Evercore Global Privacy Notice
Date effective and last updated: January 30, 2024
Evercore respects your privacy and is committed to protecting your personal information. This privacy notice will inform you as to how we collect, share, use and look after your personal information, both online and offline, and tells you about your privacy rights and how the law protects you.
This privacy notice is provided in a layered format so you can click the arrows to reveal further detail. Please also use the following table contents to click through to the specific areas set out below. Alternatively, you can download a pdf version of the full privacy notice here.
- IMPORTANT INFORMATION
- PERSONAL INFORMATION WE HOLD ABOUT YOU, AND THE PURPOSES FOR WHICH WE USE IT
- Visitors to this website
- Visitors to Evercore’s offices
- Our business contacts
- Our suppliers and professional advisors
- Parties with whom we conduct business (including clients, counterparties and potential clients and counterparties)
- Our investors
- DATA SHARING
- DATA SECURITY
- DATA RETENTION
- IF YOU ARE LOCATED IN THE UNITED KINGDOM OR EUROPE
- Important information
- Lawful basis
- Sharing personal information with third parties
- Transfers of personal information outside of UK and Europe
- IF YOU ARE LOCATED IN THE DIFC
- IF YOU ARE A CALIFORNIA RESIDENT
- IF YOU ARE LOCATED IN CHINA
- IF YOU ARE LOCATED IN HONG KONG, JAPAN, OR SINGAPORE
- YOUR RIGHTS IN RELATION TO YOUR PERSONAL INFORMATION
- HOW TO CONTACT US
1. Important Information
Evercore respects your privacy and is committed to protecting your personal information.
This privacy notice describes how we collect and use personal information about you during and after your relationship with us in accordance with applicable laws.
It applies to Evercore’s business contacts, suppliers and professional advisors, parties with whom Evercore conducts business (including clients, counterparties and potential clients and counterparties) and investors and any associated individuals, family members of our employees, and former employees, independent contractors, owners, directors and officers (“alumni”). Evercore Inc. is responsible for this website. This website is not intended for children and we do not knowingly collect data relating to children.
The Evercore Group is made up of different legal entities, details of which can be found in the exhibits to Evercore Inc.’s latest 10-K filing which can be found here. This privacy notice is issued on behalf of the Evercore Group so when we mention “Evercore,” “we,” “us” or “our” in this privacy notice, we are referring to the relevant company in the Evercore Group responsible for processing personal information relating to you.
This notice applies to Evercore’s business contacts, suppliers and professional advisors, parties with whom Evercore conducts business (including clients, counterparties and potential clients and counterparties) and investors and any associated individuals. This notice does not form part of any contract of services.
It is important that you read this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you so that you are aware of how and why we are using such information.
We reserve the right to update this privacy notice at any time. If we make any changes, we will post the updated notice here and change the date at the top of this webpage, accordingly, we encourage you to periodically review this page to learn about any such updates.
2. Personal Information We Hold About You And Purposes For Which We Use It
Personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
There are more sensitive types of personal information which require a higher level of protection under certain applicable laws. We do not collect such mores sensitive information about you except for information about religious beliefs in the context of dietary requirements and, where applicable, health information in the event that we have to give you first aid on site for events and meetings that you voluntarily provide to us. Nor do we collect any information about criminal convictions and offences unless revealed by due diligence conducted to comply with a legal obligation or given to us in connection with our role, or potential role, as financial advisor in connection with a transaction, in order to comply with a legal obligation.
We may process your personal information without your knowledge or consent where this is required or permitted by law.
Please click on the relevant section to see the categories of personal information about you that we collect, use and store, and the purposes of processing.
Visitors to Evercore’s website
When you visit our website we collect, use and store personal information relating to you including your IP address together with the date, time and duration of your visit. An IP address is an assigned number, similar to a telephone number, which allows your computer to communicate over the Internet. We also collect, use and store your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, information about your visit including the full Uniform Resource Locators (URL), clickstream to, through and from the website (including date and time), pages viewed, download errors, page interaction information (such as scrolling clicks) and methods used to browse away from the website. Depending on your user settings, some of this information may be collected from third party service providers that we use to operate and optimize our website, to improve your user experience and analyse website interaction. For more details about the third party services that we use in this context, please read our Cookie Policy.
You are not required to provide any other personal information to access public areas of our website.
We will collect, use and store this personal information for the purposes of:
- operating our business;
- physical security, network security and fraud prevention;
- maintaining our records;
- complying with our regulatory and legal obligations;
- improving, enhancing or developing our services; and
- statistical analysis and market research
We may disclose the personal information we hold about website visitors with:
- vendors that process personal information on Evercore’s behalf;
- professional advisors such as accountants, lawyers or other consultants; and
- applicable regulators and other governmental agencies anywhere in the world.
Some browsers may transmit “do-not-track” (“DNT”) signals to websites with which the user communicates. We currently do not change our tracking practices in response to DNT Signals nor a common definition of “tracking,” we currently do not change our tracking practices in response to DNT settings in your browser. Our analytics vendors may collect information about your online activities over time and across websites. This information is collected in a de-identified manner, that is not tied to a particular individual. This information is not sold or shared and is only used for our internal purposes.
Evercore’s cookie policy can be found here.
Visitors to Evercore’s offices
When you visit our offices, we collect, use and store images (but not sound or facial recognition) of you in public areas from CCTV footage; your location while at Evercore’s offices through access key card monitoring; contact information by completion of the visitor guest list; health information such as though the completion of the first aid accident book or temperature checks; and names and dietary preferences for catering purposes.
Most of this information will be provided by you or otherwise collected directly by Evercore. However, there may be instances where certain personal information is collected from third parties, including where we use third party services to help us maintain the security of our facilities, or where your employer provides information for the purposes of registering you to attend an event being organized by or on behalf of Evercore.
We will collect, use and store this personal information for the purposes of:
- physical security, network security and fraud prevention;
- complying with our regulatory and legal obligations;
- assist in the control of infectious diseases such as the virus Covid-19;
- operating our business; and maintaining our records.
We may disclose the personal information we hold about office visitors with:
- vendors which process personal information on Evercore’s behalf;
- other companies in the Evercore group;
- professional advisors, such as accountants, lawyers or other consultants; and
- applicable regulators and other governmental agencies anywhere in the world.
Our business contacts
If you have had contact with Evercore, for example through emailing us or meeting a representative of Evercore, we collect, use and store limited amounts of personal information relating to you, such as your name, job title, employer organization and contact details. We also use publicly available information about you or information you have provided us with to add to Evercore’s contact database.
We will collect, use and store this personal information for the purposes of:
- maintaining a record of contacts;
- providing periodic business updates as described below;
- organizing meetings between you and your Evercore representatives; and
- sending you periodic updates about Evercore’s business, activities and opportunities, in particular, by email and post; you can opt out of receiving updates at any time by asking your Evercore business contact to remove you from updates.
This information will often be collected directly by Evercore or its representatives. However, there may be cases where we obtain your information from third parties, including via mutual business contacts or from your employing organization. We may also collect your personal information from publicly available sources, such as social media and other professional profiles.
We will share the personal information we hold about business contacts with:
- companies which process personal information on Evercore’s behalf;
- professional advisors, such as accountants, lawyers or other consultants;
- other companies in the Evercore Group, including in the United States;
- Evercore’s auditors; and
- applicable regulators and other governmental agencies anywhere in the world.
Our suppliers and professional advisors
If you are an individual associated with a supplier to Evercore or with one of our professional advisors, we will collect, use and store limited amounts of personal information relating to you including your name, job title, qualifications, employer or parent organization and contact details.
We will collect, use and store this personal information for the purposes of:
- maintaining our records;
- operating our business; and
- commissioning further services.
This information will typically be provided by you during the course of interacting with Evercore but in some cases may also be obtained from your employing organization, colleagues or online professional profile. Information may also be collected from relevant licensing authorities in certain circumstances, including where necessary to confirm your professional credentials.
The personal information we hold about individuals associated with our suppliers and professional advisors may be disclosed with:
- companies which process personal information on Evercore’s behalf;
- professional advisors, such as accountants, lawyers or other consultants;
- other companies in the Evercore Group including in the United States;
- Evercore’s auditors; and
- applicable regulators and other governmental agencies anywhere in the world.
Parties with whom we conduct business (including clients, counterparties and potential clients and counterparties)
If you are involved in a transaction or potential transaction that Evercore advises on, we collect, use and store personal information relating to you. To the extent appropriate, this includes your business and personal contact details, interests/marketing preferences, professional opinions and judgements, visual images and photographs required for business purposes, log-in details for user accounts, information relating to your financial status and dealings, nationality information (including copies of identity documents such as a passport), references provided by third parties and results of other due diligence carried out.
We collect, use and store this personal information for the purposes of:
- conducting “know-your customer” and other due diligence pursuant to applicable anti-money laundering and anti-corruption laws and regulations and Evercore’s related policies and procedures;
- assessing your suitability as our client, including by verifying your identity;
- advising on potential transactions and transactions;
- administering any transaction that we enter into;
- providing a range of financial services;
- statistical analysis and market research;
- improving, enhancing or developing financial services;
- improving, enhancing or developing methods or processes for our business operations;
- learning about and understanding your behavior and preferences (and that of other relevant individuals) in relation to the financial services we provide;
- identifying financial services that may be suitable or personalizing or customizing any such services for our clients;
- maintaining records of investments;
- billing and invoicing purposes;
- complying with our regulatory and legal obligations including assessing and managing risk;
- identifying and preventing fraud and other unlawful activity;
- safeguarding and enforcing our contractual and legal rights and interests, including under the account terms and other agreements entered into between Evercore and yourself or any of your affiliated persons and organizations who are involved in any transaction which Evercore may be advising on, or under applicable regulatory frameworks;
- seeking and receiving advice from our professional advisors, including accountants, lawyers and other consultants;
- organizing and holding meetings and events; and
- sending you periodic updates about Evercore’s business, activities and opportunities, in particular, by email and post; you can opt out of receiving updates at any time by asking your Evercore contact to remove you from such updates.
This information will often be provided to us by you. However, depending on the circumstances and the nature of your relationship with Evercore, certain information may be collected from third party sources. This includes third party service providers that we use for conducting due diligence and verification checks, and to provide IT-based services. It may also include collecting your information from referees, professional advisors, intermediaries and transactional counterparties and their professional advisors, as well as from your online professional profile, employing organization and colleagues.
The personal information we collect, use and store about individuals associated with our clients, counterparties and potential clients and counterparties with whom we conduct business may be shared with:
- companies which process personal information on Client’s behalf;
- credit reference agencies;
- financial intermediaries;
- professional advisors, such as accountants, lawyers or other consultants;
- other persons who have an interest or involvement in, or who are considering an interest or involvement in, a transaction upon which Evercore is advising including co-investors, other providers of finance and investors in Evercore;
- other companies in the Evercore group, including in the United States;
- Evercore’s auditors; and
- applicable regulators and other governmental agencies anywhere in the world.
Individuals that apply for or obtain Evercore financial products or services for primarily personal, family or household purposes should review our privacy notice available here.
Our investors and shareholders
We collect our investors’ contact details, financial account information, and other information for the purposes of:
- complying with our regulatory and legal obligations;
- communicating with investors (including the mailing, in physical or electronic format, of Annual Reports, AGM or EGM notices or proxy cards, or communications in relation to other corporate actions);
- facilitating the payment of dividends; and
- sending you periodic updates about Evercore’s business, activities and opportunities, in particular, by email and post; you can opt out of receiving updates at any time by asking your Evercore contact to remove you from such updates.
This information will often be provided to us by you. However, depending on the circumstances and the nature of your relationship with Evercore, certain information may be collected from third party sources. This includes third party service providers that we use for conducting due diligence and verification checks, and to provide IT-based services. It may also include online sources, such as third party websites and media coverage.
We share the personal information we hold about our investors with:
- companies which process personal information on Evercore’s behalf;
- professional advisors, such as accountants, lawyers, proxy advisors or other consultants;
- other companies in the Evercore group worldwide;
- Evercore’s auditors; and
- applicable regulators and other governmental agencies anywhere in the world.
Employee family members
We collect, use and store a limited amount of personal information about the family members of our employees including contact details, business or place of employment, benefits entitlements, leave circumstances and certain financial holdings. This information is typically provided by our employees but in some limited cases, where connected to the administration of employee benefits, may be provided by third parties involved in providing and administering those benefits.
We collect, use and store personal information about these individuals for the purposes of:
- monitoring for insider trading risks;
- complying with our regulatory and legal obligations
- Administering family-related leave for employees; and
- Administering employee benefits.
We may disclose the personal information we hold about these individuals with:
- vendors which process personal information on Evercore’s behalf;
- professional advisors such as accountants, lawyers, proxy advisors or other consultants;
- other companies in the Evercore group;
- Evercore’s auditors;
- Third parties involved in providing and administering employee benefits; and
- applicable regulators and other governmental agencies anywhere in the world.
Our alumni
We want our alumni to stay in touch with us and connect with each other. We invite alumni to register through our alumni page to sign up for news and events. When you register with us as an alumnus/a, interact with us at events or engage in other alumni activities, we collect, use and store the personal information you provide including contact information, employment and professional information, and what types of networking events you are interested in.
We will typically collect this information directly from you but may also obtain information from third party public sources, such as social media, industry media and online professional profiles.
We collect, use and store personal information that our alumni provide for the purposes of:
- communicating with you after you leave Evercore;
- connecting alumni;
- ensuring that the personal information we hold about you remains accurate and;
- sending you periodic updates about Evercore’s business, activities, opportunities and alumni events, in particular, by email and post; you can opt out of receiving updates at any time by asking your Evercore contact to remove you from such updates.
We may disclose the personal information we hold about our alumni with:
- vendors which process personal information on Evercore’s behalf;
- other companies in the Evercore group; and
- other alumni in the Evercore alumni network.
If you fail to provide personal information
If you do not provide certain information when requested, we may not be able to perform the contract we have entered into with you (such as advising on a particular transaction), or we may be prevented from complying with our legal obligations (such as to perform client due diligence).
3. Data Sharing
We share your personal information with third parties as described above and only as necessary, including third-party service providers and other entities in the Evercore Group, as necessary to fulfil our legal obligations and operational business purposes.
We require third parties to respect the security of your personal information and to treat it in accordance with the law.
How secure is your personal information with third-party service providers and other entities in our group?
All our third-party service providers and other companies in the Evercore Group are required to take appropriate security measures to protect your personal information. Except where needed for their own direct relationship with you, we generally do not allow our third-party service providers to use your personal information for their own purposes and we only permit them to process your personal information for specified purposes and in accordance with our instructions.
When do we share your personal information with other entities in the Evercore group?
We will share your personal information with other companies in the Evercore Group for internal administrative purposes.
When do we share your personal information with any other third parties?
We may share your personal information with other third parties, for example in the context of the possible sale or restructuring of the business. If needed to comply with law and regulations, we will also need to share your personal information with a regulator, governmental agency or otherwise.
4. Data Security
We have put in place appropriate measures to protect the security of your personal information.
Third parties will only process your personal information where they have agreed to treat the personal information confidentially and to keep it secure.
We have put in place appropriate security measures designed to prevent your personal information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to access it.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
5. Data Retention
How long will you use my information for?
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymize your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you. Once you are no longer a business contact, supplier, professional advisor, counterparty with whom Evercore conducts business (including client) or an investor of Evercore we will retain and securely destroy your personal information in accordance with our data retention policy.
6. If You Are Located in the United Kingdom or Europe
Please click here for important information about how we handled your personal information if you are located in the United Kingdom or the European Union.
We will comply with applicable data protection law. This says that the personal information we hold about you must be:
- used lawfully, fairly and in a transparent way;
- collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
- relevant to the purposes we have told you about and limited only to those purposes;
- accurate and to the extent appropriate, kept up to date;
- kept only as long as necessary for the purposes we have told you about; and
- kept securely.
For the purposes of applicable data protection law, the Evercore company that you have dealings with is the controller of your personal information. This means that we are responsible for deciding how we hold and use personal information about you. We are required under applicable data protection law to notify you of the information contained in this privacy notice.
We have appointed a Data Protection Committee which is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the Data Protection Committee by email at [email protected] or using the contact details for your region set out below.
You have the right to make a complaint at any time to the relevant data protection authority (for details of which please click below). We would, however, appreciate the chance to deal with your concerns before you approach the data protection authority, so please contact us in the first instance.
If you have dealings with Evercore Group in the United Kingdom, please click here for further details.
Evercore Partners International LLP (for advisory/investment banking business) or International Strategy & Investment (UK) Limited (for research/sales business) is the controller of your personal information and so responsible for this privacy notice.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
You can contact Evercore’s Data Protection Committee from the United Kingdom as follows:
- By post at 15 Stanhope Gate, London, W1K 1LN and communications should be marked for the attention of the Data Protection Committee
- By telephone on 00 44 207 653 6000
- By email at [email protected]
If you have dealings with Evercore Group in Germany, please click here for further details.
Evercore GmbH is the controller of your personal information and so responsible for this privacy notice.
You have the right to make a complaint at any time to Der Hessische Beauftragte für Datenschutz und Informationsfreiheit (HBDI), Gustav-Stresemann-Ring 1, 65189 Wiesbaden, the Hessian Commissioner for Data Protection and Freedom of Information for data protection issues (https://datenschutz.hessen.de/). We would, however, appreciate the chance to deal with your concerns before you approach the HBDI so please contact us in the first instance.
You can contact Evercore’s Data Protection Officer in Germany as follows:
- By post at Florian Reichert
Scheja & Partners GmbH & Co. KG · Adenauerallee 136 · 53113 Bonn - Contact Form: https://www.scheja-partners.de/en/contact/contact.html
If you have dealings with Evercore Group in Spain, please click here for further details.
Evercore Partners International LLP is the controller of your personal information and so responsible for this privacy notice.
You have the right to make a complaint at any time to the Spanish Data Protection Agency (Agencia Española de Protección de Datos (AEPD)), the Spanish supervisory authority for data protection issues (https://www.agpd.es). We would, however, appreciate the chance to deal with your concerns before you approach the AEPD so please contact us in the first instance.
You can contact Evercore’s Data Protection Committee from Spain as follows:
- By post at Paseo de la Castellana 36-38, Madrid, Spain and communications should be marked for the attention of the Data Protection Committee
- By telephone on 00 34 91 119 0584
- By email at [email protected]
Please click here for information about the lawful basis that Evercore relies on when using your personal information.
We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances (each a lawful basis):
- where we need to perform the contract we are about to enter into or have entered into with you;
- where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests; or
- where we need to comply with a legal or regulatory obligation.
Generally, we do not rely on consent as a legal basis for processing your personal information.
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please click here for information about how Evercore shares your personal information with third parties.
We will share your personal information with third parties where required by law, where it is necessary to administer our relationship with you or where we have another legitimate interest in doing so. “Third parties” includes third-party service providers (including contractors) and other entities within the Evercore group worldwide.
The following activities are carried out by the following categories of third-party service providers in the following locations:
- Telephone and video conferencing, including in the United States;
- Recording telephone calls and emails for compliance purposes, including in the United States and Canada;
- Contact database management;
- Hosting and/or participating in client data rooms by various providers, potentially including in the United States;
- Marketing communications, including by Evercore Group in the United States;
- Research services client management, including in the United States;
- Communication, including in the United States; and
- Meeting catering purposes.
Please click here for information about how Evercore transfers your personal information outside of the United Kingdom or Europe.
We share your personal information within the Evercore Group. This will involve transferring your data outside the United Kingdom (UK) and the European Economic Area (EEA).
Many of our third-party service providers are based outside the UK and the EEA so their processing of your personal information will involve a transfer of data outside the UK and the EEA.
Whenever we transfer your personal information out of the UK and the EEA, we ensure a similar degree of protection is afforded to it by implementing at least one of the following safeguards:
- We will transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal information by the UK Secretary of State and the European Commission as applicable. For further details, see ICO List of Adequate Countries and the EC List of Adequate Countries.
- We use specific contracts approved by the European Commission which give personal information equivalent protection to that in Europe. For further details, see European Commission Model Clauses. Where appropriate we may also rely on specific contracts approved by the ICO, including UK International Data Transfer Agreement and the UK International Data Transfer Addendum to the EU Commission Standard Contractual Clauses.
- Any other data transfer mechanism approved by the UK or European Commission, including the Data Privacy Framework and any updated model clauses that are approved for use by the relevant governmental or regulatory authority. Please contact us if you would like further information on the specific mechanism used by us when transferring your personal data out of the UK / EEA.
Please contact us at [email protected] if you would like further information on the specific mechanism used by us when transferring your personal information out of the UK or the EEA.
7. If You Are Located in the DIFC
Evercore is providing the following information for individuals whose personal information is collected or held by Evercore Advisory (Middle East) Limited, which is the controller of your personal information and so responsible for this privacy notice.
Where you are such an individual:
- Evercore Advisory (Middle East) Limited is registered in the Dubai International Finance Centre (DIFC) with a DIFC registered number 2478 and with its registered office at Unit 202, 203A & 204A, Level 2, Gate Village Building 10, DIFC, Dubai, 507204, United Arab Emirates.
- The processing of your personal data by Evercore Advisory (Middle East) Limited is governed by the DIFC Data Protection Law, No.5 of 2020.
- It is likely that personal information about you will be collected, held and transferred outside of the DIFC, including in and to countries within the UK or the EEA. It may also be disclosed to persons in other countries in the circumstances described in this privacy notice.
- We will take all reasonable legal, technical and organizational measures to ensure that if your personal information is transferred outside of the DIFC, it will be treated securely and with an adequate level of protection compared to the level of protection offered in the DIFC. In particular, transfers of personal data outside of the DIFC will take place only where the transfer of this information is subject to a written agreement in line with the requirements of the DIFC data protection law.
- You have the right to make a complaint at any time to the Commissioner of Data Protection in the DIFC (Commissioner) at any time (Tel: +971 (0)4 362 2222 or at [email protected]). We would, however, appreciate the chance to deal with your concerns before you approach the Commissioner so please contact us in the first instance at [email protected].
8. If You Are A California Resident
Pursuant to the California Consumer Privacy Act of 2018 (“CCPA”), the information set out at section 2 above and in the following paragraph describes the categories of personal information that we have collected or disclosed within the preceding 12 months and the purposes for which it is used, about California residents who are not employees, independent contractors, owners, directors, officers, or job applicants of Evercore, or emergency contacts or benefits beneficiaries of the foregoing.
We collected the following categories of personal information from individuals, as necessary to fulfill our legal obligations and operational business purposes:
- Personal information, as defined in the California customer records law, such as contact information and financial information;
- Identifiers, such as name, online identifier, IP address, and government-issued identifier (e.g., Social Security number);
- Characteristics of protected classifications under California or federal law, such as sex, age, national origin, citizenship, immigration status and marital status;
- Commercial information, such as transaction information and history and securities trading information and history;
- Internet or network activity information, such as browsing history and interactions with our and other websites and systems including the ISI portal and Investor Relations webpage;
- Geolocation data, such as device location and IP location;
- Audio, electronic, visual and similar information, such as video recordings created in connection with our business activities;
- Professional or employment-related information, such as work history, prior employer, and information relating to references; and
- Inferences drawn from any of the personal information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics.
In the preceding 12 months, we disclosed personal information to our service providers and third parties (such as our professional advisors, companies who process Personal Information on an individual’s employer’s behalf, credit reference agencies, financial intermediaries, other persons who have (or who are considering) an interest in Evercore or involvement in a transaction about which Evercore is advising, our auditors, providers of internet-connected devices and associated software, governmental authorities and third parties involved in court action, and our business partners) as set out in section 3 (Data Sharing) above and as follows:
- Personal information, as defined in the California customer records law, such as contact information and financial information;
- Identifiers, such as name, online identifier, IP address, and government-issued identifier (e.g., Social Security number);
- Characteristics of protected classifications under California or federal law, such as sex, age, national origin, citizenship, immigration status and marital status;
- Commercial information, such as transaction information and history and securities trading information and history;
- Internet or network activity information, such as browsing history and interactions with our and other websites and systems including the ISI portal and Investor Relations webpage;
- Geolocation data, such as device location and IP location;
- Audio, electronic, visual and similar information, such as video recordings created in connection with our business activities; and
- Professional or employment-related information, such as work history, prior employer, and information relating to references.
We collected this personal information from individuals directly and from other categories of sources: publicly available databases, employers of individuals, our business partners, and our transaction and commission-sharing counterparties, when they share the information with us.
We have not “sold” personal information as defined by the CCPA. For this purpose, “sold” or “sale” means the disclosure of personal information for monetary or other valuable consideration but does not include, for example, the transfer of personal information as an asset that is part of a merger, bankruptcy, or other disposition of all or any portion of our business.
9. If You Are Located in China
Evercore is providing the following additional information for individuals based in the mainland of the People’s Republic of China (“China”).
- Sensitive personal information
Evercore may process the below sensitive personal information about you for specific purposes:
- your identification documents (such as ID card and passport) and information relating to your financial status and dealings for our anti-money laundering and “know-your-client” practice, where you are a client or investor of ours[; and
- your health information to assist in the control of infectious diseases where you are a visitor to our offices, if so required by the applicable law].
The processing of your sensitive personal information is strictly necessary for us to perform our legal obligations. If you do not provide such information, we may not be able to provide you with the requested service / access. We will protect your sensitive personal information in accordance with the requirements under all applicable laws and regulations.
- International transfers
Your personal information may be transferred out of China for the purposes elaborated in this privacy notice. We will ensure that the recipients of your personal information comply with the protection standards set out under applicable law. This can be done in a number of different ways, for instance, by entering into the Standard Contract for Personal Information Outbound Transferred (“Standard Contract”) issued by the Cyberspace Administration of China (in such case, you may request a copy of the Standard Contract from us, and are entitled to the third-party beneficiary rights under the Standard Contract).
In specific, we will share your personal information with the following overseas recipients.
- Your personal information may be shared with overseas entities within the Evercore Group, to provide services to the entity that holds your personal information, liaise within the Evercore Group for our business operation, and/or as part of shared systems which are in place. These overseas Evercore Group entities include Evercore Asia (Singapore) Pte Ltd, Evercore Partners International LLP and Evercore Partners Services East LLC. You may find a list of such entities in the exhibits to Evercore Inc.’s latest 10-K filing which can be found here. You may contact us at [email protected], if you wish to exercise your privacy rights against any of the Evercore Group entities (please see Section 11 for more details about your rights in relation to your personal information).
- We may also share your personal information with third-party service providers located outside of China, which process your personal information on behalf of Evercore. Such third-party service providers may include our IT vendors, lawyers or auditors, and we will provide details about such service providers upon request. If you wish to exercise your privacy rights against any such service providers, you may contact us at [email protected] to facilitate the request.
- Data sharing with other independent personal information processors located within China
Evercore will not share your personal information except where there is a business necessity. In addition to our service providers, we may also share your personal information with our business partners. Once lawfully transferred to them, they will be responsible for the lawful processing of your personal information, and the processing of your personal information by them shall be subject to their own privacy notices and policies. If you wish to exercise your privacy rights against any such service providers, you may contact us at [email protected] to facilitate the request.
- Retention period
Your personal information will be retained by Evercore for as long as necessary to fulfil the purpose for which it was collected or to comply with legal, regulatory or internal policy requirements.
As far as necessary, we will keep your data for the duration of our banking relationship subject to applicable legal and regulatory requirements. In addition, we might process your data after the termination of our relationship for compliance or risk management in accordance with the applicable laws as well as pursuant to various retention and documentation obligations.
However, if you wish to have your Personal Information removed from our databases, you may contact us at [email protected] to facilitate the request.
10. If You Are Located in Hong Kong, Japan, or Singapore
We share your personal data within the Evercore Group and with our third-party service providers who may be based outside the jurisdiction where your data was first provided to Evercore. Whenever we transfer your personal data out of the jurisdiction where your data was first provided to Evercore, we will ensure a similar degree of protection is afforded to it, and that such transfer will be in compliance with applicable data protection laws. Please contact us if you would like further information on the specific mechanism used by us when transferring your personal data.
We may obtain personal information from you or from our business contacts, suppliers and professional advisors, and other third parties, Where you submit personal data of third parties to us, you warrant and represent to us that you have obtained the prior consent of such relevant third parties to provide us with their personal data for the relevant purposes for which you made the disclosure or as was notified to you at the relevant time and all other purposes as set out in this privacy notice, in accordance with all applicable data protection laws. It is your responsibility to keep your personal data and those of any relevant third parties updated.
If you are located in Japan, please click here.
Evercore (Japan) Ltd is the controller of your personal information and is located at 21F, Shin Marunouchi Center, 1-6-2, Marunouchi, Chiyoda-ku, Tokyo, 100-0005, Japan. You may contact us at [email protected] for details of the representative director of Evercore (Japan) Ltd.
We may share your personal data within the Evercore Group for joint use. The categories and purposes of personal data for the joint use are in accordance with section 2 (“PERSONAL INFORMATION WE HOLD ABOUT YOU AND PURPOSES FOR WHICH WE USE IT”). The controller responsible for the joint use is Evercore (Japan) Ltd.
11. Your Rights in Relation to your Personal Information
Under certain circumstances, you may have rights in relation to your personal information. For detail of some rights which apply, please click below as relevant.
Your duty to inform us of changes
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.
If you are located in the United Kingdom or the European Union, please click here.
Under certain circumstances, under applicable data protection law, you have the right to:
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another party.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal information, or request that we transfer a copy of your personal information to another party, please contact us.
No fee usually required
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
Your right to withdraw consent
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact us at [email protected]. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
If you are a California resident, please click here.
If you are a California resident, you have the right to request that we disclose what information we collect, use, disclose and sell. Specifically, you may request that we:
(1) Disclose to you the following information covering the 12 months preceding your request:
- The categories of personal information we collected about you and the categories of sources from which we collected such Personal Information;
- The specific pieces of personal information we collected about you;
- The business or commercial purpose for collecting (if applicable) personal information about you; and
- The categories of personal information about you that we otherwise shared or disclosed, and the categories of third parties with whom we shared or to whom we disclosed such personal information (if applicable).
(2) Delete Personal Information we collected from you.
We will respond to your request consistent with applicable law. Nonetheless, you have the right to be free from unlawful discrimination for exercising your rights under the CCPA.
How to Make Requests
If you are a California resident, you may make a request for the disclosures described above or make a request to delete personal information we collected from you, by contacting us at:
(1) Web Request Form – linked here
(2) Toll-Free Number: 1-877-993-2673
You must provide us with enough information that we can verify your identity and that you are a California resident. If you designate an authorized agent to make an access or deletion request on your behalf, we may require the agent to show written authorization from you and require you to verify your identity with us.
If you are located in Canada, please click here.
ACCESSING AND CORRECTING YOUR PERSONAL INFORMATION
By law you have the right to request access to and to correct the personal information that we hold about you. If you want to review, verify, correct, or withdraw consent to the use of your personal information you may also send us an email at [email protected] to request access to, correct, or delete any personal information that you have provided to us. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
We may request specific information from you to help us confirm your identity and your right to access, and to provide you with the personal information that we hold about you or make your requested changes. Applicable law may allow or require us to refuse to provide you with access to some or all of the personal information that we hold about you, or we may have destroyed, erased, or made your personal information anonymous in accordance with our record retention obligations and practices. If we cannot provide you with access to your personal information, we will inform you of the reasons why, subject to any legal or regulatory restrictions.
If you are concerned about our response or would like to correct the information provided, you may contact us (see section 12 below).
If you are located in China, please click here.
For the personal information processed by us, you are entitled to the following legal rights:
• the right to obtain information regarding the processing of your personal information and to request us to explain our rules of personal information processing;
• the right to withdraw your consent to the processing of your personal information at any time. If you withdraw your consent, it will not affect the effectiveness of our processing activities based on your consent before the withdrawal. However, please note that in some cases, even if you withdraw your consent, we may still have the right to process your personal information based on other legal grounds;
• the right to access the information we hold about you and obtain a copy of such information. Evercore will advise you if access to all or part of the information cannot be given because of legal or security reasons;
• if you request us to transfer your personal information to certain designated personal information processor, we will provide the channel of transfer provided that the conditions specified by the applicable law or competent regulators are met;
• the right to request us to correct or supplement inaccurate or incomplete personal information;
• under certain circumstances, the right to request us to erase your personal information. However, please note that even if you request us to erase your personal information, we may still have the right to store such information before the expiry of the retention period specified in applicable laws and regulations;
• under certain circumstances, the right to request that we stop or restrict our processing of your personal information. There may be circumstances where you ask us to restrict our processing of your personal information, but we are legally entitled to refuse that request;
• where an automated-decision has material impacts on your rights and interests, the right to request explanation on the processing and not being subject to a decision based solely on automated processing; and
• the right to complain and report illegal personal information processing activities to competent regulators.
If you wish to exercise any of the abovementioned rights, you can do so at any time by contacting us at [email protected]. We will respond to your requests in accordance with applicable data protection laws.
If you are located in Japan, please click here.
If you wish to request the notification, disclosure, correction, addition or deletion, discontinuance of use, discontinuance of provision to a third party or of complaint responses in relation to your personal data, you can do so at any time by contacting us using the contact details provided under section 12 (“HOW TO CONTACT US”). We will respond to your requests in accordance with applicable data protection laws.
12. How To Contact Us
If you are located in the United Kingdom or the European Union, please click here for the relevant contact details.
If you are located in the DIFC, please click here for the relevant contact details.
If you are a California resident, please click here for the relevant contact details.
If you are located in China, Japan or Singapore, please email us at [email protected].