Privacy Notice

Rimkus Consulting Group, Inc. and our affiliates (“Rimkus”) respect your privacy and are committed to protecting it.

Effective: June 27, 2022

Rimkus Consulting Group, Inc. and our affiliates (“Rimkus”) respect your privacy and are committed to protecting it. 

This Privacy Notice (or “Notice”) explains how we collect, use, disclose, and protect information that we collect about you, and your rights with respect to that information. 

This notice covers information we collect from or about you when you give it to us or visit our website (https://www.rimkus.com). It also covers information that we may receive from other persons or companies who have received your information and shared it with us pursuant to our services. 

We do not sell covered information (as “sale” is defined by applicable privacy laws).

If in any matter our privacy practices differ from those explained in this Notice, we will let you know at the time we ask for or collect your information.

Quick links

What information we collect

Our intention is to limit our personal information/personal data collection to only what is needed to perform our assignments. The quantity and scope of that information varies by the type of assignment being undertaken. Accordingly, personal information/personal data collected or received may include but not be limited to:

  • General identification and contact information, such as your name, address, e-mail, and telephone number.
  • In the course of processing job applications for employment at Rimkus we receive identification numbers issued by federal or state governments including, but not limited to, Social Security number and driver’s license number, and sometimes we also receive this information in the course of rendering services to Rimkus’s clients. 
  • Any information you provide us via correspondence, including but not limited to e-mail, voicemail, and recordings of telephone calls to our staff and offices. 
  • For clients receiving Rimkus’s services, we receive payment information.
  • Pursuant to rendering certain services to Rimkus’s clients, we may occasionally receive information about an individual’s current or former physical, mental, or medical condition, health status, injury or disability, or medications consumed. 
  • Information from Rimkus’s subsidiaries including assignment information.
  • Information from Rimkus’s clients regarding assignments we undertake for them and through which the personal information is provided for our use in rendering services.
  • Technical information from website visitors, including internet protocol (IP) address, login information (user name/password), browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website. 

Some of the information we collect about you may be personal information or personal data, that can be used to identify you including, for example, your name, email address, mailing address, or delivery address. In some jurisdictions, certain unique identifiers like IP addresses and other usage or technical information may be considered personal information. Personal information does not include data where your identity has been removed so that we can no longer identify you (anonymous data), which we may use for any purpose.

Children’s online privacy

Our website is not intended for children under 16 years of age. No one under the age 16 may provide any information to or on the website. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on this website. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at privacy@rimkus.com.

How we collect your information

We collect information from and about you in the following ways:

  • When you provide it to us. You may give us information about you by filling in forms or by communicating with us by email or otherwise. 
  • From our websites and emails. As you interact with our website or emails, we may automatically collect technical information about your equipment, browsing actions, and patterns. We collect this information by using cookies, server logs, web beacons, and other similar technologies. Our Cookies and automatic data collection technologies section contains more information and options to control or opt out of certain data collection or uses.
  • From others. We may receive information about you from third parties including, for example, our affiliated companies, business partners, subcontractors, analytics providers, and service providers. 

Cookies and automatic data collection technologies

Our website uses automatic data collection technologies to distinguish you from other website users. This helps us deliver a better and more personalized service when you browse our website. It also allows us to improve our website by enabling us to:

  • Estimate our audience size and usage patterns.
  • Store your preferences so we may customize our website according to your individual interests.
  • Speed up your searches.
  • Recognize you when you return to our website.

We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). For more information, see Interest-based advertising. 

The technologies we use for this automatic data collection may include:

  • Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. For information about managing browser settings to refuse cookies, see Your rights and choices section.
  • Flash Cookies. Certain features of our website may use Flash cookies (local stored objects) instead of browser cookies to collect and store information about your preferences and navigation to, from, and on the website. For information about managing Flash cookies see Your rights and choices.
  • Web Beacons. Our website pages, advertisements, and e-mails may contain small transparent embedded images or objects known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count website page visitors or email readers, or to compile other similar statistics such as recording website content popularity or verifying system and server integrity. For information about managing web beacons, see Your rights and choices.

Depending on which website this Notice is posted on, we may use Google Analytics to provide certain analytics services for us. More information about Google Analytics can be found in the Google Analytics Terms of Use and the Google Analytics Privacy Policy.

We do not respond to or honor “do not track” (a/k/a DNT) signals or similar mechanisms transmitted by web browsers.

How we use your information

  • We may use your information to conduct our business operations including for the following purposes:
  • To render services or execute transactions, such as providing information about our business to you, processing orders for services, and providing services.
  • To create and manage your account. 
  • To provide you with the information or support that you request from us.
  • To improve our website, services, marketing, customer relationships, and experiences.
  • To develop new services.
  • To manage our relationship with you which may include notifying you about changes to our Privacy Notice or addressing any concerns you may have about our services.
  • To manage the process of hiring and retaining new employees.
  • To provide you with the information, services, or support that you request from us or to fulfill any other purpose for which you provide it.
  • To deliver relevant content, advertisements, and messaging to you and to measure or understand the effectiveness of such content, advertisements, and messaging.
  • To carry out our obligations and enforce our rights and to protect our website, clients, and other individuals including protecting against or identifying possible fraudulent transactions.
  • With your permission, we may use your information to inform you of services available from Rimkus. We will provide you with the opportunity to opt out of receiving such communications.
  • For any other purpose as may be permitted by law. 

We may use information that is not personal information for any purpose. For example, we may aggregate usage data from many people in a way that does not identify any individuals to calculate the percentage of users accessing a feature on the website.

Disclosure of Your Information

We may share non-personal information without restriction. We may share your personal information with:

  • Any member of our corporate group, which means our parents and subsidiaries.
  • To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them. 
  • To our business partners who provide services on our behalf but who may also use the information, we provide for their own commercial purposes. For example, some of our advertising partners may use the information to market other parties’ products and services to you. For more information see Interest-based advertising.
  • To public or government (including enforcement) authorities.
  • To an actual or prospective buyer or other successors in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, where one of the transferred assets is the personal information we hold.
  • To fulfill the purpose for which you provide it. 
  • For any other purpose as may be permitted by law or that we describe when you provide the information. 

We may also disclose your personal information:

  • To comply with any court order, law, or legal process, including responding to any government or regulatory request.
  • To enforce our agreements with you.
  • To protect the rights, property, or safety of our business, our employees, our clients, or others. This includes exchanging information with other companies and organizations for the purposes of cybersecurity, fraud protection, and credit risk reduction.
  • To investigate suspected violations of any law, rule, or regulation, or the terms or policies for our website.

Interest-based advertising

Some content or applications on our websites, including advertisements, are served by third parties, including advertisers, ad networks, servers, content partners, or application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our website. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content. Our partners may use non-cookie technologies on which browser settings that block cookies might have no effect. Your browser may not permit you to block such technologies. 

For this reason, keep in mind, you can block the collection and use of information related to you by advertising companies for the purpose of serving interest-based advertising by visiting the following platforms of self-regulatory programs of which those companies are members:

  • The NAI’s opt-out platform is available here.
  • The DAA’s opt-out platform is available here. 
  • For Canadian residents, the DAA’s opt-out platform is available here. 

Third Party Content, Apps, and Links

Some content or applications on our websites may be served by third parties, content providers, and application providers including the following:

Plugins.

Our website makes available the option for you to use “plugins” that are operated by social media companies. If you choose to use one of these plugins, then it may collect information about you and send it back to the social media company that owns it. This may happen even if you do not click on the plugin if you are logged into the social media website that owns the plugin when you visit our website. Information collected by a plugin is subject to the privacy policy and terms of the social media company that makes it. If you do not want the social media company that owns a plugin to collect information about you when you visit our website, sign out of the social media network before visiting. By interacting with a plugin when you are on our website (for example, clicking the Facebook “Like” button), you are intentionally transferring information to that social media company. Further, if you are logged into a social media website when you visit our websites, then you are directing us to share your data with the social media company that owns the plugin.

Third-party links.

Our website may contain links to other sites, which we do not control. Those websites have their own privacy policies and terms.

Your Rights and Choices

Your rights may vary depending on where you are located. We have created mechanisms to provide you with the following control over your information.

  • Marketing. With your permission, we may use your information to inform you of services available from Rimkus. We will provide you with the opportunity to opt out of receiving such communications.
  • Accessing, Updating, and Deleting Your Information. If you are a current client and have registered to use our Client Portal, you may have the ability to access your information and make updates to or delete your data. If not, you can contact us as set forth in the Contact Us section below to request access to, correction of, or deletion of personal information that you have provided to us. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or negatively affect the information’s accuracy. 
  • Cookies and Automatic Data Collection Technologies. You can set your browser to refuse all or some browser cookies or to alert you when websites set or access cookies. Flash cookies are not managed by the same browser settings as are used for browser cookies. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe’s website. However, if you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. If you do not want Google Analytics to be used in your browser, Google Analytics provides an opt-out tool which can be found here. In some cases, you may be able to set your browser or email program to not download web beacons.
  • Interest-Based Advertising. Please see Interest-based advertising above for information on how to opt out of interest-based advertising.
  • California Residents. If you are a California resident, you may have additional rights and choices with regard to your personal information. Please see Your California privacy rights for more information.
  • Nevada Residents. If you are a Nevada resident, please see our Nevada privacy section below for more information on our information practices. 
  • Canadian Residents. If you are a resident of Canada, please see our Canadian privacy section below for more information about our information practices.
  • EU/UK Residents. If you are a resident of the European Union or the United Kingdom, please see our EU/UK privacy section below for more information on our information practices.

Data Security

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. To ensure that our data handling and general security practices meet the highest standard, we have achieved ISO 27001 certification.

The safety and security of your information also depend on you. Where we have given you (or where you have chosen) a password for access to certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. 

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the website.

California privacy rights

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to privacy@rimkus.com.

Nevada privacy rights

Nevada residents have the right to opt-out of the sale of certain “covered information” collected by operators of websites or online services. We currently do not sell covered information, as “sale” is defined by such law, and we do not have plans to sell this information.

Canada privacy rights (French translation)

We comply with applicable Canadian privacy laws and regulations, including the Personal Information Protection and Electronic Documents Act (PIPEDA), in connection with processing Canadian personal information.

We will only use your personal information for the purposes described in this privacy policy unless (1) we have obtained your consent to use it for other purposes; or (2) we are otherwise permitted or required by the applicable law to use it for such other purposes.

Transferring your personal information outside of Canada

We may transfer personal information that we collect, or that you provide, to third parties (including affiliates, service providers, and others) as described in the How We Use Your Information and Disclosure of Your Information sections above.

We may process, store, and transfer your personal information in and to a foreign country, with different privacy laws that may or may not be as comprehensive as Canadian law, such as to the United States. In these circumstances, the governments, courts, law enforcement, or regulatory agencies of that country may be able to obtain access to your personal information through the laws of the foreign country. 

You are welcome to contact us if you have questions regarding the collection, use, disclosure, or storage of personal information by our service providers and affiliates outside Canada, and/or to obtain access to written information about our policies and practices with respect to service providers (including affiliates) outside Canada. 

For questions about our privacy practices, please contact privacy@rimkus.com as directed in the Contact Us section of this policy.

Data Retention

Your personal information will be kept in Canada and the United States and accessible to our employees and service providers who have a “need to know” such information for the purposes described in this privacy policy.

Except as otherwise permitted or required by applicable law or regulation, we will only retain your personal information for as long as necessary to fulfill the purposes for which we collected it, and/or for the purposes of satisfying any legal, accounting, or reporting requirements. Under some circumstances, we may anonymize your personal information so that it can no longer be associated with you, either directly or indirectly, alone or in combination with any other information. We reserve the right to use such anonymous and de-identified data for any legitimate business purpose without further notice to you or your consent.

Accessing and correcting your personal information

By law, you have the right to request access to and to correct or rectify the personal information that we hold about you, subject to certain exceptions as required or permitted by applicable law.

You can review and change your personal information by logging into the Client Portal and visiting the pages that correspond to the information you want to review and change.

If you want to access, review, verify, correct, rectify, update, or withdraw consent to the collection, use, or disclosure of your personal information you may also contact us as directed in the Contact Us section of this Notice to make such a request. 

We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

We may request specific information from you to help us confirm your identity and your right to access and to provide you with the personal information that we hold about you or make your requested changes. Applicable law may allow or require us to refuse to provide you with access to some or all the personal information that we hold about you, or we may have destroyed, erased, or made your personal information anonymous in accordance with our record retention obligations and practices. If we cannot provide you with access to your personal information, we will inform you of the reasons, subject to any legal or regulatory restrictions.

We will provide access to your personal information, subject to exceptions set out in applicable privacy legislation. Examples of such exceptions may include (without limitation):

  • Information is protected by solicitor-client privilege.
  • Information that is part of a formal dispute resolution process.
  • Information that would reveal the personal information or confidential commercial information of another person.
  • Information that is prohibitively expensive to provide.

If you are concerned about our response or would like to correct the information provided, you may contact us as described in the Contact Us section of this Privacy Notice.

Le droit à la vie privée du Canada

Nous sommes en conformité avec a Loi sur la protection des renseignements personnels et les documents électroniques (LPRPDE) est la loi fédérale sur la protection de la vie privée dans le traitement des renseignements personnels des Canadiens.

Nous utiliserons vos renseignements personnels seulement dans le cadre des usages décrites dans la présente politique de la vie privée, à moins de (1) obtenir votre consentement à l’utilisation à d’autres fins; ou (2) si nous sommes par ailleurs permis ou obligés par la loi applicable à les utiliser à ces autres fins.

Transferts de vos renseignements personnels à l’extérieur du Canada

Il est possible que nous transmettions les renseignements personnels que nous recueillons, ou ceux que vous nous avez fournis, à des tierces parties, (y compris à des sociétés affiliées, des fournisseurs de service et autres), tel que mentionné dans les sections ci-dessus Comment nous utiliserons vos renseignements et la divulgation de ces renseignements. 

Nous pouvons traiter, conserver et transférer vos renseignements personnels dans et vers un pays étranger, dont les lois sur la protection des renseignements personnels peuvent être différentes et peuvent ne pas être aussi compréhensives que les lois Canadiennes, notamment celles des États-Unis. Dans ces circonstances, les gouvernements, les tribunaux, organismes d’application de la loi et agences du cadre réglementaire de ce pays pourraient accéder à vos renseignements personnels en vertu des lois du pays étranger.

Veuillez nous contacter si vous avez des questions sur la collecte, l’utilisation, la divulgation ou la conservation des renseignements personnels par nos fournisseurs de services et nos sociétés affiliées à l’extérieur du Canada, et/ou pour obtenir l’accès à des renseignements écrits sur nos politiques et pratiques en ce qui concerne les fournisseurs de services (y compris ses sociétés affiliées) à l’extérieur du Canada. 

Pour toutes questions concernant nos pratiques en matière de protection de la vie privée, veuillez contacter privacy@rimkus.com tel qu’indiqué dans la section “Nous joindre” de la présente politique.

Conservation des données

Vos renseignements personnels seront conservés au Canada et aux États-Unis et accessibles à nos employés et à nos fournisseurs de services qui ont “besoin de connaître” ces renseignements aux fins décrites dans la présente politique de confidentialité.

Dans la mesure où la loi ou la réglementation applicables ne le permettent pas ou ne l’exigent pas, nous ne conserverons vos renseignements personnels que pendant la période nécessaire pour atteindre les objectifs pour lesquels nous les avons recueillis, et/ou pour satisfaire à toute obligation légale, de comptabilité ou de déclaration. Dans certaines circonstances, nous pouvons anonymiser vos renseignements personnels afin qu’ils ne puissent plus être associés à vous, soit directement ou indirectement, soit seuls ou en combinaison avec tout autre renseignement. Nous nous réservons le droit de l’utilisation de ces données anonymes et dépersonnalisées à des fins commerciales légitimes sans autre préavis ni consentement de votre part.

Accès et modification de vos renseignements personnels

En vertu de la loi, vous avez le droit de faire une demande pour accéder et modifer les renseignements personnels que nous conservons sur vous et sous réserve de quelques exceptions exigées ou autorisée par la loi applicable.

Vous pouvez consulter et modifier vos renseignements personnels en vous connecter dans le Portail Client et consulter les pages qui correspondent aux renseignements que vous souhaitez voir et modifier.

Si vous souhaitiez consulter, vérifier, modifier, corriger, ou mettre à jour vos renseignements personnels, ou encore annuler votre consentement relativement à la récolte, à l’utilisation ou la divulgation de vos renseignements personnels, vous pouvez également nous joindre tel que mentionné à la section ” Nous joindre ” dans cet avis pour soumettre votre demande. 

Nous nous réservons le droit de ne pas accorder une modification de ces renseignements si nous soupçonnons que cette modification représente un risque de non-respect de la loi ou d’une autre exigence légale ou que les renseignements sont inappropriés.

Il est possible que nous demandions des renseignements supplémentaires pour nous aider à vérifier votre identité et votre droit d’accès, et à vous fournir les renseignements personnels que nous possédons à propos de vous, ou à apporter les modifications que vous nous avez demandées. La loi applicable peut nous permettre ou nous imposer de vous refuser de vous fournir l’accès à tout ou en partie aux renseignements personnels que nous possédons sur vous, ou bien nous pouvons les avoir détruites, supprimées ou anonymisées en conformité avec les pratiques et les obligations en ce qui concerne la conservation des dossiers. Si nous ne sommes pas en mesure de vous fournir l’accès à vos renseignements personnels, nous vous communiquerons les motifs de cette décision, sous réserve de toute restriction légale ou réglementaire.

Nous accordons l’accès à vos renseignements personnels, à condition que les exceptions définies par la législation applicable en ce qui concerne la protection de la vie privée soient respectées. Voici quelques-unes de ces exceptions (sans limitation):

  • Les renseignements qui sont protégés par le privilège avocat-client.
  • Les renseignements qui font parties d’un procès formel de la résolution d’un conflit.
  • Les renseignements qui peuvent divulguer des renseignements personnels ou des renseignements commerciaux confidentiels concernant une autre personne.
  • Les renseignements dont le coût implique des coûts prohibitifs

Si vous êtes concernés par cette réponse ou si vous souhaitez modifier les renseignements qui vous ont été transmis, vous pouvez nous joindre comme indiqué dans la section ” Nous joindre ” de cet avis de confidentialité.

EU-UK Privacy Rights

If you are in the European Union, European Economic Area, United Kingdom, or are otherwise subject to the General Data Protection Regulation, then this section of our Privacy Notice applies to you.

Data controller

The data controller of such processing is Rimkus Consulting Group, Inc.

Additional information about data we collect about you

Although we do not intend to collect any special categories of personal data about you, it is possible that our clients may share health or criminal offense/conviction information with us in a specific assignment. For example, health information about an individual injured in an auto accident, and information as to any accompanying police investigations and citations, may be received by us from our client pursuant to our services in a biomechanical engineering assignment or toxicology assignment.

Lawful basis

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract, we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests, potentially including uses such as determining the success of our services and for determining marketing performance to share relevant information and offers about our products with clients and potential clients.
  • Where we need to comply with a legal obligation.

Generally, we do not rely on consent as a legal basis for processing your personal data although we will get your consent before sending third-party direct marketing communications to you. You have the right to withdraw consent to marketing at any time by contacting us.

Your data subject rights

Data subjects have the right, at any time, to request access to, rectification or erasure of his/her personal data, or restriction or objection to processing, as well as the right to data portability, or to withdraw the consent given by addressing a written communication to: Peter S. Poland, General Counsel, Rimkus Consulting Group, Inc., 12140 Wickchester Lane, Suite 300, Houston, Texas 77079, or by sending an e-mail to: privacy@rimkus.com to the attention of the privacy officer, providing a copy of your identity document, or any document proving your identity.

Rimkus reserves the right to verify the truthfulness of personal data provided at any time.

Rimkus does not use any type of automated process for profiling purposes.

Data retention

We will only retain your personal data for as long as reasonably necessary to fulfill the purposes we collected it for, including the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation with respect to our relationship with you.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. In any event, we do not intend to hold the data for more than 10 years.

Transfer of Data

Your personal data may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction.

If you are located in the EU, EEA, or UK and choose to provide information to us, please note that we may transfer the data, including personal information, to the United States and process it there.

Your consent to this Privacy Notice followed by your submission of such information represents your agreement to that transfer.

Rimkus will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Notice and no transfer of your personal information will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

Changes to our Privacy Notice

We will post any changes we may make to our Privacy Notice on this page. The date the Privacy Notice was last revised is identified at the top of the page. You are responsible for periodically visiting this page to check for any changes.

Contact Us

If you have any comments or questions about our Privacy Notice, please reach out to our Privacy Counsel at privacy@rimkus.com

You may also write to:

Attention: Privacy Counsel

Rimkus Consulting Group, Inc.

12140 Wickchester Lane, Suite 300

Houston, TX 77079