Welcome to the Glass Lewis Privacy Statement.
Glass Lewis & Co, LLC and its subsidiary companies are referred to collectively in this Privacy Statement as the Glass Lewis Group. The legal entities within the Glass Lewis Group are Glass Lewis Europe Limited, GL&M UK, Ltd., CGI Glass Lewis Pty. Ltd., IVOX Glass Lewis GmbH and GL&M Japan GK. This Privacy Statement is issued on behalf of the Glass Lewis Group so when we mention Glass Lewis, “we”, “us” or “our” in this Privacy Statement, we are referring to the relevant company in the Glass Lewis Group which is responsible for processing your data and which acts as your data controller. In most cases your data controller will be the Glass Lewis entity which is referenced in our communications and interactions with you, including where you purchase a product or service from us. If you are not clear who your data controller is, in any given scenario, please let us know by contacting us using the details set out in the HOW TO CONTACT US section below.
Glass Lewis respects your privacy and is committed to protecting your Personal Information. This Privacy Statement will inform you as to how we collect, process and look after your Personal Information, when you interact with us via our website https://www.glasslewis.com/ (“Glass Lewis Site”), our online Viewpoint platform accessible at https://viewpoint.glasslewis.com/ (“Viewpoint”), our research portal accessible at www.glasslewis.net, (the “GL Research Portal”), any other website or platform under our control, (collectively “Our Sites”) or by any other means (for example, when you complete application forms, sign up to receive Glass Lewis publications, or purchase our goods or services), This Privacy Statement aims to tell you about your privacy rights and how the law protects you. Our privacy practices may vary among the countries in which we operate to reflect local practices and legal requirements, including the General Data Protection Regulation, or GDPR (“Applicable Data Protection Laws”).
This Privacy Statement does not apply to information you submit to websites not controlled by Glass Lewis, even if linked to the Glass Lewis Site, including third party providers of webinar services offered to users of the Glass Lewis Site. You should read and understand the privacy policies applicable to such third-party sites and service providers.
2. THE DATA WE COLLECT ABOUT YOU
Personal Information, or personal information, means any information about an individual from which that person can be identified (“Personal Information”). It does not include data where the identity has been removed (anonymous data). We may collect, use, store and transfer different kinds of Personal Information about you as set out below:
Identity Data. Certain of our products and services may require that you register an account with us to access Viewpoint and the GL Research Portal or you may sign up to receive certain publications and information from Glass Lewis. You also may contact us by e-mail through via Our Sites. In either case, you may be asked to provide us with Personal Information, such as your name, address, telephone number, email address, employer’s name and your title. We use this information in order to issue you with a username and password, provide you with the publications, information, products and services you requested and to respond to your comments and questions about our services and this site. We may also use your Personal Information to send you additional information that we believe may be of interest to you, but we shall only do so where this is permitted under Applicable Data Protection Laws.
Financial and Transaction History Data: In some cases we will collect and process bank account and payment card details to facilitate the purchase of goods or services you request from us, and will keep details of products and services you have purchased from us. However, we expect payment and transaction history will usually relate to the company you work for and in such cases, no Personal Information may, in fact, be present.
Marketing and Communications Data: We collect your preferences in receiving marketing from us and our third parties and your communication preferences.
Aggregated Data: We may collect statistical or demographic data for any purpose. Aggregated Data may be derived from your Personal Information but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your Personal Information so that it can directly or indirectly identify you, we treat the combined data as Personal Information which will be used in accordance with this Privacy Statement.
Personal Information collected from Third Party Sources: We collect publicly available information, including from filings companies are required to make by law, about individuals who sit on public company boards as directors, chairs, or other positions, as part of our research process. This information could include: name, age, gender, current and past employment positions including public companies where they serve as a director or executive officer, compensation, among other attributes and this information is stored in Glass Lewis’ databases and used to draft research analysis.
Save as may be mentioned explicitly above, we do not collect any Special Categories of Personal Information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
4. HOW WE USE YOUR PERSONAL INFORMATION
We will only use, process and transfer your Personal Information when the law allows us to. Most commonly, we will use, process and transfer your Personal Information in the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. Such legitimate interests may include improving our client customer service and support as well as enhancing and developing our products and services, IT-systems and processes used to support our products and services and the marketing and sale thereof.
- Where we need to comply with a legal or regulatory obligation.
Note that we may process your Personal Information for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us using the details set out in the HOW TO CONTACT US section if you need details about the specific legal ground we are relying on to process your Personal Information.
Given the specific purposes for which we envisage using your Personal Information, under the provisions of Applicable Data Protection Law we do not anticipate being required to obtain your consent to do so, save for where we wish to use your Personal Information to provide you with marketing or information about products and services which may be of interest to you, and we are required by Applicable Data Protection Law to seek your consent before we do so. Should we wish to use your Personal Information for other specific purposes that require your consent, we will contact you to request this.
We will only use your Personal Information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
If we need to use your Personal Information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your Personal Information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
5. DISCLOSURES OF YOUR PERSONAL DATA
- We may share your Personal Information in the following scenarios:
- where we have your consent to do so; or
- when we believe in good faith disclosure is required by law, or
- to third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets, in which case the new owners may use your Personal Information in the same way as set out in this Privacy Statement, or they may provide you with a new Privacy Statement, or
- to other members of the Glass Lewis Group; or
- to third parties who are providing services to Glass Lewis as needed to provide such services and subject to appropriate confidentiality and data protection obligations; or
- where your Personal Data is taken from publicly available information, including from filings companies are required to make by law, as part of our research process.
We do not allow our third-party service providers to use your Personal Information for their own purposes and only permit them to process your Personal Information for specified purposes and in accordance with our instructions.
Visitor Information or Aggregated Data (as defined above) may be provided to third parties at Glass Lewis’s discretion so long as the information is not linked to your Personal Information.
6. INTERNATIONAL TRANSFERS
Glass, Lewis & Co., LLC is a U.S. company and the Glass Lewis Site is hosted within the United States. By providing any Personal Information to the Site, please note you will be exporting such Personal Information outside of the EEA for collection, processing, transfer, and storage of such information in the United States and any other country where Glass Lewis or its service provider maintains offices, and such country may have a different level of privacy protection than the protection available under your local law.
Where a member of the Glass Lewis Group based within the European Economic Area (EEA) is, or becomes, responsible for processing your Personal Information as a controller (“European Glass Lewis Member”), it may need to transfer your data outside of the European Economic Area (“EEA”). This will be the case where it shares your Personal Information within the Glass Lewis Group, or with an external third-party partner or service provider which is based outside the EEA,
Whenever a European Glass Lewis Member transfers your Personal Information out of the EEA, it will ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- It will only transfer your Personal Information to countries that have been deemed to provide an adequate level of protection for Personal Information by the European Commission; or
- It will ensure the recipient of your Personal Information agrees to be bound by a specific contract approved by the European Commission which give Personal Information the same protection it has in Europe (“EU Standard Contractual Clauses”). For further details, see https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en; or
- Where the recipient is a U.S. company, it will ensure that recipient has signed up to the Privacy Shield which requires them to provide similar protection to Personal Information shared between the Europe and the US.
Please contact us using the details set out in the HOW TO CONTACT US section if you want further information on the specific mechanism used by us when transferring your Personal Information out of the EEA.
7. OPTING OUT OF MARKETING
Our Sites provide current subscribers the opportunity to opt-out of receiving email from us at any time, to update your email subscription information and to review and request changes to your Personal Information that Glass Lewis has collected through the Glass Lewis Site. To do so, please click here or follow the instructions contained in any email sent from the Glass Lewis Site. You may also notify us of your opt-out request by contacting us using the details set out in the HOW TO CONTACT US section.
8. SECURITY MEASURES
We implement appropriate technical and organizational measures designed to protect against unauthorized access to Personal Information under our control, including physical, electronic and procedural safeguards. However, please be aware that, despite these efforts, data transmission over the Internet is inherently insecure and we cannot guarantee the security of information transmitted or provided through the Glass Lewis Site.
9. HOW LONG WILL YOU USE MY PERSONAL INFORMATION FOR?
We will only retain your Personal Information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for Personal Information, we consider the amount, nature, and sensitivity of the Personal Information, the potential risk of harm from unauthorized use or disclosure of your Personal Information, the purposes for which we process your Personal Information and whether we can achieve those purposes through other means, and the applicable legal requirements.
For further information as to any specific retention periods that might apply to Personal Information we hold about you, please contact us using the details set out in the HOW TO CONTACT US section.
In some circumstances you can ask us to delete your data: see the YOUR LEGAL RIGHTS section below for further information.
10. YOUR LEGAL RIGHTS
Under Applicable Data Protection Laws, you may have the right, in certain cases, to request access to your Personal Information that we process, to request details about such Personal Information, including the purposes and potential recipients of this data, to have such Personal Information rectified or deleted, to have the processing thereof restricted, or to object to the processing of your Personal Information, as well as to request a copy of your Personal Information in a standardized format so that it can be provided to another vendor.
You may also have the right to lodge a complaint with your national data protection authority or other public authority governing the protection of your personal information.
Further rights are covered in the EU Standard Contractual Clauses referenced in the INTERNATIONAL TRANSFERS section above.
To exercise these rights, or for further information as to which rights apply to you, please contact us using the details set out in the HOW TO CONTACT US section.
Where we need to collect Personal Information by law, or under the terms of a contract we have with you and you fail to provide that data when requested, or exercise your rights to object to, or delete, or have restricted, the processing of your Personal Information, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
11. REQUESTING ACCESS TO YOUR PERSONAL INFORMATION
Where you have the right to access your Personal Information under Applicable Data Protection Law, you will not have to pay a fee to access your Personal Information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
Should you be entitled to exercise this right, we may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Information (or to exercise any of your other rights). This is a security measure to ensure that Personal Information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one (1) month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
We may change this Privacy Statement from time to time, and such changes will be effective upon posting the amended terms to the Glass Lewis Site. The date of update is specified at the beginning of these Terms.
If any provision of these Terms, including the Privacy Statement, is found to be void or unenforceable, such provision shall be severed and all other provisions shall remain in force.
14. HOW TO CONTACT US
As Glass Lewis does not process Personal Information on a large scale, Glass Lewis is not required to designate a statutory data protection officer under the GDPR. However, if you have any questions about this Privacy Statement, please contact us via e-mail at email@example.com.
Alternatively, please contact us at the following address:
Glass, Lewis & Co., LLC
SVP and General Counsel
255 California Street, Suite 1100
San Francisco, California 94111
Tel: +1 415 678 4256
Updated May 18, 2018