Privacy Notice

Everest Group has a duty to handle your personal data responsibility, and we take that duty very seriously.  This Privacy Notice explains how we collect, handle, and protect your personal data. It applies to data collected through our websites, applications, and digital assets (collectively, our “Sites”), as well as through our business activities, including product and service offerings, research, events, surveys, and communications. This notice also covers instances where we interact with you.

This Privacy Notice explains who controls your personal information, what information we collect, why we collect and use it, who we share it with, and how we protect it, along with the tools you can use to manage your privacy. Any data and information that can be used (directly or indirectly) to identify you or another individual is referred to as “Information” in this Privacy Notice. In some countries, the use or storage of Information is called “processing,” and the word “use” includes all such “processing.”

We offer business and professional products and services that are not targeted to persons under the age of 18. If you are under the age of 18, we request that you not provide your information to us.

If you are an employee or contractor of an Everest Group customer or supplier, we may receive your personal data from them. We may have an agreement with such entities related to handling your personal data, however, where possible, we may also rely on our privacy notice to explain and, where appropriate, expand our rights to use that data.

You are not obligated to share your personal information with us. However, not doing so may limit Everest Group’s ability to provide you with the full range of products and services, optimal user experience, or access to our solutions, website services, or newsletters.

Please see our Terms of Use, available at www.everestgrp.com/terms-of-use, for more information about other terms and policies applicable to the use of our Sites.

If you have questions that are not answered in this Privacy Notice, you can contact us at [email protected] or by using the information in the “Contacting Everest Group” section at the end of this Privacy Notice.

In this Privacy Notice, “Everest Group,” “our,” “we,” or “us” refers to a group of affiliated research companies that are jointly branded as Everest Group. In this Privacy Notice, “you,” “your,” or “data subject” refers to individuals whose Information is being processed by Everest Group. Our companies work together in making decisions about how information is collected and used, and we are joint controllers of your information. Our parent company, Everest Global, Inc., d/b/a Everest Group, is located at 700 Central Expy S, Suite 400, Allen, TX 75013, US. The other companies included in Everest Group are Everest Group Consulting Limited (United Kingdom), Everest Outsourcing Canada Co. (Canada), Everest Business Advisory India Private Limited (India) and Everest Group Limited Czech Republic s.r.o. (Czech Republic).

Everest Group collects personal information about you in the course of our routine business activities. We may directly collect your information when you:

• Interact with our Sites, including when you manage your cookie preferences, as described in our Cookie Notice
• Visit our website or office
• Visit our social media site or use our mobile applications
• Correspond with us via email, voicemail, or physical mailing services
• Create, activate, access and/or use an Everest Group platform, user account, and/or license, including our AI-powered products
• Express an interest in or have signed up for our events, products or services, including newsletters, apps, extensions, webinars, and other digital offerings made on our website or social media sites
• Participate in public user posting areas (such as bulletin boards, discussion forums, and surveys) conducted or sponsored by Everest Group
• Register for and attend a virtual or in-person Everest Group event or conference
• Interact with Everest Group or its employees including on its Sites, by email, in-person, communication platform e.g., Teams, or telephone.
• Link your Everest Group account with an online profile.

Everest Group may also collect personal information about you from:

• Our customers
• Third parties, including our suppliers such as data brokers or aggregators

When we obtain personal information from third parties, it primarily consists of publicly available data collected from business websites, public-facing social media platforms, and other widely used public sources. Additionally, we receive deidentified datasets from select suppliers/service providers, which we maintain in deidentified form. In all cases, we strive to ensure that the third party has lawfully collected the data from appropriate sources and is authorized to share it with Everest Group for the intended purposes outlined in Section 5 below.

The types of Information we collect may depend on how you interact with Everest Group.  For instance, if you only browse our webpages, we will have less Information about you than if you create an account, request publications, engage us for research services, buy our research materials, or otherwise use our products or services.

4.1 Information collected during website browsing

(i) Information about website use

We collect various types of information about your use of our website, including your search history, products you view, purchase activity, what you clicked on and other uses of our features, the amount of time you spend looking at different parts of our website, and inferences we draw about your preferences, such as a preference for information about a certain type of business.

(ii) Browser and device information

We collect some information about the browser and device you use, including the browser type and settings, device type and settings, operating system, unique identifiers, version of the operating system or app you are using, IP address, crash reports, system activity, and the date and time you visited Everest Group’s websites.

(iii) Cookies and related information

Our website creates and collects some types of cookies and related information, including session cookies, persistent cookies, pixel tags and tracking pixels, information gathered by data analytics tools such as Google Analytics, and identifiers. Cookies are bits of electronic data that can be transferred to your computer or any other device to identify your browser. To get more information about cookies and how you can control them, click on the cookie preferences icon at the bottom left corner of our website, www.everestgrp.com.

(iv) Cookies from outside sources 

We want you to be aware that, apart from what is collected by our website, there may be cookies or related trackers used by other companies that collect information about you while you visit our website or other websites. We have no control over these types of cookies or trackers, but most website browsers have options that can assist you in controlling these types of outside-source cookies.

(v) Analytics

When you visit our websites, we collect certain technical and usage-related information to help us understand how visitors engage with our content and to improve the performance and relevance of our online services.

We use a variety of analytics and marketing tools, including third-party services such as Google Analytics and Marketo, to collect and analyze information about website traffic, user behavior, and engagement patterns. This includes details such as your IP address, browser type, pages visited, time spent on site, referring websites, and other similar identifiers.

We use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behavior patterns. We do this to find out things such as the number of visitors to various parts of the site. This information is only used in a way that does not directly identify any individual. We do not use Google Analytics to make any attempt to find out the identities of those visiting our website. If Google Analytics collects any data from our website that might indirectly allow identification (such as an IP address), it does not provide that data to us. Under its legal agreements, Google Analytics cannot use that kind of data or information itself without our consent, which we do not grant.

We use another third-party marketing automation and analytics platform, Marketo, to help us better understand the needs and interests of our market, customers, and potential customers. Marketo may access information that does or could identify you. Under its legal agreements with us, however, it can only use such information to provide services to Everest Group, as directed by Everest Group. We require Marketo to safeguard your information to the same high level that we do.

We may use analytics data—both aggregated and individual engagement history—to power AI-driven content personalization and recommendations. This enables us to tailor your experience on our digital platforms, including offering more relevant content, suggesting resources based on your interests, and improving search and navigation features. These AI-enhanced activities are conducted within Everest Group’s secure enterprise environment and are designed to optimize user experience without compromising your privacy.

You can manage your preferences regarding cookies and tracking technologies through your browser settings or our cookie banner, where applicable, by clicking on the cookie preferences icon at the bottom left corner of our website, www.everestgrp.com.

4.2 Information collected if you use our products or services 

(i) Registering, creating an account, or signing up for insights or newsletters

If you register, create an account, or sign up for insights or newsletters, we will collect all the information you enter, which may include your name, email address, address, telephone number, company, language preference, country of residence, and job title.  Once you have an account, you will be invited to provide other optional information, such as your areas of interest.

If you choose to log in via Single Sign-On (SSO), we process your authentication credentials securely through your selected Identity Provider (IdP) using industry-standard protocols such as OpenID Connect, OAuth 2.0, and/or SAML. Your IdP does not transmit your password to us; instead, it provides a secure token to verify your identity. Your login data is utilized solely for secure authentication, identity verification, and access control, in compliance with applicable data protection laws.

(ii) Information Collected When Using Our Internal or External Gen AI Tools

Everest Group uses generative artificial intelligence tools (“Gen AI”) in two capacities:

• Internal Gen AI, used by Everest Group personnel to improve research, insights, and operations
• External Gen AI, made available to clients to interact with Everest Group content, insights, or data

When you interact with us or any of our Gen AI tools, we may collect and process the following types of personal data:

• Identifiers: Name, email address, job title, company, IP address, etc. and any user profile data enriched through publicly available sources
• Content Interactions: Interactions, questions asked, to chatbots, dashboards used, prompts submitted, and documents uploaded or discussed
• Behavioral Data: Usage logs, engagement patterns, timestamps, and clickstream data
• Derived Data: Profiles or inferences generated from your interactions (e.g., interest in specific topics, likely business needs)
• Transcripts: Information from recorded calls or written communications input into our Internal Gen AI systems.

Everest Group’s proprietary External Gen AI assistant, named Tashi, is built upon an enterprise license with a reputable generative artificial intelligence provider and is not training that provider’s foundational Gen AI models. Tashi allows users to query Everest Group reports and selected public websites, and receive contextual responses generated using enterprise-grade AI technologies..

In addition to direct question-and-answer functionality, our Gen AI assistant, Tashi, incorporates algorithmic recommendation capabilities to enhance the user experience. The table below outlines how these recommendations work:

Algorithm recommendation capabilities of Everest Group Gen AI assistant

By using Everest Group’s External Gen AIs, including Tashi, or otherwise interacting with us (e.g. Teams, email) or other platform and systems providing information or data to Everest Group, you expressly consent and opt-in to Everest Group processing and using the information and data you provide—including personally identifiable information (PII) to improve and train Everest Group’s Internal Gen AI systems. This may include your queries, conversations transcripts, inputs, usage patterns, and related metadata. Such training is conducted within Everest Group’s secure enterprise environment and is intended to enhance the performance, accuracy, and contextual understanding of Everest Group’s Gen AI models.

You are responsible for ensuring that any data you input into our Gen AI products is authorized and lawful.

(ii) Engaging us for research services

If you or your company engage us for research services, or are considering a possible engagement, we will collect the information relating to you and your co-workers that is needed to prepare for, discuss, and perform the services, including the names, titles, email addresses, telephone numbers, and work addresses of you and any other people we will need to contact in connection with the services. We will collect commercial information, including information about the services you have chosen, and any additional information as needed for performance, invoicing, processing, and payment purposes.

We may utilize information collected through surveys, assessments, diagnostics, or other submissions (“Research Materials”) to support validation, research, benchmarking, and product enhancement efforts. Research Materials are typically anonymized and aggregated, and typically no organization or individual can be directly or indirectly identified.

(iii) Purchasing research materials

If you or your company purchase our research materials, or are considering a possible purchase, we will collect the information relating to you and your co-workers that is needed to prepare for, discuss, and fulfill the research materials’ orders, including the applicable names, titles, email addresses, telephone numbers, and work addresses of you and any other people we will need to contact in connection with the purchase.  We will collect commercial information, including information about the products you have chosen and additional information as needed for performance, fulfillment, invoicing, processing, and payment purposes.

(iv) Follow-up calls and emails, and in-person meetings

If you use our products or services (or may be considering using them), we may seek additional information via calls or emails. That information may include contact names, emails, and areas of interest. If you attend one of our presentations or meet us in person at conferences, we may collect information from you. For example, you might give us a business card or share your name, phone number, or email address and ask us to contact you.

Recordings. We may ask to record calls for training, quality and research purposes. If you do not want us to record your call, you have the option to opt out. If your call is already in progress, you may ask us to turn off the recording at the start of the call.

(v) Collection of payment card information by third parties

Everest Group will collect or retain your payment card on our system where you choose to pay for any of our products and services using your payment card. We use this personal data to process your payment and to prevent fraudulent transactions. Any information you provide in connection with payment card processing is governed by the payment card processors’ privacy policies and privacy notice, which we encourage you to read. We do this based on your consent to process this information.

(vi) Links to and from social media and websites of other organizations

Our webpages may provide links to other organizations’ websites, such as social media websites. You also may visit our webpage using links from such websites. This Privacy Notice does not apply to how those other organizations use information. We encourage you to read the privacy notices and policies on the other websites you visit.

4.3 Information collected when you register for or participate in an event

(i) Event registration

We use our registration process to collect personal data that you directly input into our registration forms, as well as on any other page we set up as an event organizer. Our purpose in collecting this information is so we can facilitate the event and provide you with an acceptable service. The lawful basis we rely on for processing your personal data is your consent under article 6(1)(a) & (f) of the GDPR. When we collect any information about dietary or access requirements, we also need your consent (under article 9(2)(a)) as this type of information is classed as special category data.

By completing the registration form you represent and warrant that you are the person making the registration or have the express authority from that person to make the registration on their behalf.

If you wish to attend one of our events, you will be asked to provide your contact information including your organization’s name and your job title, if hospitality services are offered, we may collect, store and process “special categories” of information such as any dietary requirements or access provisions you may need. This will be done only and to the extent permitted by law. We may also ask for payment if there is a charge to attend.

(ii) Event participation and related matters

In order to participate in certain of our in-person events, you may be issued a RFID or ‘Radio Frequency Identification’ Tag technology which allows for distance tracking through low-grade radio frequency, considered, under the GDPR, as an online identifier similar to cookies. You will be provided with these RFID tags at the entry of our events, as this is in our legitimate interest to manage the access to our events. Events might be recorded; hence pictures and videos may be collected too; in such cases, you may be informed via a specific notice at the location of recording. This material may be used later by us for further compatible purposes in accordance with this notice. Also, during the course of the events, we may collect from your data about you, which we later may use to contact you again in order to receive feedback and/or provide further commercial information about us. We may also obtain data from third parties including third party event organizers where the event is sponsored by Everest Group. Organizers might provide the attendee list. In such cases, the privacy statement of those third parties to whom you provide your personal data will apply to you.

4.4. Information collected when you interact with Everest Group

Business and Research Interactions: If you participate in Everest Group research activities—such as calls, inquiries, interviews, surveys, analyst briefings, or focus groups—we may collect insights you share, and with your knowledge, we may record audio or video of these sessions for note-taking, quality assurance, and content development purposes.

Where calls or virtual meetings are recorded, you will be informed at the outset. Recordings may be transcribed, summarized, or analyzed—potentially using AI tools—for the purpose of developing Everest Group’s research, insights, or related deliverables.

4.5 Additional Types and Sources of Information We May Collect

In addition to the specific categories described in Sections 4.1 to 4.4, we may collect or receive other types of personal information depending on the context of your interaction with Everest Group. These may include:

• Information from third-party sources – such as data aggregators, business intelligence platforms, event organizers, referral partners, social media platforms, publicly available databases, or commercial data providers. This may include professional profiles, business contact details, or inferred interests based on your industry and role.
• Inferences and analytical data – including insights generated from combining data sources or analyzing usage and engagement patterns across our platforms.
• User-generated or submitted content – such as comments, feedback, surveys, form submissions, or other content shared with us voluntarily.
• Interaction metadata – including timestamps, click paths, navigation patterns, or session durations that are not tied to a specific feature or tool.

This list is not exhaustive and is intended to complement the more detailed examples provided in Sections 4.1 through 4.4

We use your information for the following reasons/purposes: 

(i) Providing, improving, and marketing our services and products, performing contracts, and completing transactions

We use your information to determine what products or services you or other customers may prefer and to deliver those products or services to you. This includes things such as processing your account and information requests and preparing for and performing contracts. We also use your information to develop or improve new or existing products and services. For example, we track how you use our websites and platforms and use that information to troubleshoot issues and adjust things to improve your experience. We may use it to help market our goods or services to you, but we will not do so in a way that might impair your legitimate interests or fundamental rights.

(ii) To improve and monitor responsible use of Everest Group Gen AI products

Your data collected on Gen AI tools are used to personalize Gen AI responses and improve recommendations and analyze usage patterns for product improvement. We may also use your data to create and refine Everest Group’s research content, services, and marketing activities and identify relevant business contacts for outreach or account management. Your data will be used to monitor and ensure responsible use of our AI platforms and as described in our Notices and Disclaimers, available at www.everestgrp.com/notices-and-disclaimers and our Research Participation Terms, available at www.everestgrp.com/research-participation-terms.

(iii) General administration and organization of our events

As a speaker, exhibitor, sponsor or attendee of our events we may use your details for planning and logistics, to invoice you, to provide you customer service in relation to the event, and general administration of your attendance at the event.  We may also share your personal data with sponsors or vendors of the event, and we may share your personal data with other entities in the Everest Group for the purpose of assisting in the delivery of the event and/or provision of the applicable service. Where you have registered to attend or exhibit at an event, we need to use your personal data in this way to perform our contractual obligations.

We assess how people move around and engage with our events.  We do this using any apps you have activated or signed up to, and where you allow your badge to be scanned by exhibitors and staff at our events.   We use this information to fulfill contractual obligations, analytics, and to improve and enhance our events. It is our legitimate interest to monitor the location and engagement of our attendees at our events.

At our events, where you allow your badge to be scanned by an exhibitor or sponsor, or by attending an exhibitor or sponsor session, your contact details may be transferred to the exhibitor or sponsor.  When you hand your badge to an exhibitor or sponsor for them to scan, or by attending any sessions, you consent to your Personal Data being passed to the exhibitor or sponsor.  If you do not wish for your information to be passed on, please do not allow your badge to be scanned or attend the session. The third-party use of your details will be in accordance with its own privacy policy and is not covered by this Privacy Notice.

Where an event has a feature area such as a seminar or theatre, you may be asked to scan your badge on entry for the purpose of health and safety, analyzing attendance to improve and enhance events and share your data in some cases with the feature area partner or sponsor. When we scan your badge for entry to feature areas, we use legitimate interest for the purposes prescribed above.

(iv) Online event content & networking platforms (including, without limitation, digital apps)

As part of your registration to fully virtual (online) events & to live events that offer online networking and content as an additional service, some of your registration data will be passed to our networking application provider to create an account within the platform.

When entering an online event or content and networking platform you may engage in activities such as: visiting zones or rooms such as an online event space, exhibitor or sponsor booth; downloading content; attend/view live seminars.

As a result of such activities the platform, Everest Group (and any event partner, as may be applicable) may collect, collate and share your personal information and data, including about your movements and interactions whilst in the virtual event space with the relevant sponsor or exhibitor to allow them to engage with you, subject to applicable data protection laws.

In order to provide this service to you, your data will be given to the platform provider.  Your data will be protected by the platform provider and not commercialized by them. You have the right to access your data, as well as editing or deleting it through the tools provided within the mobile application or web platform.

(v) Recordings

Photos and videos may be taken at our events, which may feature attendees, speakers, sponsors or exhibitors. Where we have taken photos and videos at our events that feature you as an attendee, sponsor or exhibitor, to the extent permitted by applicable data protection laws, those photos and videos may be used for promotional or, where applicable, commercial purposes.

You may also be recorded on Teams or similar communication platforms. We may use these recordings as described our Notices and Disclaimers, available at www.everestgrp.com/notices-and-disclaimers and our Research Participation Terms, available at www.everestgrp.com/research-participation-terms.

(vi) Social Media

We may utilize your personal information to conduct advertising campaigns on various social media platforms like LinkedIn, Facebook, and Instagram. This is done to inform you about upcoming events or new products or services and to make sure that you only receive pertinent advertisements related to our products and services. To ensure that you are presented with ads that are relevant to your interests, we may also share your personal information with these social media platforms.

Through our company and brand pages, we have a presence on these social media platforms and collect personal information whenever you interact with us. It’s important to note that these platforms may set cookies and other tracking technologies on your device both while you’re on their pages and as you navigate away from them. The information collected may be shared with us for statistical purposes, to assess how users interact with our content on social media.

Please be aware that these social media platforms are solely responsible for how they handle your personal information. Information about how they collect and use your personal information, including instructions on how to disable cookies and other technologies, can typically be found in their respective privacy and cookie policies on their websites. We may also use your personal information for customer and prospect management, including analytics and product management.

(vii) Communicating with you

We use the contact information you provide us, such as your phone number and email address, to communicate with you about our products and services. This includes things like responding to comments, questions, and requests you send us. It also includes notifying you of any transaction or service updates and changes.

(viii) Use of cookies

We use cookies and other tools to gather information about how you view and use our products and services and content and to connect your activity with other data we store about you. The use of cookies helps us serve you better by understanding what you are interested in, tracking trends, and saving your preferences.

We use a cookies tool on our website to allow you to manage optional cookies. Cookies that are necessary for functionality, security, and accessibility are set and are not deleted by the tool. You can read more about how we use cookies and how to change your cookie preferences by clicking on the cookie preferences icon on the bottom left corner of our website, www.everestgrp.com

(ix) Legal, safety, and business continuity reasons

We may use your information to protect your rights or safety, or the safety of others, and to comply with judicial or governmental subpoenas, warrants, or orders. We may also use your information to detect, investigate, and prevent fraudulent transactions and other illegal activities and to protect the rights and property of Everest Group, its customers, and others. Further, we may store your information to satisfy our disaster recovery and business continuity obligations.

(x) Other uses of your information

Occasionally, there may be a reason we would like to use your information in a way that is not described here.

We understand that sharing information with third parties is a big responsibility.  We are committed to sharing information only when needed for a legitimate business or legal purpose and then only with recipients who will protect it.

(i) Service providers and suppliers

When Everest Group hires a service provider to help our business, or contracts with a supplier to provide a product or service, we may need to give them access to information to provide their product or service. We allow them to use the information to perform the service we have asked them to perform. We vet all service providers and suppliers.

(ii) Sponsors

Some of our events and products are co-branded, co-delivered or sponsored by third party exhibitors or sponsors. We may share your details with these third-party partners. The third-party partner’s use of your details will be in accordance with their notice provided and its privacy policy and is not covered by this Privacy Notice.

(iii) Selected third parties that we work for the purposes of delivering to you, product or services that you request from us

We may share your personal data with selected third parties that we work with, where necessary for the purposes of delivering to you products or services that you request from us.  For example, when you register to attend an event that we host, we may need to share your information with third party sub-contractors, service providers, suppliers, or other Everest Group entities. They may include IT and marketing technology host suppliers, web and data hosting providers, mailing houses, ad servers, logistics and general service contractors, catering/hotel/housing partners, freight forwarders, onsite health and safety partners, event registration partners, sales platform providers, communication tool providers, stand designers/builders/fitters, suppliers of sponsorship/marketing/PR collateral and other event collaboration partners. Where personal data is shared with third parties, we take reasonable steps to ensure it is handled in a manner that is consistent with the purposes outlined in this Privacy Notice and in accordance with applicable data protection requirements.

(iv) Legal and compliance transfers

When Everest Group needs to share data to satisfy a legal or regulatory requirement, including responding to a subpoena or other lawful government request for data, we will share information as necessary to comply with that requirement.  We may also share information if needed to enforce our legal rights, detect, or prevent fraud or security concerns, and protect public safety. If Everest Group is involved in a merger, acquisition, or any form of transfer or sale of some or all of its business, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, we may share your information in connection with that transaction.

(v) Public and de-identified data

As part of our business research and analysis, we may use and share information about individuals that is publicly accessible. For instance, we might quote a business statement that you have made at an industry conference or note your position at your company if that information is available through public sources. We may also include limited personal data—such as your name, title, or employer—that appears in our research products or services, where such information is sourced from publicly available or reputable third-party data providers. This may occur, for instance, when referencing executive leadership as part of company profiles or market landscape analyses. We may also share aggregated and/or deidentified information that cannot reasonably be used to identify you. We use this type of data to improve our services, identify trends, and generate industry insights, while minimizing any impact on individual privacy.

(vi) User engagement & activity data

We may share information with our organizational clients about how their employees use the Sites and the resources available to them through the Sites (e.g., how employees used certain features of the Sites, utilization trends, which features were most popular with the client’s employees).

Click here for a snapshot of how Everest Group collect, use and share your information

We only keep your information for as long as it is needed for the legitimate business purposes for which we collect it unless we are required by legal obligations to retain it for a longer period. For meeting our professional and legal requirements; establishing, exercising, or defending our legal rights; and for archiving and historical purposes we need to retain information for significant periods of time. You can view our specific retention policies by requesting them at [email protected].

We protect your information by following data protection principles and applicable data protection laws and implementing reasonable and appropriate data security measures.

8.1 The data protection laws and principles we follow

Everest Group complies with all the data protections laws that are applicable to us, including GDPR and the CCPA. We also follow the data protection principles of lawfulness, fairness, transparency, purpose limitation, data minimization, data accuracy, storage limitation, security, and accountability. We only use your Information in ways that are lawful, fair, and transparent. We only collect your information for the legitimate reasons we have explained in this Privacy Notice, and we will not use it for purposes inconsistent with those reasons. We will only collect the information needed for those reasons, and we will promptly correct any inaccuracies in your information. We will not keep your information longer than is needed for those purposes, and we will take appropriate measures to keep your information secure. We will be accountable and responsive if you make requests about your information.

8.2 The data security measures we take

We take reasonable and appropriate measures designed to protect your information and keep it secure. These measures include antivirus and antimalware software, encryption in transit, physical security systems, and restriction of access to those who have a need to know your information. Our detailed Information Security Policy may be viewed by requesting it at [email protected]

Under data protection laws, you have certain rights that we are obligated to inform you about. Some rights are applicable to everyone; other rights may depend on where you live and the reasons we have for using your information. Residents of the EU, California, and Nevada have additional rights, which are listed separately below.

We will not discriminate against you for exercising any of your data protection rights. However, if you limit the use of your information or close your account, we will not be able to offer you any products or services that require us to use that information.

9.1 Rights available to everyone

The rights listed in this section are available to you no matter where you live.

(i) Your right to know about the information that we have collected

You have the right to know what types of information we have collected, how we are using it, who we share it with, and how we collect it. We have tried to provide all the information in this Privacy Notice, but you can ask to confirm or explain our use of your information.

(ii) Your right to withdraw consent

If you have consented to the use of your information, you have the right to withdraw consent to use of your information at any time. You also have the right to unsubscribe from our group marketing emails.

(iii) Your right to object to the use of your information or to ask us to limit its use

You have the right to ask us to stop using your information in certain circumstances. You also have the right to ask us to stop using it in certain ways.

(iv) Your right to access your information and have errors corrected

You have the right to access and review your information and ask us to correct any information about you that you think is inaccurate. You also have the right to ask us to complete any information about you that you consider incomplete.

(v) Your right to complain about any suspected breach or misuse of your information

You have the right to notify us if you think we have allowed a breach or misuse of your information, and we have a duty to promptly investigate your claim, take corrective action where possible, and report to you what we have done.

(vi) Your right to a reasonable and timely response

You have the right to a timely response when you make a data protection request.  We always reply as promptly as we reasonably can. In the EU and the UK, we must respond within 30 days. For California residents, we must respond within 45 days. We may not be able to completely resolve your issues in those time frames, but, if not, we will let you know the reasons.

9.2 Additional rights available to EU residents

If you are a citizen or resident of the EU, you have additional rights, as listed below.

(i) Your right to erasure

You have the right, in certain circumstances, to ask us to delete certain information and to no longer store or use it.

(ii) Your right to a portable copy of your information

You have the right to obtain an easily readable and transferable copy of the information that you have provided to us pursuant to a consent or for performance of a contract if we store it in an automated format. You may request that we transfer this copy of your information to you or to someone else.

9.3 Additional rights available to California residents

If you are a California resident, then you have additional rights, as listed below.

(i) Your right to access and data portability

In certain circumstances, you may have the right to request that we disclose to you information about our collection and use of your personal data in the preceding 12 months, including: (a) you have the right to know what specific information we have collected about you,  (b) the categories of sources from which we collect or sell personal data, (c) the business or commercial purpose for which we collect personal data, (d) the categories of third parties with whom we share personal data, and (e) the categories of personal data disclosed for a business purpose or sold to third parties and the categories of third parties to whom such personal data was sold or disclosed. You have the right to obtain copies of it or to allow an agent to obtain copies of such information it.  We are not allowed to share your information unless we receive sufficient verification that you or your authorized agent is the one requesting the information.

(ii) Your right to erasure

You have the right, in certain circumstances, to ask us to delete certain information and to no longer store or use it. This foregoing is subject to our right to maintain your personal data for specific purposes permitted under CCPA.  If we are unable to comply with any such request, we will notify you.

(iii) Your right to opt out

You may have the right to request that your personal data is not sold to third parties. We do not sell your personal data for monetary consideration.

(iv) Your right to non-discrimination

You have the right to exercise any of the rights listed above (and any other rights under CCPA) without discrimination by us.

9.4 Additional right available to Nevada consumers

All companies are required to provide Nevada consumers a method to request that the company not sell their information. If you would like to submit a request not to sell your information, you may do so by sending an email to [email protected] with the text or subject “Do not sell my information.”

You can exercise any of your data protection rights in several ways. When a person makes a request to exercise their data protection rights, we refer to that request as a Data Subject Rights Request (DSRR). You can submit this request as follows:

• Please fill in our form Data Rights – Everest Group (everestgrp.com)
• You can email your data protection request to [email protected]. Please include your full name, email address, and a detailed description of what you are requesting
• You may also exercise your data protection rights verbally, but we recommend using one of the methods above so that we can better understand and more promptly respond to your request
• California Residents can exercise their rights by submitting the form CCPA Data Rights – Everest Group (everestgrp.com) or by clicking on the Do Not Sell My Information tab on the footer of our website

11.1 Managing cookie preferences

We use a cookies tool on our website to allow you to manage optional cookies. Cookies that are necessary for functionality, security, and accessibility are set and are not deleted by the tool. You can read more about how we use cookies and how to change your cookie preferences by clicking on the cookie preferences icon on the bottom left corner of our website, www.everestgrp.com.

11.2 Managing email preferences

If you have an account with Everest Group and are logged into it, you can select your email preferences through your account settings. You can select preferences to narrow the topics or the range of emails you receive.  You also can select “email opt out” to opt out of group emails and email subscriptions. Even if you unsubscribe from some email subscriptions, we may still need to email you with transactional or non-subscription information. For our group marketing emails, you can unsubscribe via a link at the bottom of the email.

11.3 Calls and text messages

Some of our accounts and services allow you to provide your phone number to us. If you share your number with us, we may call or text you, for example, to provide you information about the services or materials we provide. We will contact you via phone or text only in accordance with applicable legal requirements. Standard call and text rates apply, and you are responsible for such costs.

11.4 Do Not Track (DNT)

California laws require us to let you know how we respond to DNT signals, which is a privacy preference that you can set in certain web browsers. Everest Group does not recognize or respond to browsers related to DNT signals, as the industry is currently working toward a common approach to responding to DNT.

11.5 Do not sell my information

We do not engage in automated decision-making or profiling that could affect you or your rights. You can view a full listing of third-party cookies and opt out of their use by clicking on the cookie preferences icon on the bottom left corner of our website, www.everestgrp.com.  Please note that to the extent you are accessing everestgrp.com across multiple devices or platforms or if you clear your browser settings, you may have to opt out again. California Residents can exercise their rights by submitting the form CCPA Data Rights – Everest Group (everestgrp.com) or by clicking on the Do Not Sell My Information tab on the footer of our website

Everest Group’s offices and servers are located in multiple countries, and your information may be processed on servers located outside of the country where you live. Data protection laws vary among countries, with some providing more protection than others. Regardless of where your information is used, we apply the same protections described in this Privacy Notice.

If you are a resident of the EU, we need to meet special protection requirements if we transfer your information from the EEA region to a location outside of the EEA region. We satisfy those requirements by having EU-approved contracts, called Standard Contractual Clauses, among all Everest Group companies. These contracts legally require that we protect your information to the standards set by the EU, even outside of the EU.  If we transfer EU information outside of the EU to a non-Everest Group location, we will enter into Standard Contractual Clauses with the recipient or else ensure that the EU transfer requirements are met by other approved means.

We offer business and professional products and services that are not targeted to persons under the age of 18 years. Everest Group does not intentionally collect or maintain personal data about anyone under the age 18 years. If you are under 18 years old, please do not provide any personal data even if prompted to do so. If you believe that you have inadvertently provided your personal data, please ask your parent(s) or legal guardian(s) to notify us, and we will delete your personal data.

If you are a parent or guardian of a person under the age of 18 and you become aware of that the child has provided personal data to us without your consent, please contact [email protected] to exercise your access, rectification, erasure, limiting of processing and objection rights.

This Privacy Notice only covers our Sites and actions. We may link to other companies’ websites. Everest Group does not control those external websites, and we recommend that you review their privacy policies. This Privacy Notice does not cover the information used in connection with Everest Group employment, employment applications, recruitment, and contractors. Those areas are covered by separate policies available at the Privacy Notice for Applicants, Employees, and Contractors – Everest Group (everestgrp.com).

If you have any questions about this Privacy Notice or the privacy practices of Everest Group, you may contact us via email at [email protected] or via postal mail at the following address:

Everest Group

700 Central Expy S,

Suite 400, Allen, TX 75013 US

Our Data Protection Officer is Shaili Bhandari, and you can contact her at [email protected] or via the postal address above. You can also contact us via everestgrp.com/privacy-notice/data-rights to exercise your rights.

You have the right to lodge a complaint about the treatment of your personal information by contacting the data protection authorities in your home country or by contacting UK’s Information Commissioner’s Office at 0303 123 1113 or via https://ico.org.uk/concerns.

We are always reviewing our privacy practices to make sure they comply with this Privacy Notice. Sometimes, we may need to update the Privacy Notice to clarify information or reflect changes in our products, technology, or uses of information. When we post changes to this Privacy Notice, we will update the “last updated” date at the beginning of this Privacy Notice. It is your continuing responsibility that you periodically check this page to inform yourself of any changes in this Privacy Notice. You also agree that Everest Group has no obligation to proactively provide notice of updates and/or modifications.