-party service providers and other entities in the Evercore Group, as necessary to fulfil our legal obligations and operational business purposes.

We require third parties to respect the security of your personal information and to treat it in accordance with the law.

4. Data Security

We have put in place appropriate measures to protect the security of your personal information.

Third parties will only process your personal information where they have agreed to treat the personal information confidentially and to keep it secure.

We have put in place appropriate security measures designed to prevent your personal information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to access it.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

5. Data Retention

How long will you use my information for?
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances we may anonymize your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you. Once you are no longer a business contact, supplier, professional advisor, counterparty with whom Evercore conducts business (including client) or an investor of Evercore we will retain and securely destroy your personal information in accordance with our data retention policy.

6. If You Are Located in the United Kingdom or Europe

7. If You Are Located in the DIFC

Evercore is providing the following information for individuals whose personal information is collected or held by Evercore Advisory (Middle East) Limited, which is the controller of your personal information and so responsible for this privacy notice.

Where you are such an individual:

  • Evercore Advisory (Middle East) Limited is registered in the Dubai International Finance Centre (DIFC) with a DIFC registered number 2478 and with its registered office at Unit 202, 203A & 204A, Level 2, Gate Village Building 10, DIFC, Dubai, 507204, United Arab Emirates.
  • The processing of your personal data by Evercore Advisory (Middle East) Limited is governed by the DIFC Data Protection Law, No.5 of 2020.
  • It is likely that personal information about you will be collected, held and transferred outside of the DIFC, including in and to countries within the UK or the EEA. It may also be disclosed to persons in other countries in the circumstances described in this privacy notice.
  • We will take all reasonable legal, technical and organizational measures to ensure that if your personal information is transferred outside of the DIFC, it will be treated securely and with an adequate level of protection compared to the level of protection offered in the DIFC. In particular, transfers of personal data outside of the DIFC will take place only where the transfer of this information is subject to a written agreement in line with the requirements of the DIFC data protection law.
  • You have the right to make a complaint at any time to the Commissioner of Data Protection in the DIFC (Commissioner) at any time (Tel: +971 (0)4 362 2222 or at commissioner@dp.difc.ae). We would, however, appreciate the chance to deal with your concerns before you approach the Commissioner so please contact us in the first instance at privacy@evercore.com.

8. If You Are A California Resident

Pursuant to the California Consumer Privacy Act of 2018 (“CCPA”), the information set out at section 2 above and in the following paragraph describes the categories of personal information that we have collected or disclosed within the preceding 12 months and the purposes for which it is used, about California residents who are not employees, independent contractors, owners, directors, officers, or job applicants of Evercore, or emergency contacts or benefits beneficiaries of the foregoing.

We collected the following categories of personal information from individuals, as necessary to fulfill our legal obligations and operational business purposes:

  1. Personal information, as defined in the California customer records law, such as contact information and financial information;
  2. Identifiers, such as name, online identifier, IP address, and government-issued identifier (e.g., Social Security number);
  3. Characteristics of protected classifications under California or federal law, such as sex, age, national origin, citizenship, immigration status and marital status;
  4. Commercial information, such as transaction information and history and securities trading information and history;
  5. Internet or network activity information, such as browsing history and interactions with our and other websites and systems including the ISI portal and Investor Relations webpage;
  6. Geolocation data, such as device location and IP location;
  7. Audio, electronic, visual and similar information, such as video recordings created in connection with our business activities;
  8. Professional or employment-related information, such as work history, prior employer, and information relating to references; and
  9. Inferences drawn from any of the personal information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics.

In the preceding 12 months, we disclosed personal information to our service providers and third parties (such as  our professional advisors, companies who process Personal Information on an individual’s employer’s behalf, credit reference agencies, financial intermediaries, other persons who have (or who are considering) an interest in Evercore or involvement in a transaction about which Evercore is advising, our auditors, providers of internet-connected devices and associated software, governmental authorities and third parties involved in court action, and our business partners) as set out in section 3 (Data Sharing) above and as follows:

  1. Personal information, as defined in the California customer records law, such as contact information and financial information;
  2. Identifiers, such as name, online identifier, IP address, and government-issued identifier (e.g., Social Security number);
  3. Characteristics of protected classifications under California or federal law, such as sex, age, national origin, citizenship, immigration status and marital status;
  4. Commercial information, such as transaction information and history and securities trading information and history;
  5. Internet or network activity information, such as browsing history and interactions with our and other websites and systems including the ISI portal and Investor Relations webpage;
  6. Geolocation data, such as device location and IP location;
  7. Audio, electronic, visual and similar information, such as video recordings created in connection with our business activities; and
  8. Professional or employment-related information, such as work history, prior employer, and information relating to references.

We collected this personal information from individuals directly and from other categories of sources: publicly available databases, employers of individuals, our business partners, and our transaction and commission-sharing counterparties, when they share the information with us.

We have not “sold” personal information as defined by the CCPA. For this purpose, “sold” or “sale” means the disclosure of personal information for monetary or other valuable consideration but does not include, for example, the transfer of personal information as an asset that is part of a merger, bankruptcy, or other disposition of all or any portion of our business.

9. If You Are Located in China

Evercore is providing the following additional information for individuals based in the mainland of the People’s Republic of China (“China”).

  • Sensitive personal information

Evercore may process the below sensitive personal information about you for specific purposes:

  1. your identification documents (such as ID card and passport) and information relating to your financial status and dealings for our anti-money laundering and “know-your-client” practice, where you are a client or investor of ours[; and
  2. your health information to assist in the control of infectious diseases where you are a visitor to our offices, if so required by the applicable law].

The processing of your sensitive personal information is strictly necessary for us to perform our legal obligations. If you do not provide such information, we may not be able to provide you with the requested service / access. We will protect your sensitive personal information in accordance with the requirements under all applicable laws and regulations.

  • International transfers

Your personal information may be transferred out of China for the purposes elaborated in this privacy notice. We will ensure that the recipients of your personal information comply with the protection standards set out under applicable law. This can be done in a number of different ways, for instance, by entering into the Standard Contract for Personal Information Outbound Transferred (“Standard Contract”) issued by the Cyberspace Administration of China (in such case, you may request a copy of the Standard Contract from us, and are entitled to the third-party beneficiary rights under the Standard Contract).

In specific, we will share your personal information with the following overseas recipients.

  1. Your personal information may be shared with overseas entities within the Evercore Group, to provide services to the entity that holds your personal information, liaise within the Evercore Group for our business operation, and/or as part of shared systems which are in place. These overseas Evercore Group entities include Evercore Asia (Singapore) Pte Ltd, Evercore Partners International LLP and Evercore Partners Services East LLC. You may find a list of such entities in the exhibits to Evercore Inc.’s latest 10-K filing which can be found here. You may contact us at DataPrivacyAsia@evercore.com, if you wish to exercise your privacy rights against any of the Evercore Group entities (please see Section 11 for more details about your rights in relation to your personal information).
  2. We may also share your personal information with third-party service providers located outside of China, which process your personal information on behalf of Evercore. Such third-party service providers may include our IT vendors, lawyers or auditors, and we will provide details about such service providers upon request. If you wish to exercise your privacy rights against any such service providers, you may contact us at DataPrivacyAsia@evercore.com to facilitate the request.
  • Data sharing with other independent personal information processors located within China

Evercore will not share your personal information except where there is a business necessity. In addition to our service providers, we may also share your personal information with our business partners. Once lawfully transferred to them, they will be responsible for the lawful processing of your personal information, and the processing of your personal information by them shall be subject to their own privacy notices and policies. If you wish to exercise your privacy rights against any such service providers, you may contact us at DataPrivacyAsia@evercore.com to facilitate the request.

  • Retention period

Your personal information will be retained by Evercore for as long as necessary to fulfil the purpose for which it was collected or to comply with legal, regulatory or internal policy requirements.

As far as necessary, we will keep your data for the duration of our banking relationship subject to applicable legal and regulatory requirements. In addition, we might process your data after the termination of our relationship for compliance or risk management in accordance with the applicable laws as well as pursuant to various retention and documentation obligations.

However, if you wish to have your Personal Information removed from our databases, you may contact us at DataPrivacyAsia@evercore.com to facilitate the request.

10. If You Are Located in Hong Kong, Japan, or Singapore

We share your personal data within the Evercore Group and with our third-party service providers who may be based outside the jurisdiction where your data was first provided to Evercore. Whenever we transfer your personal data out of the jurisdiction where your data was first provided to Evercore, we will ensure a similar degree of protection is afforded to it, and that such transfer will be in compliance with applicable data protection laws. Please contact us if you would like further information on the specific mechanism used by us when transferring your personal data.

We may obtain personal information from you or from our business contacts, suppliers and professional advisors, and other third parties, Where you submit personal data of third parties to us, you warrant and represent to us that you have obtained the prior consent of such relevant third parties to provide us with their personal data for the relevant purposes for which you made the disclosure or as was notified to you at the relevant time and all other purposes as set out in this privacy notice, in accordance with all applicable data protection laws. It is your responsibility to keep your personal data and those of any relevant third parties updated.

11. Your Rights in Relation to your Personal Information

Under certain circumstances, you may have rights in relation to your personal information. For detail of some rights which apply, please click below as relevant.

Your duty to inform us of changes

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.

12. How To Contact Us

If you have any questions or comments about this Privacy Notice, please email us at privacy@evercore.com.
If you are located in the United Kingdom or the European Union, please click here for the relevant contact details.
If you are located in the DIFC, please click here for the relevant contact details.
If you are a California resident, please click here for the relevant contact details.
If you are located in China, please email us at DataPrivacyAsia@evercore.com.
If you are located in Japan, please email us at DataPrivacyAsia@evercore.com.