Privacy Shield

Last Revised: 03/20/2018

SC&H Group, Inc. and its covered entities (collectively “SC&H”) comply with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States.  SC&H has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit

The additional entities covered under SC&H’s Privacy Shield Policy include:

  • SC&H Financial Advisors, Inc.
  • SC&H Tax & Advisory Services, LLC
  • SC&H Attest Services, P.C.
  • Stout Causey Capital Corporation
  • Stout, Causey Consulting, Chartered

SC&H is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

This Privacy Shield Policy applies to personal information within the scope of SC&H’s Privacy Shield certification, which covers the following:

  • Personal information regarding current, former and prospective clients and their personnel or others for the purposes of rendering SC&H’s services, managing the overall relationship, and business development activities.
  • SC&H may also collect personal information in order to address inquiries and / or provide information, as requested.

For the purposes of this Privacy Shield Policy, “personal information” means information that pertains to a specific individual and can be directly or indirectly linked to that individual.

SC&H may disclose personal information to third party service providers in connection with the operations of our business, including delivering services to our clients and managing the client relationship. Any onward transfer of personal information is done so after SC&H ascertains that the third party provides at least the same level of protection required by the Privacy Shield. SC&H remains responsible for the information that has been transferred to the third party service provider and may be liable if the third party fails to meet the obligations set forth in the Principles, unless SC&H proves that it was not responsible for the event giving rise to the damage.

SC&H may also be required to disclose personal information to law enforcement, regulatory or government agencies, or to other third parties in order to comply with legal, regulatory, or national security obligations or requests.

Privacy Shield Dispute Resolution

In compliance with the Privacy Shield Principles, SC&H commits to resolve complaints about our collection or use of your personal information.  EU and Swiss individuals with inquiries, complaints regarding our Privacy Shield policy or requests to access, correct, amend, delete or restrict the usage of personal information should first contact SC&H at:

SC&H will respond to inquiries and complaints within forty-five (45) days from the date of the inquiry or complaint. SC&H has further committed to cooperate with the panel established by the EU data protection authorities (“DPAs”) and the Swiss Federal Data Protection and Information Commissioner (“FDPIC”) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU and Switzerland. If we are unable to satisfactorily resolve the matter you raise and it pertains to personal information covered by this Privacy Shield Policy, the issue may be raised to the EU DPAs by obtaining their contact information here or the Swiss FDPIC by obtaining their contact information here.

In certain situations, you may the possibility to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. Please refer to Annex I of the Privacy Shield by clicking here for additional information on the conditions required to invoke binding arbitration after other Privacy Shield dispute resolution mechanisms are exhausted.