Privacy & cookies

Last modified: November, 2025

Under various laws applicable in the jurisdictions we operate, we have a legal obligation to provide you with information about how we collect and process your information. We respect your privacy, and are committed to following the terms of this Privacy Policy while handling your personal information. 

It is important that you read this Privacy Policy together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are fully aware of how and why we are using your data.

DC Advisory is made up of different legal entities, details of which can be found on our Legal page. This Privacy Policy is issued on behalf of the DC Advisory Group (as defined under “Legal”) and references to “DC Advisory,” “we,” “us” or “our” in this Privacy Policy are references to the relevant company in the DC Advisory Group responsible for processing your data.

YOU ACKNOWLEDGE THAT WE USE SERVICE PROVIDERS AND THIRD-PARTY TECHNOLOGIES, INCLUDING COOKIES, PIXELS, WEB BEACONS, ANALYTICS SERVICES, AND OTHER TECHNOLOGIES THAT TRACK YOUR ACTIVITIES AND COLLECT DATA ABOUT YOU AS YOU NAVIGATE OUR WEBSITE. THESE THIRD PARTIES AND SERVICE PROVIDERS MAY INTERCEPT YOUR COMMUNICATIONS, COLLECT DATA ABOUT YOU, MONITOR YOUR INTERACTIONS WITH THE WEBSITE, TRACK YOUR ACTIVITIES ON OUR WEBSITE AND ACROSS DIFFERENT CHANNELS, AND MAY COLLECT ENOUGH INFORMATION ABOUT YOU AS YOU USE OUR WEBSITE TO BE ABLE TO IDENTIFY YOU ON THEIR OWN PLATFORMS (E.G., SOCIAL MEDIAL PIXELS).  BY USING THE WEBSITE, YOU SPECIFICALLY CONSENT TO THIS INTERCEPTION, TRACKING AND DATA COLLECTION.

A. PERSONAL INFORMATION WE COLLECT AND HOW WE USE IT

1. What is Personal Information?

Personal information means any information relating to an individual person who is identified or identifiable, directly or indirectly, including by reference to a particular identifier, and may include, for example, name, email address, date of birth, etc.

2. What Personal Information do we collect?

When you make a general enquiry through our contact page, we may ask you for your full name and contact information, such as email address and your company. We will also collect any personal information included in the message that you submit to us. If you enquire about experienced hires or graduate opportunities, we ask you to submit a CV and cover letter.

When you become our client or establish a client relationship with us, as an individual or on behalf of your organization, we require that you provide us with certain information about yourself, including name, permanent and mailing address, and email address. Additionally, please note that we have certain responsibilities under the US Department of the Treasury Financial Crimes Enforcement Network (“FinCEN”) Customer Due Diligence Rule (the “CDD Rule”), UK Money Laundering Regulations 2007 and other rules and regulations, to verify the identity and confirm the beneficial ownership of clients, and we may need to make certain inquiries and obtain certain information from you for that purpose. For example, we may need to obtain the date of birth, social security number (or passport or similar identification number) and a copy of the driver’s license and/or other similar documents from certain equity holders and senior management of a client.

During the course of any client relationship, we may also obtain personal information about you from other sources. For example, we may collect background information or financial information from and through third-party vendors to verify representations you have made and to comply with various regulatory requirements. For more details, see “Regulatory- United States- Anti-Money Laundering.”

We may collect payment data, such as data necessary for processing payments and fraud prevention, including bank account details and other billing information.

In connection with the registration for, and provision of access to, an event or seminar, we may ask for information about your health for the purpose of identifying and being considerate of any disabilities or special dietary requirements you may have. Any use of such information is based on your consent. We may also collect personal information regarding your preferences where it is relevant to services that we provide.

3. How is your Personal Information collected?

In certain circumstances, we may request and collect personal information from you directly, including the following:

1. When you or your organisation seek client services from us;
2. When you or your organisation subscribe to our services or publications or sign up to receive our marketing communications or to attend a DC Advisory event;
3. When you provide us with feedback, use the “contact us” section of our website, engage with any of our social media platforms that are connected to our website, or otherwise communicate with us; or
4. When you or your organisation provide (or offer to provide) services to us.

In addition, when you or your organisation interact with our website, we may automatically collect technical data about your computer equipment or device, IP address, general location information such as city, state or geographic area (but not your precise geolocation data), browsing actions and patterns and other clickstream information. We may collect this information using cookies or similar technologies. Please find details in our Cookie Policy below.

We may also collect personal information that is publicly available or engage third-party firms to collect personal information on our behalf, for example, such background check information or financial information that may be used to verify representations you have made and to comply with various regulatory requirements.

4. For what purposes will we use your Personal Information?

We use personal information for the following purposes or as otherwise described in this Privacy Policy or at the time of collection:

Delivery of Services. We may use personal information to:

1. Communicate with clients and other individuals in connection with providing financial advisory or other services; or
2. Respond to your requests, questions and feedback.

Marketing and communications. We may send you transaction announcements, market commentary, relevant sector briefings, DC Advisory announcements and other details of events or news updates. With any marketing communications that you receive from us, you will be provided with the option to opt out of future marketing communications. (You may also opt out of marketing communications by emailing marketing@dcadvisory.com at any time)

To comply with law. We may use and share your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.

For compliance, fraud prevention and safety. We may use your personal information and disclose it to law enforcement, government authorities and private parties as we believe necessary or appropriate to: (i) protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); (ii) audit our internal processes for compliance with legal and contractual requirements; (iii) enforce the terms and conditions that govern services that we provide; and (iv) prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.

With your consent. In some cases, we may specifically ask for your consent to collect, use or share your personal information, such as when required by law.

5. Will we share your Personal Information?

We may share personal information (and receive personal information from others) within the DC Advisory Group on a confidential basis, including with third parties that help us to provide our services or to operate our business, for example, IT, hosting, human resources services, email, marketing, client relationship management, event management and database management services.

We may need to share personal information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations, or as otherwise required to comply with applicable law.

We may also share personal information with our financial auditors, our insurers and insurance brokers and other professional advisers in the course of the advice we provide to our clients.

We may also sell, transfer or otherwise share some or all of our business or assets, including personal information, in connection with a business transaction (or potential business transaction) involving DC Advisory, such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution.

It is our policy not to provide personal information to third parties for those third parties’ direct marketing purposes without your consent.

6. How long will we keep your Personal Information?

We will retain personal information for as long as is necessary to fulfil the purposes for which we collected it, or as necessary to fulfil a legitimate business need, including to satisfy any legal, accounting or reporting requirements, to provide our services, to establish or defend legal claims, for business continuity purposes, or for fraud prevention.

When it is no longer necessary for us to retain your personal information, we will delete or destroy it.

7. How do we keep your Personal Information secure?

We will implement security measures intended to prevent personal information from unauthorized loss, use or disclosure, including physical and technical information security measures as well as organisational policies and procedures, however, you acknowledge that no methods are foolproof.

8. Will we transfer your Personal Information abroad?

The ultimate parent company for the DC Advisory Group is incorporated in Japan. We may share personal information with our parent or within the other entities within the DC Advisory Group, including our alliance partners, as appropriate, which are located across Europe, Asia and North America, for the purposes outlined in this Privacy Policy. The countries where we may need to transfer data may not provide the same level of data protection as the laws of your local jurisdiction.

9. Updates to this privacy policy

We may make changes to this Privacy Policy from time to time in order to reflect any changes to the way in which we process your personal information or changes in applicable law or regulatory requirements. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on our website. Any changes to this Privacy Policy will be effective upon our posting of the modified Privacy Policy (or as otherwise indicated at the time of posting).

We encourage you to review this Privacy Policy periodically to be informed of how we use your personal information.

10. Do Not Track

Do Not Track (“DNT”) is a concept promoted by certain regulatory authorities and industry groups for development and implementation of a mechanism that would allow internet users to control the tracking of their online activities across websites. Currently, various browsers (including Internet Explorer, Firefox, and Safari) offer a DNT option that allows a user to set a preference in the browser to not have his/her activities on the internet tracked. You can usually access your browser's DNT option in your browser's preferences. When a user’s browser is set to DNT, some cookies and other tracking technologies may become inactive, depending on how the website visited responds to DNT browser settings. If that occurs, the website visited will not recognize you upon return to that website, and some other features of a website may become unavailable or not function properly.

Our website responds to currently available global privacy control (“GPC”) signals.  However, keep in mind that this technology is relatively new, and it can be quite difficult to ensure no tracking occurs if the signals sent by this technology change as time goes by. We will use commercially reasonable efforts to keep our website up to date so that we can continue to respond to such opt-out request as the technology changes over time. 

If you choose not to be tracked while visiting our website, you can visit your browser privacy settings to make the selection, and specifically turn on a “do not track” or other global privacy control setting made available, to send signals that you wish not to have your information collected as you browse.  This election is often available under the cookies related privacy settings for your browser. We have enabled DNT settings by default for our users who are accessing our website from within the United States (although you can choose to override this default setting, if desired, by adjusting your cookie preferences).

Not all browsers have GPC extensions at this time.  Please visit the website for the company that offers your browser to see if they have a GPC extension and to learn how to download it. For example, Mozilla explains how to enable their experimental GPC control here: https://blog.mozilla.org/netpolicy/2021/10/28/implementing-global-privacy-control/.

11. Opting out of certain data processing

If you are a resident of certain U.S. states, you may have the right to opt out of our processing of your personal information for certain purposes.  If you are a California resident, please see the Information For California Residents section. If you are not a California resident but believe that you have such rights under applicable laws and would like to exercise such rights, you may contact us with such requests as set forth in the How to contact us section. 

12. How to contact us

If you have any questions or comments about this Privacy Policy or our collection and use of personal information, please contact us by email or postal mail at:

For parties in the United States:

DC Advisory
605 Third Avenue, 11th Floor
New York, NY 10158
Attn: Compliance Department

marketing@dcadvisory.com

 

For parties located outside of the United States:

DC Advisory
5 King William Street
London, EC4N 7DA
Attn: Compliance Department

compliance@dcadvisory.com

B. INFORMATION FOR CALIFORNIA RESIDENTS

This section of the Privacy Policy applies solely to California residents. We are required under the California Consumer Privacy Act of 2018 (the “CCPA”) to provide California residents with certain information about the rights granted to California residents under the CCPA and about our practices with respect to the handling of Personal Information. For the purposes of this section of this Privacy Policy, please note that certain terms, such as “Personal Information,” “Sale,” “Share” and “Sensitive Personal Information” have the meanings given to such terms in the CCPA, and not the common meanings of these terms in conversational English.  

1. California residents

California Civil Code Section § 1798.83, known as the “Shine the Light” law, permits users of our website who are California residents to request and obtain from us a list of what Personal Information (if any) we disclosed to third parties for direct marketing purposes in the preceding year, and the names and addresses of those third parties.  You may request this information from us no more than once a year, but such request will be handled by us free of charge to you.  To make such a request, please send an email to marketing@dcadvisory.com.

2. Do not track

Please see the Do Not Track section in the main body of this Privacy Policy. 

3. Privacy rights of California residents

Except where any such disclosures would require us to reveal a trade secret, as a California consumer, you have specific rights regarding how your Personal Information is collected and used:

A. The right to request that we disclose to you or your authorized agent acting on your behalf the following information covering the past 12 months, subject to certain exceptions and limitations:

                        i.         Specific pieces of Personal Information that we have collected.

                       ii.         The categories of Personal Information we have collected about you.

                     iii.         The categories of sources from which we collected Personal Information about you.

                      iv.         The categories of Personal Information Sold (as this term is defined in the CCPA), Shared for cross context behavioral advertising, or disclosed for a business purpose.

                       v.         The categories of third parties to whom we Sold, or with whom we Shared or disclosed your Personal Information for a business purpose.

                      vi.         The business purpose for which your Personal Information was collected, Sold and/or Shared.

                    vii.         The categories of Sensitive Personal Information to be collected and the purposes for which the categories of Sensitive Personal Information are collected or used and whether such information is Sold or Shared, except for such information that is collected or processed without the purpose of inferring characteristics about you.

B. The right to request correction of any inaccurate Personal Information that we maintain about you.

C.  The right to request that we delete your Personal Information, subject to certain exceptions (please see below for more information).

D. The right to request that your Personal Information not be Sold to or Shared with third parties. 

E. The right to request that we limit our use and disclosure of your Sensitive Personal Information such that we use such information solely to provide you our services or process your transactions.  

F. The right to be free from discrimination or retaliation for exercising any of the rights above (please see below for more information).

4. Data Deletion

As permitted by the CCPA, in the event you request deletion of Personal Information that we have collected about you, we, our service providers, and our contractors may be unable to comply with such a request if your Personal Information is necessary to:

A.             Complete the transaction for which the Personal Information was collected, provide a service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between us and you.

B.             Prevent, detect, and investigate security incidents, protect against malicious deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.

C.             Debug to identify and repair errors that impair existing intended functionality.

D.             Exercise free speech, ensure the right of another Consumer to exercise his or her right of free speech, or exercise another right provided for by law.

E.              Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with section 1546) of Title 12 of Part 2 of the Penal Code.

F.              Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of that information is likely to render impossible or seriously impair the achievement to such research, if you have provided informed consent.

G.             Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us.

H.             Comply with a legal obligation.

I.               Otherwise use your Personal Information, internally, in a lawful manner that is compatible with the context in which you provided the information.

5. Non-Discrimination

We will not discriminate against you or retaliate for exercising any of your CCPA rights. Specifically, we will not do any of the following unless permitted by the CCPA:

A.             Deny you services.

B.             Charge you different prices or rates for services, including through granting discounts or other benefits, or imposing penalties.

C.             Provide you a different level or quality of services.

D.             Engage in any retaliatory employment practices.

E.              Suggest that you may receive a different price or rate for services or a different level or quality of services.

However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA -permitted financial incentive we offer will reasonably relate to your Personal Information’s value. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.

6. Personal Information that we collect

We have collected the following categories of Personal Information for the following purposes within the last twelve (12) months:

Category of Personal Information	Categories of Sources of Collection	Business or Commercial Purpose for Collection
A. Identifiers.	Third-party data vendors Employees/job applicants/independent contractors Website users Customers, and their service providers and employees/contractors of customer prospective acquisitions From website activity From social media activity	To provide our services To identify potential customers To market our services To offer employment, to provide insurance and benefits, for background checks To comply with applicable laws For fraud prevention
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	Third-party data vendors Employees/job applicants/independent contractors Website users Customers, and their service providers and employees/contractors of customer prospective acquisitions From website activity From social media activity	To provide our services To identify potential customers To market our services To offer employment, to provide insurance and benefits, for background checks To comply with applicable laws For fraud prevention
C. Protected classification characteristics under California or federal law.	Employees Job applicants Customers, and their service providers and employees/contractors of customer prospective acquisitions	To provide our services To offer employment, to provide insurance and benefits, for background checks To comply with applicable laws
D. Commercial information.	Customers, and their service providers and employees/contractors of customer prospective acquisitions From website activity From social media activity	To provide our services To market our services For research and development
E. Biometric information.	None	None
F. Internet or other similar network activity.	From website activity From social media activity	To provide our services To market our services To improve our services (e.g., usage pattern data)
G. Geolocation data.	From website activity From social media activity	To market our services To improve our services (e.g., usage pattern data)
H. Sensory data.	None	None
I. Professional or employment-related information.	Customers, and their service providers and employees/contractors of customer prospective acquisitions Recruiters Employees Job applicants	To provide employment opportunities, and administer employee benefits To provide our services
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).	Employees Job applicants Recruiters	To provide employment opportunities, and administer employee benefits
K. Inferences drawn from other Personal Information.	None	None
L. Sensitive Personal Information.	Employees Job applicants Customers, and their service providers and employees/contractors of customer prospective acquisitions	To provide employment opportunities, to process payroll, and administer employee benefits To provide our services To comply with applicable laws

We do not knowingly collect any Personal Information of persons under the age of 16.

We allow the following third parties to control the collection of Personal Information (e.g., when you browse our website, these third parties may collect data and analytics about your internet activities):

A.             DealCloud, Inc.

B.             Salesforce, Inc.

C.             Spotler Netherlands B.V.

7. Do Not Sell or Share My Personal Information

We do not sell Personal Information in exchange for money. However, we use certain third-party cookies and analytics on our website to help us understand our website’s traffic, user engagement, and effectiveness, and some of these third-party providers may collect data about you as part of their services to us. Because we do not control their data collection, and these service providers may retain the information for themselves, this data collection is considered a “Sale” under the CCPA. We do not Share Personal Information (as the term “Share” is defined pursuant to the CCPA) for cross context behavioral advertising purposes.

As a California consumer, you have the right to opt out of the Sale or Sharing of your Personal Information to third parties.

In the twelve (12) months prior to the posting of this Privacy Policy, we have Sold to (but not in exchange for money, as discussed above) or Shared with third parties the categories of Personal Information about California residents set forth below, and for the purposes set forth below:

Categories of Personal Information Sold or Shared	Categories of Third Party to Which Personal Information Was Sold	Reason for Selling	Categories of Third Party with Whom Personal Information Was Shared	Reason for Sharing
A. Identifiers.	Our Service Providers (including cookies and analytics)	To market our services To understand our audiences To improve our services For research and development	None	None
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	Our Service Providers (including cookies and analytics)	To market our services To understand our audiences To improve our services For research and development	None	None
C. Protected classification characteristics under California or federal law.	None	None	None	None
D. Commercial information.	Our Service Providers (including cookies and analytics)	To market our services To understand our audiences To improve our services For research and development	None	None
E. Biometric information.	None	None	None	None
F. Internet or other similar network activity.	Our Service Providers (including cookies and analytics)	To market our services To understand our audiences To improve our services For research and development	None	None
G. Geolocation data.	Our Service Providers (including cookies and analytics)	To market our services To understand our audiences To improve our services For research and development	None	None
H. Sensory data.	None	None	None	None
I. Professional or employment-related information.	None	None	None	None
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).	None	None	None	None
K. Inferences drawn from other Personal Information.	Our Service Providers (including cookies and analytics)	To market our services To understand our audiences To improve our services For research and development	None	None
L. Sensitive Personal Information.	None	None	None	None

We do not knowingly Sell or Share any Personal Information of children under the age of 16.

8. Data Disclosure

In the twelve (12) months prior to the posting of this Privacy Policy, we have disclosed for a business purpose the categories of Personal Information about California residents set forth below, for the reasons set forth below:  

Category of Personal Information Disclosed for a Business Purpose	Category of Persons to Whom Personal Information Was Disclosed	Purpose for Disclosing for a Business Purpose
A. Identifiers.	Our service providers (which may include IT, hosting, human resources, email, marketing, social media management, client relationship management, event management, legal, consulting, diligence support, database management, payroll, and benefits services) Our cookies and analytics providers Law enforcement agencies and regulatory bodies Our financial auditors, insurers and brokers	To provide our services To identify potential customers To market our services To offer employment, to provide insurance and benefits, for background checks To comply with applicable laws For fraud prevention
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	Our service providers (which may include IT, hosting, human resources, email, marketing, social media management, client relationship management, event management, legal, consulting, diligence support, database management, payroll, and benefits services) Our cookies and analytics providers Law enforcement agencies and regulatory bodies Our financial auditors, insurers and brokers	To provide our services To identify potential customers To market our services To offer employment, to provide insurance and benefits, for background checks To comply with applicable laws For fraud prevention
C. Protected classification characteristics under California or federal law.	Our service providers (which may include IT, hosting, human resources, email, marketing, social media management, client relationship management, event management, legal, consulting, diligence support, database management, payroll, and benefits services) Law enforcement agencies and regulatory bodies	To offer employment, to provide insurance and benefits, for background checks To provide our services To comply with applicable laws
D. Commercial information.	Our service providers (which may include marketing, social media management, legal, consulting, diligence support, and client relationship management services) Our cookies and analytics providers	To provide our services To market our services For research and development
E. Biometric information.	None	None
F. Internet or other similar network activity.	Our service providers (which may include marketing, social media management, IT, hosting, email, event management and database management services) Our cookies and analytics providers	To provide our services To market our services To improve our services (e.g., usage pattern data)
G. Geolocation data.	Our service providers (which may include marketing, social media management, IT, hosting, email, event management and database management services) Our cookies and analytics providers	To market our services To improve our services (e.g., usage pattern data)
H. Sensory data.	None	None
I. Professional or employment-related information.	Our service providers (which may include human resources, recruiting, marketing, social media management, client relationship management, legal, consulting, diligence support, database management, payroll, and benefits services)	To provide employment opportunities, and administer employee benefits To provide our services
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).	Our service providers (which may include human resources, recruiting, payroll, and benefits services)	To provide employment opportunities, and administer employee benefits
K. Inferences drawn from other Personal Information.	None	None
L. Sensitive Personal Information.	Our service providers (which may include human resources, legal, consulting, diligence support, payroll, and benefits services)	To provide employment opportunities, to process payroll, and administer employee benefits To provide our services To comply with applicable laws

9. Sensitive Personal Information

As a part of our services, we may collect Sensitive Personal Information, as set forth above, and use it for the purposes described above.

You have the right to request that we limit our use and disclosure of your Sensitive Personal Information such that we use such information solely to provide you our services or process your transactions. To exercise this right, please click here, or contact us at marketing@dcadvisory.com.  

10. Data Retention 

Please see the How long will we keep your Personal Information? section herein. 

11. How to Exercise Your CCPA Rights

You can exercise all of your rights granted to you pursuant to the CCPA by clicking here or contacting us at (888) 310-7001.

In certain instances, the CCPA requires us to verify your identity before processing your request. In order to make a request pursuant to the CCPA, you must provide us with your name, email address, and the date and method of your last contact with DC Advisory. If you are requesting specific pieces of Personal Information that we have collected about you, you will also be required to email us at marketing@dcadvisory.com a signed declaration under penalty of perjury that you are a California resident and that you are the consumer whose Personal Information is the subject of the request. Note that we will not process your request to disclose specific pieces of information we have about you until we receive this signed declaration, and your request will not be considered timely submitted until we have this document in our possession. 

We will review the information you have provided against the information in our databases, and attempt to verify your identity.  However, please note that under certain circumstances, we may require you to provide additional information in order to allow us to confirm your identity and your residency before we can process your requests.  Also note that you are only entitled to make a Personal Information request up to twice in a 12-month period.

If you submit your CCPA request by email, please include “California Privacy Rights” as the subject line. If you make a request to exercise your rights under the CCPA by telephone, we may ask you to provide the request in writing so that we may verify your identity.

We will acknowledge your request within 10 days and respond to your request within 45 days or let you know if we need additional time or information to verify your identity (and if so, why).

Using an Authorized Agent

A California resident may use an authorized agent to submit a right to know request, a request to delete, a request to correct, a request for us to limit our processing of Sensitive Personal Information, or a request to opt-out of the Sale or Sharing of Personal Information by clicking here. To use an authorized agent for these purposes, both the California resident and their agent will be required to verify their identities with us. For this purpose, the agent will be required to submit a request with their own first and last name, the name of the company the agent works for, and contact details, in addition to the following information about the consumer on whose behalf they are making the request: the consumer’s name, email address, and the date and method of their last contact with DC Advisory.  In addition, the agent will be required to provide via email written authorization from the consumer to act on their behalf in making these requests. If we cannot authenticate the identity of the agent making the request, we may also require that the consumer confirm directly with us that they have in fact authorized their agent to act on their behalf. We may deny a request from an agent who cannot meet these requirements.  If the agent has provided us with a validly executed power of attorney pursuant to Cal. Prob. Code Sections 4121 to 4130, then a separate verification that the consumer has authorized the agent to act on their behalf will not be necessary.

C. INFORMATION FOR PERSONS WHOSE PERSONAL DATA IS PROCESSED BY EU ENTITIES

Our entities based in the EU comply with Regulation (EU) 2016/679 (General Data Protection Regulation or “GDPR”).

These entities and their contact details are:

Daiwa Corporate Advisory Austria GmbH
Albertgasse 35 1080
Vienna
Austria

Daiwa Corporate Advisory GmbH
Neue Mainzer Strasse 1
60311 Frankfurt am Main
Germany

Daiwa Corporate Advisory B.V.
De Lairessestraat 121-H
1075 HH Amsterdam
Netherlands

Daiwa Corporate Advisory SAS
17 rue de Surène
Paris 75008
France

Daiwa Corporate Advisory SL
C/ Serrano, 57
28006 – Madrid
Spain

Daiwa Corporate Advisory S.R.L.
Via Manzoni, 5
20121 Milano
Italy

IBI Corporate Finance Holdings Limited
33 Fitzwilliam Place
Dublin 2
D02 W899
Ireland

For any questions or concerns regarding the processing of personal data, please contact the compliance department at the address above or by emailing Data.Privacy@dcadvisory.com.

1. Lawful bases for processing Personal Data

We will only use your personal data when we are allowed to do so by law.

We process personal data subject to GDPR under one or more of the following legal bases:

·       Where it is necessary for our legitimate interests (or those of a third party) and your fundamental rights do not override those interests;

·       Where we need to comply with a legal or regulatory obligation (e.g. anti-money laundering regulations);

·       Where we need to perform a contract to which you are a party (e.g. to provide you with financial advisory services);

·       Where we need to comply with our rights or obligations under employment law regarding you becoming a member of our staff; or

·       Where you have expressly given us your consent.

2. Data Protection Rights

Under the GDPR, you have rights including:

·       a right of access: you have the right to ask us for copies of your personal data;

·       a right to rectification: you have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete;

·       a right to erasure: you have the right to ask us to erase your personal data in certain circumstances;

·       a right to restrict processing: you have the right to ask us to restrict the processing of your information in certain circumstances;

·       a right to object to processing: you have the right to object to the processing of your personal data in certain circumstances;

·       a right to withdraw your consent for us to use your personal data. You can withdraw your consent by contacting us (see below), although in some circumstances it may be lawful for us to continue processing without your consent where we have another legitimate reason (other than consent) for doing so;

·       a right to request that we transfer your personal data to you or a third party.  We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine readable format. This right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you. Please note that these rights might be subject to limitations or exceptions.

You can make a request to exercise any of these rights free of charge by contacting us at Data.Privacy@dcadvisory.com; however, we reserve the right to charge a reasonable fee if your request is manifestly unfounded, repetitive or excessive.

If you feel that we have not been able to resolve your query or concerns regarding our processing of your personal data, you may raise a formal complaint. If you remain unsatisfied with our response, you may take your complaint to the relevant privacy regulator.

For the German authority, Der Hessische Beauftragte für Datenschutz und Informationsfreiheit, further information is available on its website https://datenschutz.hessen.de, by email Data.Privacypoststelle, by telephone +49 611 1408-0 or by telefax +49 611 1408-900.

3. Transfers of Personal Data outside of the EEA

The countries where we may need to transfer personal data may not by law provide the same level of data protection as the laws within the EEA. We will ensure that any such international transfers are made in accordance with applicable legal requirements and subject to appropriate safeguards as required by GDPR, such as by using EU Standard Contractual Clauses adopted by the European Commission or other safeguards recognized by the European Commission. Please contact us at Data.Privacy@dcadvisory.com for further information about any such transfers or the specific safeguards applied.

D. INFORMATION FOR PERSONS WHOSE PERSONAL DATA IS PROCESSED BY UK ENTITIES  

Our entity based in the UK complies with the Data Protection Act 2018 (the "DPA") and the UK General Data Protection Regulation (“UK GDPR”).

This entity is and its contact details are:

Daiwa Corporate Advisory Limited
5 King William Street
London EC4N 7DA, United Kingdom

For any questions or concerns regarding the processing of personal data, please contact the compliance department at the address above or by emailing Data.Privacy@dcadvisory.com.

1. Lawful bases for processing Personal Data

We will only use your personal data when we are allowed to do so by law.

We process personal data subject to UK GDPR under one or more of the following legal bases:

·       Where it is necessary for our legitimate interests (or those of a third party) and your fundamental rights do not override those interests;

·       Where we need to comply with a legal or regulatory obligation (e.g. anti-money laundering regulations);

·       Where we need to perform a contract to which you are a party (e.g. to provide you with financial advisory services);

·       Where we need to comply with our rights or obligations under employment law regarding you becoming a member of our staff; or

·       Where you have expressly given us your consent.

2. Data Protection Rights

Under the UK GDPR, you have rights including:

·       a right of access: you have the right to ask us for copies of your personal data;

·       a right to rectification: you have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete;

·       a right to erasure: you have the right to ask us to erase your personal data in certain circumstances;

·       a right to restrict processing: you have the right to ask us to restrict the processing of your information in certain circumstances;

·       a right to object to processing: you have the right to object to the processing of your personal data in certain circumstances;

·       a right to withdraw your consent for us to use your personal data. You can withdraw your consent by contacting us (see below), although in some circumstances it may be lawful for us to continue processing without your consent where we have another legitimate reason (other than consent) for doing so;

·       a right to request that we transfer your personal data to you or a third party.  We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine readable format. This right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

Please note that these rights might be subject to limitations or exceptions.

You can make a request to exercise any of these rights free of charge by contacting us at Data.Privacy@dcadvisory.com; however, we reserve the right to charge a reasonable fee if your request is manifestly unfounded, repetitive or excessive.

If you feel that we have not been able to resolve your query or concerns regarding our processing of your personal data, you may raise a formal complaint. If you remain unsatisfied with our response, you may take your complaint to the relevant privacy regulator, which is the Information Commissioners Office (ICO) in the United Kingdom. Further information is available on the ICO website, at https://ico.org.uk/, or by telephone at 0303 123 1113.

3. Transfers of Personal Data outside of the UK

The countries where we may need to transfer personal data may not by law provide the same level of data protection as the laws within the UK. We will ensure that any such international transfers are made in accordance with applicable legal requirements and subject to appropriate safeguards as required by the DPA. Please contact us at Data.Privacy@dcadvisory.com for further information about any such transfers or the specific safeguards applied.

E. INFORMATION FOR PERSONS SUBJECT TO THAILAND DATA PROTECTION LAW 

We may also process personal information of those who are subject to Thailand’s Personal Data Protection Act B.E. 2562 (2019) (the “PDPA”), and thus we have prepared this section of this Privacy Policy to inform you regarding how we handle personal information according to the PDPA. For the purposes of this section of this Privacy Policy, “personal information” has the same meaning as “personal data” under the PDPA.  

1. Lawful bases for processing Personal Information

If processing of personal information is necessary for the performance of our services or for legal compliance and you do not provide such personal information to us, we may be unable to provide you with such services.

2. Privacy rights of data subjects

In accordance with the PDPA, you, as a data subject, have the following rights which are exercisable, subject to certain exceptions and conditions:

1.  To access your personal information;
2.  To rectify your personal information;
3.  To erasure or destroying of your personal information;
4.  To restrict the use of your personal information;
5.  To object to the collection, use and disclosure of your personal information;
6.  To data portability; and
7. To withdraw the consent.

In case we cannot comply with your request to exercise any of the rights of a data subject, or we fail to comply with the PDPA, you may make a complaint to the relevant regulator, including the Personal Data Protection Commission of Thailand.

In case where you have given us consent to process personal information, you have the right to withdraw such consent at any time. Should a withdrawal of any consent affect any transactions or provision of services, you will be informed at the time of such withdrawal request.

In order to exercise your rights or if you have any questions on how we process your personal information, you may contact us by using the contact details set out in Section G of this Privacy Policy.

F. COOKIE POLICY 

1. What are cookies and how are they used?

We use a technology called “cookies” as part of a normal business procedure. Cookies are small text files that are created by a web server and stored on your computer or device when you visit a website. They are not executable code and can only be read by (you and) the website that created them. You can view and edit the cookies on your computer or device like any other text file using a text editor (the contents are usually just strings of unique identifiers and date/timestamps). The website that created the cookie can read the contents when you are at their website.

Cookies are widely used across the internet; you may have hundreds of cookies on your computer at any one time. Each browser has its own set of cookies so, if you run multiple browsers, you will have multiple sets of cookies on your computer or device.

We use cookies to make a user’s experience of our website more efficient and to improve your browsing experience. We also use Google Analytics, which are third-party cookies that allow us to analyse how users use our website, for example, by counting the number of visitors to the website and calculating the average number of pages a user views. The data we obtain from Google Analytics is valuable in helping us to improve the quality and content of the website.

If at any time you wish to disable our cookies you may do so through the settings on your browser or via the cookie preference centre. These settings allow you to specify which cookies you will accept by type and often by specific websites using an exception list, for example, you can block all cookies and then list the website from which you will accept cookies.  Please note, however, that withdrawing your agreement to the use of cookies on our website will impair the functionality of the website.

2. List of cookies in use on this website

A. Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

B. Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Cookies	Cookie Subgroup	Lifespan	Cookies used	Description
ARRAffinitySameSite	www.dcadvisory.com	Days	First Party	ARRAffinitySameSite is used to ensure that requests from a client are routed to the same origin server during a browsing session, typically used in load balancing scenarios to maintain session integrity with sticky sessions.
ARRAffinity	www.dcadvisory.com	Days	First Party	This cookie is set by websites run on the Windows Azure cloud platform. It is used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session.
cf_chl_rc_ni	dcadvisory.com	Session	First Party	This cookie is set by Cloudflare. It is used internally by Cloudflare to identify production issues on clients.
OptanonAlertBoxClosed	dcadvisory.com	Days	First Party	This cookie is set by websites using certain versions of the cookie law compliance solution from OneTrust. It is set after visitors have seen a cookie information notice and in some cases only when they actively close the notice down. It enables the website not to show the message more than once to a user. The cookie has a normal lifespan of one year and contains no personal information.
_cfuvid	dcadvisory.com	Session	First Party	This cookie is set by Cloudflare. It is used to enforce security rate limits on the website.
cf_chl_*	dcadvisory.com	Session	First Party	This cookie is set by Cloudflare. It is used to check whether Cloudflare Edge server supports cookies. It can be deleted if seen.
OptanonConsent	dcadvisory.com	Days	First Party	This cookie is set by the cookie compliance solution from OneTrust. It stores information about the categories of cookies the site uses and whether visitors have given or withdrawn consent for the use of each category. This enables site owners to prevent cookies in each category from being set in the users browser, when consent is not given. The cookie has a normal lifespan of one year, so that returning visitors to the site will have their preferences remembered. It contains no information that can identify the site visitor.
__cf_bm	dcadvisory.com	A few seconds	First Party	This cookie is set by Cloudflare. It is used to support Cloudflare Bot Management, currently in private beta. It is used as part of our bot management service, this cookie helps manage incoming traffic that matches criteria associated with bots.
cf_chl_rc_m	dcadvisory.com	Session	First Party	This cookie is set by Cloudflare. It is used internally by Cloudflare to identify production issues on clients.
cf_chl_rc_i	dcadvisory.com	Session	First Party	This cookie is set by Cloudflare. It is used internally by Cloudflare to identify production issues on clients.
CF_Authorization	dcadvisory.com	Session	First Party	This cookie is set by Cloudflare. When you protect a site with Cloudflare Access, Cloudflare checks every HTTP request bound for that site to ensure that the request has a valid CF_Authorization cookie.
__cflb	dcadvisory.com	Session	First Party	This cookie is set by Cloudflare. It is used for Load Balancer session affinity.
_ga_xxxxxxxxxx	dcadvisory.com	Days	First Party	This cookie name is set by Google Tag Manager. It does not store personal data and is used to load scripts on websites where required, according to your consent.
__cfruid	dcadvisory.com	Session	First Party	This cookie is set by Cloudflare. It is used to enforce security rate limits on the website.
cf_clearance	dcadvisory.com	Days	First Party	This cookie is set by Cloudflare to stores the proof of challenge passed. It is used to no longer issue a challenge if present. It is required to reach an origin server.
__cf_bm	fonts.net	A few seconds	Third Party	This is a CloudFoundry cookie
cf_clearance	podbean.com	Days	Third Party	This cookie is set by Cloudflare to stores the proof of challenge passed. It is used to no longer issue a challenge if present. It is required to reach an origin server.

C. Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.

D. Targeting Cookies

 These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Cookies	Cookies Subgroup	Lifespane	Cookies used	Description
_ga	dcadvisory.com	Days	First Party	This cookie is used to collect anonymous analytics data for your visit.
ANONCHK	dcadvisory.com	Session	First Party	This cookie is set by Clarity and indicates whether MUID is transferred to ANID, a cookie used for advertising. Clarity doesn’t use ANID and so this is always set to 0.
CLID	dcadvisory.com	Year	First Party	This cookie is set by Clarity and identifies the first-time Clarity saw this user on any site using Clarity.
_clsk	dcadvisory.com	A few seconds	First Party	This cookie is set by Clarity to connect multiple page views by a user into a single Clarity session recording.
_clck	dcadvisory.com	Days	First Party	This cookie is set by Clarity to connect multiple page views by a user into a single Clarity session recording.
ar_debug	region1.google-analytics.com	Days	Third Party	This cookie is set by Google and checks whether a technical debugger-cookie is present.
_hjAbsoluteSessionInProgress	hotjar.com	Day	Third Party	This cookie is set by HotJar. It is used to detect the first pageview session of a user.
_hjSession_2279223	hotjar.com	A few seconds	Third Party	This cookie is set by HotJar. It is used to ensure subsequent requests in the session window are attributed to the same session.
_hjSessionUser_2279223	hotjar.com	Year	Third Party	This cookie is set by Hotjar. It is used to ensure data from subsequent visits to the same site are attributed to the same user ID.
_hjIncludedInSessionSample_2279223	hotjar.com	Day	Third Party	This cookie is set by Hotjar. It is used to identify whether that visitor is included in the data sampling defined by your site’s daily session limit.
YSC	youtube.com	Days	Third Party	YouTube is a Google owned platform for hosting and sharing videos. YouTube collects user data through videos embedded in websites, which is aggregated with profile data from other Google services in order to display targeted advertising to web visitors across a broad range of their own and other websites.
VISITOR_PRIVACY_METADATA	youtube.com	Days	Third Party	YouTube is a Google owned platform for hosting and sharing videos. YouTube collects user data through videos embedded in websites, which is aggregated with profile data from other Google services in order to display targeted advertising to web visitors across a broad range of their own and other websites.
VISITOR_INFO1_LIVE	youtube.com	Days	Third Party	This cookie is used as a unique identifier to track viewing of videos

E. Marketing Cookies

Marketing cookies are used to track visitors across websites. The intention is to understand how different audiences interact with websites by collecting and reporting information about the businesses. Where relevant, this information is also used as B2B leads.

Cookies	Cookie Subgroup	Lifespan	Cookies used	Description
wow.trackingdata	Spotler.com	Session	First Party	Tracks the individual sessions on the website, allowing the website to compile statistical data from multiple visits. This data can also be used to create leads for marketing purposes.
wow.session	Spotler.com	Session	First Party	This cookie is set by Spotler. It is used to provide an IIS Session Code.
wow.anonymousId	Spotler.com	Session	Third Party	This cookie is set by Spotler. It is used to record anonymous visitor ID.
wow.schedule	Spotler.com	Session	Third Party	This cookie is set by Spotler. It is used to manage the Load Balance Session Queue.
wow.utmvalues	Spotler.com	Session	Third Party	This cookie is set by Spotler. It is used stores the UTM values for the session. It does not store user data, it only stores active menu node over post-back.

Your consent to the use of cookies applies to https://www.dcadvisory.com/. 

You can view and change your cookie settings at any time.

For more detailed information, please refer to the following website: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage 

3. Setting your cookie preferences

You can control how cookies are placed on your device from within your own browser.  You can also delete existing cookies from your browser. However, refusing and/or deleting cookies may mean some sections of our site will not work properly.