Data Privacy Framework Policy

Porzio, Bromberg & Newman, P.C. is a law firm that provides counseling and representation to its clients. Porzio has also created subsidiaries that provide services complementary to, but distinct from, our legal services. Porzio and its subsidiaries, Porzio Compliance Services, LLC and Porzio Governmental Affairs, LLC, as well as Porzio, Bromberg & Newman (PR) (collectively "Porzio"), assist clients in operating effectively within today's complex regulatory and legislative framework. In doing so, Porzio receives personal information from or concerning individuals in the European Union (“EU”), the United Kingdom (“UK”), and Switzerland from its clients. Such personal information may include name, address, e-mail address, phone number, and/or other personal identifying information. Porzio also collects information from individuals in the EU, UK, and Switzerland when such individuals contact Porzio and request information about its services. Porzio has established a comprehensive privacy program designed and intended to protect your data privacy rights.

Porzio complies with the EU-U.S. Data Privacy Framework and the UK Extension to the EU-U.S. DPF, and Swiss-U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from EU member countries and Switzerland. Porzio has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Porzio has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the policies in this privacy policy and the Data Privacy Framework Principles, the Data Privacy Framework Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

1. Notice: When Porzio directly collects personal information from EU, UK, and/or Swiss individuals, as explained below, it advises you about the purposes for which the information is collected and used, and your ability to limit the use and disclosure of such information, and how to contact Porzio. Specifically, Porzio directly collects personal information from EU, UK, and Swiss individuals if you provide personal information to Porzio when you contact us through our website or otherwise seeking information about our services. If you provide such information to us about our services, we will only use that information to contact you about our company and our services. We will not sell or provide your information to any third party, except as provided herein. By submitting your personal information to us, via our website contact form or otherwise, you are consenting only to us sharing your personal information within Porzio and its parent company, Porzio, Bromberg & Newman, which also complies with the EU-U.S. (and the UK Extension to the EU-U.S. DPF) and Swiss-U.S. Data Privacy Frameworks as set forth by the U.S. Department of Commerce. Porzio provides notice in clear and conspicuous language at the time you provide such information to Porzio or as soon as practicable thereafter. When Porzio receives personal information from entities/its customers to assist those customers comply with governing laws and codes, it uses such information consistent with the notices provided by such entities/customers that initially collected the information and the choices made by the individuals from whom the information was collected and in accordance with the principles of the Data Privacy Framework. Porzio only uses this personal information to assist its customers in complying with governing laws and codes.

2. Choice: Porzio does not and does not intend to disclose personal information to a non-agent third party. Nor does Porzio use or intend to use your personal information for any purpose other than that for which it was originally collected. However, if Porzio plans to disclose personal information to a non-agent third party or plans to use your personal information for any purpose other than that for which it was originally collected, it will contact you via the contact information you provided to Porzio to provide you with the choice of whether to permit such use. Porzio will not disclose personal information to a non-agent third party or use personal information for a purpose other than that for which it was originally collected unless you affirmatively consent and opt-in to doing so. Please use the contact information listed below if you have any questions about this.

3. Onward Transfers: When Porzio transfers personal data to a third party that is acting as an agent, it enters into a written agreement with such third party requiring that the third party provide at least the same level of privacy protection as is required by the relevant principles of the Data Privacy Framework and that such third-party will notify Porzio if it makes a determination that it can no longer meet this obligation. Third parties acting as agents that Porzio engages include, but are not limited to, business partners or consultants that are utilized to assist Porzio perform the services for which it was retained by the customer with respect to complying with governing laws and codes and that Porzio carries out in accordance with the foregoing and pursuant to the purposes for which the information was initially collected. Porzio does not share personal information with non-agent third parties.

Porzio may disclose personal information to the following types of organizations:

  • To our third-party service providers such as website hosting providers, information technology providers, payment services providers, and/or communication providers.
  • To parties in a litigation, judicial or administration bodies in the US or a foreign jurisdiction, dispute resolution providers, and/or regulatory bodies in the US or a foreign jurisdiction.
  • To a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
  • To respond to lawful requests from public authorities, including public and government authorities outside your country of residence, including to meet national security, public interest or law enforcement requirements.

We may transfer your personal data outside the European Economic Area (“EEA”). To ensure a degree of protection similar to that within the EEA, we will only transfer your personal data:

  • To countries that have been deemed to provide an adequate level of protection for personal data by the European Commission, or
  • To countries:
    • Pursuant to binding agreement to and compliance with standard contractual clauses or binding corporate rules, each as approved by the European Commission;
    • Pursuant to the consent of the individual to whom the personal information pertains; or
    • As otherwise authorized by the EEA or permitted by applicable EEA requirements.

In cases of onward transfers to third parties of personal information of EU, UK, and/or Swiss individuals received pursuant to the Data Privacy Framework, Porzio is potentially liable if the third party processes such personal information in a manner inconsistent with the Data Privacy Framework, unless Porzio proves that it is not responsible for the event giving rise to the damage.

4. Access: Porzio acknowledges that EU, UK, and Swiss individuals have the right to access the personal information it maintains about them. Porzio will provide individuals with reasonable access to information it has about them upon their request, and Porzio will take reasonable measures to allow for the correction, amendment, or deletion of information shown to be incorrect or inaccurate, unless the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy, or where the rights of persons other than the individual would be violated. You may contact Porzio using the contact information below to learn whether Porzio has your personal data subject to this policy, and to request corrections, amendments or deletion of such data. This right applies only to personal information about you and is subject to other limitations as defined by law, or where the burden or expense of providing access would be disproportionate to the risks related to the privacy of the individual or where the rights of other individuals would be violated. You will need to provide sufficient identifying information.

5. Security: Porzio maintains various safeguards, including physical and electronic and managerial procedures, to protect the security and confidentiality of personal information it has received. Porzio takes reasonable precautions to protect against loss, misuse and unauthorized access, disclosure, alteration and destruction of data in its control, taking into due account the risks involved in the processing and the nature of the personal data.

6. Data Integrity: The personal information uses or processes will be necessary for and related to the purpose for which it was obtained or collected. Porzio will not use or process the data in a manner that is inconsistent with the reason it was collected or authorized to be used. Porzio will take reasonable measures to ensure that the data is accurate, complete, current, and reliable for its intended use.

7. Enforcement: Porzio is committed to monitoring and ensuring compliance with this policy and relevant privacy laws and regulations. Porzio maintains strict confidentiality and security policies with respect to all data it receives that applies to all of its personnel. In compliance with the EU-US Data Privacy Framework Principles, and the UK Extension to the EU-U.S. DPF, and Swiss-US Data Privacy Framework Principles, Porzio commits to resolve complaints about your privacy and our collection or use of your personal information.  EU, UK, and/or Swiss individuals with inquiries or complaints regarding this privacy policy should first contact Porzio at:

Porzio, Bromberg & Newman, P.C.
100 Southgate Parkway, Morristown, NJ 07962
Attn: Alfred R. Brunetti
ARBrunetti@pbnlaw.com

Porzio has further committed to refer unresolved privacy complaints under the Data Privacy Framework Principles to an independent dispute resolution mechanism, the BBB National Programs Data Privacy Framework Services. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.

If your Data Privacy Framework complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf.

Porzio is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

Last revised and effective date: February 10, 2024