US State Specific Privacy Policy

 

"CohnReznick" is the brand name under which CohnReznick LLP and CohnReznick Advisory LLC and their respective affiliates (each, a member of the “Company Group”) provide professional services. CohnReznick LLP and CohnReznick Advisory LLC (and their respective affiliates) practice in an alternative practice structure in accordance with the AICPA Code of Professional Conduct and applicable law, regulations and professional standards. CohnReznick LLP is a licensed CPA firm that provides attest services to its clients. CohnReznick Advisory LLC provides tax and business consulting services to its clients. CohnReznick Advisory LLC and its affiliates are not licensed CPA firms. Each entity is a separate legal entity and solely responsible for its own acts and/or omissions. For clarity, the reference to “CohnReznick” shall include each member of the Company Group.  

This US State Specific Privacy Policy supplements the information contained in our Privacy Policy(Opens a new window) and Client Data Privacy Notice(Opens a new window) (“Privacy Notice”) (together, “Privacy Statements”) and is adopted to comply with the following state consumer privacy laws: (1) California Consumer Privacy Act (including the California Privacy Rights Act of 2020) and its implementing regulations (collectively, the “CCPA”); (2) Connecticut Data Privacy Act (“CTDPA”), and related regulations; (3) Texas Data Privacy and Security Act (“TDPSA”); and (4) the Nebraska Data Privacy Act (“NDPA”) (collectively referred to herein as “US Consumer Privacy Laws”). This US State Specific Privacy Policy (“US State Policy”) applies solely to visitors, users, Clients, and/or others who reside in the State of California, Connecticut, Texas, or Nebraska (“consumers”). Any terms or analogous terms defined under US Consumer Privacy Laws have the same meaning when used in this US State Policy. All other capitalized terms shall have the same meaning as those designated in the Privacy Statements. This US State Policy explains how CohnReznick collects, uses, discloses and retains Personal Information and how consumers may exercise their rights under applicable US Consumer Privacy Laws.

WHAT INFORMATION IS COLLECTED 

CohnReznick’s data collection practices include the collection and use of Personal Information as described in the Privacy Statements and as set forth below. This US State Policy applies to our data practices both online and offline. CohnReznick retains this information as set forth in the Privacy Statements. (See, Retention of Personal Information).

Generally, CohnReznick collects the following categories of Personal Information:

• Identifiers, including contact information and biographic information;
• Commercial information;
• Financial information;
• Internet or other similar network, browsing, or search activity;
• Non-precise Geolocation data;
• Professional or employment-related information; and
• Sensitive personal information or data. We do not collect or process Sensitive personal information or data for the purpose of inferring characteristics about an individual, and only collect such information for the limited purpose of providing our services.

OUR PURPOSES FOR THE COLLECTION AND USE OF PERSONAL INFORMATION

Our collection of Personal Information is limited to the business and commercial purposes as described below:

1. For execution of a Contract, to execute our rights or the rights of our service providers under a Contract, or enforce the terms and conditions arising under a Contract (e.g., performing services, maintaining the client relationship, keeping the client informed, invoicing and bill collection) or other agreement between the parties;
2. To perform client acceptance procedures, including verifying identities and addresses and performing other due diligence to protect our business interests and to determine eligibility for services;
3. To comply with legal, tax, accounting, or regulatory obligations to which CohnReznick or a third party is subject, including complying with auditing standards;
4. To manage risk and operations, legal obligations, including ensuring internal compliance with our policies and procedures, to respond to regulatory and government oversight applicable to CohnReznick, and to investigate complaints or pursue and defend claims, proceedings, or disputes;
5. To protect the security and integrity of CohnReznick’s information technology systems;
6. To provide information about relevant services offered by CohnReznick, opportunities and experiences offered by CohnReznick and relevant developments in the marketplace and industry;
7. To evaluate, develop and improve the quality of CohnReznick’s professionals and services or our website and for other related internal business purposes;
8. To seek professional advice, such as from professional advisors (including, but not limited to, legal counsel);
9. To recruit and evaluate qualifications for employment or internships;
10. For website related services, like analytics, insights, or customer support, quality and safety maintenance, or to develop new technological improvements;
11. For other purposes that are compatible with this Privacy Policy or where permitted by applicable law; and
12. As otherwise disclosed upon collection, or to the extent Client or a data subject provides other consent or authorization to the collection, use, disclosure and storage of personal information.

SOURCES OF COLLECTION OF PERSONAL INFORMATION 

We may collect Personal Information from the following sources:

• From a Client;
• Directly from You when you fill out an application for employment or sign a Contract for services with CohnReznick;
• From users of our website, both directly and through automatic means such as cookies;
• From forms, webinars, surveys, tradeshows, and other information You provide us; 
• From certain affiliates, business partners or agents;
• If You provide us with information when contacting us, request information about our services, or contact our customer service or support departments via phone, email, chat or other forms of communication;
• Fraud prevention and detection agencies and organizations, including law enforcement;
• From third party sources, including publicly available sources and governmental agencies and departments; and
• Through engagement with our social media platforms.

The chart below describes the categories of Personal Information collected in the previous twelve months and the business or commercial purposes for such collection. For more information about the exact identifiers we collect, please see our general privacy policy and the section labeled “What information is collected.” The numbers below align with the “Our Purposes for Collection and Use of Personal Information” section outlined above.

Category of Personal Information that We May Collect and Transmit	Types	Collected During the Past 12 Months	Business or Commercial Purpose(s)
Identifiers	Name, address, IP address, email address, social security number, date of birth, driver's license number; state ID card number, tax identification number	Yes	1-12
Personal Informationdescribed under Cal. Civ. Code Section 1798.80	Name, signature, social security number, address, phone number, driver's license or state ID card number, education, employment history, bank account or card number	Yes	1-12
Sensitive Personal Information	CCPA Sensitive Personal Information: Social security number, driver’s license, state ID card, passport number, financial account, debit card or credit card number in combination access credentials, racial or ethnic origin CTDPA, TDPSA, and NDPA Sensitive Data: Racial or ethnic origin	Yes	1-5,8-9,11-12
ProtectedPersonal Characteristics (as defined by CCPA)	Age (40 years or older), race, marital status, disability, sex, veteran status	Yes	1-5,8-9,11-12
Commercial Information	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies	Yes	1-12
Profession and Employment Related Information (job applicants)	Employment history, job title(s), work descriptions, locations	Yes	1-5,9,11-12
Education Information (non-public)	Institution name, degree, GPA, transcript, certifications, visa sponsorship, financial aid, student disciplinary record	Yes	1-5,9,11-12
Internet and Other Electronic Identifiers	Unique user ID, browsing history, cookie data, IP address, unique device information, session logs, analytics logs, geolocation data	Yes	1-2,4-6,8,10-12
Inference Information	Profile reflecting preferences, characteristics or predispositions, product and service interests, order histories, search histories	Yes	1-2,4-6,8,10-12
Biometric Information	N/A	No	N/A
Geolocation Data	Physical location, device coordinates/location	Yes	1-2,4-6,8,10-12
Sensory Information	N/A	No	N/A

 

CATEGORIES OF THIRD PARTIES WITH WHOM WE DISCLOSE PERSONAL INFORMATION

We disclose the categories of Personal Information outlined above to member of the Company Group and to certain service providers or other third parties for business purposes, to provide our products and services, or for other purposes as provided by applicable US Consumer Privacy Laws. This includes to:

a) professional service providers for business operations or provision of services;

b) information technology, software, and cloud providers, security providers, and similar services in connection with providing services and in the support of daily operations;

c)  service providers to support business operations;

d)  service providers to develop, operate, and maintain our website;

e) service providers for marketing purposes;

f) our employees, affiliated companies, contractors, agents and third-party vendors to perform services related to your account, to offer our products and services, and for business operations.

We may also have to disclose your information to:

a) government agencies or regulatory bodies to fulfill legal obligations;

b) a buyer, investor or successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, including potentially as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by us is among the assets transferred or to third parties in connection with CohnReznick’s acquisition of other entities;

c) law enforcement or government officials;

d) any other entity disclosed by CohnReznick when you provide the information, or for which you provide authorization; or

(e) third party fraud prevention and credit risk reduction companies and organizations.

“SELLING” OR “SHARING” OF PERSONAL INFORMATION

California Consumers: CohnReznick may “share” your Personal Information, as defined under CCPA, to marketing software providers to use for cross-contextual behavioral advertising. The categories of Personal Information shared include your identifiers, commercial information, internet and other electronic identifiers, and inference information.

CohnReznick does not have actual knowledge that it shares Personal Information of consumers under the age of 16. If you are between 13 and 16 years of age, you must authorize us to sell or share your Personal Information. If you are under 13 years of age, your parent or guardian must authorize us to sell or share your Personal Information.

You have a Right to Opt-Out of the sharing of your Personal Information by us at any time. You can submit a request to opt out of the sale or sharing of your Personal Information through our Do Not Sell/Share My Personal Information [hyperlink to form], or through the other methods referenced below in this Policy. The Right to Opt-Out is subject to exemptions under the CCPA and other limitations under applicable law.

Connecticut, Nebraska and Texas Consumers: CohnReznick does not sell data as defined under CTDPA, TDPSA, and NDPA.

CONSUMER RIGHTS UNDER US CONSUMER PRIVACY LAWS

US Consumer Privacy Laws provide consumers with specific rights regarding their Personal Information. This section explains how those rights may be exercised.

California consumers have the following rights:

1. Consumers have the right to request to certain information about our collection and use of Personal Information (the “Right to Know”) or access to specific pieces of personal information (“Specific Request to Know”). Consumers may only submit two requests per a twelve-month period, beginning on the date of their first request.
2. Consumers have the right to request correction of inaccurate Personal Information (“Right to Correct”) maintained by CohnReznick.
3. Consumers have the right to opt-out of the sale or sharing of personal information (“Right to Opt-Out”).
4. Consumers have the right to request deletion of Personal Information, subject to certain exceptions (the “Right to Delete”). Once we receive a request and confirm the consumer’s identity, we will review the request to determine if an exception allowing us to retain the information applies. We may deny a deletion request if retaining the Personal Information is necessary for us to:
   • Complete the transaction(s) for which we collected the Personal Information including to provide services requested or otherwise to fulfill our contractual obligations; and/or
   • As otherwise allowed by the US Consumer Privacy Laws.

Connecticut, Texas, and Nebraska consumers have the following rights:

1. Consumers have the right to confirm whether or not CohnReznick is processing Personal Data and access such Personal Data (the “Right to Access/Confirm”). 
2. Consumers have the right to obtain a copy of the Consumer's Personal Data maintained by CohnReznick (the “Right to Data Portability”). 
3. Consumers have the right to correct inaccuracies in the Consumer's Personal Data (the “Right to Correct”) maintained by CohnReznick. 
4. Consumers have the right to request deletion of Personal Data, subject to certain exceptions (the “Right to Delete”). Once we receive a request and confirm the Consumer’s identity, we will review the request to determine if an exception allowing us to retain the information applies.
5. Consumers have the right to opt out of the processing of Personal Information for the purposes of Targeted Advertising.

We will not discriminate against consumers for exercising US Consumer Privacy Law rights including refusing services or offering different pricing models.

CALIFORNIA SHINE THE LIGHT

California Civil Code Section 1798.83, known as the “Shine The Light” law, permits CohnReznick’s clients who are California residents to request and obtain from us a list of what personal information (if any) we disclosed to third parties for their direct marketing purposes in the preceding calendar year and the names and addresses of those third parties. Requests may be made only once each calendar year and are free of charge. You may make a request for this information by contacting us using any of the below methods.

HOW TO EXERCISE RIGHTS UNDER US CONSUMER PRIVACY LAWS

California, Connecticut, Texas, and Nebraska consumers or authorized agents may submit a request to CohnReznick in one of the following ways:

1. By emailing us at [email protected]  
2. By telephone at: 1- 862-245-5031
3. By submission of a Privacy Request Web Form: Privacy Request Web Form
4. By written notice mailed to: 

CohnReznick Advisory LLC
Attn: Legal Department
14 Sylvan Way
Parsippany, New Jersey 07054

California consumers can opt-out of the Sale/Share of their Personal Information and Connecticut, Texas, and Nebraska consumers can opt-out of processing of Personal Information for the purpose of Targeted Advertising by visiting the “Do Not Sell/Share My Personal Information” Form [hyperlink to form] or through any of the above methods.   

Authorized Agents: Except as it relates to the opt-out of Sale/Share or the opt-out of Targeted Advertising, if you are making a request as an Authorized Agent, please submit the request on behalf of the Consumer and provide proof that the Consumer provided you signed permission to submit the request. We may also require that you confirm your identity by providing a driver’s license, passport or other form of identification.  

Verification of Requests: Except as it relates to the opt-out of Sale/Share or the opt-out of Targeted Advertising, when submitting a request under US Consumer Privacy Laws, we are required to reasonably validate or authenticate the requestor to appropriately secure Personal Information. If we cannot validate the requestor based on the information provided, we will notify the requestor that we are unable to fulfill the request. We will only use Personal Information provided in the request to verify the requestor's identity or authority to make it. We will confirm receipt of a request. We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period. We do not charge a fee to process or respond to a verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will detail why we made that decision and provide a cost estimate before completing the request.

Ability to Appeal: If you disagree with CohnReznick’s refusal concerning a consumer request, you have the right to appeal the decision by contacting us using the information provided below and indicating that you are submitting an appeal.  Within the applicable statutory timeframe, CohnReznick shall inform you, in writing, of any action taken or not taken in response to the appeal, including an explanation of CohnReznick’s decision and if denied, information on how you can subject an appeal to your applicable attorney general. 

UPDATES TO THIS US STATE POLICY

Please refer to this US State Policy regularly as it may be revised due to legislative changes, changes in technology or our privacy practices or new uses of customer information not previously disclosed in this US State Policy. Changes to this Policy are effective when they are posted on this page. If you have any comments, concerns, or questions about this US State Policy, please contact us through one of the methods set forth above.