United States: Global Sourcing Trends In 2013

Every year, we survey Morrison & Foerster's Global Sourcing Group lawyers around the world to create a snapshot of the current state of the global outsourcing market and to identify emerging trends that are likely to shape that market over the next 12 months. This year our lawyers comment on the challenges of cloud-based outsourcing, driving long-term value in engagements, and vendor profitability, as well as the impact of such factors as the recent U.S. presidential election, cross-border deals, growing regulation, and the proliferation of employee-owned technology in the workplace.

Costs and Flexibility

Finding Clarity in the Cloud

Cloud computing has rapidly become a key part of the outsourcing landscape. But companies need to anticipate the risks as well as the opportunities that it brings.

As cloud computing changes the economics of the entire IT industry, it is also becoming more prominent in the outsourcing sector. According to ISG, a leading sourcing advisory firm, some 300 IT outsourcing contracts included cloud platforms in 2012, up from 220 in 2011 and 110 in 2010. In addition, ISG reports that the majority of surveyed vendors expect cloud services to grow faster than traditional IT outsourcing.

The potential benefits of cloud-based outsourcing are clear and appealing, but there are a number of issues that complicate this shift. While continued growth is inevitable, the potential scale of that growth will be tempered as vendors and customers work through the issues.

In the past few years, a great deal of attention has been paid to the growth of public cloud vendors. Public clouds offer economies of scale by providing services to a broad range of customers on the same infrastructure, as opposed to private cloud platforms, where a company has internal or external cloud resources dedicated to its needs. In the last year or so, more organizations have overcome their initial reservations about public cloud services and moved portions of their data and functions to such providers. The reason: public cloud providers offer low costs and relative ease in getting started.

Private or hybrid cloud solutions offer a potential alternative, and for non-commodity solutions, such approaches are being constructed by providers and taken up by customers with some regularity. Often, however, adopting organizations need to team with an experienced partner in order to integrate cloud solutions into their environment.

Many companies struggle with the tactical complexities of moving from their current sourcing arrangements to new cloud-based arrangements. "A big question for many is how to adopt cloud and even Big Data solutions into their existing outsourcing contracts," says Spencer Izard, a research manager at IDC, a market intelligence and advisory firm. "A company may have its Information and Communication Technologies (ICT) handled by five different outsourcers, with each contract in a different stage and with different nuances regarding services and the ability to move to new technologies." Aligning those agreements to enable a coordinated shift to the cloud "is a major challenge for a lot of people," he adds.

The strategic shift in the outsourcing market, therefore, has been to commingle cloud- and non-cloud- based sourcing options. The challenge has been to create a successful cloud/non-cloud cocktail while avoiding the inherent pitfalls.

Commodity vs. Customization

More broadly, companies are starting to run into some fundamental realities that make public cloud services more problematic than traditional arrangements. Public cloud outsourcing works because it is a commodity offering, which allows the provider to offer a very economical service, but typically allows for little or no customization of contract terms. Factors such as security, access to data, availability, business continuity, and so forth are usually not negotiable. Or, if they are, the customizations drive up the price, which cuts into cost advantages. Companies need to consider the trade-off between costs and the flexibility of the terms that govern the public cloud service.

We have found that some of these click-wrap terms can be surprisingly stringent, with conditions that companies would probably not accept in a traditional contract. Under the Amazon Web Services customer agreement, for example, a company essentially agrees not to sue AWS, its affiliates, customers, vendors, business partners, or licensors for IP infringement in connection with web services made available by AWS and its affiliates. The agreement also prohibits AWS customers from helping or encouraging any other party to pursue IP claims against AWS, its affililiates, customers, vendors, business partners, or licensors. That obligation continues even after a company stops using AWS services. Thus, companies with patents or trade secrets covering Internet or cloud-related technologies might want to think carefully before entering into such an agreement.

There are other areas where these types of cloud-based outsourcing arrangements can increase a company's risk profile. For example, cloud providers might store data in various locations in different countries and, over time, move it to new locations to get the most cost-effective service—often, without the customer company knowing where its data is kept. This can have significant data privacy implications, and could cause companies to inadvertently run afoul of laws that require them to know where their data is and restrict the movement of personal data across borders.

Protecting the Data

The issue of data privacy in the cloud is serious enough that in early 2012 the European Union published an opinion paper noting that "the wide-scale deployment of cloud computing services can trigger a number of data protection risks, mainly a lack of control over personal data as well as insufficient information with regard to how, where, and by whom the data is being processed/sub-processed." Such concerns have been echoed in the U.S. Last year a group of federal agencies expressed concern over security and data integrity in cloud environments, noting that "a financial institution's ability to assess compliance may be more complex and difficult in an environment where the cloud computing service provider processes and stores data overseas or commingles the financial institution's data with data from other customers...."

In general, many cloud agreements provide little in the way of assurances about data privacy. The customer may have almost no control over how its outsourced data is managed, but because it collected the information in the first place it is still legally responsible for that data. None of this is to say that such issues will stop the move to cloud-based outsourcing or that companies should avoid the practice. But outsourcing customers need to recognize not only what the cloud can do for them, but what it cannot do in terms of reducing risk and addressing compliance issues. Companies can consider strategies such as hybrid clouds, maintaining backups in-house, and encrypting data sent to the cloud. They need to perform thorough due diligence, carefully weigh the legal risks and business benefits involved, and determine how best to take advantage of the cloud.

Those decisions may become easier as the marketplace evolves and adapts. We now see some cloud outsourcing providers recognizing that large corporate customers—and especially companies in regulated sectors with heightened security concerns—will ultimately need more than the basic, one-size-fits-all agreement. These providers are exploring ways to set up their infrastructure and design their services to meet the needs of corporate customers and proactively offer more flexibility while still keeping costs down.

Similarly, we expect to see more vendors working to address data privacy issues in order to appeal to the corporate market. For example, rather than leaving it up to the customer to worry about legal compliance an approach typical of public cloud providers—a vendor could offer assurances that its operations will keep personal information in certain countries and be in compliance with European Union data protection laws. This approach may be especially effective for less prominent providers that are trying to compete with the Amazons of the world.

Still, the upside of cloud-based outsourcing is too powerful to ignore. Fortune 500 companies are interested in these services, and vendors want to tap into that interest. We believe that marketplace realities will drive vendors to find new flexibility and data protection solutions—and the cloud will be a core ingredient in the outsourcing formula.

Questions for the Cloud

With cloud-based outsourcing in general, and public clouds in particular, due diligence is more important than ever. Companies considering a public cloud vendor should ask such questions as:

  • Where are the servers housing our data located?
  • Will our data be moved during the life of the agreement?
  • Will the vendor use third-party providers to store our data?
  • Will our data be sharing computing resources with data from other companies/competitors?
  • Has the vendor been sued for service/data protection issues?
  • What security and data protection practices does the vendor use?
  • How will the vendor handle service disruptions and business continuity issues?
  • Will our data be used by the provider for other analytics-driven commercial purposes?
  • Can we get our data back at the end of the agreement—in a usable format?
  • Can we easily access/search our data for discovery in the event we are sued?
  • Will our confidential data be deleted from the provider's servers at the end of the agreement?

Measurement

The New Focus on Sustaining Value

Companies and outsourcers are looking for ways to conduct smaller, more frequent performance measurements that allow them to make incremental adjustments as needs change.

With two decades of outsourcing experience, vendors and client companies have become adept at forging agreements that focus on value for money being spent. They have learned to create contracts that balance cost benefits with broader business benefits such as innovation, transformation, and entry into new markets. But, too often, the focus is on initial value for money. Organizations have been less effective when it comes to establishing the kind of oversight and follow-through needed to ensure that the expected deal value is delivered and sustained over time.

Over the past year, however, we have been seeing more contract discussions where companies and vendors are taking steps to drive and sustain results over time, throughout the life of the engagement. The issue of sustained value is not new, of course, but perhaps as a legacy of the wave of outsourcing deal realignments during the recent global recession, organizations appear to be more conscious of looking for ways to continue the value-for-money promise.

Traditionally, signing a contract has been considered an endpoint. Now there is growing interest in establishing mechanisms to monitor performance, make mid-course corrections, and continue to drive the delivery of value, even as conditions change.

Previously, organizations might have put all their eggs in the benchmarking basket as a way to realign deals. But benchmarking can be costly and cumbersome, and too often requires agreement on results before implementation. Our experience is that "little and often" corrections offer a better approach to securing ongoing value than infrequent "big stick"-type mechanisms.

Underlying the "little and often" approach is the need to establish governance processes that include regular discussions about performance gaps, changes in the business or technology environment, and improvements and innovations to enable the continued delivery of business value. This means formally putting the tracking and pursuit of value on the governance agenda, rather than relying on the trajectory of the original agreement to achieve results.

With that in mind, some companies are rethinking the use of benchmarking in assessing results. Traditionally, contracts might call for a benchmarking exercise every two or three years to see how performance measures against the company's peers. The problem is that many things can change in a few years, and such assessments may come too late for a meaningful response to new conditions. And benchmarking can lead to lengthy discussions about data validity, rather than taking the actions needed to keep the operation on track to value.

As a result, companies and outsourcers are seeking ways to conduct smaller, more frequent performance measurements that allow them to make incremental adjustments as needs change. Gain-sharing agreements—in which vendors and customers alike benefit from productivity improvements, cost reductions, increased revenue, etc.—are being used to keep both parties focused on value. Some agreements spell out how technology upgrades or process improvements will be triggered, or establish processes that incentivize the vendor to keep bringing best practices to the company's operations.

We are seeing this renewed emphasis on sustaining value across various industries—and in both IT and business process outsourcing deals. It is especially prominent in complex, transformation/ innovation focused engagements where business value extends beyond cost reductions and the ability to adapt and exploit new opportunities is especially key.

Looking for Flexibility

The search for sustained value is also prompting companies to look for greater flexibility in contract terms. These might cover how often and quickly personnel adjustments can be made, the frequency of technology improvements, or even the ability to bring in another provider midway through a contract if performance is falling short. "In many of the deals I've worked with in the last year or 18 months, companies are trying to be immensely more flexible in terms of being able to switch on and switch off costs and services, with limited penalties," says Julian Hamilton, the EMEA sourcing lead, IT & Telecoms, at Procurian.

Companies have long been interested in such flexibility, but that interest is now heightened by economic uncertainty and the need to deal with rapid change, as well as concerns over being locked into a vendor's processes and technologies and being left behind. There's a mind-set change at work, Hamilton says. As on-demand cloud computing becomes more practical, "that kind of thinking about the cloud is spreading into perceptions of other outsourcing services," he says.

Of course, not all vendors have come to such conclusions. "I am seeing that clients want flexibility, but suppliers don't want them to have it," Hamilton says. "So there are some struggles going on." But there is a potential carrot for vendors in that picture. Recent years have seen a trend toward smaller, more narrowly focused outsourcing engagements. But if there is more flexibility in contract terms, customer companies might be more willing to sign up for longer-term deals.

Finally, the pursuit of value for money is leading some companies to reassess what they need from an outsourcing engagement. In the wake of the economic crash and the scramble to find cost savings, some companies have decided they did not need "gold-plated" service. That perspective seems to be sticking as the economic recovery moves forward, and it may be part of the value-for-money equation for the foreseeable future.

The Struggle for Profitability

Like so many companies, large outsourcing vendors found themselves under a great deal of pressure during the economic downturn. Some of them continue to face financial challenges due to a number of structural factors in the industry. Vendors today have to deal with the commoditization of some forms of outsourcing via cloud and as-a-service offerings; the increasing strength and growing market share of what were once "tier 2" providers, particularly companies from India; and relentless pressure from customers to bring prices down. The result, often, has been little or no top-line growth, thin margins, and elusive profitability. In addition, the past few years have seen a number of mergers and acquisitions of large technology companies and service providers, such as HP and EDS, Xerox and ACS, and Dell and Perot Systems. Some of these matchups have struggled to find the right business model and build the integrated cultures needed to provide outsourcing services profitably.

As a result of these challenges, we have been seeing vendors declining to renew low-profit deals and more discussion of "firing" customers and aggressively ending deals. In at least one case, a vendor took the highly unusual step of simply terminating an engagement midway through the contract: essentially walking away from the business and its obligations and risking litigation because of its difficulties in making the deal financially viable. At this point, that may be an extreme example, but if it ends up being an approach adopted by other struggling vendors, it could signal a significant paradigm shift in the industry.

Vendors aren't holding still, of course, and many are trying to streamline operations to boost margins, for example, by relying more on offshore operations, automating more work, and reducing layers of management. Such moves could, in fact, increase vendor responsiveness and agility from the customer perspective, as well as help shore up vendor profitability.

Nevertheless, companies need to keep a close eye on vendor financials, and due diligence on that front is perhaps more important than ever. They should also consider the inclusion of contract provisions that will allow them to terminate an agreement if there are early signs of vendor financial instability—if, for example, the vendor's credit rating falls below a certain point. This approach will at least give the company some control over timing and the ability to transition to a new vendor, rather than be abruptly left in the lurch by a vendor's bankruptcy. And finally, companies in contract negotiations should balance their interest in low costs with the realistic need for a vendor to make a profit—that is, look for a deal that works for both parties.

Outsourcing Without Borders

As business becomes more global, companies are looking to manage across borders in a more integrated fashion—and outsourcing is playing a part in those efforts, resulting in more deals that encompass operations in several countries.

Traditionally, multinational business operations have tended to be siloed by country to accommodate differences in regulations, language, and culture. Increasingly, we are seeing companies looking to consolidate management functions across regions and even globally, and some are turning to outsourcing vendors. For example, Morrison & Foerster recently helped set up an arrangement in which the vendor provides centralized facilities-management services for a pharmaceutical company's 22 sites in four European countries.

Such cross-border deals can be complex to work out and operate because they require a balance of local flexibility and central control, as well as an understanding of which local practices can be standardized and which can't. But the payoff can be significant in terms of economies of scale, increased efficiency, and the use of consistent performance metrics to drive continuous improvement. In some cases, companies view reliance on an outsourcer as a way to drive change and the standardization of global processes, which can be difficult to achieve as internal initiatives.

The vendor community is building the frameworks and sophistication needed for this type of deal. And with the ongoing globalization of business, we expect more of these arrangements to emerge.

Workforce

Outsourcing and the BYOD Challenge

While the "bring your own device" trend may help reduce technology costs and improve productivity, companies need to factor the challenges it creates into their IT outsourcing arrangements.

Companies today are seeing an influx of employee-owned smartphones, tablets, and laptops being used for work, in and out of the office. In response, many are embracing this "bring your own device" (BYOD) trend and encouraging employees to use their devices for company business. Others, however, view the risks as outweighing the benefits. (For more on the pros and cons on BYOD see http://bit.ly/17aJDnO.) Advocates see BYOD as a positive development that can help reduce technology costs and improve productivity. But the advent of BYOD is creating some significant challenges for IT—and companies and vendors should factor this reality into their IT outsourcing agreements.

In this environment, companies need to develop policies covering areas such as the privacy of employee communications and the ownership of IP developed on employee devices. There is considerable room for improvement here: according to the Ovum analyst firm, only about 20 percent of employees using their own devices at work have signed a company BYOD policy. Once a policy is in place, companies need to make sure that their outsourcing vendor can support it from a process and technology standpoint.

Data security typically requires special attention. Protecting against data breaches in a secure data center is difficult enough, and the challenge is vastly more complex in an environment where mobile, far-flung employees are using and sending company information. What tools and technologies will the vendor use to ensure security? This is especially important for companies in regulated industries. However, the guidance from regulators on ensuring compliance with BYOD technology has not been clear to date (if, indeed, such guidance exists at all). As a result, companies and vendors need to be prepared to act quickly when firmer rules are eventually put in place.

Contracts also need to spell out how a vendor will address IT support in a BYOD era, where IT has less control over technology. How will it provide assistance for a variety of different devices, with new ones appearing all the time? How will it handle the various kinds and versions of software on employee devices?

Finally, companies need to determine how a vendor will support the need for discovery in the event of litigation. How will it track and access relevant information that is spread across many non-company devices?

The BYOD era brings complex challenges to IT. Managing information and technology in a this environment will require new tools—and with IT as their core business, outsourcing vendors may be in better position to find the best fit and apply those tools.

The guidance from regulators on ensuring compliance with BYOD technology has not been very clear.

Politics

The U.S. Presidential Election: Beyond the Rhetoric

While outsourcing was hotly debated during last fall's election, it remains both an effective business practice and a competitive necessity for global businesses.

For several election cycles now, outsourcing has been a prominent political issue, and, in the 2012 presidential election, it was a hotter topic than ever. This is not surprising, perhaps, given the ongoing concerns about job security and the economy. And as always, the politics were undoubtedly complicated by the fact that the public often fails to distinguish between the outsourcing of work from a company and the offshoring of work to another country. Many people, says a Deloitte survey report, "confuse outsourcing with offshoring. Many respondents still see the two processes as inseparable—even though many times outsourced work never leaves the originating country."

What is surprising is how little impact the anti-outsourcing rhetoric has actually had in the real world of business. Outsourcing is an effective business practice that is almost a competitive necessity in a global business environment, and even months of high profile speeches and debate haven't changed that fact.

More specifically, many large companies today take advantage of offshoring relationships, and that is likely to continue. Yes, some companies have "reshored" manufacturing back to the U.S. from overseas, but there appear to be limits to how extensive that trend will be. For one thing, labor arbitrage is still a significant factor; although wages have increased in places such as India, labor in those markets is still cheaper than in the U.S.—and in a global marketplace, many companies are hard-pressed to give up those lower costs.

The most important factor, however, is the availability of the right talent—and a shortage of technical skills in the United States.

The most important factor, however, is the availability of the right talent—and a shortage of technical skills in the U.S. As many have noted, the U.S. education system hasn't been producing enough technical graduates to keep up with demand. At the same time, the current administration has been tightening H-1B visa requirements, making it more difficult to bring technically skilled people from overseas to work in the U.S. Morrison & Foerster has worked with at least one U.S. client that has reshored some overseas manufacturing operations to the U.S., and then found itself struggling to make it all work because it couldn't find enough people with the skills it needed.

One company that is interested in doing more in the United States is Apple, which is expected to start building a line of computers in the U.S. in the near future. But Apple is not likely to completely reshore its manufacturing. When a reporter asked Apple CEO Tim Cook about moving even more production to the U.S., he pointed out that "It's not so much about price, it's about the skills...." And when the skills aren't available, companies have no choice but to look overseas in order to get work done—a fact that transcends the campaign rhetoric.

Asia: Growing Capacity, New Markets

Global companies are consolidating data centers into regional hubs for efficiency. In Asia, service providers are responding with increased capacity, driving a data-center building boom in high-bandwidth regional hubs such as Hong Kong and Singapore. This trend will likely be reflected in mainland China, in part because the new government is expected to revise local regulations to encourage investment in cloud computing services.

At the same time, government outsourcing is set to grow as Asian countries look to modernize a wide spectrum of public sector service— particularly healthcare delivery—and turn to outsourcers to streamline back-office and user-information systems. Many governments still prefer local providers, but global vendors with deep healthcare skills are increasingly able to participate via joint ventures with local providers. However, some caution is in order because the IP and technology transfer regimes in many developing Asian jurisdictions are idiosyncratic and typically favor local companies and employees.

That points to a fundamental change: Asia's emergence as a major outsourcing market and a source of services. With the low cost of capital and slow economic growth in Europe and the U.S., much investment has flowed into countries such as Malaysia and Indonesia. Businesses there are now struggling to keep up with demand. Many are looking for software, platform, and infrastructure as-a-service providers to help them get up to speed— further fueling outsourcing growth.

Regulation

The Privacy Bar Gets Higher

As the amount of data being stored increases, so too do concerns about the safeguarding of personal information—and that is having a direct impact on outsourcing.

Data privacy laws have been around for some time—most notably in Europe, where EU-wide regulations cover the protection of personal data and its movement across national borders. Such regulations are familiar to most companies that have business relating to EU countries.

But less familiar, perhaps, are some of the privacy regimes now taking shape in Asia and Latin America. In 2012, many countries in those regions created or significantly updated their laws governing the protection of personal information.

In Asia, for example, the Philippines and Singapore each passed comprehensive new data privacy laws for the first time, and Australia, Hong Kong, and Taiwan amended their existing privacy laws. In 2013, Malaysia is poised to implement its privacy law, which was adopted two years ago.

Latin America, Colombia, Costa Rica, Nicaragua, and Peru have broad new omnibus privacy laws. Eleven countries in the region now have such laws, and Brazil is considering one.

Unlike EU law, which provides some consistency across the continent, these laws often differ significantly from place to place, creating a complex patchwork of regulation for outsourcing arrangements that extend across borders.

Some countries' laws are creating particularly daunting challenges. For example, South Korean law was the first to require that personal data be encrypted when "at rest" in a database, not just when it is in transit—which is likely to lead to cost and performance problems for outsourcers. And in Costa Rica and some other countries, new laws require a company to get consent from each customer before sharing his or her information with an outsourcing vendor, which poses some obvious and huge practical problems.

Unlike in the EU, where there is some consistency across the continent, laws in other regions differ from place to place, creating a complex regulatory patchwork.

Dealing with Breaches

Evolving technologies are also creating regulatory complications. In the U.S., 46 states have laws requiring companies to notify their customers when there is a data breach involving personal information. But under some public cloud outsourcing agreements, the outsourcer is not required to let customer companies know when there is such a breach. Thus, a company might find itself out of compliance when it is not even aware that there has been a problem.

We expect data privacy regulations to continue to create challenges for outsourcers and their customers. In this environment, all parties need to think carefully about what data is kept where— and allow time in deal negotiations to work through these issues.

Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Morrison & Foerster LLP. All rights reserved

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

Authors
Chris Coulter
Alistair Maughan
Gabriel E. Meister
Gordon Milner
 
In association with
Tools
Print
Font Size:
Translation
Channels
Mondaq on Twitter
 
Register for Access and our Free Biweekly Alert
Email Address
Company Name
Password
Confirm Password
Mondaq Topics -- Select your Interests
Accounting and Audit
Anti-trust/Competition Law
Consumer Protection
Corporate/Commercial Law
Criminal Law
Employment and HR
Energy and Natural Resources
Environment
Family and Matrimonial
Finance and Banking
Food, Drugs, Healthcare, Life Sciences
Government, Public Sector
Immigration
Insolvency/Bankruptcy, Re-structuring
Insurance
Intellectual Property
International Law
Law Practice Management
Litigation, Mediation & Arbitration
Media, Telecoms, IT, Entertainment
Privacy
Real Estate and Construction
Strategy
Tax
Transport
Wealth Management
Regions
Africa
Asia
Asia Pacific
Australasia
Canada
Caribbean
Europe
European Union
Latin America
Middle East
U.K.
United States
Worldwide Updates

Terms & Conditions and Privacy Statement

Mondaq.com (the Website) is owned and managed by Mondaq Ltd and as a user you are granted a non-exclusive, revocable license to access the Website under its terms and conditions of use. Your use of the Website constitutes your agreement to the following terms and conditions of use. Mondaq Ltd may terminate your use of the Website if you are in breach of these terms and conditions or if Mondaq Ltd decides to terminate your license of use for whatever reason.

Use of www.mondaq.com

You may use the Website but are required to register as a user if you wish to read the full text of the content and articles available (the Content). You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these terms & conditions or with the prior written consent of Mondaq Ltd. You may not use electronic or other means to extract details or information about Mondaq.com’s content, users or contributors in order to offer them any services or products which compete directly or indirectly with Mondaq Ltd’s services and products.

Disclaimer

Mondaq Ltd and/or its respective suppliers make no representations about the suitability of the information contained in the documents and related graphics published on this server for any purpose. All such documents and related graphics are provided "as is" without warranty of any kind. Mondaq Ltd and/or its respective suppliers hereby disclaim all warranties and conditions with regard to this information, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Mondaq Ltd and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use or performance of information available from this server.

The documents and related graphics published on this server could include technical inaccuracies or typographical errors. Changes are periodically added to the information herein. Mondaq Ltd and/or its respective suppliers may make improvements and/or changes in the product(s) and/or the program(s) described herein at any time.

Registration

Mondaq Ltd requires you to register and provide information that personally identifies you, including what sort of information you are interested in, for three primary purposes:

  • To allow you to personalize the Mondaq websites you are visiting.
  • To enable features such as password reminder, newsletter alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our information providers who provide information free for your use.

Mondaq (and its affiliate sites) do not sell or provide your details to third parties other than information providers. The reason we provide our information providers with this information is so that they can measure the response their articles are receiving and provide you with information about their products and services.

If you do not want us to provide your name and email address you may opt out by clicking here .

If you do not wish to receive any future announcements of products and services offered by Mondaq by clicking here .

Information Collection and Use

We require site users to register with Mondaq (and its affiliate sites) to view the free information on the site. We also collect information from our users at several different points on the websites: this is so that we can customise the sites according to individual usage, provide 'session-aware' functionality, and ensure that content is acquired and developed appropriately. This gives us an overall picture of our user profiles, which in turn shows to our Editorial Contributors the type of person they are reaching by posting articles on Mondaq (and its affiliate sites) – meaning more free content for registered users.

We are only able to provide the material on the Mondaq (and its affiliate sites) site free to site visitors because we can pass on information about the pages that users are viewing and the personal information users provide to us (e.g. email addresses) to reputable contributing firms such as law firms who author those pages. We do not sell or rent information to anyone else other than the authors of those pages, who may change from time to time. Should you wish us not to disclose your details to any of these parties, please tick the box above or tick the box marked "Opt out of Registration Information Disclosure" on the Your Profile page. We and our author organisations may only contact you via email or other means if you allow us to do so. Users can opt out of contact when they register on the site, or send an email to unsubscribe@mondaq.com with “no disclosure” in the subject heading

Mondaq News Alerts

In order to receive Mondaq News Alerts, users have to complete a separate registration form. This is a personalised service where users choose regions and topics of interest and we send it only to those users who have requested it. Users can stop receiving these Alerts by going to the Mondaq News Alerts page and deselecting all interest areas. In the same way users can amend their personal preferences to add or remove subject areas.

Cookies

A cookie is a small text file written to a user’s hard drive that contains an identifying user number. The cookies do not contain any personal information about users. We use the cookie so users do not have to log in every time they use the service and the cookie will automatically expire if you do not visit the Mondaq website (or its affiliate sites) for 12 months. We also use the cookie to personalise a user's experience of the site (for example to show information specific to a user's region). As the Mondaq sites are fully personalised and cookies are essential to its core technology the site will function unpredictably with browsers that do not support cookies - or where cookies are disabled (in these circumstances we advise you to attempt to locate the information you require elsewhere on the web). However if you are concerned about the presence of a Mondaq cookie on your machine you can also choose to expire the cookie immediately (remove it) by selecting the 'Log Off' menu option as the last thing you do when you use the site.

Some of our business partners may use cookies on our site (for example, advertisers). However, we have no access to or control over these cookies and we are not aware of any at present that do so.

Log Files

We use IP addresses to analyse trends, administer the site, track movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.

Links

This web site contains links to other sites. Please be aware that Mondaq (or its affiliate sites) are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of these third party sites. This privacy statement applies solely to information collected by this Web site.

Surveys & Contests

From time-to-time our site requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose any information requested. Information requested may include contact information (such as name and delivery address), and demographic information (such as postcode, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the functionality of the site.

Mail-A-Friend

If a user elects to use our referral service for informing a friend about our site, we ask them for the friend’s name and email address. Mondaq stores this information and may contact the friend to invite them to register with Mondaq, but they will not be contacted more than once. The friend may contact Mondaq to request the removal of this information from our database.

Security

This website takes every reasonable precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected using firewalls and other security technology. If you have any questions about the security at our website, you can send an email to webmaster@mondaq.com.

Correcting/Updating Personal Information

If a user’s personally identifiable information changes (such as postcode), or if a user no longer desires our service, we will endeavour to provide a way to correct, update or remove that user’s personal data provided to us. This can usually be done at the “Your Profile” page or by sending an email to EditorialAdvisor@mondaq.com.

Notification of Changes

If we decide to change our Terms & Conditions or Privacy Policy, we will post those changes on our site so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.

How to contact Mondaq

You can contact us with comments or queries at enquiries@mondaq.com.

If for some reason you believe Mondaq Ltd. has not adhered to these principles, please notify us by e-mail at problems@mondaq.com and we will use commercially reasonable efforts to determine and correct the problem promptly.