CARROLL, BURDICK & MCDONOUGH LLP

PRIVACY POLICY FOR PURPOSES OF THE U.S./EU SAFE HARBOR
AND U.S./SWISS SAFE HARBOR

INTRODUCTION

Carroll, Burdick & McDonough LLP ("Carroll Burdick”) is a law firm with clients located throughout the world, including in the European Union and Switzerland.  In representing such clients in litigation, transactional, or other matters, it is often necessary for the client to provide to Carroll Burdick information that is subject to the jurisdiction of the European Union Directive on Data Protection or the Federal Data Protection and Information Commission of Switzerland (together, the "Directives").  This privacy policy is being implemented pursuant to the framework of the U.S/EU Safe Harbor and the U.S./Swiss Safe Harbor and adheres to the Safe Harbor privacy principles contained therein.  (Please note that the Notice, Choice and Access principles do not apply given that the data Carroll Burdick will be using and/or processing is necessary for the establishment of a legal claim or defense or is related to acquisitions, mergers, joint ventures or other similar transactions where there is a need for confidentiality).
 
CARROLL BURDICK'S HANDLING OF CONFIDENTIAL PERSONAL INFORMATION

Carroll Burdick maintains the personal and confidential information it receives in secure on-line and off-line facilities.  Such information is not disclosed unless necessary or advisable to protect the rights, safety or property of Carroll Burdick or others; to conform to legal or regulatory requirements; or as required to protect the legitimate interests of its clients relating to Carroll Burdick's representation of such clients.  Such data is not disclosed to third parties other than to certain entities providing services to Carroll Burdick, but only if such disclosure is permitted under applicable law and only if the third party operates in accordance with Carroll Burdick's strict data standards, and for the purposes of Carroll Burdick's representation of its clients. 

Carroll Burdick maintains strict security and confidentiality policies that govern all information any attorney or other personnel of the Firm receives in the course of his or her employment or association with Carroll Burdick.  Carroll Burdick attorneys and other personnel who handle such data are made aware of these policies and the Firm has in place procedures to train all such attorneys and personnel in the implementation of these policies.  Failure to adhere to the Firm's privacy policies results in appropriate discipline.  Carroll Burdick has in place procedures for periodically conducting objective reviews of compliance with this Privacy Policy.

VERIFICATION MECHANISM AND ENFORCEMENT

Verification of Carroll Burdick's privacy policy will be through self-assessment and verified by the Office of the Executive Director of the Firm in a signed statement that will be updated annually and referenced on the Firm's Internet.  Carroll Burdick's Privacy Policy concerning personal information received from the EU and/or Switzerland is accurate, comprehensive, fully implemented and prominently displayed on the Firm's Internet. 

Rodney L. Eshelman, of the Firm's Office of General Counsel, is the designated contact for handling questions, complaints and other Safe Harbor issues.  Mr. Eshelman can be reached at reshelman@cbmlaw.com.  Any complaints concerning the Privacy Policy will be investigated, and if the Firm is unable to resolve the complaint to the satisfaction of all parties, the parties agree to utilize the dispute resolution mechanisms provided for by JAMS (see http://www.jamsadr.com/) in the rules attached to and made a part of this policy.

JAMS:  Comprehensive Arbitration Rules & Prodedures