Privacy Policy - McDermott+Consulting

Privacy Policy

Effective Date: January 1, 2020


This Privacy Policy applies to Personal Information (as defined below) collected by McDermott+Consulting LLC (“McDermottPlus,” “we” or “us“) through, and any other website, application or digital service on or to which this Privacy Policy is linked or referenced (collectively, the “Services“). This Privacy Policy also applies to our data collection practices conducted offline. Unless we notify you otherwise, this Privacy Policy does not apply to any third-party website or service that you may access through the Services.


McDermottPlus is an affiliate of the law firm of McDermott Will & Emery LLP (“McDermott”). McDermottPlus does not provide legal advice or services. McDermott provides data processing services and IT infrastructure to McDermottPlus – please see Section 3 of this policy for more details. McDermott’s own Privacy Policy may be found here.


Please see our European Economic Area Privacy Policy for notice regarding processing by McDermottPlus and McDermott where the EU General Data Protection Regulation (GDPR) applies, including situations where (i) you are located in the European Economic Area (“EEA“) and we provide you with individual services or monitor your use of our website or mobile applications; or (ii) a McDermott entity processing your Personal Data is located in the EEA.


This Privacy Policy is incorporated into and made part of our Terms of Use. Please read this Privacy Policy and our Terms of Use carefully. When you submit or provide Personal Information to us, you consent to the collection, use and disclosure of your Personal Information as described in this Privacy Policy.


Accessibility for Those with Disabilities


If you require support or an alternative format to review this Privacy Policy, please contact us through any of the contact methods listed in Section 11 below (“Questions or Comments”).





The Effective Date of this Privacy Policy is set forth at the top of this webpage. As business needs change, we will review our practices regarding the collection and use of your Personal Information and we may amend this Privacy Policy as appropriate. The amended Privacy Policy supersedes all previous versions. Your continued use of the Services after the Effective Date constitutes your acceptance of the amended Privacy Policy.



In this Privacy Policy, “Personal Information” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, with an individual (e.g., you) or household. Personal Information does not include aggregated information to the extent that an individual’s identity cannot reasonably be derived from it.


The Personal Information we collect about you depends on your interactions and engagement with us. We may collect the following types of Personal Information:


Direct Identifiers such as your name, postal address, email address, phone numbers, birthdate, and unique personal identifiers.

Personal Records such as your signature, financial account and payment card information (for example, if you make payments to us directly from a personal account), and any background information provided by you or collected by us as part of our business analysis, client onboarding, regulatory compliance checks and other related processes. We may also collect your location data (should you visit a McDermottPlus office) including records of building and suite access and parking card use, and footage from workplace security cameras that indicate your location.

Protected Characteristics such as your age, marital status, gender, and (where necessary to fulfil our legal obligations or to provide you with a requested service) medical information (such as allergy details) and disability information (such as office accessibility requirements).

Commercial Information such as records of the products or services you purchase or obtain from us.

Internet Usage Information such as records of your use of our website or other online services. This may include your online identifiers, account names and passwords, IP address, details of your device, operating system and browser, and other information as described in Section 4 of this policy.

Client Information including information provided to or made available to us by or on behalf of you, as well as information generated by us in the course of providing our services to you.



We collect, use and disclose Personal Information for all lawful purposes in the operation and conduct of our business.


How We May Collect Personal Information


Directly From You: We may collect Personal Information through your use of the Services (such as when you register with us, participate in surveys and questionnaires or subscribe to newsletters and blog updates), when you provide us Personal Information in the course of us providing you services and when you otherwise provide Personal Information to us both online and offline.


Through Social Media: Certain Services may link to social media platforms and plug-ins, such as Facebook and Twitter (collectively, “Social Media“). When accessing the Services through a Social Media account, we may (depending on the applicable user privacy settings) automatically receive Personal Information from that Social Media platform. We may collect and use this Personal Information for the purposes described in this Privacy Policy or as described at the time the information is collected.


From Third Parties: We may collect Personal Information about you from third parties where such information is required for us to fulfil our legal obligations or to provide you with a requested service.


Through Gathering Service Usage Data, including for our Website: When you use the Services, we and our vendors may collect the Internet Usage Information that is collected by most browsers or automatically through your device. We also collect Usage Data through our use of Data Collection Technology. For more information about how we use Data Collection Technology, including cookies, please review Section 4; for more details on your choices please see Section 5. Where Usage Data includes Personal Information, or is combined with Personal Information, it will be treated as Personal Information itself – as described in Sections 2 and 3.


How We May Use Personal Information

We may use Personal Information for the purposes described at the time of its collection or as described in this Privacy Policy. For example, we may use your Personal Information:


To carry out any applicable contractual obligations that we have to you or third parties;

To verify your identity;

To process payments that you make to us;

To confirm registrations, respond to your inquiries or fulfill your requests – such as to register you for a seminar or to email you materials you have requested;

To send you information, such as legislative updates event announcements, that we think may interest you;

To enable you to provide us with further information;

If you contact us through the Services or through other methods both online and offline, to keep a record of your contact information and correspondence to use when responding to you;

To notify you about important information regarding changes to our terms, conditions and policies;

To analyze use of the Services to help us detect problems, identify usage trends and improve user experience; and

To protect against fraudulent or illegal activity.


How We May Disclose Personal Information


We may disclose your Personal Information for the following reasons and to the following categories of third parties:


With your consent. We may disclose your Personal Information to any party for whom your consent has been provided.

To our affiliated entities. We may disclose your Personal Information within our corporate family for the purposes described in this Privacy Policy and as required by law. For example, McDermott provides data processing services and IT infrastructure to McDermottPlus. For a list of our affiliated entities, including McDermott, please refer to the McDermott Legal Notices webpage.

To our vendors. We may disclose your Personal Information to third-party vendors that support our operations such as internet service providers, data analytics providers, external consultants, advertising networks, operating systems and platforms, and vendors that facilitate registering and hosting webcast and live events.

In relation to a corporate transaction. We may disclose and transfer your Personal Information if we are involved in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control (whether in whole or in part), including negotiation and diligence of such transaction.

As we believe to be necessary and appropriate. We may also disclose your Personal Information: (i) as permitted by law; (ii) if we determine that the disclosure of specific information is necessary to comply with the request of a law enforcement or regulatory agency or other legal process; (iii) to protect the legitimate rights, privacy, property, interests or safety of our company or our affiliated entities, customers, business partners, employees or the general public; (iv) to pursue available remedies or limit damages; (v) to enforce our Terms of Use; and (vi) to respond to an emergency.



We refer to cookies, web beacons (also known as pixel tags and clear GIFs) and other similar technology as “Data Collection Technology.“


A cookie is a small text file that is sent to or accessed from your web browser or your computer’s hard drive. A cookie typically contains the name of the domain (internet location) from which the cookie originated, the “lifetime” of the cookie (when it expires), and a randomly generated unique identifier. A cookie may also contain information about your computer, such as user settings, browsing history and activities conducted while using the Services.


A web beacon (also called a pixel tag or clear GIF) is a piece of computer code that enables us to monitor user activity and website traffic.


To learn more about cookies and web beacons, visit


How We Use Data Collection Technology: Data Collection Technology helps us improve your experience of the Services. In particular, we use analytics cookies to compile statistics about the use of the Services, help us analyze technical and navigational information about the Services and detect and prevent fraud. We also may use Data Collection Technology to collect information from the computer or device that you use to access the Services, such as your operating system type, browser type, domain and other system settings, as well as the language your system uses and the country and time zone in which your computer or device is located.


Additionally, we use analytics services, such as Google Analytics and Google Tag Manager, which use Data Collection Technology to analyze your use of our Website. For more information on Google’s privacy practices for Google Analytics, please visit You may prevent Google Analytics from recognizing you on our Website by deleting or disabling the relevant cookies. For more information, see Section 5, “Your Choices”.



Marketing Emails: If you do not wish to receive marketing-related emails from us, please click the unsubscribe link at the bottom of a marketing email, or email our  Privacy Officer at


Cookies and web trackers: Regular cookies generally may be disabled or removed using tools available as part of most commercial browsers, and in some instances blocked in the future by selecting certain settings. The choices available, and the mechanism used, will vary from browser to browser. Some web browsers (including some mobile web browsers) provide settings that allow you to control or reject cookies or alert you when a cookie is placed on your computer or device. You may also be able to reject mobile device identifiers by adjusting the appropriate setting on your mobile device. Such browser settings are typically found in the “options,” “tools” or “preferences” menu of your browser. You may also consult your browser’s “help” menu. For more information, please visit


Please note that tools from commercial browsers may not be effective with regard to Flash cookies (also known as locally shared objects), HTML5 cookies or other tracking technologies. For information on disabling Flash cookies, visit Please be aware that if you disable or remove these technologies, some parts of our Website may not work and when you revisit our Website your ability to limit browser-based tracking technologies is subject to your browser settings and limitations.


Although you are not required to accept cookies or mobile device identifiers, if you block or reject them, you may not have access to all features available through the Services.


Our Policy on Do Not Track Signals: Some web browsers incorporate a “Do Not Track” (“DNT“) or similar feature that signals to websites that a user does not want to have his or her online activity and behavior tracked. If a website that responds to a particular DNT signal receives the DNT signal, the browser can block that website from collecting certain Personal Information about the browser’s user. We follow the DNT signals we receive from your browsers.


Disable Google Analytics: You may exercise choices regarding the use of cookies from Google Analytics by visiting



California residents have the privacy rights listed below with respect to their Personal Information.


California’s “Shine the Light” Law


California Civil Code Section 1798.83 permits individual California residents to request certain information regarding our disclosure of certain categories of Personal Information to third parties for those third parties’ direct marketing purposes. To make such a request, please contact us at This request may be made no more than once per calendar year. We reserve the right not to respond to requests submitted other than to the email address above, or to the mailing addresses specified at the end of this notice.


California Consumer Privacy Act (“CCPA”)


Collection, Use and Disclosure of Your Personal Information in the Past Twelve Months: In the past twelve (12) months, we have collected the categories of Personal Information detailed in Section 2 (Information We May Collect), from the sources and for the purposes listed in Section 3 (Collection, Use and Disclosure of Personal Information). In the past 12 months, we have disclosed the following categories of Personal Information for the purposes and to the parties identified in Section 3: Direct Identifiers; Personal Records; Internet Usage information; and (where necessary to fulfil our legal obligations or to provide the relevant clients with their requested services), Protected Characteristics; Commercial information; and Client Information. In the past 12 months, we have not sold Personal Information and we will not sell Personal Information in the future, as we understand the term “sell” based on the CCPA and its implementing regulations.

The CCPA grants California residents additional privacy rights with respect to their Personal Information. Please note that the CCPA provides certain exceptions with respect to the Personal Information of California employees, job applicants, owners, directors, vendors, suppliers and contractors. If you are a McDermottPlus California employee, job applicant, partner or independent contractor or a vendor or supplier of McDermottPlus, you may not have any or all of the privacy rights listed below in connection with Personal Information we have about you in the context of that relationship with you.


The CCPA privacy rights include:


Request to Know: You have the right to request to know (i) the specific pieces of Personal Information that we collected about you; (ii) the categories of Personal Information that we collected about you in the past twelve (12) months; (iii) the categories of sources from which that Personal Information was collected, (iv) the categories of your Personal Information that we sold or disclosed in the past twelve (12) months; (v) the categories of third parties to whom your Personal Information was sold or disclosed in the past twelve (12) months; and (vi) the purpose for collecting and selling your Personal Information in the past twelve (12) months. You may exercise your right to request to know twice a year, free of charge.

Please note, in response to a request to know, we are prohibited from disclosing your Social Security number, driver’s license number or other government-issued identification number, financial account number, any health insurance or medical identification number, an account password or security questions and answers.


Request to Delete: You have the right to request that we delete the Personal Information that we collect from you. We may deny your request under certain circumstances, such as if we need to comply with our legal obligations or to complete a transaction for which your Personal Information was collected. If we are unable to fulfill your request for deletion, we will let you know the reason why.


Right to Non-Discrimination: If you choose to exercise any of your rights under the CCPA, we will not discriminate against you in any way. If you exercise certain rights, understand that you may be unable to use or access certain features of the Services.

Exercising Your Rights Under The CCPA


To make a request to know or request to delete, please contact the Privacy team for McDermott and its affiliates, including McDermottPlus, at 1-888-598-1660 or submit a consumer request at our web portal:


Only you or your authorized agent may submit a consumer request. You may submit a consumer request on behalf of your minor child. In order to respond to your consumer request, we will take steps to verify your identity before processing your request. To the extent possible, we will use our existing account authentication practices to verify your identity. Where necessary, we may request additional information about you so that we can verify your identity. Where we did not already hold that information, we will use it only for the purpose of verifying your identity and to process your request. If we cannot verify your identity based on the information provided, we will let you know that we are unable to fulfil your request.


Please note that if we maintain your Personal Information on behalf of a third party, we may need to refer you to that third party in order to respond to your request. If we cannot comply with your request, or with part of your request, we will explain the reasons in our response.


You may use an authorized agent to submit a request to know or a request to delete. When we verify your agent’s request, we may verify both you and your agent’s identity and request a signed document from you that authorizes your agent to make the request on your behalf. To protect your Personal Information, we reserve the right to deny a request from an agent that does not submit proof that they have been authorized by you to act on your behalf.



The Services may include links to third-party websites and services that we do not operate, such as social media plug-ins. If you visit a third-party website or service via a link on the Services, you are subject to that third party’s privacy practices and policies. This Privacy Policy does not apply to any Personal Information that you provide to third-party websites or services. A link to a third-party website or service does not mean that we endorse that third party or the quality or accuracy of the information presented on its website or service.



The Services are controlled and operated by us from the United States, and are not intended to subject us to the laws or jurisdiction of any state, country or territory other than the United States. Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers. Your use of the Services may involve the collection, processing, and transfer of information to or from countries outside of your country of residence, including the United States, which may have different data protection rules than those of your country. For visitors from the EEA, please see the European Economic Area Privacy Policy for McDermott and its affiliates.



We take reasonable precautions intended to help protect the Personal Information that we collect and store; however, no system or online transmission of data is completely secure. We cannot guarantee the security of information transmitted to or through the Services. Any transmission is at your own risk. Please use security measures to protect your Personal Information.



The Services are not directed to or intended for use by minors. Consistent with the requirements of the US Children’s Online Privacy Protection Act, if we learn that we have received information directly from a child under age 13 without his or her parent’s or legal guardian’s verified consent, we will use that information only to respond directly to that child (or his or her parent or legal guardian) to inform the child that he or she cannot use the Services. Subsequently, we will make commercially reasonable efforts to delete such information.



We welcome your questions and comments about this Privacy Policy or how we process your Personal Information. Please contact us using the information below, and we will respond to you as soon as reasonably possible.


By Mail: McDermott+Consulting LLC

Attn: Andrew Pope, C/O Sally Rosenberg

500 N. Capitol Street, NW

Washington, DC 20001


By Email: