FTI Consulting, Inc. Privacy Practices

Below you will find FTI Consulting, Inc.’s Privacy Policy, Cookie Policy, and Policy on EU-US Data Privacy Framework (DPF), UK Extension to the EU-US DPF, and Swiss-US DPF (“Privacy Practices”). These policies apply to FTI Consulting, Inc. and its affiliated companies and subsidiaries (collectively “FTI Consulting”). PLEASE READ THESE POLICIES CAREFULLY. Our Asia Pacific Privacy Supplement contains additional information regarding certain laws in Asia and Australia.


FTI Consulting, Inc. Privacy Policy (Click for: Chinese – 点击中文, Chinese Policy Supplement, Français, Deutsch, Español)

FTI Consulting, Inc. Cookie Policy

FTI Consulting, Inc. Policy on EU-US Data Privacy Framework (DPF), UK Extension to the EU-US DPF, and Swiss-US DPF

Privacy Policy

Effective Date: January 7, 2021 -- Last Revised: October 23, 2023.

This policy applies to FTI Consulting, Inc. and its affiliated companies (collectively “FTI Consulting”).

FTI Consulting understands that your privacy is important to you and is committed to safeguarding the confidentiality and privacy of personal information entrusted to it.

This Privacy Policy describes how FTI Consulting handles and protects your personal information in connection with the hosting of this website, and the provision of its diverse business advisory services in the fields of corporate finance and restructuring, economic and financial consulting, forensic and litigation consulting, health solutions, strategic communications and technology ("Services"), as explained in more detail here: http://www.fticonsulting.com/services.

Assistance for the disabled

Alternative formats of this Privacy Policy are available to individuals with a disability. Please contact privacy@fticonsulting.com for assistance.

Notice at Collection

FTI Consulting collects the personal information described below for the purposes and for the period described below. We do not sell your personal information or disclose it for cross-context behavioral advertising (“sharing”). We also do not collect or process sensitive personal information for the purpose of inferring characteristics about you. To the extent you provide FTI Consulting with personal information about others, you are responsible for providing this notice to them.

These Privacy Practices covers the following topics:

  • Scope of this policy
  • Quick read
  • Who is your controller?
  • When do we collect personal information?
  • What types of personal information are collected and what do we use them for?
  • What is our legal basis for collecting personal information?
  • Disclosure of personal information to third parties
  • International hosting and transfer of information
  • Information security
  • Retention of your personal information
  • Your rights in jurisdictions covered by the GDPR and similar laws
  • Important additional information for California residents
  • Marketing
  • Children
  • Links
  • Changes to this policy
  • Contact us

Scope of this policy

This policy applies to personal information which is collected and/or used by FTI Consulting in its capacity as a controller as that term (or another term with equivalent meaning) is defined in the EU General Data Protection Regulation (GDPR) and other similar laws (e.g., Brazil’s Lei Geral de Proteção de Dados, the DIFC Data Protection Law 2020, etc.). California residents should also review the section of this policy addressing their rights. The contexts in which this might occur are explored under "When do we collect personal information" below.

When we provide Services to clients, we sometimes handle personal information as a processor (for example, the hosting of client data on our e-discovery platforms). This means that we process the information solely on the instructions of our clients, who retain control of the information.

Therefore, if our use of your personal information is not covered by this policy, you may need to contact the client (and controller) on whose behalf the processing of your information is carried out.

For purposes of these Privacy Practices, “Personal information” means information that is related to an identified or identifiable individual or is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or with a household.

Quick Read

FTI Consulting collects personal information from and on behalf of its clients (e.g. about their employees and customers) to provide business advisory services to those clients. It also processes client personal information to manage its relationship with those clients. Further, FTI Consulting also collects some personal information from visitors to this website, recruitment applicants, and attendees at FTI Consulting events.

FTI Consulting uses personal information to deliver its Services to clients. For its own purposes, it also uses personal information to analyze and improve how it delivers those services, to contact representatives of its clients or prospective clients and to market to them, and to administer recruitment and events.

If FTI Consulting uses your personal information, you may have certain important rights which you can exercise. The rights you will be able to exercise will depend on how and why FTI Consulting uses your information.

The primary point of contact at FTI Consulting for questions regarding your personal information is privacy@fticonsulting.com (or dataenquiriesemea@fticonsulting.com within the European Economic Area).

Who is your controller?

The FTI Consulting entity responsible for your personal information will be the entity that originally collected information from or about you. If you have a direct interaction with FTI Consulting (for example, you attend an FTI Consulting hosted event), the identity of your controller may be disclosed to you in connection with that interaction. If we process your personal information in the course of providing our Services to clients, your controller will be the FTI entity providing the Services (assuming those Services are provided as a controller, see above for an explanation). Please note that the contact details for all FTI entities in respect of data protection or privacy issues are the same, and are as set out below.

Your Acceptance

In respect of personal information collected over this and other FTI Consulting websites, your continued use of these websites constitutes your understanding of, and agreement to, the practices described in this Privacy Policy and elsewhere on the websites as well as any subsequent updates. Please see the additional information under the heading [Legal] for more information about our on-line terms of use and policies in general.

When do we collect personal information?

We collect information about you if:

  • you use this (or any other FTI Consulting) website;
  • you enquire about, or engage FTI Consulting to provide, its Services (either in a personal capacity, or as a representative for your employer or client);
  • the use of your personal information is reasonably necessary to provide our Services (in these circumstances, your personal information may be disclosed to us by our client who may, for example, be your employer or service provider, or we may obtain your personal information from a range of public or subscription sources, directly from you, or from your associates or persons known to you);
  • you apply for a position with FTI Consulting;
  • you attend an FTI Consulting hosted or sponsored event or webinar;
  • you visit a FTI Consulting exhibit booth at a conference or industry event;
  • you invest in FTI Consulting stock (please see our investor site for more information); or
  • you contact us with any other enquiry, complaint or notice.
  • we acquire a company or employer, or assets of a company or employer that has your information

What types of personal information are collected and what do we use them for?

The following is a summary of the types of personal information we collect, and the purposes for which that information is used.

Website Users

FTI Consulting collects your name, address, e-mail address, telephone number and any other personally-identifiable information which you voluntarily provide as “comments” when you submit an inquiry through the “Contact Us” tool. FTI Consulting also collects other background information about you in connection with career-related inquiries that you submit through its website.

FTI Consulting may also automatically collect personal information (through the use of cookies or similar technologies, including your IP address, device identifier, browsing patterns on its websites, click stream data, and HTP protocol elements) to ensure the effective operation of the website or in order to align the presentation of our Services more closely to your requirements (for example, processing information about your broad geographic location to serve you with a local version of this website). This tracking information is stored in an anonymous, aggregated and non-personal format, and is also used to understand and analyze trends, to administer the websites, and to learn about user behavior on the websites.

Please refer to our Cookie Policy for a more detailed overview on how FTI Consulting uses cookies.

In certain instances, FTI Consulting may use IP addresses to help identify you when FTI Consulting feels, in its sole discretion, that it is necessary to enforce compliance with this Privacy Policy, to protect its services, websites, systems, information, employees, business partners, subsidiaries, affiliates, users, customers or others, or when required by law or for law enforcement purposes.

FTI Consulting’s Former, Current and Prospective Clients

If you submit an enquiry to FTI Consulting about our Services (either over the website, or by emailing, telephoning or meeting with one of our colleagues), then we will process information such as your name, job title and contact information in order to respond to your enquiry.

If you attend an FTI Consulting event or webinar, or if you associate with an FTI Consulting colleague at, for example, an industry event or conference, then FTI Consulting may collect basic personal information, such as contact details, which you voluntarily provide (for example, by filling in a form or handing over a business card) in order to facilitate your participation in the event, and for the management of our relationship with you as an actual or prospective client.

If you or the organization you are associated with becomes an FTI Consulting client, then we may process your personal information in order to:

  • carry out "Know Your Client" checks and screening prior to starting a new engagement (as well as basic contact information, this may mean processing compliance related information such as proof of your identity, information about your professional background, history of directorships and, in some circumstance, details of any criminal convictions or adverse media coverage);
  • carry out background checks for the purposes of complying with anti-money laundering and terrorist financing laws;
  • carry out client communication, service, billing and administration;
  • deal with client complaints; and
  • administer claims.

Taking account of applicable marketing laws, we also process personal information about our clients (former, current and prospective) in order to:

  • send our clients newsletters, know-how, promotional material and other marketing communications;
  • invite our clients to events (and arrange and administer those events).

Performing Services for Our Clients

As discussed above, many of our Services involve the processing of personal information. In the majority of cases, personal information is provided to us in strict confidence, subject to restrictive undertakings on its use / disclosure.

Illustrative examples of the use of personal information in connection with our Services, and the legal bases we rely upon for using personal information, are set out in Annex 1 (Use of Personal Information for our Services).

Other Uses

If you apply for a position with FTI Consulting, we will need to collect personal information in order to consider your application, and during any interview and assessment phase.

If you enquire about, or decide to purchase stock in FTI Consulting, then we will collect (either from you or from your broker / investment manager) basic personal information required to register you as a stockholder.

If we hire you as a vendor, supplier or contractor, we will need to collect personal information in order to complete transactions and, where applicable, complete appropriate screening activities.

Finally, if you contact us for any other reason, we will collect basic contact details, as well as any other personal information relevant to the reason for your enquiry, in order to resolve that enquiry.


What is our legal basis for collecting personal information?

Certain laws, including the GDPR, require us to establish a ‘lawful basis’ for our processing of your personal information. In the majority of cases, processing will be justified on the basis that:

  • the processing is necessary for the performance of a contract to which you are a party, or to take steps (at your request) to enter into a contract (e.g. where you request certain Services as an individual client, or where we help advise your employer or service provider on fulfilling an obligation to you under a contract);
  • the processing is necessary for us to comply with a relevant legal obligation (e.g. where we are required to collect certain information about our clients for tax or accounting purposes, or where we are required to make disclosures to courts or regulators); or
  • the processing is necessary for the performance of a task carried out in the public interest (e.g. background checks for anti-money laundering and terrorist financing purposes); or
  • the processing is in our legitimate interests, subject to due consideration for your interests and fundamental rights (this is the basis we rely upon for the majority of the processing of personal information in connection with the provision of our Services, and also for the purposes of most client on-boarding, administration and relationship management activities).

In limited circumstances, we will use your consent as the basis for processing your personal information, for example, where we are required by applicable law to obtain your prior consent in order to send you marketing communications.

Before collecting and/or using any special categories of data (as that term is defined in the GDPR, or as an equivalent term is defined by other privacy laws), or criminal record data, we will establish a lawful exemption which will allow us to use that information. This exemption will typically be:

  • your explicit consent;
  • the establishment, exercise or defense by us or third parties of legal claims; or
  • other uses allowed by applicable law including context specific exemptions provided for under local laws of EU Member States and other countries implementing the GDPR and similar privacy laws, such as in relation to the processing of special category data for the purposes of preventing or detecting fraud in relation to instructions from potential clients.

Disclosure of Personal Information to Third Parties

FTI Consulting will not disclose your personal information to third parties other than as described in this Privacy Policy unless FTI Consulting has your permission or is required or permitted by law. FTI Consulting may share such information with its affiliates as necessary to carry out the purposes for which the information was supplied or collected. Similarly, third party contractors, consultants and/or vendors engaged by FTI Consulting to provide services may have access to your personal information. These third parties will be subject to their own data protection requirements providing the same or greater level of security provided by FTI Consulting and in most instances will also have entered into a written agreement with FTI Consulting which addresses the protection of your personal information.

FTI Consulting may also disclose your personal information for the purposes of:

  • responding to requests from law enforcement agencies, regulators or courts, or to subpoenas, search warrants, or other legal requests;
  • the prevention and/or detection of crime;
  • establishing legal rights or to investigate or pursue legal claims;
  • a merger, acquisition or corporate restructuring to which FTI Consulting is subject;
  • preventing risk of harm to an individual.

International Hosting and Transfer of Information

FTI Consulting is a global organization and may transfer certain personal information collected on its websites across geographical borders to FTI Consulting offices, personnel, or third parties located throughout the world. FTI Consulting may also store such information in a jurisdiction other than where you are based including outside of the European Economic Area (“EEA”).

FTI Consulting will take appropriate steps to ensure that transfers of personal information are in accordance with applicable law and carefully managed to protect your privacy rights and interests and transfers are limited to countries which are recognized as providing an adequate level of legal protection or where we can be satisfied that alternative arrangement are in place to protect your privacy rights. To this end:

  • Transfers of personal information to FTI Consulting's global offices are protected through contractual commitments (such as the Standard Contractual Clauses). FTI Consulting also maintains certifications under the EU-US DPF, the UK Extension to the EU-US DPF, and the Swiss-US DPF schemes, which continue to provide additional privacy safeguards.
  • Where we transfer your personal information outside FTI Consulting to third parties who help provide us with any of the activities described in this policy, we obtain contractual commitments (such as the Standard Contractual Clauses) from them in order to protect your personal information.
  • Where we receive requests for information from law enforcement, courts or regulators (who may be based overseas), we carefully validate these requests before any personal information are disclosed.

You have a right to contact us for more information about the safeguards we have put in place (including a copy of relevant contractual commitments) to ensure the adequate protection of your personal information when this is transferred as mentioned above.

Information Security

FTI Consulting has reasonable technical safeguards, security policies and procedures in place to protect personal information from unauthorized loss, misuse, alteration, or destruction. Measures we take include placing confidentiality requirements on our staff members and service providers, limiting access to your personal information on a "need to know" basis, and providing training to appropriate FTI Consulting personnel. We also maintain comprehensive policies addressing data incident response protocols. Our IT Security Program is audited on a regular basis.

Despite FTI Consulting's best efforts, however, security cannot be absolutely guaranteed against all threats.

Retention of your personal information

FTI Consulting retains your personal information for the period of time required for the purposes for which it was collected, any compatible purposes which we subsequently establish, or any new purposes to which you subsequently consent, or to comply with legal, regulatory and FTI Consulting policy requirements. This period of time will usually be the period of your, or the relevant client's, relationship or contract with FTI Consulting plus a period reflecting the length of time for which legal claims may be made following the termination of such relationship or contract. Some information (such as call recordings, tax records and certain information required to demonstrate regulatory compliance) may need to be kept for longer. Personal information will be kept for a shorter or longer period of time if so required by law or an FTI Consulting policy, if the information becomes subject to a legal hold (for example, following a communication from our regulator) or if we have identified through a data protection impact assessment that a different retention period is appropriate.

Your Rights in Jurisdictions Covered by the GDPR and Similar Laws

If your personal information is processed by an FTI Consulting entity in the EEA, Brazil or another jurisdiction that has adopted the GDPR or similar rules, then, subject to certain exemptions, and dependent on how and why we use it, you have certain rights in relation to your personal information. The rights described below may vary depending on the specific laws that apply to you.

We may ask you for additional information to confirm your identity before disclosing any personal information to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.

You can exercise your rights by contacting us. Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly or inform you if we require further information in order to fulfil your request.

We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.

Right to Access

You have the right to access personal information which FTI Consulting holds about you, together with certain information about how and why your personal information is processed.

Right to Rectification

You have a right to request us to correct your personal information where it is inaccurate or out of date.

Right to be Forgotten (Right to Erasure)

You have the right under certain circumstances to have your personal information erased. Your information can only be erased if it is no longer necessary for the purpose for which it was collected, and we have no other legal ground for processing the information.

Right to Restrict Processing

You have the right to restrict the processing of your personal information, but only where:

  • its accuracy is contested, to allow us to verify its accuracy; or
  • the processing is unlawful, but you do not want it erased; or
  • it is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise or defend legal claims; or
  • you have exercised the right to object, and verification of overriding grounds is pending.

Right to Data Portability

You have the right to data portability, which requires us to provide personal information to you or another controller in a commonly used, machine readable format, but only where the processing of that information is based on (i) consent; or (ii) the performance of a contract to which you are a party. Please note that FTI Consulting rarely relies upon consent as a legal basis, and the performance of a contract basis will only be relevant to the extent that you, as an individual, are party to a contract with FTI Consulting or a client, and our use of your personal information is necessary for the performance of that contract.

Right to Object to Processing

You have the right to object to the processing of your personal information at any time, but only where that processing is based on our legitimate interests. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.

If you have any specific concerns about this privacy policy or your data (including, without limitation, if you would like to exercise your right to access, review, erase, correct or discuss how your personal information is processed), please contact us via:

Email (for residents residing in the European Economic Area (EEA), the UK, the UAE, or anywhere Else in Europe, the Middle East or Africa): dataenquiriesemea@fticonsulting.com

Email (for residents of any country): privacy@fticonsulting.com

Post: Data Protection Officer, c/o the Legal department, FTI Consulting, Inc., 200 Aldersgate St, Barbican, London EC1A 4HD, United Kingdom

FTI Consulting will make all reasonable and practical efforts to comply with your request, so long as it is consistent with applicable law and professional standards.

In addition, under applicable local law you may have the legal right to lodge a complaint with the relevant supervisory authority or local data protection authority.

Important Additional Information for California Residents

This section provides information for California residents, as required under California privacy laws, including the California Consumer Privacy Act and its implementing regulations (“CCPA”). The CCPA generally requires that businesses provide California consumers information about how we use their personal information, whether collected online or offline, and this document is intended to satisfy that requirement. However, the CCPA notice requirement does not apply where we are providing services to our clients, receive personal data and use it solely to provide service to a client and function as a “service provider” within the meaning of the CCPA.

Job applicants should review the Notice at Collection and Privacy Policy for California Job Applicants.

Under the CCPA, “personal information” is any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household.

Categories of Personal Information that We Collect, Disclose, and Sell or Share

Below please find the categories of personal information about California residents that we may collect and may disclose to third parties or service providers for a business purpose. We describe the purposes of using the personal information in the “What types of personal information are collected and what do we use it for?” section, above, and, in more detail in Annex I, below.

CATEGORIES OF PERSONAL INFORMATION DO WE COLLECT?
NAME, CONTACT INFORMATION AND IDENTIFIERS: Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol (IP) address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers. Yes
CUSTOMER RECORDS: Paper and electronic customer records containing personal information, such as name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Yes
PROTECTED CLASSIFICATIONS: Characteristics of protected classifications under California or federal law such as race, color, sex, age, religion, national origin, disability, citizenship status, and genetic information. No
PURCHASE HISTORY AND TENDENCIES: Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. Yes
BIOMETRIC INFORMATION: Physiological, biological or behavioral characteristics that can be used alone or in combination with each other to establish individual identity, including DNA, imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information. No
USAGE DATA: Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a resident’s interaction with an internet website, application, or advertisement. Yes
GEOLOCATION DATA: Precise geographic location information about a particular individual or device. No
AUDIO/VISUAL: Audio, electronic, visual, thermal, olfactory, or similar information. Yes (for example, our phone systems include voicemail, and we might record training and other video calls with the participants' knowledge)
EMPLOYMENT HISTORY: Professional or employment-related information. Yes
EDUCATION INFORMATION: Information that is not publicly available personally identifiable information as defined in the federal Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99). No
PROFILES AND INFERENCES: Inferences drawn from any of the information identified above to create a profile about a resident reflecting the resident’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. No

Disclosures for Business Purposes

FTI Consulting does not disclose personal information for commercial purposes. FTI Consulting has disclosed each of the categories of personal information that it collects for the following “business purposes”, as that term is defined under the CCPA, in the last 12 months:

  • SERVICE PROVIDERS: For the business purpose of performing services on FTI Consulting’s behalf and, in particular, for the specific purposes described in “What types of personal information are collected and what do we use it for?” section, above, and, in more detail in Annex I, below.
  • AUDITORS, LAWYERS, CONSULTANTS, and ACCOUNTANTS engaged by FTI Consulting: For the business purpose of auditing compliance with policies and applicable laws, in addition to performing services on FTI Consulting’s behalf.
  • AFFILIATED COMPANIES: To other companies within the FTI family of companies for the business purposes of (1) auditing compliance with policies and applicable laws, (2) helping to ensure security and integrity, (3) debugging, (4) short-term transient use, (5) performing services on behalf of FTI Consulting, (6) internal research, and (7) activities to maintain or improve the quality or safety of a service or device.

No Sales or Sharing

We do not sell or share your personal information¸ where “share” means disclosing personal information to third parties for cross-context behavioral advertising. Without limiting the foregoing, we have not, and have no actual knowledge that we have, sold or “shared” the personal information of individuals of any age, including the personal information of children under 16, in the last 12 months.

Note on Sensitive Personal Information: FTI Consulting does not infer characteristics from sensitive personal information. FTI Consulting only uses sensitive personal information as necessary to perform its services, to ensure security and integrity, or for other purposes permitted by the CCPA without the right to opt out.

The Categories of Sources from Which We Collect Personal Information

  • You, as described in the section above titled "When do we collect personal information".
  • Service providers, for example, analytics providers, IT, and system administration services.
  • Affiliated companies, for example, so that we can assist other companies in the FTI Consulting family of companies in providing you with products or services.
  • Automated technologies, for example, browsing activity collected by automated technologies on the website.
  • Third parties, for example, lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services.
  • Public sources, for example, public databases.
  • Marketing/advertising companies, for example, from social media platforms, consumer research companies, and analytics or marketing/advertising companies.
  • Surveillance/recording technologies installed by FTI Consulting, for example, video surveillance in common areas of FTI Consulting facilities, voicemail technologies, and audio recording technologies with consent to the extent required by law.
  • Government or administrative agencies, for example, law enforcement, public health officials, and other government authorities.
  • Acquired entity, if FTI Consulting acquired another entity, we might collect personal information from that entity.

Aggregated and Deidentified Information

We may aggregate and/or deidentify information, use it internally, and disclose to third parties. Neither Aggregated Information nor Deidentified Information (defined below) is personal information.

  • “Aggregated Information” refers to information about a group of individuals from which the individually identifiable information has been removed. An example of Aggregated Information would be the statistic that 20 people used our website’s contact form on a given day.
  • “Deidentified Information” means information subjected to reasonable measures to ensure that the deidentified information cannot be associated with the individual. An example of Deidentified Information would be the data point that an unidentified visitor first entered the website through our main web page. We maintain Deidentified Information in a deidentified form and do not attempt to reidentify it, except that we may attempt to reidentify the information just to determine whether our deidentification processes function correctly.

California Residents’ Rights

California law grants California residents certain rights and imposes restrictions on particular business practices as set forth below.

Notice at Collection. We are required to notify California residents, at or before the point of collection of their personal information, the categories of personal information collected and the purposes for which such information is used.

Right of Deletion: California residents have the right to submit a verifiable request for the deletion of their personal information that we have collected about them, subject to certain exemptions, and to have such personal information deleted, except where necessary for any of a list of exempt purposes.

Right to Correct: California residents have the right to submit a verifiable request for the correction of inaccurate personal information maintained by FTI Consulting, taking into account the nature of the personal information and the purposes of processing the personal information.

Right to Know – Right to Specific Pieces: Up to twice in a 12-month period, California residents have the right to submit a verifiable request for specific pieces of personal information and to have this delivered, free of charge, either (a) by mail or (b) electronically in a portable and, to the extent technically feasible, readily useable format that allows the individual to transmit this information to another entity without hindrance. Please note that the CCPA’s right to obtain “specific pieces” does not grant a right to the whole of any document that contains personal information, but only to discrete items of personal information.

Right to Know – Right to Information: California residents have the right to submit a verifiable request that we provide them certain information about how we have handled their personal information, including the:

  • categories of personal information collected;
  • categories of sources of personal information;
  • business and/or commercial purposes for collecting and selling their personal information; and
  • categories of personal information that we disclosed for a business purpose, and for each category identified, the categories of third parties to whom we disclosed that particular category of personal information.

Submitting Requests. Requests to exercise these California rights may be submitted to privacy@fticonsulting.com or by contacting us at 833-708-0303 (toll free). We will respond to verifiable requests received from California consumers as required by law.

How We Will Verify Your Request. To verify your request, we match personal information that you provide us against personal information we maintain in our files. The more risk entailed by the request (e.g., a request for specific pieces of personal information), the more items of personal information we may request to verify your identity. If we cannot verify your identity to a sufficient level of certainty to respond securely to your request, we will let you know promptly and explain why we cannot verify your identity.

Right to Non-Discrimination, and Incentives. The CCPA prohibits discrimination against California residents for exercising their rights under the CCPA and imposes requirements on any financial incentives offered to California residents related to their personal information.

Authorized Agents. You may designate an authorized agent to exercise your right to know, to correct, or to delete. If an authorized agent submits a request on your behalf, the authorized agent must submit with the request another document signed by you that authorizes the authorized agent to submit the request on your behalf. In addition, we may ask you or your authorized agent to follow the applicable process described above for verifying your identity. You can obtain the “Authorized Agent Designation” form by contacting us at privacy@fticonsulting.com.

In the alternative, you can provide a power of attorney compliant with the California Probate Code.

Marketing

FTI Consulting may send you information related to its services, products and events that we believe are of interest to you. This information may be sent by post or via email. If at any point you no longer prefer to receive marketing communications from FTI Consulting you can (i) unsubscribe from FTI Consulting communications sent by email using a link provided in marketing emails sent from FTI Consulting; or (ii) contact us to exercise your right to prevent all forms of marketing (both post and email).

Children

FTI Consulting’s websites are not intentionally designed for or directed at children under the age of 16. It is FTI Consulting’s policy never to knowingly collect or maintain information about anyone under the age of 16, except as part of an engagement to provide professional services.

Links

FTI Consulting websites may contain links to other sites, including websites maintained by FTI Consulting affiliates that are governed by other privacy policies that may differ somewhat from this one. Users should review the privacy policy of each website visited before disclosing any personal information. To the extent that FTI Consulting provides links to third party websites, such links do not constitute an endorsement, sponsorship, or recommendation by FTI Consulting of the third parties, the third party websites, or the information contained on those websites, and FTI Consulting is not responsible or liable for your use of such third party websites. Where appropriate you should review the privacy polices of any websites or applications before submitting personal information.

Changes to this Policy

By using FTI Consulting websites you consent to the collection, use and storage of personal information as described in this Privacy Policy and elsewhere on the websites. FTI Consulting reserves the right to make changes to this Website Privacy Policy from time to time. FTI Consulting will notify you by posting amendments to the Privacy Policy on this website.

Contact Us

If you have questions or concerns regarding this policy or FTI Consulting’s personal data processing policies, please contact FTI Consulting at:

Via email (for residents residing in the European Economic Area (EEA), the UK, the UAE, or anywhere Else in Europe, the Middle East or Africa): dataenquiriesemea@fticonsulting.com

Via email (for residents of any country): privacy@fticonsulting.com

Via post: Data Protection Officer, c/o the Legal department, FTI Consulting, Inc., 200 Aldersgate St, Barbican, London EC1A 4HD, United Kingdom

If you are an EEA data subject, FTI Consulting’s appointed EU Representative and contact point under EU GDPR is FTI Consulting Management Solutions Limited. If you are a UK data subject, FTI Consulting’s appointed UK Representative and contact point under UK GDPR is FTI Consulting LLP.

ANNEX 1: USE OF PERSONAL INFORMATION FOR OUR SERVICES

SERVICE1 WHY IS PERSONAL INFORMATION USED? WHAT LEGAL BASES ARE RELIED UPON?
Corporate Finance In providing clients with advice on potential M&A transactions or corporate restructurings, or similar activities undertaken to assist clients with corporate operations, or in the event of an insolvency process, we may have access to client provided personal information about employees or customers (of either our client or the corporate target) which is relevant to our analysis of our client's position, for example, a spread sheet containing details of a target's key employees with their job titles and salaries. Legitimate interest in advising clients on corporate finance transactions or with respect to insolvency processes or arrangements involving consideration of a company's employee or customer base.
Global Risk and Investigations Practice ('GRIP') FTI Consulting carries out corporate investigation and business intelligence services for our clients. These require FTI Consulting's professionals to carry out research regarding companies and individuals of interest to our clients, by using a variety of carefully vetted techniques. These may include the researching of public registers and subscription -only databases, (typically off-the-record and anonymized) interviewing of professional and personal associates, and consultation of media sources. The personal information gathered in this field of work is necessarily diverse, and is typically compiled into a confidential report for the consultation and further use of our client. Legitimate interest in providing investigatory and intelligence services for clients which involve the detailed consideration of companies and persons identified by our clients.
Strategic Communications FTI Consulting has a team of experts who are experienced in designing and implementing communication strategies for clients. In order to provide clients with tailored, intelligence led strategies, FTI Consulting may be given, and may pro-actively collect through its own research, personal information about key individuals or parties involved in an issue or incident about which our client has requested communications advice. Legitimate interest in providing public relations consultation to clients, including in relation to the handling of situations relating to or involving particular individuals.*
Compass Lexecon Our Compass Lexecon business provides economic and financial advisory services, for example in the fields of securities litigation, mergers or anti-trust investigations and compliance. This may include providing advice to clients, courts, tribunals and regulators. Inputs to some of these analyses may necessarily include personal information provided for that purpose by the client, or disclosed by another party to a regulatory or judicial process. Such information may include: names; salaries, benefits or other remuneration received; or decisions taken or choices made about spending or other matters. Legitimate interest in providing economic and financial advisory services to clients, courts, tribunals and regulators in relation to a consideration of factors pertaining to staff, customers, the public interest, or other individual people or groups of people.*
Economic and Financial Consulting FTI Consulting provides economic, financial, valuation and accountancy advice to clients, courts, tribunals and regulators. Inputs to some of these analyses may necessarily include personal information provided for that purpose by the client, or disclosed by another party to a regulatory or judicial process. Such information may include: names; salaries, benefits or other remuneration received; or decisions taken or choices made about spending or other matters. Legitimate interest in providing economic, financial, valuation or accountancy advice to clients, courts, tribunals and regulators in relation to a consideration of factors pertaining to staff, customers or other individual people or groups of people.*
Forensic Accounting, Investigation, Analytics and Litigation Support FTI Consulting investigates suspected or actual financial irregularities or regulatory breaches and provides expertise, dispute resolution and litigation support for clients to resolve and remediate issues. We also address threat identification and compliance. This may include having access to personal information concerning names, salary and benefit information, job titles and professional history and email content of employees or business partners of the client requiring these services. Our work may require appropriate review of banking and trading account information, including detailed financial transactions of our client’s customers. Legitimate interest in providing forensic services to clients involving detailed examination of a client's business documents and information, including records of accounts and transactions of their customers.*
Health Solutions FTI Consulting's Health Solutions team provides advice to healthcare clients in relation to operational performance improvement, cost reduction/revenue generation, advisory and implementation requirements. In most cases, personal information which would identify underlying individuals is not provided, and in particular, information concerning health is not provided at a patient identifiable level. In some cases, non-sensitive information about a client's employees (names, job titles) may be required. Legitimate interest in providing specialist consultancy services to healthcare providers, commissioners and regulators, including in relation to the structure of make-up of their workforces.*
Tax (London) FTI Consulting's tax team advises on employee share incentive schemes, for which it may need access to details about the names, share allocations and national insurance numbers of a client's share scheme members, and on personal tax filings and VAT compliance, for which names, addresses, personal tax information and VAT information respectively may be required. Legitimate interest in providing advisory services to clients in the fields of share incentive schemes, tax filings and VAT compliance.*
Where the client is a natural person - performance of a contract to which the client is a party.

1 FTI Technology services are not included here as that business unit functions as a data processor for its clients.

*In all cases where legitimate interests is relied upon as a lawful basis for processing Personal Data, FTI Consulting takes steps to ensure that its legitimate interests are not outweighed by any prejudice to the rights and freedoms of the underlying data subjects. This is achieved in a number of ways, including through the application of principles of data minimization and security, and by taking steps to ensure that personal information is only collected or otherwise obtained where it is relevant to the provision of Services to a client, and where access to personal information for FTI Consulting is reasonably necessary for the provision of those Services.

COOKIE POLICY

Effective Date: October 2023.

This policy applies to FTI Consulting, Inc. and its affiliated companies (collectively “FTI Consulting”).

FTI Consulting is committed to safeguarding the privacy of your personal information and to being transparent about the technologies it uses. This Cookie Policy explains how and why cookies and similar technologies are used by FTI Consulting to improve and enhance your user experience when using our websites. This Cookie Policy should read in conjunction with the FTI Consulting Privacy Policy.

What are Cookies and other Tracking Technologies?

A cookie is a small text file containing small amounts of information that a website puts on a user’s computer (or mobile device) when you visit a website and is used by the website to send information to your browser and for the browser to return information to the website.

You can find more information about cookies
at: www.allaboutcookies.org and www.youronlinechoices.eu. For a video about cookies, please visit www.google.com/policies/technologies/cookies.

How do we use Cookies and other Tracking Technologies?

The information your browser sends to one of FTI Consulting’s websites is used for authentication and identification of your session and allows FTI Consulting to display the correct information on the website. FTI Consulting matches the cookie against your details so it can distinguish you from other users as you browse the site, which helps it to provide you with a good user experience. Most web browsers enable you to erase cookies, block cookies, receive a warning before a cookie is stored on your device or disable cookies. By clicking the “Use necessary cookies only” button on the cookies notice that appears on our website, you agree to our use of only the necessary cookies described in our cookie policy. Some functionality of the site may be affected. By clicking the “Allow all cookies” button on the cookies notice that appears on our website, you agree to our use of all cookies described in our cookie policy.

Logging: FTI Consulting records and stores details of the pages visited so that it can generate usage statistics. Except as otherwise provided in this Privacy Policy, FTI Consulting does not sell or share any information gathered to other companies.

Cookie retention: This website uses cookies which are persistent and non-persistent (session-based). While many of the cookies used on this website only last for the duration of your use of this website (session-based cookies), other cookies are persistent, i.e., stay in one of your browser's subfolders until you delete them manually or your browser deletes them.

What types of Cookies may be used?

First party cookies – First party cookies are set by the FTI Consulting website you are visiting and they can only be read by FTI Consulting.

Session cookies – Session cookies are used by the server to store information about user page activities so users can easily pick up where they left off on the server's pages. These are temporary cookie files, which are erased when you close your browser, and when you restart your browser and go back to the site that created the cookie, the website will not recognize you. You will have to log back in (if login is required) or select your preferences/themes again if the website uses these features. A new session cookie will be generated, which will store your browsing information and will be active until you leave the site and close your browser.

Persistent cookies – Persistent cookies are employed to store user preferences. These files stay in one of your browser's subfolders until you delete them manually or your browser deletes them based on the duration period contained within the persistent cookie's file. For Information on session and persistent cookies, see here.

Third party cookies – Third party cookies are set by a different organization to the owner of the website you are visiting. For example, the website might use a third-party analytics company that will set its own cookies to perform this service (for example, as described below, this website uses Google Analytics).

What cookies does FTI Consulting websites use?

The cookies used on our site may fall into the following categories:

  • Necessary – Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
  • Preference – Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
  • Statistics – Statistics cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
  • Marketing – Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third-party advertisers.
  • Unclassified – Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.

A list of all the cookies used on this site by category is detailed below.

Note: This website does not use any cookies which retain personal information about you after your session ends.

The table below provides additional details on the specific cookies used on FTI Consulting’s website:

File Name Type Description Duration
__RequestVerificationToken Necessary Helps prevent Cross-Site Request Forgery (CSRF) attacks. Session
ASP.NET_SessionId Necessary Preserves the visitor's session state across page requests. Session
CookieConsent Necessary Stores the user's cookie consent state for the current domain 1 year
rc::a Necessary This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website. Persistent
rc::c Necessary This cookie is used to distinguish between humans and bots. Session
 __coveo.analytics.history Necessary Necessary in order to optimize the website's search-bar function. The cookie ensures accurate and fast search results.  Persistent
 _ga Statistics Registers a unique ID that is used to generate statistical data on how the visitor uses the website.  2 years
 _gat Statistics Used by Google Analytics to throttle request rate 1 day
 _gid Statistics Registers a unique ID that is used to generate statistical data on how the visitor uses the website. 1 day
 AnalyticsSyncHistory Statistics Used in connection with data-synchronization with third-party analysis service. 29 days
 collect Statistics Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels. Session
 coveo_visitorId Necessary Saves information of actions that have been carried out by the user during the current visit to the website, including searches with keywords included. 9999 days
 image.aspx Statistics Registers statistical data on users' behavior on the website. Used for internal analytics by the website operator. Session
 nmstat Statistics This cookie contains an ID string on the current session. This contains non-personal information on what subpages the visitor enters – this information is used to optimize the visitor's experience. 999 days
 SC_ANALYTICS_GLOBAL_COOKIE Statistics Used by Sitecore Engagement Analytics to identify the visitor on repeat visits to the website. 10 years
 bcookie Marketing Used by the social networking service, LinkedIn, for tracking the use of embedded services. 2 years
 bscookie Marketing Used by the social networking service, LinkedIn, for tracking the use of embedded services. 2 years
 fti-partial-language-setting Preference Partial language (translation) setting for some locations/experts pages. Session
 IDE Marketing Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user. 1 year
 lidc Marketing Used by the social networking service, LinkedIn, for tracking the use of embedded services. 1 day
 pagead/1p-user-list/# Marketing Tracks if the user has shown interest in specific products or events across multiple websites and detects how the user navigates between sites. This is used for measurement of advertisement efforts and facilitates payment of referral-fees between websites. Session
 test_cookie Necessary Used to check if the user's browser supports cookies. 1 day
 UserMatchHistory Marketing Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences. 29 days
 TUUID_LU Marketing Used for analytics and advertising services provided by Demandbase products. 13 months
 TUUID Marketing Used for analytics and advertising services provided by Demandbase products. 13 months
 france#lang Preference Allows the regional site to enable the display of the site in French. Session
 germany#lang Preference Allows the regional site to enable the display of the site in German. Session
 domain_tracker/bdo/# Necessary Collects data on the user's visits to the website, such as the number of visits, average time spent on the website and what pages have been loaded with the purpose of generating reports for optimizing the website content. Persistent
 experience_tracker/bdo/# Necessary Collects data on the user's visits to the website, such as the number of visits, average time spent on the website and what pages have been loaded with the purpose of generating reports for optimizing the website content. Persistent
 Testcookie Necessary This cookie determines whether the browser accepts cookies. Session
 _pxhd Marketing This cookie is used by ZoomInfo and is related to the PerimeterX security layer to prevent bot attacks. 13 months
 _cfduid Marketing This cookie is used by ZoomInfo for Cloudflare. Cloudflare is the Network Security protocol that ZoomInfo uses to orchestrate the rate limiting rules which prevent abuse. 13 months
 VisitorId Marketing This cookie is how ZoomInfo Websights identifies recurring visitors. 13 months
 _ga_# Statistics Used by Google Analytics to collect data on the number of times a user has visited the website as well as dates for the first and most recent visit. 399 days
 AWSALB Necessary An Amazon Web Services tool for load balancing which optimizes user experience by Siteimprove 7 days
 AWSALBCORS Necessary An Amazon Web Services tool for load balancing which optimizes user experience by Siteimprove 6 days
 v2/tracker Marketing Used in context with video-advertisement. The cookie limits the number of times a user is shown the same advertisement. The cookie is also used to ensure relevance of the video-advertisement to the specific user. Session
 li_gc Marketing Stores the user's cookie consent state for the current domain 179 days
 li_sugr Marketing Collects data on user behavior and interaction in order to optimize the website and make advertisement on the website more relevant. 3 months

As noted, FTI Consulting websites use Google Analytics, a web analytics service provided by Google, Inc. ("Google") to help analyze how users use the site, for example which pages are most frequently visited. The information generated by a Google Analytics cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

If the way FTI Consulting uses cookies changes significantly (e.g. a new cookie being added with different functionality), FTI Consulting will inform you from the log in page. This detail will always be available to you from the navigation links at the bottom of all pages.

What if I don’t want cookies to be used?

By clicking the “I Accept” button on the cookies notice that appears on our website, you agree to our use of all cookies described in our cookie policy. If you do not accept the use of cookies, only “essential” cookies will be placed, but some functionality of the site may be affected. If you want to remove existing cookies from your device you can do this using your browser options. If you want to block future cookies from being placed on your device you can change your browser settings to do this. Please note that if you use your browser settings to block the use of all Cookies it may impact certain functionality on the FTI Consulting websites or degrade your browsing experience.

Contact Us

If you have questions or concerns regarding this policy or FTI Consulting’s personal data processing policies, please contact FTI Consulting at: privacy@fticonsulting.com.

POLICY ON EU-US DATA PRIVACY FRAMEWORK (DPF), UK EXTENSION TO THE EU-US DPF, AND SWISS-US DPF**


EU-US DPF, UK Extension to the EU-US DPF, and Swiss-US DPF

FTI Consulting complies with the EU-U.S. DPF-, the UK Extension to the EU-US DPF, and the Swiss-US DPF (collectively the “DPF”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the member countries of the European Union (EU), the European Economic Area (EEA), the UK, and Switzerland to the United States (“Personal Information”). FTI Consulting has certified to the Department of Commerce that it adheres to the DPF Principles. If there is any conflict between the terms in this policy and the DPF Principles, the DPF Principles shall govern. To learn more about the DPF program, and to view FTI Consulting’s certifications, please visit www.dataprivacyframework.gov/s/.

FTI Consulting’s participation in the DPF applies to personal data received from the EU/EEA, the UK, and Switzerland. FTI Consulting will comply with the DPF Principles in respect of such personal data. Some types of Personal Information may be subject to additional privacy-related requirements and policies, which are consistent with the DPF Principles. For example:

  • Personal Information regarding and/or received from clients is also subject to any specific agreement with, or notice to, the client, as well as additional applicable laws and professional standards.
  • Personal Information regarding FTI Consulting personnel is subject to internal human resource policies.
  • Personal Information received via FTI Consulting’s websites is subject to this Web Privacy Policy.

Types of Personal Information Collected and Purpose for Collection

Personal Information from Client Engagements: FTI Consulting provides professional consulting services to its clients. FTI Consulting’s clients may send Personal Information to it for processing on their behalf as part of the consulting services they have purchased. For example, FTI Consulting may receive Personal Information such as name, email address, employment information, or financial data. FTI Consulting uses any such Personal Information to perform services for its clients and to administer and manage its relationships with its clients.

In the event that a client engagement involves a transfer of Personal Information from the EU to the United States, the relevant clients are responsible for providing appropriate notice, where required, to the individuals whose Personal Information may be transferred to FTI Consulting, including providing individuals with certain choices with respect to the use or disclosure of their Personal Information, and obtaining any requisite consent. FTI Consulting handles such Personal Information in accordance with its clients’ instructions.

Personal Information from FTI Consulting Website Use: FTI Consulting may collect Personal Information when you choose to access and use FTI Consulting’s websites. Please see the Website Privacy Policy for more information regarding the types of Personal Information collected and the purposes of collection.

Personal Information Regarding FTI Consulting Employees: FTI Consulting may transfer Personal Information regarding FTI Consulting personnel. This Personal Information may include, without limitation, business contact information, employee ID, job role and reporting line, demographic information, work history, compensation and performance ratings. FTI Consulting uses such information to administer and manage its business.

Choice and Accountability for Onward Transfer

FTI Consulting will not transfer, disclose, sell, distribute, or lease your Personal Information to third parties other than as described in this Privacy Policy unless it has your permission or is required or permitted by law (including to meet national security or law enforcement requirements). FTI Consulting may share such information with its affiliates as necessary to carry out the purposes for which the information was supplied, collected, or received. Similarly, third party contractors, consultants and/or vendors engaged by FTI Consulting to assist it in providing its services may have access to such Personal Information (these third parties must first agree to maintain the strict confidentiality of such information and provide the same level of data security as provided by FTI Consulting). FTI Consulting remains responsible and liable under the DPF Principles if third party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles.

Information Security and Data Integrity

FTI Consulting has reasonable security policies and procedures in place to protect Personal Information from unauthorized loss, misuse, alteration, or destruction.

Despite FTI Consulting's best efforts, however, security cannot be absolutely guaranteed against all threats. To the best of FTI Consulting’s ability, access to your Personal Information is limited to those who have a need to know.

Access

If FTI Consulting holds your Personal Information, under most circumstances you have the right to reasonable access to that data to correct any inaccuracies. You can also make a request to update or remove information about you by contacting privacy@fticonsulting.com, and FTI Consulting will make all reasonable and practical efforts to comply with your request, so long as it is consistent with applicable law and professional standards.

Recourse, Enforcement and Liability

FTI Consulting commits to resolve complaints about your privacy and its collection or use of your Personal Information in compliance with the EU-US DPF, the UK Extension to the EU-US DPF, and the Swiss-US DPF Principles. Please contact FTI Consulting at: privacy@fticonsulting.com should you have a DPF-related (or general privacy-related) complaint.

If you are a resident of the EU/EEA or UK, and you have a complaint related to this Policy that cannot be resolved with FTI Consulting directly, you may report your claim to the Data Protection Authorities located in your jurisdiction. If you are a resident of Switzerland, and you have a complaint related to this Policy that cannot be resolved with FTI Consulting directly, you alternatively may report your claim to the Swiss Data Protection Authority (Federal Data Protection and Information Commissioner). As further explained in the DPF Principles, a binding arbitration option will also be made available to you in order to address residual complaints not resolved by any other means.

FTI Consulting is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

Changes to this Policy

FTI Consulting reserves the right to make changes to this Policy on EU-US Data Privacy Framework (DPF), UK Extension to the EU-US DPF, and Swiss-US DPF from time to time. FTI Consulting will notify you by posting amendments on this website.

Questions and Comments

If you have questions or concerns regarding this policy or FTI Consulting’s Personal Information processing policies, please contact FTI Consulting at: privacy@fticonsulting.com.

**This policy covers FTI Consulting, Inc. and its subsidiaries including: Compass Lexecon LLC; FTI Capital Advisors, LLC; FTI Consulting (Government Affairs) Inc.; FTI Consulting (SC) Inc.; FTI Consulting Acuity LLC; FTI Consulting Platt Sparks LLC; FTI Consulting Realty, Inc.; FTI Consulting Technology LLC; FTI Consulting Technology Software Corp.; FTI Hosting LLC; FTI International LLC; FTI LLC; Sports Analytics LLC.

Sign up to get access to FTI Consulting Insights

Subscribe