Your privacy is important to Synovate Inc. We post this Privacy Statement so that you are aware of the information we collect, how it is handled and with whom it is shared.

As we continue to modify our website and take advantage of developing technologies, this Privacy Statement will most likely change. Therefore, we encourage you to refer to this Privacy Statement on an ongoing basis. This Privacy Statement applies to all content found within this website, except for other content which is subject to additional or different terms and conditions.

When you browse on this site your e-mail address is not automatically collected but our server may automatically gather and store the following information about your visit:

1. Your Internet domain name and IP address;
2. The type of browser and operating system used to access our site;
3. The pages you visit;
4. The date and time of your visit.

We use this information to learn about the number of people who visit our site and the technology used, to assist in making changes to our website, to improve the content of our website and for business planning purposes.

If you choose to provide information to us through our site by use of registration forms or otherwise (company name, email address, telephone number, etc.), it will be assumed that you are requesting information about our company and products. Your email address and all other personally identifiable information you provide may be used to fulfill your request and also may be used by us for other purposes related to your visit to our site or to further our business purposes.

In general we will not share personally identifiable information about you with third parties. Synovate Inc. may send personally identifiable information about you, including your email address, to other companies or people when:

• We have your consent to share the information;
• We need to share this information to provide to you the information, product or service you have requested;
• We respond to subpoenas, court orders or legal process; or
• We find or have reason to believe that your actions on our website violate website terms or conditions or are in violation of law.

If you provide us with your e-mail address, we may send you e-mail offers. We may use information you have given to us, for example, to measure your interest in various services or special offers, and inform you about new products and services. These offers may be based on information you provide in your initial visit with us, through surveys, or through information we collect about the pages you visit.

Any list used to send you a product or service offer will be developed and managed by Synovate or an authorized affiliate or contractor. At any time you may request to be removed from the list by selecting "Please don't send me e-mail" on the Subscribe/Unsubscribe to E-Mail Updates form and returning it to us, or by replying to an email message and changing the SUBJECT line to read "UNSUBSCRIBE".

We will make a sincere effort to respond in a timely manner to any request to correct inaccuracies in your personal information. To correct inaccuracies, please return the message containing the inaccuracy to the sender with details of the correction requested.

Synovate Inc. is not responsible for the privacy practices or the content of any other websites to which we link and you should review the privacy policy at each site before providing any information.

A cookie is a small string of text that a web site can send to your browser. Cookies were designed to assist in distinguishing a user's browser from a previous visitor by saving and remembering any preferences that may have been set while browsing the particular site. We may use "cookie" or other technologies now or in the future to tailor our website to your interests based on the items you review while visiting our site; such technologies may also be used by us for other purposes related to your visit to our site or to further our business purposes.

This Synovate Inc. Privacy Statement (the "Statement") applies only to personal data (as defined below) that Synovate (as defined below) receives from the European Union ("EU") on or after April 1, 2005.

Synovate adheres to the Safe Harbor Agreement concerning the transfer of personal data from the EU to the United States. Accordingly, Synovate follows the Safe Harbor Principles published by the U.S. Department of Commerce ("Principles") with respect to all such data, and this Statement complies with such Principles. Compliance with the Principles may be limited, however, in certain cases to the extent necessary to meet national security, public interest or law enforcement requirements. All Synovate personnel with access to personal data are obligated to familiarize themselves and comply with provisions of this Statement.

"Personal data" means data that is (a) transferred to the United States from the EU, (b) is about, or relates to, an identified or identifiable individual, (c) can be linked to that individual, and (d) is recorded. Personal data may include, among other things, an individual's name, address, phone number, e-mail address, or social security or national health insurance or an equivalent number. For further clarity, the term "personal data" does not include data that pertains to a specific individual, but from which that individual cannot reasonably be identified. Unless otherwise indicated, references herein to personal data include sensitive personal data (as defined below).

"Sensitive personal data" is a subset of personal data that indicates an individual's medical or health condition, racial or ethnic origin, political opinions, religion, union membership, sexual orientation, or actual or alleged criminal activity.

"Company" or "Synovate" refers to Synovate, Inc.

Synovate collects personal data from and about individuals for use generally in connection with the operation of its business. Such personal data may be used by Synovate to provide incentive, performance improvement, loyalty marketing, learning, travel, market research, or other goods and services to its clients.

Synovate may disclose personal data to third parties when such disclosure is necessary or appropriate for Synovate' provision of such services to its clients or otherwise for Synovate' operation of its business. Synovate may also disclose personal data to third parties in circumstances described in the "Onward Transfer to Third Parties" section below.

Any complaints or questions should be directed to the Synovate Global CIO, Bruce Wells, whose contact information is as follows: 222 South Riverside Plaza, Chicago, IL 60606; bruce.wells@synovate.com; telephone (312) 526-4088.

When Synovate receives personal data from the EU merely for processing purposes and does not control the collection of the personal data, Synovate may not provide notification of this Statement to the individuals to which such personal data relates. In such event, Synovate reserves the right to process personal data in the course of providing services to its clients without the knowledge of the individuals involved.

Except as provided below, Synovate gives individuals from whom it collects personal data the opportunity to opt out from allowing Synovate to disclose his or her personal data to a third party or to use it for a purpose incompatible with the purpose for which it was originally collected. For sensitive personal data, Synovate requires such individual to affirmatively opt in and give consent if the data is to be disclosed to a third party or used for a purpose other than its original purpose.

Individuals desiring to exercise their opt out rights should contact the Synovate Global CIO, Bruce Wells, whose contact information is as follows: 222 South Riverside Plaza, Chicago, IL, 60606; bruce.wells@synovate.com; telephone (312) 526-4088. Individuals from whom sensitive personal data is sought will be advised of how to opt in and give the required consent at the time the data is collected, if the data is to be disclosed to a third party or used for a purpose other than its original purpose.

When Synovate receives personal data from the EU merely for processing purposes and does not control the collection of the personal data, Synovate may not provide such choices to the individuals to whom such personal data relates. In such event, Synovate reserves the right to process personal data in the course of providing services to its clients without the knowledge of the individuals involved.

Synovate may disclose personal data to a third party if (a) Synovate has received the applicable individual's permission to make the disclosure, (b) the disclosure is required by law, (c) the disclosure is reasonably related to the sale or other disposition of all or part of Synovate' business, (d) the information in question is publicly available, and/or (e) the disclosure is reasonably necessary for the establishment of a legal claim.

Additionally, Synovate may disclose personal data to a third party if the disclosure is to a Synovate affiliate or to persons or entities providing services on behalf of Synovate, a Synovate client, or the individual (each a "transferee"), consistent with the purpose for which the information was obtained, if the transferee, with respect to the data in question (a) is subject to law providing an adequate level of privacy protection including, without limitation, transferees that are located within the EU or transferees that are otherwise subject to an "adequacy" finding, (b) has agreed in writing to provide an adequate level of privacy protection, and/or (c) subscribes to the Principles.

Synovate takes reasonable precautions to protect personal data from loss, misuse, tampering, destruction and unauthorized access. These precautions include password protections for on-line information systems, restricted access to personal data within the Human Resources Department, and other measures implemented by Synovate, Inc.

Synovate takes reasonable steps to ensure that personal data is accurate, complete, current and relevant for the purposes for which it was collected.

Upon request and consistent with any applicable client commitments, Synovate will permit individuals to access their personal data and to correct any erroneous information. The individual may need to provide sufficient identifying information, such as, without limitation, name, address, birth date, and social security or national health insurance or an equivalent number. Such access may be denied or limited by Synovate, however, if providing such access is unreasonably burdensome, expensive under the circumstances, and/or if giving access to such information would violate another person's rights. In some circumstances, Synovate may charge a reasonable fee for access to personal data.

Synovate will conduct an annual self-assessment to ensure that this Statement is published and disseminated within Synovate and on its website and that it conforms to the Principles. In addition, Synovate has deployed internal processes to monitor Synovate' compliance with the Principles and to address all questions or complaints. Synovate will also self-certify annually with the U.S. Department of Commerce as being in compliance with the Principles.

Individuals may raise any concerns or complaints regarding their personal data directly with Synovate by contacting the Synovate Global CIO, Bruce Wells, whose contact information is as follows: 222 South Riverside Plaza, Chicago, IL, 60606; bruce.wells@synovate.com; telephone (312) 526-4088. If an individual raises such a concern or complaint, Synovate will investigate the matter and attempt to resolve all issues to the satisfaction of the individual raising the concern or complaint. If the matter cannot be settled at that stage, Synovate agrees to cooperate with competent EU data protection authorities.

Synovate may modify or amend this Statement from time to time by posting a revised Statement on the web at www.synovate.com. If Synovate amends this Statement, the new statement will apply to personal data previously collected only insofar as the rights of the individuals affected are not reduced. So long as Synovate adheres to the Safe Harbor Agreement, Synovate will not amend this Statement in a manner inconsistent with the Principles.

This Statement is subject to other policies and procedures implemented by Synovate. For instance, if another Synovate policy or procedure grants broader rights to the Company relating to the collection, handling or disclosure of personal data, the Company may exercise those broader rights.