We help the world’s great companies create compelling and effective compliance programs.

  • What We Do

    Deep compliance knowledge meets global communications expertise.

    Modern formats. Unbeatable service. Market-leading customization.

    Readable, plain language Codes and policies that work for your audience.

    Support from compliance experts with decades of practical experience.

  • The Rethink Compliance Library

    More modern formats than any other provider.

    You Need a Library Partner, Not Just a Vendor.

    With Rethink Compliance, you can draw on a team with decades of expertise every step of the way.

    Our high-service approach sets us apart from the rest.

  • Advisory Services

    Practical, expert, right-sized consulting engagements.

    We help you develop, implement, and assess your program.

    Our Advisory Services team provides governance, risk, and compliance consulting services to leading organizations around the world, including:

    • Program and corporate governance reviews
    • Policies and procedures 
    • Risk assessments
    • Conflicts of interest, gifts and entertainment disclosure and approval process
    • Investigation protocols
    • Reporting best practices
  • Modern Codes of Conduct

    Choose from multiple formats, from paper to digital solutions.

    Modern Codes for a Modern Audience

    We've created more than 60 Codes of conduct for companies around the world. Learn more at RethinkYourCode.com

  • Rethink's

    Drive AnalyticsTM Solution

    Data alone is not enough — you need meaningful and actionable insights to guide your program.

    Add an analytics option to any Code or training initiative.

    Our full-service approach means you're not stuck doing all the work.


    Click here to learn more about Rethink's Drive AnalyticsTM solution.

  • Contact Us

    Want to see any of our solutions for yourself? Sign up for a free demo.


    Rethink Compliance is a certified women-owned business.

    Kirsten Liston

    Founder and Principal

    Since 2000, Kirsten has been crafting creative, industry-leading compliance solutions for the world's great companies. She is passionate about helping to create programs that genuinely reach employees and change cultures. Her book, “Creating Great Compliance Training in a Digital World,” is a top resource for organizations who want to take their compliance training from boring to great.





    Patti Caswell

    Principal and Head of Client Services

    Patti has over 20 years of client service and relationship management experience. She has worked closely with companies of all industries and sizes to ensure successful implementations of their global ethics and compliance training programs.



    Andrea Falcione, JD, CCEP

    Principal and Head of Advisory Services

    Andrea is an attorney with 25 years of legal and compliance experience in a number of different capacities. Most recently, she spent more than five years as Managing Director and Compliance & Ethics Solutions leader at PwC. Andrea is a frequent speaker at industry conferences and events, has led several compliance benchmarking studies, and is the author of many compliance-related whitepapers.



    Tricia Cornell, CCEP

    Principal and Head of Creative Services

    Tricia brings two decades of communications experience to Rethink Compliance, including journalism, advertising, and social media strategy for national and global clients. She believes that to tell stories that change minds you have to start with the audience. Only when you know what they want, need and care about can you reach them with your message. She is a frequent speaker on training and communications and is certified in learning design.



    Matt Altieri

    Head of Operations & Technology

    Data Privacy Officer

    In 16+ years in the ethics and compliance industry, Matt has partnered with clients at the world’s most recognizable brands, run global service and implementation teams, developed product and marketing strategies, and successfully orchestrated a multi-year organization-level change program. Matt brings diverse leadership experience across the spectrum of disciplines required to help run and grow a successful B2B organization providing a holistic blend of modern technology, original content, and tailored professional services.



    Meghan Daniels, JD

    Senior Director, Advisory Services

    Meghan is an attorney and compliance professional with more than 10 years of experience, both running compliance programs in-house and advising clients as a consultant in a professional services group. She specializes in creating modern, plain-language Codes that reflect a company's unique brand, culture, messaging, and risks.



    Jamie McKillop

    Senior Director, Advisory Services

    Jamie is a compliance professional with more than 15 years of experience advising clients on the design, implementation, and assessment of their ethics and compliance programs. He has consulted with multinational corporations across a broad range of industries and has helped them execute a dynamic range of projects, including program assessments, risk assessments, policy development, training and communications, and case management frameworks.



    Becky Burtless-Creps, JD

    Senior Director, Advisory Services

    Becky is an attorney with more than two decades of experience in ethics and compliance. As Managing Counsel of Compliance at Ford, she helped create a global compliance program and worked closely with other control groups to manage all aspects of the program. Most recently, Becky spent four years serving as a compliance expert with Deloitte. As part of the Advisory Services team, Becky helps lead program assessments and Code and policy projects for Rethink clients.



    Alexa Altino, JD

    Compliance and Business Analyst

    Alexa is a lawyer with a background in advertising and public relations. She is passionate about implementing practical, straight-forward compliance policies and advocating for effective communication in the workplace. As part of the Advisory Services team, she helps companies of all sizes develop and optimize their compliance programs.



    Rachelle Oliphant

    Senior Director, Client Services

    Rachelle has over 12 years of client program management experience in the compliance and ethics training industry. She

    specializes in directing and executing e-learning programs for simple to multifaceted client projects. Using leading practices, it is her goal to ensure that client program strategies are successfully implemented. She loves forming a connection with clients and is enthusiastic in bringing their projects to the finish line with winning results.



    Tania Zoummar

    Senior Director, Client Services

    Tania has over 19 years of compliance and ethics experience working with Fortune 500 organizations. In her tenure at SAI Global, she advised and collaborated with clients on how to keep their E&C programs effective, current and relevant. Tania enjoys working closely and strategically with Rethink’s clients to develop comprehensive compliance programs.



    Dave Price

    Senior Director, Client Services

    Dave has over 17 years of experience in the compliance and ethics industry. His versatile skillset has led him to a variety of roles over this time, all with the singular goal of supporting and enhancing successful client ethics and compliance programs. He embraces the organization required of project management and persistence for technical troubleshooting and problem-solving, but values above all the connection and trust he establishes with his clients.



    David Wun

    Senior Director, Client Services

    David has over 10 years of experience in the ethics and compliance training industry, and he has held different roles with several top ethics and compliance training providers. During that time, David partnered with a diverse portfolio of clients to develop and deploy training to help them achieve their compliance learning goals. David’s diverse background includes project and program management, learning and development, conducting needs analysis, and assessing program effectiveness.



    Danielle Goff

    Senior Director, Client Services

    Danielle has over 20 years of experience in the corporate legal field with the last 10 years focused on the ethics and compliance program of a multinational corporation. During that time, she led multiple initiatives, including compliance training and policy management. Danielle specializes in helping clients design and customize their compliance training programs.



    Phoebe Larson

    Senior Content Manager, Creative Services

    Phoebe has nearly 20 years of experience in journalism, marketing, and communications, with a career spanning multiple sectors, including corporations, nonprofits, government, and higher education. As part of Rethink's Creative Services Team, she writes courses, communications materials, videos, and more for our clients.



    Ingrid Marcum

    Lead Course Developer, Creative Services

    Ingrid has more than 20 years of experience as an international speaker and educator. She began her career while competing on the world stage as an elite athlete and operated her own business as a coach, speaker, course instructor, and gym owner. Ingrid joined the Rethink Compliance team in 2017. As part of the Creative Services team, Ingrid brings her drive for excellence to Rethink's courses and communications, working collaboratively with clients to design and customize compliance learning for their company goals, values, and brand.



    Elizabeth Reisinger

    Senior Content Developer, Creative Services

    Elizabeth has more than 20 years of experience in organizational leadership, education, and corporate journalism, including editorial consulting work for some of the world’s most recognizable brands. As part of Rethink's Creative Services Team, she writes courses, communications materials, videos, and more for our clients.



    Amanda Mansk Perryman

    Senior Graphic Designer & eLearning Designer, Creative Services

    Amanda has 26+ years of graphic design experience producing materials such as corporate branding programs, sales/marketing collateral, illustrations, environmental graphics, and interactive work. Her portfolio covers a broad range of clientele ranging from big corporations to small not-for-profits. As part of Rethink's Creative Services team, she designs Codes of Conduct, courses, communication materials, branding, and more for our clients.



    Shannon Pourciau

    Senior Course Developer, Creative Services

    Shannon brings nearly 20 years of graphic design experience to Rethink's creative team, including book layout and cover design, magazine layout design, video creation, tradeshow and marketing materials, social media assets, and art direction. Shannon uses this broad expertise to produce eye-catching, engaging courses and materials for clients.



    Jon Freedlund

    Senior Director, Sales

    Jon joins us with over 25 years of experience in sales, business development, and lead generation. Working from the front lines or in a management role, he has constructed teams selling to all industry spectrums with proven revenue expansion. He brings a player/coach mentality and a performance history of building high-performing inside and outside enterprise sales teams.



  • What Our Clients are Saying

    We asked our clients to describe what it's like to work with us. Here’s what they said…

  • “There are two things I really appreciate about Rethink Compliance’s work: they are flexible and easily adapt to our different projects and the way we work, and given the many hours that sometimes separate us they are responsive and proactive in an outstanding level.”

    Ivy Barbosa

    Compliance Counsel

    AB Volvo

    “Rethink Compliance is a dynamic team dedicated to customer service, exceptional product development, and clear communication. I was pleased to partner with Rethink to develop custom training for my corporation. The expertise of the Rethink team ensured that my corporate training remained insightful, engaging, and interesting to thousands of employees.”

    Renée Wardlaw

    Senior Director of Corporate Compliance & Associate General Counsel

    Bristol Bay Native Corporation

    “The Rethink Compliance team developed innovative short media-clips for use in our company-wide Compliance presentations and training. They worked very closely with us to customize content, while providing a high quality professional product. They are great at interpreting customer needs, and seek to understand the issues and concepts before recommending a solution. The short clips have been well received with our employees, and provides a dynamic addition to our classroom and elearning training modules.”

    Associate Director of Compliance

    Shionogi, Inc.

    “We were pleased to partner with Rethink Compliance to completely overhaul our Code of Conduct. Rethink’s professional and personable team helped us sell to the organization the need to update our Code from a bland, legal document to an interactive and intuitive digital experience. Rethink guided us from start to finish from the working sessions to outline the content, to the web development and digital design, to the training and communication plan. Rethink’s impressive team was innovative, flexible, organized and responsive…they truly set the bar in the compliance space!”

    Internal Audit Project Manager at a multi-state utility company

    "The team at Rethink Compliance has been great to work with. I appreciate their fresh approach to designing training that is interesting and engaging not cookie-cutter. They are also very flexible, and their pricing is fair and reasonable."

    Kim J. Myrdahl

    Deputy General Counsel,

    Senior Vice President, and Chief Compliance Officer


    “We worked closely with Rethink Compliance on a Speaking Up campaign for our company. They did an excellent job in quickly understanding our company and culture. Their turnaround time was excellent and they provided us with creative ideas and approaches. In addition to being a lot of fun to work with, they were true thought partners throughout the process.”

    Head of Corporate Compliance at a national insurance company

    “I've had the pleasure of working with Rethink Compliance for the past three years, experiencing first hand how their innovative approach can uniquely contribute to the success of a company's compliance program. Our company has experienced rapid growth, and from our days as a start up, to our transition to a public company, Rethink has assisted us with developing all elements of our program, including our Code of Conduct policy to highly customized training and communication pieces. Creativity and experience developing and implementing compliance programs set them apart and above from other providers in this space. Whether you're a team of one or many, Rethink is the right partner to take your compliance program to the next level.”

    Kelleen Brennan

    Senior Counsel, Compliance


    “Our ethics and conduct policies outline the expectations we have for employees and students the basic do’s and don’t’s. Rethink Compliance was able to take those policies and create more than just a document, they created an EXPERIENCE for our staff and students by helping us to define an interactive Code of Culture that was reflective of our campus by emphasizing our values, accountability and our commitment to being great team members something that each person can take individual ownership of. Our employees and students now have a vibrant and unique document that helps guide us in not just doing the right thing but doing what is right.”

    Desiree Ramirez

    Chief Compliance and Integrity Officer

    University of North Texas Health Science Center

    “Feedback from our leadership team has been very encouraging . . . well done . . . fresh . . . simplified . . . easy to navigate . . . visually engaging…”


    “…thank you for the successful rollout of our multi-lingual code of conduct. It has been a great team effort from your side, good ideas, high quality delivery, great collaboration with our project team and with our supporting IT and brand communications team. All in all nice team work!”

    Norman Beveridge

    Global Ethics & Compliance Director


    “Rethink Compliance not only helped refresh our Code of Conduct, but also modernized it into a digital gateway to Compliance policies, tools, and FAQs. The Rethink Team listened to understand our company’s culture and values then enthusiastically and swiftly produced a contemporary, understandable, and visually attractive Code along with supporting training materials. Rethink helped make our project’s goals a reality.”

    Missy Kaschak

    Director, Compliance Operations

    Olympus Corporation of the Americas

    “A colleague of mine referred me to Rethink Compliance for training I was working on and I am so glad he did. Working with Rachelle and Tricia was amazing. They used their expertise to help me think through the scope of the project and really listened to the key pieces that were important for my company. They worked with me to develop a project plan and kept the work moving in a timely manner. We ended up with fantastic programming that struck the perfect tone for our organization. Additionally, they are fantastic humans and very enjoyable to work with. I highly recommend Rethink Compliance for training content needs.”

    Jennifer Deitloff

    Senior Associate General Counsel

    The Scoular Company

  • The Blog

    July 8, 2022 · company updates
    June 7, 2022 · compliance,esg,webinar,compliancetraining
    June 3, 2022 · privacy
    March 15, 2022 · microlearning,compliance,compliancetraining,videos
    More Posts
  • Women-Owned and Led

    Rethink Compliance is certified as a Women’s Business Enterprise by the Women’s Business Enterprise National Council (WBENC), the nation’s largest third-party certifier of businesses owned and operated by women.


    We recognize the commitment to supplier diversity that is embraced by corporations and government agencies today and we can add diversity to your supply chain.

All Posts
Privacy Policy
Effective Date: October 12, 2020
Version 1.0

Privacy Policy

1.	Introduction

Rethink Compliance LLC (“Rethink Compliance”, “our,” “us”, and “we”) respects your privacy and is committed to protecting it through our compliance with this privacy policy (“Privacy Policy”).

This Privacy Policy describes the types of information we may collect from you, the user, (“you” and “your”) or that you may provide through any method, including, for example, when you visit our website http://www.rethinkcomplianceco.com, or any affiliated websites controlled by Rethink Compliance that may contain a link to this Privacy Policy, including, without limitation, any pages, facilities, services, or capabilities accessible on or by any top-level domain owned by us or any subsite, subdomain, subdirectory, virtual site, or virtual directory thereof (collectively, the “Site”). This Privacy Policy also describes our practices for collecting, using, maintaining, protecting, and disclosing that information.

This Privacy Policy applies to information we collect:
•	on or through the Site;
•	in email, text, and other electronic messages between you and the Site or us; 
•	when you interact with our advertising and applications on third-party websites and services, if those applications or advertising include links to this Privacy Policy;
•	offline or through any other means, including on any other website operated by us or any third-party (including our affiliates and subsidiaries); and 
•	from any third-party (including our affiliates and subsidiaries), including through any application or content (including advertising) that may link to or be accessible from or on the Site.
Please read this Privacy Policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, including our use and disclosure of your Personal Information, please do not use our Site and do not provide us with any of your information. By accessing or using the Site, you agree to the terms of this Privacy Policy and consent to our privacy practices described in this Privacy Policy, including our use and disclosure of your Personal Information as described in Section 6 below. This Privacy Policy may change from time to time as described in Section 2 below. Your continued use of the Site after we make changes is deemed and treated as your acceptance of those changes, so please check the Privacy Policy periodically for updates. 

If you reside in the European Union or other regions with laws governing data collection and use that may differ from U.S. law, please note that you are transferring information about you, including Personal Information, to a country and jurisdiction that does not have the same data protection laws as the European Union, and you consent to the transfer of information about you, including your Personal Information, to the U.S.; and the use and disclosure of information about you, including your Personal Information, as described in this Privacy Policy.

2.	Changes to Our Privacy Policy

From time to time, we may make changes to this Privacy Policy in order to accommodate new technologies, platforms, industry practices, regulatory requirements, new developments or for other purposes. We encourage you to review this Privacy Policy periodically to ensure that you understand how we collect, use, and share information through the Site. If we do make changes to this Privacy Policy, we will notify you as required under applicable law, and we will also update the “Effective Date” posted at the top of this Privacy Policy. Any changes to this Privacy Policy will become effective when the revised Privacy Policy is available on the Site. By continuing to use the Site following such changes, you are agreeing to accept the terms of the revised Privacy Policy. 

3.	Contact Information

To ask questions or provide comments about this Privacy Policy, please contact us at: dataprivacy@rethinkcomplianceco.com 

4.	Children Under the Age of 18

Our Site is not intended for children under 18 years of age. No one under age 18 may provide any information to the Site. We do not knowingly collect information from children under 18 and do not direct our Site for use by individuals under the age of 18. If you are under 18, do not use or provide any information on the Site or on or through any of its features, use any of the interactive or public comment features of the Site or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received Personal Information from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us at dataprivacy@rethinkcomplianceco.com and we will promptly remove the information.

5.	Information We Collect About You and How We Collect It

As you use the Site, we may collect two types of information from you: (a) Personal Information (as described below); and (b) Non-Personal Information (as described below):

a.	“Personal Information” is information that identifies you personally, such as your name, address, telephone number, email address, or company name.  Here are some examples of the ways in which we may collect and store your personally identifiable information:
•	We may collect your first and last names, email address, or other information if you fill out certain forms or online requests on the Site;
•	We may collect your email address if you contact us with a question;
•	If you apply to work for Rethink, provide us with products or services, or become a customer of ours, we may need to collect additional information, such as: your address, telephone number, driver’s license or state identification card number, education, employment, employment history, bank account number, credit card number, debit card number, social security number, or any other financial information. 
b.	“Non-Personal Information” is demographic, aggregated, non-identifiable, technical, and/or anonymized information. Non-Personal Information does not identify you personally. If you do provide us with Non-Personal Information, we may use it for the purposes described in this Privacy Policy, or any other legal purpose. Here are some examples of ways through which we may collect and store your Non-Personal Information through the Site:
•	Log Information: When you use the Site or view content provided through the Site, we automatically collect and store certain information in our server logs. This type of information includes details of how you use the Site, IP address information, web pages which have been viewed by you, date and time, domain type, device event information such as crashes, system activity, hardware, settings, browser type, browser language, the date and time of your requests, and referral URL. 
•	Internet Protocol (IP) Address: Your “IP address” is a number that lets computers attached to the internet know where to send you data, such as screens and pages of our services that you view. We use this information to deliver our screens and pages to you upon request and to measure traffic to and within our services. 
•	Demographic Information: “Demographic Information” may be gender, age, zip code, and interests which are not personally identifiable. We may collect such information about you through our services and use it to provide you with personalized services and to analyze trends to ensure that our services and the information on them is targeted to meet your needs. Please note that we also consider aggregated information, which is not personally identifiable, to be Non-Personal Information. 
•	Location Information: When you use the Site, we may collect and process information about the general location of the device from which you access this Site, but we do not collect your specific address. 
•	Usage Information: When you use the Site, we may collect and process information about how you use the Site, including how you navigate through the Site. 
•	Feedback Information: From time to time, we may request that you provide us with feedback regarding the Site, as well as the products and services we offer. We may do this in the form of a survey or other feedback mechanism. We may collect and analyze this information. 
The technologies we use for this automatic data collection may include:
•	Cookies (or browser cookies): A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting, you may be unable to access certain parts of the Site. Unless you have adjusted your browser setting so that it will refuse our cookies, our system will use cookies when you direct your browser to the Site. 
•	Flash Cookies: Certain features of our Site may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Site. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see Section 8 below.
•	Web Beacons: Pages of the Site and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity). If you encounter a screen or page that requests information you do not want to share with us, do not enter the information and do not proceed with that screen or page. 

You also may provide information to be published or displayed (hereinafter, “posted”) on public areas of the Site or transmitted to other users of the Site or third-parties (collectively, “User Contributions”). Your User Contributions are provided, posted, and transmitted to others at your own risk. Please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Site with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons. Any User Contributions you post or otherwise provide are at your own risk.
6.	How We Use Your Information

a.	Personal Information. If you provide us with Personal Information, we will only use it for the lawful purposes described in this Privacy Policy and based upon the legal justification set forth below. Primarily, we use it to fulfill our business interests as set forth below, or for other purposes based on your consent, which may include:

•	Offering you the products and services you request;
•	Helping us create or offer content which is relevant to you;
•	Alerting you to special offers, updated information, and other new services offered by us or by third-parties;
•	Improving your user experience and the experience of other users of the Site, including through the improvement and implementation of new security measures and protections;
•	Understanding how you use the Site; or
•	Contacting you in response to an email or other communication.
We will retain your Personal Information for as long as necessary to fulfill the purpose(s) for which it was collected and to comply with applicable laws, and your consent to such purposes(s) remains valid during such time. 
b.	Non-Personal Information.  We may use Non-Personal Information for the purposes described in this Privacy Policy, or any other legal purpose, including, when and where applicable, combining Non-Personal Information with Personal Information. Without limiting the above, we may collect information to understand how you use the Site and how we can improve the Site’s functionality and privacy and security measures.

c.	Reports.  We periodically prepare analyses and reports reflecting our visitor use of the Site and other services. In preparing these reports, we may combine and analyze the Personal Information you provide to us with information from other sources. However, these reports will only include aggregate information about visitors. The information in these reports will not identify you individually, and any business partner with whom such reports may be shared will not be able to contact you based on the information contained in the reports. 

7.	Disclosure of Your Information

We may disclose information we obtain about you in compliance with this Privacy Policy and applicable law. We share information in order to provide services for clients, or with our third-party vendor partners on the basis of the consent you provide to us or in order to fulfil our contractual obligations as part of the services we provide to you when you decide to engage with us. The recipients of your Personal Information include our third-party data processors, which include but are not limited to our third-party database administrators, background check providers, lead management vendors, and communications vendors. We take reasonable steps to assure these third parties take steps safeguard your Personal Information against improper disclosure and in accordance with the law.

a.	Personal Information.  We may share or disclose your Personal Information, and these recipients may process your Personal Information in the following instances:

•	To fulfill a service to you (e.g., to provide you with compliance program content, or to conduct risk assessments) 
•	To send you information, including news, events, and related information that you have subscribed to receive; 
•	To provide analyses to our clients;
•	To offer you products from us or our affiliates, strategic partners, or agents, or to assist such parties for research, administrative, and/or business purposes;
•	To unaffiliated third-party service providers, agents, or independent contractors who help us maintain our products and services;
•	To comply with law or, if in good faith we believe that such action is necessary to conform to the requirements of law, or comply with legal process served on us, and to protect and defend our rights or property, or act in urgent circumstances to protect the personal safety of you and our other visitors;
•	To third parties as part of a corporate reorganization process including, but not limited to, a merger, acquisition, or sale of all or substantially all of our assets;
•	To track and analyze non-identifying, aggregate usage and volume information from our visitors and provide such information to third parties; and
•	To protect against fraud or potential fraud. 

b.	Non-Personal Information.  We may share or disclose your Non-Personal Information for the purposes disclosed in this Privacy Policy or for any other legal purpose, including when and where applicable, sharing and disclosing Non-Personal Information combined with Personal Information. 

c.	Legal Disclosure.  We may disclose and share information about you and your use of the Site if we believe such disclosure is necessary to:

•	Comply with the law and/or legal process where a formal request has been made;
•	Protect or defend our rights and/or property and property of others;
•	Enforce relevant terms and conditions and/or this Privacy Policy;
•	Respond to claims that the content(s) of a communication violates the rights of another.
8.	Choices About How We Use and Disclose Your Information
We strive to provide you with choices regarding the Personal Information you provide to us. We have created mechanisms to provide you with the following control over your information: 
a.	Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of the Site may then be inaccessible or not function properly.
•	We may use cookies provided by Google Analytics to help us measure how visitors use the Site. The information collected is used for a variety of purposes, including, but not limited to, site traffic reporting, unique visitor counts, and content optimization. Although Google Analytics logs the information coming from the Site on our behalf, we control how the data may and may not be used. If you do not want to help us learn how to improve the Site, you can opt-out of this website analysis tool by clicking: https://tools.google.com/dlpage/gaoptout.
•	We may use Google to provide re-marketing services to you (i.e., when you visit other third-party websites, you may see advertisements about us). Google uses cookies through our Site to remember that you have visited our Site and provide our advertisements to you on those third-party websites. You can opt out of Google’s features by visiting https://adssettings.google.com/authenticated to customize how you receive ads from Google across different websites.
•	We may also use LinkedIn to provide advertisements to you about our products and services. Please visit LinkedIn’s opt-out choices at https://www.linkedin.com/psettings/guest-controls to see how you can control the advertisements you receive from LinkedIn. 
b.	Promotional Offers and Marketing from Us. Should you not wish to have your contact information used to promote our products or services, you can opt-out by either using the “unsubscribe” link located in the email or by sending us an email stating your request to dataprivacy@rethinkcomplianceco.com.
We do not control third parties' collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative ("NAI") on the NAI's website, available here: http://optout.networkadvertising.org/?c=1#!/.

9.	Data Security.  

We have implemented measures to secure your Personal Information from accidental loss and from unauthorized access, use, alteration, and disclosure. However, this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of such firewalls or secure server software. Unfortunately, the transmission of information via the internet is not completely secure. Although we do our reasonable best to protect your Personal Information, we cannot guarantee the security of your Personal Information when transmitted. Any transmission of Personal Information is done at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Site. 

10.	Accessing, Correcting, and Deleting your Personal Information.
If you provide us with information in order to access the Site or receive our services, we may or may not be able to provide you with access to your Personal Information. If information that we control about you is incorrect, we strive to give you ways to update it quickly or to delete it (unless we have to keep that information for legitimate business or legal purposes). When updating your Personal Information, we may ask you to verify your identity before we can act on your request. We aim to maintain our services in a manner that protects information from accidental or malicious destruction.  Because of this, we may not immediately delete residual copies from our active servers and may not remove information from our backup systems.

11.	Third-Party Links.  

The Site may contain links to webpages operated by parties other than us. We do not control such websites and are not responsible for their contents or the privacy policies or other practices of such websites. Our inclusion of links to such websites does not imply any endorsement of the material on such websites or any association with their operators. Further, it is up to you to take precautions to ensure that whatever links you select or software you download (whether by using the Site to access websites or otherwise) is free of such items as viruses, worms, trojan horses, defects and other items of a destructive nature.  Other websites and services may have their own privacy policies, which the User will be subject to upon linking to the other third-party's website. We strongly recommend that you review the other third-party’s terms and conditions and privacy policies prior to visiting or using any other websites or downloading any software.

12.	Do Not Track (DNT) Signals.  

Our Site does not respond to Do Not Track (DNT) signals. Some third-party websites do keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you. If you are visiting such sites, your browser may include controls to block and delete cookies, web beacons and similar technologies, to allow you to opt out of data collection through those technologies.

13.	Compliance and Cooperation with Regulatory Authorities.  

We regularly review our compliance with our Privacy Policy. When we receive formal written complaints, if reasonably possible, we will contact the person who made the complaint to follow up. We will work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of Personal Information if we cannot resolve the matter with our customers directly. Subject to applicable law, you also have a right to communicate directly with appropriate regulatory authorities if you believe we are in violation of your rights under applicable law.

14.	General Data Protection Regulations (“GDPR”)

The GDPR is a privacy regulation covering individuals in the European Union. In the event that we collect Personal Data (as defined in the GDPR) that is subject to the GDPR, this section will apply. Terms in this section are to be understood in a manner consistent with GDPR including the definition of such term in the GDPR. Such term may have a different definition or meaning in other portions of this Privacy Policy because GDPR may not apply to those sections. This section will only apply to you if you are an individual who currently resides in the European Union (a “Data Subject”).

Categories of Personal Information. 
•	We may collect the data elements described above in Section 5.1 “Personal Information.”
Legal Basis for Processing and Processing Purposes
We only use your Personal Information for the lawful purposes described in this Privacy Policy and based upon the legal justification set forth below.  Generally, we process your Personal Data: (1) with your consent; (2) subject to the performance of a contract to which you as the data subject are a party; (3) in order to take steps at your request to enter into an agreement with Rethink Compliance; or (4) pursuant to our or a third party’s legitimate interest provided such interests are not overridden by any of your interests or freedoms and fundamental rights with respect to data privacy.  You have the right to withdraw your consent at any time. The Personal Information we collect originates from the individual providing their Personal Information to us, our partners, third parties, or from publicly-available sources. Specifically, we process your Personal Information:
•	With your consent and pursuant to our legitimate interests, to offer you the products and services you request in order to fulfill our contractual obligations as a part of the services we provide to you when you decide to engage with us;
•	Pursuant to our legitimate interests, to provide analyses to our clients;
•	Subject to the execution of a data protection agreement, to unaffiliated third-party service providers, agents, or independent contractors who help us maintain our services and with other administrative services (including, but not limited to, order processing and fulfillment, providing customer service, maintaining and analyzing data, and sending customer communications on our behalf); 
•	With your consent, to help us create or offer content which is relevant to you;
•	With your consent, alert you to special offers, updated information, and other new services offered by us or by third parties;
•	With your consent, and pursuant to our legitimate interests, to improve your user experience and the experience of other users of the Site, including through the improvement and implementation of new security measures and protections;
•	With your consent, and pursuant to our legitimate interests, to understand how you use the Site; 
•	With your consent, to contact you in response to an email or other communication;
•	To third parties as part of a corporate reorganization process including, but not limited to, mergers, acquisitions, and sales of all or substantially all of our assets. To the extent permitted, we will inform Data Subjects before making such disclosure and provide them with a reasonable opportunity to object to such disclosure.
•	Subject to your choices and your consent, to track and analyze non-identifying, aggregate usage and volume statistical information from our visitors and customers and provide such information to third parties; or
•	To comply with legal obligations, if in good faith we believe that such action is necessary to conform to the requirements of law, or comply with legal process served on us, and, pursuant to our legitimate interests, to protect and defend our rights or property, or act in urgent circumstances to protect the personal safety of you and our other visitors.

Onward Transfer

We will not disclose Personal Information to a third party except as stated below:

We may disclose Personal Data to subcontractors and third-party agents. Before disclosing Personal Information to a subcontractor or third-party agent, we take reasonable steps to assure these parties take steps to: (i) transfer such data only for limited and specified purposes; (ii) ascertain that the subcontractor or third-party agent is obligated to provide at least the same level of privacy protection as is required by the GDPR; (iii) take reasonable and appropriate steps to confirm that subcontractors and third-party agents effectively process the personal information transferred in a manner consistent with the organization’s obligations under the GDPR; (iv) require subcontractors and third-party agents to notify the organization if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the GDPR; (v) upon notice, including under (iv), take reasonable and appropriate steps to stop and remediate unauthorized processing; and (vi) provide a summary or a representative copy of the relevant privacy provisions of its contract with subcontractors and third-party agents to supervisory authorities upon request.
We may also be required to disclose, and may disclose, Personal Information in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements, or in the event of a merger or acquisition. 


Data Subjects have the right to opt out of (a) disclosures of your Personal Information to third parties not identified at the time of collection or subsequently authorized, and (b) uses of Personal Information for purposes materially different from those disclosed at the time of collection or subsequently authorized.  If you wish to limit the use or disclosure of your Personal Information, you should submit that request to our Data Protection Officer at dataprivacy@rethinkcomplianceco.com.

Data Integrity

We are responsible for ensuring that (a) Personal Information collected is accurate, complete, current and reliable for its intended uses; and (b) Personal Information is retained only for as long as is necessary to accomplish the legitimate business purposes disclosed to the Data Subject and for any compatible purposes. We will cooperate with reasonable requests for assistance in meeting these obligations.


Personal Information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes or for compatible purposes, such as to provide additional services, to comply with legal requirements, or to preserve or defend our legal rights. We will retain your Personal Information for as long as necessary to fulfill the purpose(s) for which it was collected and to comply with applicable laws, and your consent to such purposes(s) remains valid during such time. Notwithstanding the other provisions of this section, we may retain your Personal Information where such retention is necessary for compliance with a legal obligation to which we are subject, or to protect your vital interests or the vital interests of another natural person.

Accessing, Correcting, and Deleting Your Information.  

Data Subjects have the right to access the Personal Data an organization holds about them. If such Personal Information is inaccurate or processed in violation of the GDPR, a Data Subject may also request that Personal Information be corrected, amended, or deleted. To request access to, or correction, amendment, or deletion of, Personal Information, Data Subjects should contact our Data Protection Officer at dataprivacy@rethinkcomplianceco.com.  We will cooperate with all reasonable requests to assist Data Subjects to exercise their rights under the GDPR. 

Objection to Processing.  

Data Subjects have the right at any time to object to our use of your Personal Information for any direct marketing purposes, including profiling to the extent it is used for direct marketing. If we are processing your Personal Information based on our business interests, you may contact us and object to such processing by asserting that our interests do not override your interests, rights, and freedoms. You may exercise the rights set out in this paragraph by contacting us as at address listed above. 

Suspension of Processing.  

Data Subjects have the right to request that we restrict the processing of your Personal Information, if: 
•	you believe that the Personal Information we maintain about you is inaccurate, and you have asked us to verify the accuracy of such information as provided above;
•	you believe that your Personal Information has been unlawfully processed and you want us to restrict processing rather than erase your information;
•	we no longer need your Personal Information, but you need us to retain it in order to establish, exercise or defend a legal claim; or
•	you have objected to our processing of your Personal Information, as permitted under applicable law, and we are considering the grounds of your objection.

Identification of Data Controller: 

For most purposes other than processing information through the site, we are not a data controller. We may, however, process personal information for our clients. We are located at 3795A West 104th Drive, Westminster, CO 80031. You may contact Rethink Compliance at dataprivacy@rethinkcomplianceco.com for questions related to this policy. 

Data Protection Officer and Contact Details

Rethink’s Data Protection Officer can be contacted at dataprivacy@rethinkcomplianceco.com. 

Identification of Primary Member State Supervisory/Data Protection Authority

You have the right to lodge a complaint regarding the processing of your Personal Information with us by contacting our Data Protection Officer listed above. If you are a resident of the European Union, you also may lodge a complaint with the Data Protection Authorities in the Member State where you habitually reside, work, or where an infringement occurred. You can find a list of Data Protection Authorities here. 

Transfers outside the European Union

When we transfer Personal Information from the EU to entities within our organization located outside of the EU, we rely on GDPR rules that permit transfer in certain cases (e.g., to perform a contract) or rely on standard contractual clauses adopted by the European Commission to help establish adequate safeguards. If we transfer Personal Information from the EU to another party located outside the EU, where needed, we will rely on a legal framework that provides appropriate safeguards, which could include the standard contractual clauses, binding corporate rules, or another framework deemed adequate by the European Commission.

15.	Information for California Residents.  

A California resident who has provided Personal Information to a business with whom they have established a business relationship for personal, family, or household purposes (a "California Customer") may request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. In general, if the business has made such a disclosure of Personal Information, upon receipt of a request by a California Customer, the business is required to provide a list of all third parties to whom Personal Information was disclosed in the preceding calendar year, as well as a list of the categories of Personal Information that were disclosed. California Customers may request further information about our compliance with this law by mailing us at 3795A West 104th Drive, Westminster, CO 80031 or emailing us at dataprivacy@rethinkcomplianceco.com. Please note that we are only required to respond to two requests per California Customer each year under Code Section 1798.83.  

We are not a “business” as defined by the California Consumer Protection Act (“CCPA”) and, therefore, the CCPA does not apply to our collection of your information. However, we provide California residents with all the rights listed elsewhere in this Privacy Policy.