Cerulli Associates is steadfast in its commitment to safeguarding the privacy and security of personal data belonging to our clients, employees, contractors, and other stakeholders. This Data Privacy Policy delineates our practices in relation to the collection, utilization, and disclosure of personal information in strict adherence to contemporary United States standards, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Gramm-Leach-Bliley Act (GLBA).

Scope

This policy is applicable to all personal data processed by Cerulli Associates, encompassing data related to clients, employees, contractors, and other pertinent parties. It pertains to both electronic and physical data and extends to all business activities undertaken by Cerulli Associates.

Data Collection

We collect personal data for a variety of legitimate purposes, including but not limited to:

• Provision of services to our clients
• Management of employee records
• Execution of research and analysis
• Compliance with legal and regulatory mandates

Personal data collected may include names, contact details, financial information, and other pertinent data necessary for the operation of our business.

Data Utilization

Personal data gathered by Cerulli Associates is utilized for the following purposes:

• Delivering and enhancing our products and services
• Communication with clients and stakeholders
• Conducting internal research and analysis
• Ensuring adherence to legal obligations

We ensure that personal data is processed lawfully, fairly, and transparently and utilized exclusively for the purposes for which it was collected.

Data Sharing and Disclosure

Cerulli Associates may disclose personal data to third parties under the following conditions:

• To service providers who assist us in the operation of our business activities
• When compelled by law or regulatory authorities
• With the explicit consent of the data subject
  

We mandate that third parties implement adequate safeguards to protect the personal data shared with them.

Data Security

We have instituted comprehensive security measures to protect personal data from unauthorized access, use, or disclosure. These measures include, but are not limited to:

• Encryption of sensitive data
• Implementation of access controls and authentication mechanisms
• Regular security assessments and audits
• Employee training on data protection protocols

We continually review and enhance our security practices to ensure the ongoing protection of personal data.

Data Retention

Cerulli Associates retains personal data only for the duration necessary to fulfill the purposes for which it was collected or as mandated by law. We have established data retention policies and procedures to ensure that data is securely deleted or anonymized once it is no longer required.

Data Subject Rights

Individuals possess the following rights with respect to their personal data:

• The right to access their personal data
• The right to rectify inaccurate or incomplete data
• The right to request the erasure of their data
• The right to restrict or object to the processing of their data
• The right to data portability

Cerulli Associates is dedicated to addressing data subject requests in a prompt and transparent manner.

Policy Updates

This Data Privacy Policy may be updated periodically to reflect changes in our practices, legal requirements, or industry standards. Stakeholders will be notified of any significant amendments and provided access to the updated policy.

Contact Information

For inquiries or concerns regarding this Data Privacy Policy or the processing of personal data, please contact our Data Protection Officer at:

Attn: Data Privacy Officer
699 Boylston St, 15th Floor
Boston, MA 02116

Telephone: 617-437-0084
E-mail: [email protected]

By adhering to this Data Privacy Policy, Cerulli Associates demonstrates its unwavering commitment to protecting personal data and maintaining the trust of our clients, employees, and stakeholders.