Safe Harbor

MANAGEMENT CONSULTING GROUP PLC

SAFE HARBOR POLICY RELATING TO PERSONAL INFORMATION TRANSFERRED FROM EU TO USA

Introduction:
Management Consulting Group PLC (“MCG”) is a publicly traded entity on the London Stock Exchange, its offering include a number of leading specialist consultancies to include, Proudfoot, Ineum Consulting and Kurt Salmon Associates. 

MCG and is subsidiaries adhere to the Safe Harbor Agreement concerning the transfer of personal data from the European Union (“EU”) to the United States.  We subscribe to the Safe Harbor principles published by the US Department of Commerce with respect to all such personal data.  If any conflicts arise between this policy and the published principles the principles shall supersede the policy. 

Definitions:
Personal Information – means any information that is:

1)       transferred from the EU to the USA.
2)       Is recorded in any media or other form;
3)       Is about, or pertains to a specific individual;
4)       Information which would allow someone to link an individual to such information.

Sensitive Personal Information – means any personal information that:

1)       reveals race,
2)       ethnic origin;
3)       sexual orientation;
4)       political opinions;
5)       religious or philosophical beliefs;
6)       trade union membership.
7)       Or any information that concerns an individuals health or wellbeing.

Principles:

Notice
MCG shall inform an individual of the purpose for which it collects and uses the Personal Information and types of non-agent third parties, if any, to which MCG discloses or may disclose such information.  Company shall provide the individual with the choice and the means for limiting the use and disclosure of their Personal Information.  Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Information to MCG, or as soon as practicable thereafter, and in any event before the Company uses or discloses the Information for a purpose other than for which it was originally collected.  (Note:  Such disclosures are currently contained in all group employment applications and employment agreements).

Choice
MCG will offer individuals the opportunity to opt out when ever their personal information is:

1)       to be disclosed to a third party;
2)       to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.

For Sensitive Personal Information, MCG will give individuals the opportunity to affirmatively or explicitly opt out or opt in to the disclosure of information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.  Company shall treat Sensitive Personal Information from an individual the same as the individual would treat and identify it as Sensitive Personal Information.  (Note:  sometimes in the course of dealings with clients, especially ones which are federal or state agencies we are requested to provide certain information regarding national origin for security purposes.  Some clients in order to comply with EEOC regulations will seek racial background of our consultants.  Other than those specific instances we have no anticipation that such Sensitive Personal Information would ever be disclosed.)

Onward Transfers
Prior to disclosing Personal Information to a third party, MCG shall notify the individual of such disclosure and allow the individual the choice (opt out) of such disclosure.  MCG shall ensure that any third party for which Personal Information may be disclosed subscribes to the Principles or are subject to law providing the same level of privacy protection as is required by the Principles and agree in writing to provide an adequate level of privacy protection.

Data Security
MCG shall take reasonable steps to protect the Information from MCG loss, misuse and unauthorized access, disclosure, alteration and destruction.  MCG has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the Information from loss, misuse, unauthorized access or disclosure, alteration or destruction.  MCG cannot guarantee the security of Information on or transmitted via the Internet.

Access
MCG shall allow an individual access to their Personal Information and allow the individual to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of person other than the individual would be violated.  This is accomplished via our Knowledge management function.

Enforcement
MCG uses a self-assessment approach to assure compliance with this privacy policy and periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented and accessible and in conformity with the Principles.  We encourage interested persons to raise any concerns using the contact information provided and we will investigate and attempt to resolve any complaints and disputes regarding use and disclosure of Personal Information in accordance with the Principles.

If a complaint or dispute cannot be resolved through our internal process, we agree to dispute resolution using American Arbitration Association as a third party resolution provider.

Amendments
This privacy policy may be amended from time to time consistent with the requirements of the Safe Harbor.  We will post any revised policy on this website.

Information Subject to Other Policies

MCG is committed to following the Principles for all Personal Information within the scope of the Safe Harbor Agreement.  However, certain information is subject to policies of MCG that may differ in some respects from the general policies set forth in this privacy policy.

Contact Information
Questions, comments or complaints regarding MCG’s Safe Harbor Policy or data collection and processing practices can be mailed or emailed to:

MCG
Attn:  Director of Legal Affairs
1355 Peachtree St NE, Suite 700
Atlanta, GA 30309 
USA

[email protected]

Effective date: 1 July 2006