Privacy Policy

Corporate Privacy Policy

1. Privacy Statement; Collection of Personally Identifiable Information ("PII"). Evolver, Inc. ("Evolver") operates this website. All references to "we", "us", "our", this "website" or this "site" shall be construed to mean Evolver. We understand that visitors to this website are concerned about the privacy of information. The following describes our privacy policy regarding information that we collect through this website.
2. Modification of Privacy Policy. We reserve the right to modify this Privacy Policy at any time, and without prior notice, by posting an amended Privacy Policy that is always accessible by clicking on the "Privacy Policy" link on this site's home page. Your continued use of this site indicates your acceptance of the amended Privacy Policy.
3. Collection of Anonymous, Passive Information. We reserve the right to monitor your use of this site. As you navigate through this site, certain anonymous information may be passively collected (that is, gathered without your actively providing the information) using various technologies, such as cookies, Internet tags, and navigational data collection (log files, server logs, clickstream). For example, as explained in more detail below, your Internet browser automatically transmits to this site some of this anonymous information, such as the Internet Protocol (IP) address and the browser version your computer is currently using. This site may also collect anonymous information from your computer through cookies and Internet tags. You may set your browser to notify you when a cookie is sent or to refuse cookies altogether, but certain features of this site might not work without cookies. The following is a listing and a brief explanation of passive information collection methodologies which we may use from time to time to better understand how this site is being used.
   • A "cookie" is a bit of information that this site sends to your Web browser which helps us remember information about you and your preferences.
   • "Session" cookies are temporary bits of information that are used to improve navigation, block visitors from providing information where inappropriate (the site "remembers" previous entries of age or country of origin that were outside the specified parameters and blocks subsequent changes), and collect aggregate statistical information on the site. They are erased once you exit your Web browser or otherwise turn off your computer.
   • "Persistent" cookies are more permanent bits of information that are placed on the hard drive of your computer and stay there unless you delete the cookie. Persistent cookies store information on your computer for a number of purposes, such as retrieving certain information you have previously provided, helping to determine what areas of the site you may find most valuable, and customizing the site based on your preferences on an ongoing basis. Persistent cookies placed by this site in your computer do not hold PII.
   • You can set your browser to accept all cookies, to reject all cookies, or to notify you whenever a cookie is offered so that you can decide each time whether to accept it. To learn more about cookies and how to specify your preferences, please search for "cookie" in the "Help" portion of your browser.
   • An Internet Protocol (IP) address is a number assigned to your computer by your Internet service provider so you can access the Internet and is generally considered to be non-personally identifiable information, because in most cases an IP address is dynamic (changing each time you connect to the Internet), rather than static (unique to a particular user's computer). The IP address can be used to diagnose problems with a server, report aggregate information, determine the fastest route for your computer to use in connecting to a site, and administer and improve the site.
   • "Internet tags" (also known as Web Beacons, single-pixel GIFs, clear GIFs, and invisible GIFs) are smaller than cookies and tell the Web site server information such as the IP address and browser type related to the visitor's computer. Tags may be placed both on online advertisements that bring people to the site and on different pages of the site. Such tags indicate how many times a page is opened and which information is consulted.
   • "Navigational data" (log files, server logs, and clickstream data) are used for system management, to improve the content of the site, market research purposes, and to communicate information to visitors.
4. Use and Sharing of Anonymous, Passive Information. This site may make full use of passively collected anonymous information through the collection methods described above for our own internal operational purposes, including without limitation the right to use such information to provide better service to site visitors, customize the site based on your preferences, compile and analyze statistics and trends, and otherwise administer and improve this site for your use. We reserve the right to share this information in the same manner as provided below for PII.
5. Use of 3rd Party Cookies. This site reserves the right to use web analytics services provided by third parties. These services use cookies (sometimes referred to as 3rd party cookies) which are text files placed on your computer, to help us analyze how users use this site. The information generated by the cookie about your use of this site (including your IP address) will be transmitted to and stored by the service provider. The will use this information for the purpose of evaluating your use of this site, compiling reports on website activity for website operators, and providing other services relating to website activity and internet usage. These services may also transfer this information to third parties where required to do so by law, or where such third parties process the information on the service's behalf. You may refuse the use of cookies by selecting the appropriate settings on your browser; however, please note that if you do this you may not be able to use the full functionality of this site. By using this site, you consent to the processing of data about you by third party analytics services in the manner and for the purposes set out above.
6. Collection of PII. We will ask you when we need to collect PII (defined above). PII which we collect may vary depending on the services you select, and may include, without limitation, one or more of the following categories of information: name, physical address, an email address, and phone number.
7. Use And Sharing of PII: General Policy. Except as discussed below, our general policy is that we will not share, sell, or rent your PII to others. The only exceptions to this general policy: (i) are described in the subsections below, and (ii) if explicitly approved by you through our site.
   • Affiliates. Unless prohibited by law, we may use and share PII within any companies that may legally affiliated with us (such as, for example, any parent, subsidiary, or brother or sister entity) for purposes of providing service and account maintenance, to help us design and improve products and services, and to offer products and services that may be of interest to you.
   • Third-Party Service Providers. We may hire other companies to provide services on our behalf such as web or applicatio hosting or management. We may share or make PII accessible to such third parties; however, all such third parties are required to maintain the confidentiality of PII and are prohibited from using PII for any purpose other than for the services they provide, which may include emails, but only to the extent email is integral to their services.
   • In the Event of Merger, Sale, or Bankruptcy. In the event that we are acquired by or merged with a third party entity, we reserve the right, in any of these circumstances, to transfer or assign the information we have collected from our users as part of such merger, acquisition, sale, or other change of control. In the unlikely event of our bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors' rights generally, we may not be able to control how your PII is treated, transferred, or used.
   • Legal Process. We reserve the right to share PII with third parties in response to a subpoena, to prevent fraud, to comply with an inquiry by a government agency or other regulator, or as necessary for other legal purposes.
8. Security of PII. We have adopted reasonable and appropriate security measures to protect your PII and other sensitive information. Unfortunately, no data transmission over the Internet or method of data storage can be guaranteed 100% secure. Therefore, while we strive to protect your PII with reasonable and appropriate security measures, we cannot ensure or warrant the absolute security of any information you transmit to us or archive at this site. In the event any PII is released to third parties despite our reasonable efforts to protect such PII you agree that we have no liability for such release.
9. Email And Other Messages Through This Site; ECPA Notice. This site treats email messages and other electronic messages that are sent through this site and not viewable by others as confidential and private, except as required by law, including without limitation, the Electronic Communications Privacy Act of 1986, 18 U.S.C. Sections 2701-2711 (the "ECPA"). The ECPA permits this site's limited ability to intercept and/or disclose electronic messages, for example (i) as necessary to operate our system or to protect our rights or property, (ii) upon legal demand (court orders, warrants, subpoenas), or (iii) where we receive information inadvertently which appears to pertain to the commission of a crime. This site is not considered a "secure communications medium" under the ECPA.
10. USA Patriot Act Notice. The federal USA Patriot Act ("USA Patriot Act") provides generally for the operator of a communication host and law enforcement to be able to monitor any content, upon request of the operator. We anticipate fully complying with all our obligations, and availing ourselves of all our rights, under the USA Patriot Act.
11. Children's Online Policy. This site is a general audience site. Consistent with the Children's Online Privacy Protection Act (COPPA), we will not knowingly collect any information from, or sell to, children under the age of 13. If you are a parent or guardian who has discovered that your child under the age of 13 has submitted his or her personally identifiable information without your permission or consent, we will remove the information from our active list, at your request. To request the removal of your child's information, please contact our site as provided below under "Contact Us", and be sure to include in your message the same information that your child submitted.

Contact Us. If you have any questions regarding this Privacy Policy, please contact the operator of this website at:

Evolver, Inc.
Attn: Privacy Policy Officer

 

Evolver Inc. Safe Harbor Policy
Introduction Evolver receives and processes information (in paper and electronic form) in accordance with its clients’ instructions for the purpose of providing legal data support services, including legal review, repository holding, data management and forensics.  Evolver provides services from forensic collection, to managed hosting and document review. At Evolver, we recognize the importance of privacy to our clients and we strive to safeguard any personal information we receive and may need to use in support of our clients.

Evolver adheres to the set of data protection principles developed in consultation by the United States Department of Commerce (DOC), in collaboration with the European Commission and the Federal Data Protection and Information Commissioner of Switzerland, producing the U.S.-European Union Safe Harbor Framework Documents and U.S.-Swiss Safe Harbor Framework Documents. The privacy principles in this policy are based on these Safe Harbor Principles. If there is any conflict between this Policy and the principles published by the U.S. Department of Commerce, the latter principles shall govern.

This Safe Harbor Privacy Policy (“Policy”) sets out the privacy principles to which Evolver adheres, as it relates to personal information transferred from the European Economic Area (“EEA”) and/or Switzerland to the United States (“U.S.”).

SCOPE
This Policy applies to all personal information received by Evolver from the EEA and/or Switzerland. In most cases, the data we receive will be in electronic form and relates to our clients and their business activities. It may include personal information about our clients’ employees, business contacts, customers and any other individuals with whom our clients have dealings.

When we receive and process personal information provided to us by our clients, we do so as “data processors” acting on the instructions of our clients and/or the court system and we do not control or share such data without direction from the client.  For such processing, Evolver enters into appropriate agreements with the clients providing that the client is the data controller for the purpose of the EU Data Directive and is in compliance with the applicable data protection laws.

Evolver does not generally collect personal information from individuals in the EEA or Switzerland.  Evolver’s possession and use of personal information, is incidental to our primary task of providing electronic discovery services to our clients.

DEFINITIONS
1. “Information” means information or a set of information that (1) is transferred from the EEA or Switzerland to the United States; (2) is recorded in any form; (3) is about, or pertains to a specific individual; and (4) identifies or could be used to identify to that individual.  Information does not include anonymized information, aggregated information or publicly available information that has not been combined with non-public personal information.
2. “Agent” is any third party that processes, collects, uses, or stores Information under the instructions of, and solely for, Evolver or to which Evolver discloses personal information for use on Evolver’s behalf

SAFE HARBOR PRINCIPLES
The practices to which Evolver is committed are based on the EEA and Swiss Safe Harbor Principles negotiated between their respective government agencies and the United States Department of Commerce. Adherence by Evolver to these Safe Harbor Principles provides the necessary level of protection required by the EU/Swiss Directives for the transfer of personal information outside the EEA/Switzerland.  Evolver’s execution of these principles may be limited in certain circumstances, in particular:
(a) where there is a conflicting or overriding legal obligation;
(b) to the extent expressly permitted by any applicable law, rule or regulation; or
(c) where Evolver receives personal information as a “data processor” acting on the instructions of a client. As Evolver will be receiving personal information from the EEA/Switzerland merely for processing, its principle obligations are limited to onward transfer, security, access, and enforcement. Evolver’s client remains responsible for notice, choice, and data integrity.

NOTICE: Evolver receives data to be processed and/or stored, the contents of which may, or may not be Information.  Where Evolver collects Information directly from individuals in the EEA/Switzerland, it will inform individuals of the purposes for which it collects and uses their Information, the types of third parties (if any) to which Evolver may disclose that Information, and the choices and means, if any, that Evolver offers individuals for limiting the use and disclosure of their Information.

Where Evolver acts as the data processer and receives transfers of personal information from the EEA/Switzerland to the United States, Evolver requires contractual provisions from the EEA data controller that the personal information has been provided to Evolver in accordance with the applicable EU Member State data protection law to ensure the individuals have been provided with appropriate notice regarding how their information will be used.

CHOICE: Given that Evolver’s services are directed by our clients and frequently by legal proceedings, choice may be limited. Where Evolver is the collector of Information and Choice is permissible, it will offer individuals the opportunity to choose (opt-out) whether their Information is

(a) to be disclosed to a third party (unless that disclosure is allowed or required by contract), or
(b) to be used for a purpose that is not consistent with the purpose for which that
Information was originally collected, or subsequently authorized by the individual.

Evolver will provide individuals with reasonable mechanisms to exercise their choices.

Where Evolver acts as the data processor and receives transfers of Information from the EEA to the United States, Evolver does not offer individuals with the opportunity to choose since Evolver is not responsible for collecting the Information. Evolver does require contractual provisions from the data controller that the personal information has been provided to Evolver in accordance with the applicable data protection laws to ensure the individuals have been provided with appropriate choice regarding how their information may be used.

ONWARD TRANSFERS: In the event Evolver transfers Information it has directly collected from individuals, it will obtain assurances from its Agents, prior to such transfer, that they will safeguard the Information in a manner consistent with this Policy. Every Agent utilized enters into a contractual relationship with Evolver, which includes confidentiality and non-disclosure clauses, and provides the same level of commitment to and protections, as required by the Safe Harbor Principles. Evolver may also sell, transfer or otherwise disclose Information reasonably related to the sale, assignment, transfer or other disposition of all or part of our business, subject to and in accordance with applicable law.

SECURITY: Evolver takes reasonable precautions to protect Information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction. 

DATA INTEGRITY: Evolver will use Information only in ways that are relevant and compatible with the purpose for which that information was collected or provided to Evolver. Evolver will take reasonable steps to ensure that all data collected, processed and/or stored is protected from destruction, corruption, or use in a manner inconsistent with the purpose for which it received the information.

ACCESS: Upon request, and where permissible by law and purpose for which it possesses the Information, Evolver will grant individuals reasonable access to Information that it holds about them.  In addition and where permissible, Evolver will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete, except where the burden or expense of providing access would be disproportionate to the risks of the individual’s privacy, or where the rights of another individual may be violated.  A reasonable fee may be charged as compensation for our expenses incurred in accessing, changing or deleting the personal information.  This right applies only to Information about the individual making the request and is subject to other limitations as defined by law, or where the burden or expense of providing access would be disproportionate to the risks related to the privacy of the individual or where the rights of other individuals would be violated.

ENFORCEMENT: Evolver will conduct compliance audits at least annually of its relevant privacy practices to verify adherence to this Policy and will self-certify with the US Department of Commerce. Further, Evolver will conduct follow up investigations to verify that attestations and assertions regarding practices are true. Evolver maintains an Ethics hotline (Evolver-ethics@evolverinc.com) to which violations and/or complaints may be made and Evolver engages in training to support implementation and compliance. Any employee that Evolver determines is in violation of this Policy will be subject to disciplinary action.

DISPUTE RESOLUTION: Questions or concerns regarding Evolver’s use or disclosure of Information may be directed to the Evolver Ethics and Compliance Officer at the address given below. Evolver will reasonably investigate and attempt to resolve complaints and disputes regarding use and disclosure of Information in accordance with the principles contained in this Policy. Complaints that cannot be resolved between Evolver and the complainant, Evolver agrees to cooperate with Data Protection Authorities located in the EU or Switzerland (or their authorized representatives) and participate in any dispute resolution procedures established by such authorities pursuant to the Safe Harbor Principles.

CONTACT INFORMATION
Please refer all questions or comments regarding this Policy to:
Evolver, Inc
Ethics and Compliance Officer
1943 Isaac Newton Square, Suite 260
Reston, VA  20190
(703) 742-4090
(888) 742-4090
Evolver-ethics@evolverinc.com

This Safe Harbor Policy is available at www.evolverlegal.com

CHANGES TO THIS SAFE HARBOR POLICY
This Policy may be amended from time to time to remain consistent with the requirements of the Safe Harbor Principles.

The effective date of this Safe Harbor Policy is: October 2012