Privacy Policy

Applicability of this policy

In this Privacy Policy (“Policy”), “EisnerAmper” “our”, “we” or “us” refers to EisnerAmper LLP and the EisnerAmper Entities at Exhibit A.

This Policy applies to visitors to the www.eisneramper.com website and all websites linked to this website and/or controlled by EisnerAmper LLP (identified at Exhibit B) (collectively, the “Site”), except as otherwise noted.  If you are present in the European Union, U.K. or Switzerland when you access the Site, please refer to the European Economic Area and Switzerland Privacy Addendum. If you are present in the Cayman Islands when you access this Site, please also refer to the Cayman Islands Addendum. If you are a California resident, please refer to the California Addendum.

EisnerAmper is committed to maintaining the privacy and security of your personally identifiable information.  As part of our commitment to information privacy, we have adopted this Privacy Policy to inform you of our information gathering practices and the ways in which we may use the information we receive. This Policy applies to all personal information submitted to us for use with or in connection with its Site located at www.eisneramper.com.  By using the Site, including providing your personal information to us on the Site, you consent to the collection, use, processing, and disclosure of that information in accordance with this Policy. 

Information We Collect and How We Use It

Personal Information. We gather Personal Information about you in order to respond to your requests and provide you with appropriate information about our products, services, and events.  For purposes of this Policy, “Personal Information” means any information by which you can be identified, including name, postal address, e-mail address, location IP address and telephone number.  In connection with the application of U.S. Data Protection Laws, this term shall be defined only as broadly as set forth in such laws to the extent applicable to the Site visitor or as otherwise provided in this Policy.  

Personal Information is collected and used in the following ways:

Requests for Information: When you enter information into the “Contact Us” online inquiry form on the Site to request general information about our products, services, and events, or to register for an event, you may be required to provide some or all of the following Personal Information: name, email address, company name and location, title, telephone contact information. 

Submission of Requests for Information about Jobs: When you submit an application through the Site or send a message to the email address listed on the Site for Human Resources. Our privacy policy for employment applicants is included through a link at the Career page on the Site.

  • Contacting Us by E-mail: When you send us an e-mail from the Site, you may be required to provide some or all of the following Personal Information: name, email address, company name and address, title, telephone contact information.  We may use this information to respond to your requests, including retaining the information you provide, the content of your e-mail, our response, and any follow-up questions and further requests and inquiries you may have.  We may also use information sent by e-mail for market research and to improve our products and services.
  • Employment: If you choose to apply for employment with us online, you will be required to provide your name, address, contact information and work authorization status, and upload a resume or curriculum vitae (CV).  We will only use this information to match you with available employment opportunities.

We may use this information to respond to your requests, including retaining information in order to better respond to further requests or inquiries we receive from you.  We may also send you information from time to time regarding products, services and events that we think may be of interest to you. Please refer to “Opting out” if you do not wish to receive such information or wish to change your preferences.

The extent and type of Personal Information we collect depends on the information you provide to us, such as through our e-mail and/or through the registration processes on the Site. You may choose not to provide us with any Personal Information.

Statistical Data.  To monitor utilization of the Site and continuously improve its quality, we may compile statistical information concerning the usage of the Site using analytics services, such as those provide by Google Analytics. Examples of this information would include: the number of visitors to the Site, or to sections or pages within the Site, patterns of traffic flowing through the Site, length of time spent on a page, visual heat maps, and captured screen records of user sessions.

The analytics services may transfer this information to third parties in case of a legal obligation or if a third party processes data on behalf of that service. To compile this information, we may collect and store:

  • Your IP address
  • Your operating system and platform
  • Your browser type and version
  • Time zone setting
  • Browser plug-in types and versions
  • The pages you visit within the Site
  • Data provider
  • The length of time you spend on pages within the Site
  • The site from which you linked to ours
  • Search terms you used in search engines which resulted in you linking to the Site, etc.

While all of this information can be associated with the IP address your computer had while you visited the Site, it will not be associated with you as an individual, or associated with any other information you may submit through the Site, or that we may store about you for any other purposes.  We may use this information to generate aggregate statistics about visitors to our Site. Please check your web browser if you want to learn what information your browser sends or how to change your settings.

Cookies and Other Web Technologies 

We may use technologies such as cookies, pixel tags, and web beacons for purposes including  recognizing you when you return to the Site, improving the quality of the Site and our services, administering the Site, or communicating with you. We may also use cookies for tailoring our products, services and advertising to suit your personal interests or show you relevant ads on other sites.

You may control cookies, including preventing or stopping the installation and storage of cookies, through your browser settings and other tools.  If you do so, our Site may not function correctly. Please refer to the Help feature of your browser for information on disabling cookies.

IMPORTANT: By using the Site, you consent to the processing of any personal data collected by cookies for the analytics purposes and functions described above.

Do Not Track.  “Do Not Track” is a privacy preference that you can set in your Internet search browser that sends a signal to a website that you do not want the website operator to track certain browsing information about you.  However, because our Site is not configured to detect Do Not Track signals from a user’s computer, we are unable to respond to Do Not Track requests. 

To Whom We Disclose Information

We will not share your Personal Information with third parties, except as follows:

  • We will share your Personal Information with some of our affiliates, and business partners and service providers who perform services for us, including in the course of providing services for you.
  • We will share your Personal Information with others when you have given us permission to do so in writing or through user preferences selected on the Site.
  • We will disclose Personal Information without your permission when we believe in good faith that such disclosure is required by law or is necessary to investigate and protect against harmful activity to us, our customers, our employees and others, or its property, including this Site.
  • If EisnerAmper LLP and affiliates, individually or collectively, or a substantial part of their assets are transferred to another entity (by merger, consolidation, sale or bankruptcy process), Personal Information may be one of the assets transferred.
  • We may share aggregate data developed from Personal Information with third parties for research, education or marketing purposes.  Such aggregate data will not include any information that can be used to identify any particular individual. 

Third Party Links and Third Party Integrations

The Site may contain links to other websites maintained by third parties over whom we have no control.  When you click on one of those links, you are accessing a website that is not owned, operated, or controlled by us, and your visits to those websites are not covered by this Privacy Policy.  The operator of such website may have its own privacy policy (which we encourage you to read carefully), and that policy will govern the collection and use of your data on that website.  We do not share your Personal Information with these parties.

We may also provide links to third-party integrations. Third-party integrations are websites or platforms that synchronize with our Site to provide you with additional functionality, chatbots, tools, or services such as accepting job applications, or sending newsletters.  

You agree we are not responsible for the availability of third-party sites, resources, or integrations and do not endorse and are not responsible or liable for any content, advertising, goods, services or other materials on, available through, or provided by such sites, resources, or integrations.  We are not responsible for the privacy or other practices of such sites and cannot guarantee the security of personal information that you provide, or is collected by, such sites. We encourage you to review the privacy policies and terms and conditions on those linked sites and third-party integrations.

Embedded Content and Social Media Plugins

The Site may contain embedded content (e.g., videos). Embedded content may place third-party cookies on your device that track your online activity to enhance your experience or assess the success of their application. We have no direct control over the information these cookies collect and you should refer to their website privacy policy for addition information.

The Site uses social media plugins (e.g., Facebook) to enable you to easily share information with others.  When you visit our Site, the operator of the social plugin can place a cookie on your computer, enabling that operator to recognize individuals who have previously visited our Site.  If you are logged into the social media website (e.g., Facebook) while browsing our Site, the social plugins allow that social media website to share data about your activities on our Site with other users of their social media website.  For example, Facebook Social Plugins allow Facebook to show your Likes and comments on our pages to your Facebook friends.  Facebook Social Plugins also allow you to see your friends’ Facebook activity on our website.  We do not control any of the content from the social media plugins.  For more information about social plugins from other media websites, you should refer to those sites’ privacy and data/information sharing statements/policies.

Our Commitment to Children’s Privacy

We understand the importance of protecting children’s privacy.  For that reason, we do not collect and maintain information from those we actually know are under 13 years of age, and no part of the Site is structured to attract anyone under 13 years of age.

Data Security

EisnerAmper and affiliates will take reasonable precautions to protect Personal Information from loss, misuse and unauthorized access, disclosure, alteration, and destruction.  However, these measures, standing alone, are not sufficient to ensure the security of your Personal Information.  It is also important for you to guard against unauthorized access to your passwords and the unauthorized use of your computer.

Effective Date and Changes to Privacy Policy

This Privacy Policy was effective on June 22, 2018 and is updated as of July 13, 2020.

We reserve the right, at any time and without notice, to add to, change, update, or modify this Privacy Policy simply by posting such change, update, or modification on this Site.  Any such change, update, or modification will be effective immediately upon posting on the Site.  The date in this section will be updated whenever this Privacy Policy is changed.  You agree that we may notify you about material changes in the way we treat Personal Information by placing a notice on the Site.

If you have any additional questions after reading this Policy or would like to give feedback, please e-mail todd.gordon@eisneramper.com

 


European Economic Area, United Kingdom and Switzerland Addendum to Privacy Policy

This Addendum to our Privacy Policy (“EU Addendum”) applies to you only if accessing the Site from within the confines of the European Economic Area, United Kingdom and Switzerland. THIS EU ADDENDUM DOES NOT APPLY TO THE UNITED STATES OF AMERICA OR ANY OF ITS TERRITORIES. 

This EU Addendum applies solely to our processing of the Personal Data of data subjects who are in the European Economic Area, United Kingdom and Switzerland, where they use, browse or interact with the Site. This EU Addendum incorporates the applicable provisions of the general Privacy Policy. If any provision in the general Privacy Policy is inconsistent with this EU Addendum, the terms of EU the Addendum shall apply to the processing of Personal Data subject to this EU Addendum. Terms used in this EU Addendum shall have the meaning ascribed to them by the applicable data protection law, including the definition of Personal Data. 

It is important that you read this EU Addendum together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing Personal Data about you so that you are fully aware of how and why we are using your data. This EU Addendum supplements other notices and privacy policies and is not intended to override them, except as noted.

1.  Controller – EisnerAmper Entities
This EU Addendum is issued on behalf of EisnerAmper LLP and its affiliates identified on Exhibit A (collectively, the “EisnerAmper Entities”).  Reference to “EisnerAmper," we," "us" or "our" in this EU Addendum refers to the relevant company in the EisnerAmper Group responsible for processing your data.  EisnerAmper Entities are the Controllers responsible for Processing your Personal Data collected through this website.  EisnerAmper LLP is responsible for this Site.

We have appointed a data privacy manager who is responsible for overseeing questions in relation to this EU Addendum. If you have any questions about this EU Addendum, including any requests to exercise your legal rights, please contact the data privacy manager using the details set out below.

2.  Contact details
If you have any questions about this EU Addendum or our privacy practices, please contact our data privacy manager in the following ways
Full name of legal entity: EisnerAmper LLP
Name of data privacy manager: Todd Gordon
Email address: todd.gordon@EisnerAmper.com
Postal address: 733 Third Avenue, New York, NY 10017
Telephone: 212.949.8700

3.  Changes to the privacy policy and your duty to inform us of changes
We keep our Policy, including this EU Addendum, under regular review and may modify it from time to time. It is important that the Personal Data we hold about you is accurate and current. Please keep us informed if your Personal Data changes during your relationship with us.

4.  The data we collect about you on or through the Site
Personal Data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

In addition to instances in which we may collect Personal Data about you, as discussed in the Policy we may collect, use, store and transfer different kinds of Personal Data about you which we have grouped together as follows:

  • Identity Data includes first and last name and company name.
  • Contact Data includes email address.
  • Technical Data may include internet protocol (IP) address, geolocation data, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the  devices you use to access this Site.
  • Usage Data may include information about how you use our Site and services.

We may also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your Personal Data but is not considered Personal Data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific Site feature. However, if we combine or connect Aggregated Data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this EU Addendum.

We do not knowingly collect on our Site any Special Categories of Personal Data or Sensitive Data about you, as defined by the applicable data protection law (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, genetic and biometric data, and social security measures).  Nor do we knowingly collect any information about criminal convictions and offences.

5.  If you fail to provide Personal Data

Where we need to collect Personal Data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with services). In this case, we may have to cancel a service you have with us but we will notify you if this is the case at the time.

6.  How is your Personal Data collected?

We use different methods to collect data from and about you including through:

Direct interactions. You may give us your Identity and Contact Data by filling in forms on the Site, or by corresponding with us by email using one of the email addresses posted to the Site. This includes Personal Data you provide when you:

  • Submit a question or comment through the “contact us” feature on the Site; or
  • When you send an email to any email address posted to the Site.

Automated technologies or interactions. As you interact with the Site, we will automatically collect Technical Data about you, your equipment, browsing actions and patterns. We collect this Personal Data by using cookies, server logs and other similar technologies.  We may also receive Technical Data about you if you visit other websites employing our cookies, if any.  We use the following analytics providers to help us understand traffic and manage the Site:

Analytics Product Provider Name (company name) Type of Data Collected
Google Analytics  Google LLC
1600 Amphitheatre Parkway, Mountain View, CA 94043 
Technical Data
Bing Webmaster Tools Microsoft Corporation
1 Microsoft Way, Redmond, VA 98052
Technical Data
Google Console Google LLC
1600 Amphitheatre Parkway, Mountain View, CA 94043
Technical Data

7.  How we use your Personal Data

We will only use your Personal Data when the law allows us to. Most commonly, we will use your Personal Data in the following circumstances:

  • When you submit a request for information on the Site, so that we can respond to your request; 
  • When you submit a comment or provide feedback to us on the Site, so that we can act on the feedback and respond to your comment; 
  • To send you marketing emails using the information you provided to us on the Site;
  • When you submit an inquiry or apply for work through the use of contact details provided on the Site, so that we can process that information and your application, if any;
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; or
  • Where we need to comply with a legal obligation.

Generally, we do not rely on consent as a legal basis for processing your Personal Data although we will get your consent before sending third-party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us or using the ‘unsubscribe’ link in our e-mails to you.

8.  Purposes and Lawful Bases for Which We Will Use Your Personal Data

We have set out below, in a table format, a description of all the ways we plan to use your Personal Data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Note that we may process your Personal Data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your Personal Data where more than one ground has been set out in the table below.

Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest
To register your interest in our services (a) Identity
(b) Contact
(c) Technical 
Performance of a contract with you
To manage our relationship with you which will include notifying you about changes to our terms or privacy policy (a) Identity
(b) Contact
(c) Marketing and Communications 
(a) Performance of a contract with you
(b) Necessary to comply with a legal obligation
(c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) (a) Identity
(b) Contact
(c) Technical
(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise)
(b) Necessary to comply with a legal obligation
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you (a) Identity
(b) Contact
(c) Usage
(d) Marketing and Communications
(e) Technical
Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences  (a) Technical
(b) Usage  
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)

To make suggestions and recommendations to you about goods or services that may be of interest to you
(a) Identity
(b) Contact
(c) Technical
(d) Usage
(e) Marketing and Communications 
Necessary for our legitimate interests (to develop our products/services and grow our business)

9.  Marketing

We strive to provide you with choices regarding certain Personal Data uses, particularly around marketing and advertising. We have established the following Personal Data control mechanisms:

  • Thought Pieces and Legal Updates
    We may use your Identity, Contact, Technical, and Usage Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and information may be relevant for you (we call this marketing).

    You will receive marketing communications from us if you have requested information from us or purchased services from us and you have not opted out of receiving that marketing.
  • Opting out
    You can ask us to stop sending you marketing messages at any time by following the ‘unsubscribe’ link on any marketing message sent to you or by contacting us at any time.

    Where you opt out of receiving these marketing messages, this will not apply to Personal Data provided to us as a result of service we provide to you or to a third party and which may involve your Personal Data.

10. Cookies

As described in our Privacy Policy, Cookies and Other Web Technologies, we use cookies and tracking technologies on our Site for a variety of reasons including to identify you; remember your preferences; help you navigate our Site; sign up for newsletters, emails, and events; analyze how you use the Site; or help us with marketing and advertising.

Essential and Non-essential Cookies. Essential cookies perform activities that help our Site function or help transmit a communication. Non-essential cookies perform activities that are not strictly necessary to help the Site function. Non-essential cookies may include performance cookies to help us understand how visitors use our Site; advertising cookies to help us make advertising more relevant to you; and analytics and research cookies to identify and analyze how visitors use our Site or test different features.

If you are located in the European Economic Area, we may use non-essential cookies only if you consent. You may withdraw your consent at any time. If you do not consent, our Site will not use non-essential cookies and you may continue visiting our Site. Please note that if you do not consent to the use of non-essential cookies, it may affect the convenience of using our Site and we may not be able to provide you the full benefits, features, or services it offers.

The Site has the following essential cookies:

NAME

PROVIDER

PURPOSE

EXPIRY

DATA

__hs_opt_out

HubSpot

This cookie is used by the privacy policy to remember not to ask the visitor to accept cookies again.

13 months

Contains the string "yes" or "no"

__hs_do_not_track

HubSpot

This cookie can be set to prevent the tracking code from sending any information to HubSpot.

13 months

Contains the string "yes".

__hs_initial_opt_in

HubSpot

This cookie is used to prevent the banner from always displaying when visitors are browsing in strict mode.

seven days

 

Contains the string "yes" or "no".

hs_ab_test

HubSpot

This cookie is used to consistently serve visitors the same version of a test page they’ve seen before.

at the end of the session

Contains the id of the A/B test page and the id of the variation that was chosen for the visitor.

<id>_key

HubSpot

When visiting a password-protected page, this cookie is set so future visits to the page from the same browser do not require login again.

14 days

Contains an encrypted version of the password so future visits to the page will not require the password again.

hs-messages-is-open

HubSpot

This cookie is used to determine and save whether the chat widget is open for future visits.

30 minutes

Contains a boolean value of True if present.

hs-messages-hide-welcome-message

HubSpot

This cookie is used to prevent the chat widget welcome message from appearing again for one day after it is dismissed.

one day 

Contains a boolean value of True or False.

__hsmem

HubSpot

This cookie is set when visitors log in to a HubSpot-hosted site.

one year

Contains encrypted data that identifies the membership user when they are currently logged in.

 

hs-membership-csrf

HubSpot

This cookie is used to ensure that content memberships  cannot be forged

at the end of the session

Contains a random string of letters and numbers used to verify that a membership login is authentic.

 

hs_langswitcher_choice

HubSpot

This cookie is used to save the visitor’s selected language choice when viewing pages in multiple languages.

two years

Contains a colon delimited string with the ISO639 language code choice on the left and the top level private domain it applies to on the right. An example will be "EN-US:hubspot.com".

__cfduid

Cloudflare

This cookie is set by HubSpot’s CDN provider, Cloudflare. It helps Cloudflare detect malicious visitors to your website and minimizes blocking legitimate users.

session cookie that lasts a maximum of 30 days

Collects and anonymizes End User IP addresses using a one-way hash of certain values so they cannot be personally identified. The cookie is a session cookie that expires after 30 days.

__cfruid

Cloudflare

Used to identify trusted web traffic.

at the end of the session

Cookie related to rate limiting policies.

The Site has the following non-essential social media cookies. Please the privacy policies for these social media sites for more information:

NAME

PROVIDER

PURPOSE

EXPIRY

UserMatchHistory

 LinkedIn

This cookie is used to track visitors so that more relevant ads can be presented based on the visitor's preferences.

1 month

lidc

LinkedIn

This is a Microsoft MSN 1st party cookie that ensures the proper functioning of this website.

1 day

bscookie

LinkedIn

Used by the social networking service, LinkedIn, for tracking the use of embedded services.

2 years

lang

LinkedIn

.ads.linkedin.com

.linkedin.com

There are many different types of cookies associated with this name. In most cases it will likely be used to store language preferences, potentially to serve up content in the stored language.

Session

li-oatml

LinkedIn

Member indirect identifier for conversion tracking, retargeting, analytics

1 month

personalization_id

Twitter

This cookie carries out information about how the end user uses the website and any advertising that the end user may have seen before visiting the said website.

2 years

IDE

.doubleclick.net

This cookie carries out information about how the end user uses the website and any advertising that the end user may have seen before visiting the said website.

1 year

uuid

 .mathtag.com

This cookie is used to optimize ad relevance by collecting visitor data from multiple websites – this exchange of visitor data is normally provided by a third-party data-center or ad-exchange.

1 year

For additional information regarding our use of cookies on the Site, please see the section above in our general Privacy Policy.  For information on HubSpot, please go to https://knowledge.hubspot.com/reports/what-cookies-does-hubspot-set-in-a-visitor-s-browser.

11.  Change of purpose

We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.  We may also use your Personal Data to send you marketing emails. 

Please note that we may process your Personal Data without your knowledge or consent, in compliance with the rules set forth in this Privacy Policy, where this is required or permitted by law.

12.  Disclosures of your Personal Data

We may share your Personal Data with certain third parties, as required for the operation of our business, which includes processors and sub-processors.

  • We will share your Personal Information with some of our affiliates, and business partners and service providers who perform services for us, including in the course of providing services for you.
  • We will share your Personal Information with others when you have given us permission to do so in writing or through user preferences selected on the Site.
  • We will disclose Personal Information without your permission when we believe in good faith that such disclosure is required by law or is necessary to investigate and protect against harmful activity to us, our customers, our employees and others, or its property, including this Site.
  • We may share aggregate data developed from Personal Information with third parties for research, education, or marketing purposes.  Such aggregate data will not include any information that can be used to identify any particular individual.
  • We may share your Personal Information with third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your Personal Data in the same way as set out in this privacy policy.

We require all third parties to respect the security of your Personal Data and to treat it in accordance with the law. We contract with our third-party service providers to require that they do not use your Personal Data for their own purposes and to authorize them to process your Personal Data for specified purposes and in accordance with our instructions.

13.  International transfers

We may share your Personal Data within the EisnerAmper Group, which may involve transferring your data outside the European Economic Area (EEA), United Kingdom, or Switzerland.

Whenever we transfer your Personal Data out of the EEA, United Kingdom, or Switzerland, we endeavor to ensure a similar degree of protection is afforded to it by following the safeguards set forth in our Privacy Shield Notice.

Please contact us if you want further information on the specific mechanism used by us when transferring your Personal Data out of the EEA, United Kingdom, or Switzerland.

14.  Data retention

We have a data retention policy which dictates how long we retain your Personal Data collected through or on the Site, with the intent that we will retain your Personal Data only for so long as is necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements

  • No fee usually required
    You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
  • What we may need from you
    We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
  • Time limit to respond
    We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

15.  Your Legal Rights

You have the right to:

  • Request access to your Personal Data (commonly known as a "data subject access request"). This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.
  • Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
  • Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your Personal Data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  • Object to processing of your Personal Data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
  • Request restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of your Personal Data in the following scenarios:
    • If you want us to establish the data's accuracy.
    • Where our use of the data is unlawful but you do not want us to erase it.
    • Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims. 
    • You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
  • Request the transfer of your Personal Data to you or to a third party. We will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
  • Withdraw consent at any time where we are relying on consent to process your Personal Data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
  • Not to be subject to automated decisions where the decision produces a legal effect or similarly significant effect.
  • Lodge a complaint with the relevant data protection authority in your jurisdiction (for example the Information Commissioner’s Office in the U.K.).

You may opt out of processing where we rely on our legitimate interest as the lawful basis for processing your Personal Data, unless our legitimate interest is not outweighed by your rights and freedoms.

If you wish to exercise any of the rights set out above, please contact us


European Union, United Kingdom and Switzerland Candidate Applicant Addendum

This Addendum to our Privacy Policy (“EU Applicant Addendum”) applies to data subjects in the European Union, United Kingdom and Switzerland who apply for work with us through our Site or using an e-mail address found on our Site, and should be read in conjunction with the European Union, United Kingdom and Switzerland Addendum to our Privacy Policy (whether as an employee, worker or contractor).

If you have provided your Personal Data to us through our Site for recruitment activities this EU Applicant Addendum is designed to make you aware of how and why your Personal Data will be used, namely for the purposes of the recruitment exercise.

1.  The Kind of Information We Hold About You

In connection with your application to work with us submitted through our Site or using an e-mail address found on our Site, we will collect, store, and use the following categories of Personal Data about you:

  • The Personal Data you have provided to us through our Site or using an e-mail address found on our Site.

2.  How is your Personal Data Collected?

We collect Personal Data about candidates from the following source only:

  • You, the candidate.

3.  How We Will Use Personal Data About You

We will use the Personal Data we collect about you as described herein to:

  • Assess your skills, qualifications, and suitability for the role. 
  • Communicate with you about the recruitment process.

It is in our legitimate interests to decide whether to appoint you to work since it may be beneficial to our business to appoint someone to that role. We also need to process your Personal Data to decide whether to enter into a contract of employment with you.

Having received your submission, we will then process that information to decide whether you meet the basic requirements to be considered for a position with our Firm.

4.  Information About Criminal Convictions

We do not envisage that we will process information about criminal convictions. 

5.  Automated Decision-Making

You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.

6.  Right to Withdraw Consent

When you apply for a role through our Site or using an e-mail address found on our Site, you provide consent for us processing your Personal Data for the purposes of the recruitment exercise. You have the right to withdraw your consent for processing for that purpose at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your application and, subject to our retention policy, we will dispose of your Personal Data in a manner we deem reasonably secure.


Addendum to EisnerAmper LLP Privacy Policy for Users in the Cayman Islands

This Addendum to our Privacy Policy (“Cayman Addendum”) applies to you only if accessing the Site from within the confines of the Cayman Islands. THIS CAYMAN ADDENDUM DOES NOT APPLY TO THE UNITED STATES OF AMERICA OR ANY OF ITS TERRITORIES.

This Cayman addendum is issued on behalf of and is applicable to EisnerAmper LLP, EisnerAmper Fund Services LLC, and EisnerAmper US (Cayman) LTD (referred to collectively as “EisnerAmper” or “we,” “us,” or “our”). We are committed to maintaining the privacy and security of your Personal Data in accordance with applicable data protection laws which may include:

  • with effect from 25 May 2018, the General Data Protection Regulation (Regulation (EU) 2016/679) including any amendments thereto and any applicable consequential national data protection legislation and guidance and codes of practice as may be issued by any relevant European data protection supervisory authority from time to time; and
  • with effect from 30 September 2019, the Cayman Islands Data Protection Law, 2017, (the “DPL”) including any amendments thereto and any associated regulations, guidance notes and/or codes of practice as may be issued by the Ombudsman of the Cayman Islands (the “Ombudsman”) (as the relevant Cayman Islands data protection supervisory authority) from time to time governing the “Processing” of “Personal Data” by us as “Data Controller” under the DPL (as each such term is defined by the DPL).

Should you feel that any Personal Information to which the DPL shall apply has not been handled correctly by us, or you are not satisfied with our responses to any requests you have made to us, in writing, regarding the use(s) by us of your Personal Data under the DPL, you have a statutory entitlement pursuant to section 43 of the DPL to lodge a complaint to the Ombudsman of the Cayman Islands. The Ombudsman can be contacted by calling: 1-345-946-6283 or by email at info@ombudsman.ky.

Should you have any additional questions, queries or concerns after reading this Cayman Addendum or would like to give us feedback, please e-mail us at contact@EisnerAmper.com.

Note we may be required by law to collect certain Personal Data about you, or as a consequence of any contractual relationship we may have with you. Failure to provide any such information may prevent or delay the fulfillment of these obligations. We shall inform you at the time your information is collected if the provision of certain Personal Data is compulsorily required by us.

1.  Overview

Pursuant to the DPL, the key principles that shall be applied when processing any of your Personal Data are as follows:

  • Lawfulness: We will only collect Personal Data in a fair, lawful, and transparent manner;
  • Purpose limitation: We will only collect Personal Data for specified, explicit, and legitimate purposes;
  • Data minimization: We will limit the collection of Personal Data to what is directly relevant and necessary for the purpose(s) for which it is required by us;
  • Accuracy: We will keep Personal Data accurate and up to date while there continues to be a relationship and in certain circumstances, after that relationship has ended;
  • Retention limitation: We will retain Personal Data in a manner consistent data protection laws and for no longer than is necessary for the purposes for which it has been collected;
  • Access and rectification: We will process Personal Data in accordance with a data subject’s legal right;
  • Data security and protection: We will implement technical and organizational measures to ensure an appropriate level of data security and protection. Such measures provide for the prevention of any unauthorized or unlawful processing of Personal Data and against accidental loss or destruction of or damage to that data;
  • Protection for international transfers: We will ensure that if Personal Data is transferred outside the Cayman Islands, it is adequately protected or the transfer is otherwise permissible under applicable law.

2.  Information We Collect and How We Use It

“Personal Data” means any Personal Data or Personal Data relating to a living individual (including Sensitive Personal Data) by which they may be identified, including (but not limited to) their name, postal address, telephone number, e-mail address, location IP address or other on-line identifier, or one or more factors specific to their physical, physiological, genetic, mental, economic, cultural, or social identity.

We gather Personal Data about you directly in order to respond to your requests and provide you with appropriate information about our products, services, and events.  The information is collected and used in the following ways:

  • Requests for Information: When you enter information into the “Contact Us” online inquiry form on the Site to request general information about our products, services, and events, or to register for an event, you may be required to provide some or all of the following Personal Data: name, email address, company name and location, title, telephone contact information;
  • Sensitive Personal Data: We may collect certain information about you which is considered more sensitive under applicable data protection laws (e.g., about your race, ethnic origin, religious views and philosophical beliefs, membership of professional or trade associations, gender identity or sexual orientation, mental or physical health conditions, biometric, genetic, or health data).
  • Response to Requests: We may use your Personal Data to respond to your requests, including retaining information in order to better respond to further requests or inquiries we may receive from you regarding our service offerings.  We may also send you information from time to time regarding products, services and events that we think may be of interest to you.  Please refer to “Opting out” if you do not wish to receive such information or wish to change your preferences.
  • Gathering certain Personal Data from other sources: We may also receive information from other sources (e.g., personal details of various types) when we conduct anti-money laundering, countering financing of terrorism or other compliance-screening services utilized in the course of conducting our business activities.
  • Contacting Us by E-mail: When you send us an e-mail from the Site, you may be required to provide some or all of the following Personal Data: name, email address, company name and address, title, telephone contact information.  We may use this information to respond to your requests, including retaining the information you provide, the content of your e-mail, our response, and any follow-up questions and further requests and inquiries you may have.  We may also use information sent by e-mail for market research and to improve our products and services.
  • Submission of Requests for Information about Jobs with us: When you send an email to the email address listed on the Site for the attention of our Human Resources department.
  • Employment: If you choose to apply for employment with us online, you will be required to provide your name, address, contact information and work authorization status, and upload a resume or curriculum vitae (CV).  We will only use this information to match you with available employment opportunities.

3.  Legal Basis for Processing Personal Data

We will only process your Personal Data when we have a legal basis for doing so (including but not limited the following legal conditions:

  • Consent: In specific situations we may collect and process Personal Data with your consent
  • Contractual obligations: In certain circumstances we will need to process certain Personal Data to comply with contractual obligations for which we have been engaged.
  • Legal compliance: If the law requires us to do so, we may need to process your Personal Data.
  • Legitimate interest: In specific situations we require your Personal Data to pursue our legitimate interests in a way which might reasonably be expected as part of running our businesses and which does not materially impact your rights, freedom or interests (e.g., disclosure in compliance with regulatory obligations).

4.  How quickly shall we response to a written access request from you seeking access to your Personal Data being held or controlled by us?

Unless we advise to the contrary, we shall respond to written requests for access to Personal Data not later than 30 days after receipt of any such written request. We shall advise if for any reason we are unable to meet your requests within this timeframe (e.g., where a large amount of Personal Data is requested or required to be searched through and meeting the timelines would unreasonably interfere with EisnerAmper’s day-to-day business operations); (b) where more time may be required to consult with any relevant third party prior to EisnerAmper being able to decide whether or not to provide access to the requested Personal Data; or (c) you provide consent to an extension of the 30-day timeframe.  We reserve our right not to respond to requests submitted other than to the address specified in this paragraph.  

We may request that you provide sufficient identification to permit access to the existence, use or disclosure of your Personal Data. Any such identifying confirmation shall be used only for that purpose.

5.  What we need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

It is also important that the Personal Data we hold about you is accurate and current. Please keep us informed if any of your Personal Data provided to us changes during your relationship with us.

6.  Are there costs to you for requesting access to your Personal Data?

We will in many instances be able to provide you with your requested Personal Data free of charge except where any request made is determined to be manifestly unfounded or excessive because the request is (a) repetitive; (b) fraudulent in nature; or (c) would divert our resources unreasonably. In the event of (a) (b) or (c) arising, we may in certain instances decide to charge such fee as covers the cost of providing the requested Personal Data or may refuse to act on the request and provide you with our reason(s) for so doing.

7.  Direct Marketing

You may contact us directly at any time to make a request to us to stop using your Personal Data for direct marketing purposes.

8.  International Transfer of Personal Data

Your Personal Data may be transferred to and stored by persons outside the Cayman Islands and may be transferred to and stored by affiliates or service providers of EisnerAmper or third parties retained by EisnerAmper outside the Cayman Islands. In such cases, EisnerAmper shall ensure that any such transfer is subject to appropriate safeguards or is otherwise permitted under applicable laws.

9.  Changes to this Cayman Addendum

We may occasionally update or amend this Cayman Addendum to reflect changes to our practices and service offerings or to alternatively reflect changes required due to legislative changes.  We recommend you check this page from time to time to inform yourself of any changes to this Cayman Addendum going forward.

10.  Effective Date and Changes to Cayman Addendum

This Cayman Addendum was effective on October 8, 2019.

We reserve the right, at any time and without notice, to add to, change, update, or modify this Cayman Addendum simply by posting such change, update, or modification on this Site.  Any such change, update, or modification will be effective immediately upon posting on the Site.  The date in this section will be updated whenever this Cayman Addendum is changed.  You agree that we may notify you about material changes in the way we treat Personal Data by placing a notice on the Site.

If you have any additional questions after reading this Policy or would like to give us feedback, please e-mail us at contact@EisnerAmper.com.


California Resident Addendum to Privacy Policy

This California Resident Addendum to the Privacy Policy (“CA Addendum”) applies to EisnerAmper and affiliates (as defined in the Privacy Policy) and supplements and amends the information contained in Our Privacy Policy with respect to California residents. This CA Addendum applies solely to individuals, visitors, users, and others who are natural persons and residents of the State of California (“consumers” or “you”). THIS CA ADDENDUM TO THE PRIVACY POLICY DOES NOT APPLY TO USERS WHO ARE NOT NATURAL PERSONS AND NOT CALIFORNIA RESIDENTS.

The CA Addendum describes our policies and practices regarding the personal information we collect, use, and disclose about you, including personal information you submit or we obtain when you access the Site, as well as when you:

  • Use our mobile Site or applications,
  • Visit to our offices or attend one of our events,
  • Call or email us,
  • Interact with us on social media, or
  • View our online advertisements.

This CA Addendum does not apply to third-party websites accessible through our Site. This CA Addendum is adopted in part to comply with the California Consumer Privacy Act (“CCPA”).  Any terms defined within the CCPA have the same meaning when utilized within this CA Addendum. The other provisions of the Privacy Policy continue to apply except as modified in this CA Addendum.

If you are having trouble accessing this CA Addendum, click here to obtain The CA Addendum in PDF/printable format. 

1.  Information We Collect: We may collect or have collected in the preceding 12 months the following categories of personal information (“PI”). We may add to the categories of personal information we collect personal information. In that case, we will inform you.

  • Identifiers. Examples include real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol internet protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
  • Other elements. Examples include name, signature, characteristics or description, address, telephone number, passport number, drivers’ license number, education, employment, employment history, bank account number, credit card number, other financial information, medical information, or health insurance information.
  • Characteristics of protected classifications under California or federal law. Examples include race, religion, and age.
  • Education information. This includes information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, Sec. 1232g; 34 C.F.R. Part 99).
  • Internet or other electronic network activity. Examples include browsing history, search history, a consumer’s interaction with an internet website, application, or advertisement.
  • Geolocation data. This might include location information while using one of our apps.
  • Audio, electronic, visual, thermal, olfactory, or similar information. Examples of this category including identifiable information obtained about you through one of our premise’s security camera.
  • Consumer profile. This includes inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, and behaviors.

Personal information does not include:

  • Publicly available information from government records.
  • De-identified or aggregated consumer information.
  • Information excluded from the CCPA's scope, like:
    • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
    • personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.

2.  Purposes for Which We Collect Your Information: Set forth below are the business or commercial purposes for which we have collected your PI. We may change or add to the purposes we collect PI. In that case, we will inform you and obtain your consent when required by law.

  • To provide you with information, products or services that you request from us.
  • To fulfill or meet the reason for which the information is provided. For example, if you provide us with PI in order for us to prepare a tax return, we will use that information to prepare the return and submit it to the applicable taxing authorities.
  • To contact you and/or provide you with email alerts, event registrations and other notices concerning our products or services, or events or news, that may be of interest to you.
  • To engage in marketing activities, including to help design products and services appropriate for our clients.
  • To communicate with you in social media concerning our products and services.
  • To carry out our obligations and enforce our rights including those arising from any contracts entered into between you and us, including for billing, payment, and collections.
  • To review, improve, and monitor our Site, applications, online services, and overall client experience, including to provide customization to meet the specific needs, ensure a consistent experience, and to assess trends, interests, and the demands of clients.
  • To provide customer service and engage in quality control activities concerning our products and services.
  • For testing, research, analysis and product and service development.
  • To respond to law enforcement requests and as required by applicable law, court order, governmental regulations, or other lawful processes.
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA.
  • To process applications for employment, as well as to evaluate and improve our recruiting efforts.
  • As necessary or appropriate to protect the rights, property, security, and safety of us, our employees, our consumers, our information systems, and the public. For example, we might use cameras in and around our offices.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.

3.  Sources of Personal Information. The categories of sources of PI are described below. The examples provided are for illustration purposes and are not exhaustive.

  • You. Examples of when we collect that information include:
    • During a Site visit, or when you visit us at one of our office, locations, or events.
    • If you upload or share information, submit a request, submit information, or post other digital content through one of our Site, applications or via social media interactions on third-party websites like Facebook or Twitter.
    • If you apply or inquire about employment. See Our Applicant Privacy Policy.
    • In connection with your interactions with us as a registered user of our Site or online services.
    • We may use tracking tools like browser cookies, flash cookies, and web beacons.
  • Your business connections, investors, other professional service providers, friends, and family, such as when they refer you to us with respect to the products and services we provide.
  • Social media and related services

4.  Sharing Information. Of the categories of PI noted above, during the past 12 months, we shared the following:

Categories of Personal Information Disclosed

Categories of Third Parties to Whom Disclosed

Identifiers

 

Other elements

 

Characteristics of protected classifications under California or federal law.

 

Education information.

 

Internet or other electronic network activity.

 

Geolocation data.  

 

Audio, electronic, visual, thermal, olfactory, or similar information.

 

Consumer profile.  

  • Third parties as directed by you. We will share your PI with those third parties to whom you direct. For example, in the course of preparing your tax return, you may direct us to share your PI with your personal attorney, investment advisor, or other consultant.

  • Our business partners. For example, we might share your PI with one of our business partners for purposes of collaborating on providing services to you, or to invite you to an event we are organizing with the business partner. These business partners should also have their own privacy statements that set out the manner in which they will collect, use, and disclose PI. Where applicable, we encourage you to review each such business partner's privacy statement before signing on with them.

  • Third parties who perform services on our behalf. For example, we share information with certain service providers, including marketing companies, professional service providers, debt collectors, information technology providers, and data storage companies. We might also authorize our service providers to collect PI on our behalf.

  • Governmental entities, legal service providers. We may share your PI in order to comply with the law and in the course of providing our products and services. For example, we will disclose PI to federal and state tax authorities in connection with our tax preparation and filing services, or to respond to a court order or subpoena. We may also disclose information if a government agency or investigatory body submits a request.

  • Successors to all or portions of our business. If all or part of our business is sold, we may disclose PI in preparation for or as part of that transaction.

5.  Selling Personal Information. We do not sell your PI and have not sold any PI in the preceding 12 months, including any information concerning minors under age 16. Except as otherwise noted, we do not track your activities online over time and across third-party websites to provide targeted advertising and therefore do not respond to Do Not Track (DNT) signals.

6.  Consumer Rights: Pursuant to the CCPA, and as detailed below, consumers have various rights with respect to their PI.

7.  Request to Delete: You have the right to request that we delete your PI from our records and direct any service providers to delete your PI from their records, subject to certain exceptions. Upon receipt of a verifiable consumer request (see below), and as required by the CCPA, We will delete and direct any service providers to delete your PI from our records.  

We are not required to comply with your request to delete your PI if it is necessary for us (or our service provider) to maintain your PI in order to:

  1. Complete the transaction for which the PI was collected, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between us and you.
  2. Detect security incidents; protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
  3. Debug to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
  5. Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, if you have provided informed consent.
  7. Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us.
  8. Comply with a legal obligation.
  9. Otherwise use your PI, internally, in a lawful manner that is compatible with the context in which you provided the information.

Upon receipt of a confirmed verifiable consumer request (see below), and as required by the CCPA, we will provide a response.

If you are under the age of 18, and a registered user of any site where this CA Addendum is posted, California law permits you to request and obtain removal of content or information you have publicly posted. You may submit your request using the contact information in the Privacy Policy. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.

8.  Request to Know. You have the right to request that We disclose the following to you as it relates to the 12-month period preceding our receipt of your verifiable consumer request:

  1. The categories of PI We have collected about you.
  2. The business or commercial purpose for collecting PI.
  3. The categories of sources from which the PI is collected.
  4. The categories of PI We disclose about you for a business purpose
  5. The categories of third parties with whom we share PI.
  6. The specific pieces of PI We have about you.

Upon receipt of a verifiable consumer request (see below), and as required by the CCPA, we will provide a response to your request for information.

9.  Nondiscrimination: We will not discriminate against you in violation of the CCPA for exercising any of your CCPA rights. For example, we generally will not provide you a different level or quality of goods or services if you exercise your rights under the CCPA.

10.  Submitting Consumer Rights Requests: To submit any of the Consumer Rights requests as outlined above, please contact us at at 212.949.8700 and contact@eisneramper.com. We reserve the right to only respond to verifiable consumer requests. A verifiable consumer request is one made by any individual who is:

  1. the consumer who is the subject of the request,
  2. a consumer on behalf of the consumer’s minor child, or
  3. by a natural person or person registered with the Secretary of State authorized to act on behalf of a consumer.

If we request, you must provide us with sufficient information to verify your identity and/or authority to act on behalf of the consumer. In general, we may ask you to provide identifying information that we already maintain about you or we may use a third-party verification service. In either event, we will try to avoid asking you for sensitive personal information to verify your identity. We may not be able to respond to your request or provide you with PI if we cannot verify your identity or authority to make the request and confirm the PI relates to you.  However, making a verifiable consumer request does not require you to create an account with us.  Additionally, you will need to describe your request with sufficient detail to allow us to review, understand, assess, and respond. PI collected from an individual to determine whether a request is a verifiable consumer request may not be used for any other purpose. We will endeavor to respond to a verifiable consumer request within forty-five (45) calendar days of receipt, but we may require an extension of up to forty-five (45) additional calendar days to respond and we will notify you of the need for the extension.

If you have an account with us, we will deliver our written response to that account.  If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.  Any disclosures we provide will only cover the 12-month period preceding the receipt of your verifiable consumer request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. To the extent permitted by the CCPA, e will respond to no more than two requests during any 12-month period.

You may authorize a natural person or a business registered with the California Secretary of State to act on your behalf with respect to the right under this CA Policy. When you submit a Request to Know or a Request to Delete, unless you have provided the authorized agent with a qualifying power of attorney, you must provide your authorized agent written permission (signed by you) to act on your behalf and verify the authorized agent’s identity with Us. We reserve the right to deny requests from persons or businesses claiming to be authorized agents that do not submit sufficient proof of their authorization.

11.  Questions: If you have questions about this CA Addendum, please contact us as described above in the Privacy Policy.

EXHIBIT A
EisnerAmper Affiliated Entities

EA Compensation Resources, LLC
David Wiener and Company LLC
EA RESIG LLC
EA Fund Services LLC
ZenTek Data Systems LLC
EA CARES Compliance LLC
EisnerAmper Israel Ltd
NannyTax LLC
EisnerAmper Global & Regulatory Solutions LLC
EisnerAmper US (Cayman) LLC
EisnerAmper (UK) LLP
EisnerAmper (India) Consultants Private Limited.

EXHIBIT B
EisnerAmper LLP Controlled Websites