Privacy Statement
The Laurel Hill Advisory Group is a shareholder communication firm that provides Proxy Solicitation and Asset Reunification services to our clients.
From the Proxy Solicitation side, we get retained by public companies to help manage their annual shareholder meetings to ensure that they get the necessary shareholder votes needed to pass any resolutions that are included in the proxy statement. This includes providing strategic advice and shareholder outreach. Our client will establish a date to hold its annual meeting and then mail the proxy material to all registered shareholders. The proxy material will provide a toll-free phone number for the shareholders to call if they have any questions. The phone number provided is directed to our call center where our representatives will answer any questions or direct them to our client if more information is required. There will be times when we will be asked to follow up by contacting our client’s shareholders to make sure that they have received the proxy materials and we can also take their vote over the phone. We will get the shareholder contact information from our client’s transfer agent. This contact information is the shareholder’s address and phone number.
Our Asset Reunification services are used when our clients need to find lost account holders or lost shareholders so we can reunite them with their asset (either the value of their account or the value of the shares they own). We are usually provided with names, addresses and phone numbers of these lost accounts or shareholders and it is our job to locate them. In most cases the contact information provided to us is incorrect or out of date. We then have to perform deeper research to locate these lost holders. Once we locate these lost holders, we work with them so they can reclaim their asset.
The Laurel Hill Advisory Group is committed to adhering to the Data Privacy Framework principles.
Our data is passed through ShareFile. ShareFile is a cloud-based file sharing service that enables users to easily and securely exchange documents. ShareFile enables users to send large documents by email, securely handle document transfers to third parties, and access a collaboration space from desktops or mobile devices.
When requesting data, we can either provide our client with a link that will allow them to upload the files through ShareFile or send an email request from ShareFile with a link for them to upload. We are able to pull the file directly from Laurel Hill Advisory Group personal ShareFile account. Currently only Laurel Hill’s Vice President of the Asset Recovery Division, Meagan Lehman, has access to this website and pulls the data and stores it in our Network Drive that is locked and only accessible to certain employees. For our ongoing clients we use the link method because the link usually remains active for 30 days and the clients can continue to use it until they receive a notification and it is locked. Once a file is uploaded the user will receive an email to inform them that there is a file waiting. For other clients that might send two files a year, they receive an email that allows them to click a link and it pulls them to our secure ShareFile account.
When sending data, Ms. Lehman is able to upload the files to ShareFile and add them to the email to whoever should be receiving the file. Every person that is on that list receives an email, with only their email address listed, with a link to download the file.
The Laurel Hill Advisory Group is committed to the Data Privacy Framework and will inform individuals about the type or identity of third parties to which our organization discloses personal information, and the purposes for which it does so. The individuals will have the ability to know what personal data Laurel Hill has and they will have the right to access it.
Under the Data Privacy Framework, the right of access is fundamental to privacy protection. The Access Principle means that individuals have the right to obtain from Laurel Hill confirmation of whether or not the organization is processing personal data relating to them and have communicated to them such data so that they could verify its accuracy and the lawfulness of the processing and have the data corrected, amended or deleted where it is inaccurate or processed in violation of the principles.
Consistent with the fundamental nature of access, Laurel Hill will always make good faith efforts to provide access. For example, where certain information needs to be protected and can be readily separated from other personal information subject to an access request, Laurel Hill will redact the protected information and make available the other information. If Laurel Hill determines that access should be restricted in any particular instance, it will provide the individual requesting access with an explanation of why it has made that determination and a contact point for any further inquiries.
Access can be provided in the form of disclosure of the relevant personal information by Laurel Hill to the individual and does not require access by the individual to an organization’s data base. Access needs to be provided only to the extent that an organization stores the personal information. The Access Principle itself does not create any obligation to retain, maintain, reorganize, or restructure personal information files. Laurel Hill is not required to provide access unless it is supplied with sufficient information to allow it to confirm the identity of the person making the request. Laurel Hill will respond to access requests within a reasonable time period, in a reasonable manner, and in a way that is readily intelligible to the individual.
Generally, the purpose of the Data Privacy Framework is to ensure that personal information is used and disclosed in ways that are consistent with the individual’s expectations and choices. Accordingly, an individual will be able to exercise “opt out” choice of having personal information used for direct marketing at any time subject to reasonable limits established by the organization, such as giving the organization time to make the opt out effective. Laurel Hill may also require sufficient information to confirm the identity of the individual requesting the “opt out.”
Once the individuals file is completed, Laurel Hill will erase any and all personal data we have acquired from our files from our database. If there is any physical data, it will be shredded and destroyed. Laurel Hill will not retain or share any personal data from an individual once our transaction is completed.
We will be subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) and that the possibility, under certain conditions, for the individual to invoke binding arbitration. The Laurel Hill Advisory Group is the required to disclose personal information in response to lawful requests by public authorities, including meeting national security or law enforcement requirements and our organization’s will accept liability in cases of onward transfers to third parties.
The Laurel Hill Advisory Group
2 Robbins Lane, Suite 201, Jericho, NY 11753
(516) 933-3100
Attention: Meagan Lehman
mlehman@laurelhill.com
www.laurelhill.com
The Laurel Hill Advisory Group complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. The Laurel Hill Advisory Group has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. The Laurel Hill Advisory Group has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, The Laurel Hill Advisory Group commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF.
The Laurel Hill Advisory Group has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Data Privacy Framework complaints concerning data transferred from the EU and Switzerland.
At the Laurel Hill Advisory Group, LLC, a fundamental part of our commitment to deliver exceptional service is protecting your privacy and maintaining the confidentiality of your personal information. As our range of products and services expand, and as the technology we use continues to evolve, Laurel Hill will maintain its commitment to the steps outlined in this statement and to keeping you informed of any changes in a timely manner.
What is Personal Information?
Personal information includes any factual or subjective information about an identifiable individual. This may include information such as age, name, and ID numbers but does not include the name, title, or business address or telephone number of an employee of an organization. This Privacy Statement applies to the collection, use, and disclosure of personal information by Laurel Hill.
Laurel Hill’s Collection, Use and Disclosure of Personal Information
Laurel Hill may receive personal information about you if you hold, or held, securities in a company, or successor company, and that company requests one of our products and services. This information may come from you or by a party authorized by you, such as the issuer or their transfer agent, your broker, or your attorney. Laurel Hill may be instructed by you to assist you in responding to, or participating in, a Proxy Solicitation, an Asset Recovery Program, or Information Agent campaign where we typically would receive personal information that could include name, address, social security number, and securities ownership information.
In providing our services to you and our clients, Laurel Hill uses personal information in a variety of ways. We may mail you program materials, assist you with Proxy voting, or mail you a cheque. Participation in our programs may result in Laurel Hill performing transactions and administering accounts at your direction; often resulting in tax and other reporting required by law.
We will generally not disclose your personal information other than for the identified purpose unless we have your consent or are required to by law. In the ordinary course of conducting our business, your information may have to be shared with a related, affiliate, or outside company. These companies may use your information, on our behalf, by performing certain securityholder database management or processing functions, printing of tax forms, or the mailing of program materials and entitlement checks.
For the purposes of this Privacy Statement, “Laurel Hill”, “we”, “our”, and “us” means The Laurel Hill Advisory Group, LLC. “You” and “yours” is defined as an individual whose personal information we may collect, use, and disclose as we conduct our business.
Laurel Hill’s Privacy Responsibility
Our Privacy Statement reviews how we collect, use, retain and disclose personal information. Protecting personal and financial information as we practice our business is a principal Laurel Hill pays special attention to. We follow 10 principles of fair information practices included in the Personal Information Protection and Electronic Documents Act (PIPEDA) 2001. These principles give individual control over how their personal information is handled while providing guidance to organizations on how to responsibly protect information and ensure the fair handling of it all times.
Accountability: Laurel Hill accepts responsibility for personal information in our possession and ensures that each of our employees is informed about the importance of protecting personal information.
Identifying Purposes: Why do we collect personal information about you? We can identify and describe the purpose for you in various ways and may do so by mail or phone as our services are provided. If you are a shareholder in a corporate issuer, you may receive a letter or phone call describing how we can assist you in proxy voting or in claiming financial assets that you are entitled to.
Consent: We require your consent to collect, use, and disclose your information, with certain exceptions. The choice to provide us with personal information is yours. We commit to explaining your options to withhold consent; however, your ability to withdraw consent may be limited by legal or contractual restrictions.
Limiting Collection: We fairly collect information for the purposes we identify in our shareholder programs and events. You may visit our website without revealing any personal information about yourself.
Limiting Use, Disclosure, and Retention: We maintain procedures and policies governing the retention and destruction of recorded information. Statutory requirements of regulators and our clients mandate certain information to be securely stored for extended lengths of time. When we are required to utilize the expertise of an outside company, we carefully ensure and require that similar privacy standards are met. At times, we may be compelled to release information by legislation (including securities law, terrorist financing, income and tax reporting).
Accuracy: Laurel Hill attempts to ensure that your personal information is accurate and that we will make efforts to maintain its accuracy.
Telephone Consumer Protection Act (TCPA)
The Laurel Hill Advisory Group is compliant with the Telephone Consumer Protection Act (TCPA) that regulates telemarketing calls, auto-dialed calls, prerecorded calls, text messages, and unsolicited faxes.
The FCC has stated that with respect to autodialed or prerecorded debt collection calls, to the extent that they do not contain telemarketing messages, they would not require any consent when made to residential wireline consumers but require either prior written or oral consent if made to a consumer’s wireless number referring to 47 C.F.R. § 64.1200(a)(1).
The FCC also provided a non-exhaustive list of other types of calls that are exempt from the written consent requirement reserved for telemarketing calls, such as research and survey calls and bank account fraud alerts to the extent, they do not contain telemarketing messages as well.
Laurel Hill does not make calls to the following:
Any residential telephone before the hour of 8 a.m. or after 9 p.m. (called party's local time)
A residential telephone number on the national do-not-call registry
Beginning October 16, 2013, prior express written consent was required for all autodialed calls, pre-recorded calls or texts sent or made to a wireless number and pre-recorded calls made to wired numbers for advertising or telemarketing purposes. The prior business relationship exemption was eliminated.
Exceptions include calls:
that are manually dialed and do not contain a pre-recorded message;
made for emergency purposes;
not made for a commercial purpose;
made for a commercial purpose but does not include or introduce an advertisement or constitute telemarketing;
made by or on behalf of a tax-exempt nonprofit organization; or
that delivers a “health care” message made by, or on behalf of, a “covered entity” or its “business associate,” as those terms are defined in the HIPAA Privacy Rule.
Some other important restrictions under the TCPA include:
Disconnect an unanswered telemarketing call prior to at least 15 seconds or four (4) rings.
Abandon more than 3% of all telemarketing calls that are answered live by a person, as measured over a 30-day period for a single calling campaign. If a single calling campaign exceeds a 30-day period, the abandonment rate shall be calculated separately for each successive 30-day period or portion thereof.
Additional requirements for all artificial or prerecorded voice telephone messages include:
At the beginning of the message, it must state clearly the identity of the business, individual, or other entity that is responsible for initiating the call.
During or after the message, state clearly the telephone number (other than that of the auto-dialer or prerecorded message player that placed the call) of such business, other entity, or individual. The telephone number provided may not be a number for which charges exceed local or long-distance charges.
Provide an automated, interactive voice- and/or key press-activated opt-out mechanism for the person called to make a do-not-call request
And finally, no person or entity may initiate any telephone solicitation to:
Any residential telephone subscriber before the hour of 8 a.m. or after 9 p.m. (called party's local time)
A residential telephone number on the national do-not-call registry
The FCC rule allows a conditional 15-day grace period for calls made to numbers which have been ported from wired lines to wireless where the consumer may be charged for the call. A person will not be liable for violating the prohibition when the call is placed to a wireless number that has been ported from wireline service and such call is a voice call; not knowingly made to a wireless number; and made within 15 days of the porting of the number from wireline to wireless service, provided the number is not already on the national do-not-call registry or caller’s company-specific do not-call list.
The FCC rule allows a person to employ a version of the national do-not-call registry obtained from the administrator of the registry no more than 31 days prior to the date any call is made, as long as the person conducts internal training, and has written procedures and records documenting this process.
Safeguards: We provide appropriate safeguards to protect your personal information from loss, theft, or unauthorized access, disclosure, copying, use, or modification. Laurel Hill and each of its employees are aware of the importance of protecting your information and use security measures such as locked facilities and access restrictions.
Openness: Our Privacy Statement outlines our commitment to fair information practices and can be viewed electronically at www.laurelhill.com.
Please contact our Privacy Officer for more information:
James Catacosinos
The Laurel Hill Advisory Group, LLC
2 Robbins Lane
Suite 201
Jericho, NY 11753
Tel: (516) 933-3100
jcat@laurelhill.com