Version Date Author Revision(s)/Edit(s) V3.0 12/8/2010 Marland Webb V4.0 03/18/15 Marland Webb Update procedures and links

Transcription

1 Records Management Policy Property/Name Document Type Issuing Department Policy Number Version Number 4 Value Policy Law/Records Management NA Issue Date 12/08/2010 Effective Date 12/08/2010 Last Amend Date 03/18/2015 Last Review Date 03/18/2015 Review Interval Owner(s) Approved By Released By Applies To REVISION HISTORY Annual Marland Webb, Asst Genl Cnsl, Directr Rec Mgmt Deborah Golden, EVP General Counsel & Secretary Marland Webb, Asst Genl Cnsl, Directr Rec Mgmt North America Version Date Author Revision(s)/Edit(s) V3.0 12/8/2010 Marland Webb V4.0 03/18/15 Marland Webb Update procedures and links ASSOCIATED POLICIES AND PROCEDURES Policy Reference(s) Procedure Reference(s) Note: Policy Reference: If the policy is governed by a legal entity, for example the FRA or US Coast Guard, indicate the applicable policy. For any policy that has procedures or manuals, e.g. ASC Safety, indicate where the procedures or manuals can be found. Indicate NA if none of the above applies. This policy replaces any previously issued policies, statements or memoranda covering such employees and addressing the same or similar subject matter. This policy may be amended, modified or withdrawn, in whole or in part, by GATX at any time, at its sole discretion and without notice. For the most up-to-date version, please visit: Records Management_ Page 1

2 Table of Contents SECTION I: POLICY... 4 PROGRAM OBJECTIVES:... 4 PROGRAM SCOPE:... 4 DEFINITIONS OF RECORDS:... 4 OWNERSHIP OF RECORDS:... 5 RETENTION SCHEDULE FOR EACH DEPARTMENT:... 5 COMPANY-WIDE RETENTION FOR ALL DEPARTMENT:... 5 ANNUAL RECORDS REVIEW (ARR):... 5 SUSPENSIONS OF DOCUMENT DESTRUCTION DUE TO LEGAL HOLDS:... 5 SECTION II: RESPONSIBILITIES... 6 EMPLOYEES:... 6 GENERAL COUNSEL:... 6 CORPORATE RECORDS MANAGER:... 6 DEPARTMENT RECORDS COORDINATORS:... 7 DEPARTMENT HEADS AND MANAGERIAL EMPLOYEES:... 7 CONTRACTORS AND BUSINESS PARTNERS:... 7 SECTION III: GENERAL PROCEDURES... 7 PROTECTING ONSITE RECORDS:... 7 IDENTIFYING NEW RECORDS:... 8 IDENTIFYING PERMANENT RECORDS:... 8 TRANSFERRING RECORDS TO OFFSITE STORAGE:... 8 SUSPENSION OF RECORDS DESTRUCTION/LEGAL HOLDS:... 8 CONTROLLING NATURE OF CONTRACTS AND CONSENT DECREES:... 9 DRAFTS:... 9 COMPANY-WIDE RECORDS:... 9 ACTIVE VS. INACTIVE RECORDS:... 9 RECORDS OF DEPARTED EMPLOYEES: SECTION IV: ELECTRONIC RECORDS RETENTION PROCEDURES ELECTRONIC RECORDS THAT ARE TRANSIENT DOCUMENTS: ELECTRONIC RECORDS THAT ARE BUSINESS RECORDS: DISCRETE ELECTRONIC RECORDS: NONDISCRETE ELECTRONIC RECORDS: OTHER ELECTRONIC RECORD OBLIGATIONS: ELECTRONIC RECORDS STORED WITH APPLICATION SERVER PROVIDERS: SECTION V: RETENTION PROCEDURES MESSAGES THAT ARE TRANSIENT DOCUMENTS: BUSINESS RECORDS MESSAGES: Records Management_ Page 2

3 SECTION VI: RECORDS DISPOSITION ANNUAL RECORDS REVIEW (ARR) AND RECORDS RETENTION: OFFSITE RECORDS: ONSITE RECORDS: PERMANENT RECORDS ARCHIVE: SECTION VII: RECORDS RETENTION AUDITS RECORDS RETENTION AUDITS: SECTION VIII: TRAINING AND EDUCATION INITIAL TRAINING PROGRAM: COMPLIANCE TRAINING: RECORDS MANAGEMENT POLICY SITE: POLICY HELP: CHANGES TO POLICY OR SCHEDULES: SECTION IX: APPENDICES GLOSSARY: GLOSSARY: SECTION X: RECORDS RETENTION SCHEDULES COMPANY-WIDE RETENTION SCHEDULE: DEPARTMENTAL RETENTION SCHEDULES: Records Management_ Page 3

4 Section I: Policy Program Objectives: This Records Management Policy and its associated Records Retention Schedules (collectively, the Policy ) governs the life cycle of the records of GATX CORPORATION ( GATX or Company ). The Records Retention Schedules ( Retention Schedules ) specifically prescribe the timetable for retaining and disposing of the Company s Business Records and are based on applicable legal and business requirements. The Policy objectives are as follows: Identify, maintain and safeguard records required for the conduct of company business (including litigation, audit, or government investigation); Unless subject to a Legal Hold, retain Business Records for the period of time established by the Retention Schedules and properly destroy records that no longer have ongoing business value; Efficiently maintain active records and current information; Identify and protect vital and historical records; and Provide proper storage and retrieval of inactive records in low-cost, secure facilities. Program Scope: This Policy will apply to all paper and electronic records relating to the Company s business that are produced by, or otherwise come into the possession of the Company. This Policy applies to the Company and its subsidiaries located in the United States and Canada. All other subsidiaries will be subject to its own records management policy that shall comply with the legal requirements imposed by applicable law. This Policy applies to and must be adhered to by all officers, directors, employees, consultants, and independent contractors. Definitions of Records: Records include all paper, , electronic or computer files, microfilm and microfiche, CDs, DVDs or Company records contained in any form or media created or received by the Company in the course of business. Business Records: Any recorded information that: documents a specific business-related event, transaction or activity; supports facts of a particular business-related event, activity or transaction; or is needed for other specific legal, accounting, business or compliance reasons. Business Records must be retained for the retention period specified in the Retention Schedules. The Business Record is the version of the record that is the original record. Content determines if a record is a Business Record, not the media, format or storage location. Records Management_ Page 4

5 Transient Documents: Documents that move the Company forward on a day-to-day basis but do not have long term business value. Examples of Transient Documents include meeting notices, copies or duplicates of Business Records, social communications and most drafts. Transient Documents are not listed in the Schedules and should be discarded when they no longer have business value since they have no minimum retention. At the Annual Records Review all Transient Documents should be reviewed and discarded as appropriate. Ownership of Records: All records whether Business Records or Transient Documents created or received in the course or conduct of the Company s business by any individual subject to the Policy are the exclusive property of the Company and are not the property of the record s author, creator, or custodian. No employee has any personal or property right to any Company records, including those records that they create. Therefore, all Company records are subject to, and must be managed in compliance with, this Policy. Intellectual property rights in all records belonging to the Company are owned by the Company in perpetuity. Intellectual property includes registered trademarks, patents, registered designs, applications for and the right to apply for any such rights, inventions, unregistered trademarks, trade and business names, copyrights, unregistered design rights, databases and rights in databases, and all other similar proprietary rights that may exist in any part of the world. Intellectual property rights also extend to all renewals, extensions, revivals, consents, and applications related to the above property types. Retention Schedule for Each Department: Each department has its own Departmental Retention Schedule covering the records that are specific to its business function. This Departmental Retention Schedule identifies department records and states how long to retain them. Company-Wide Retention for All Department: The Company-Wide Retention Schedule is the schedule containing records categories and retention periods for Business Records located in all departments of the Company such as contracts, policies, procedures and business plans. Each department uses both its own Departmental Retention Schedule and the Company-Wide Retention Schedule. Annual Records Review (ARR): At the direction of the Corporate Records Manager, each department, with the assistance of a designated representative from each department ( Department Records Coordinator ) and the Records Management Group, will conduct an Annual Records Review to review, retain and discard records consistent with the Policy, the Company-Wide Retention Schedule and the Departmental Retention Schedule. Suspensions of Document Destruction Due to Legal Holds: The Company shall suspend destruction of records in response to Legal Holds issued due to actual or anticipated litigation, tax issues, information requests from federal or state authorities or other Records Management_ Page 5

6 governmental audits or inquiries. These suspensions cover both Business Records and Transient Documents. Such suspensions will be in force for the period determined by the General Counsel. Notifications of Legal Holds and suspensions of document destruction will be communicated as necessary. Section II: Responsibilities Employees: It is the responsibility of all Employees to understand and adhere to this Policy, Retention Schedules and related standards and procedures. Any questions should be directed to the Corporate Records Manager. Appropriate disciplinary actions will be taken against individuals found to be noncompliant with or in violation of this Policy. General Counsel: The General Counsel and her designee, the Corporate Records Manager, have the responsibility to: Review this policy and provide for updates to the Policy and the Records Retention Schedule as changes in law or the Company s business require; Issue legal hold notices to the appropriate departments as required by litigation or a government inquiry; and Field inquiries concerning implementation and compliance with this Policy. Corporate Records Manager: The Corporate Records Manager will be appointed by the General Counsel and have the following responsibilities in addition to those performed while acting as the designee of the General Counsel: Oversee the development and administration of uniform document retention procedures and practices for the Company Maintain records documenting the development, administration and maintenance of this Policy Advise corporate and business unit staff on general understanding, implementation and maintenance of the Records Management Program as well as any changes to this Policy and any litigation, audit or investigation that may require retaining records beyond their specified retention Supervise the development of Departmental Retention Schedules and revise the Retention Schedules as necessary, with the approval of the General Counsel Carry out the policies and procedures directly with Department Heads and department staff to implement effective records programs throughout the Company Records Management_ Page 6

7 Coordinate as necessary with the Department Records Coordinators to send specific records to storage Manage the destruction process for records which have met their retention requirements and are not subject to Legal Holds Establish requirements for physical and logical access to all records Manage the relationship with vendors responsible for storing Company records Launch and oversee the ARR Department Records Coordinators: The Corporate Records Manager will select Department Records Coordinators, subject to approval of the Department Head, who will act as the liaison between the department and the Corporate Records Manager. The responsibilities of the Department Records Coordinator will include coordinating the development of the records retention procedures within their respective departments, the implementation of recommendations of the Corporate Records Management and notifying Corporate Records Management of new or obsolete record types. Department Heads and Managerial Employees: The Department Heads and managerial employees will be responsible for working with the Corporate Records Manager and the Department Records Coordinators to ensure compliance with the Policy. Each Department Head must periodically certify in writing that the department is managing records in compliance with the requirements of the Departmental Retention Schedule. Contractors and Business Partners: This policy also applies to Business Records in the possession of contractors, individual contract labor staff, outsourced service providers, consultants, and other business partners. The responsible manager should make arrangements under the contracts with these organizations to maintain and dispose of Company Records in accordance with the Company s policies and procedures. Section III: General Procedures Protecting Onsite Records: Business Records are listed in the attached Retention Schedules. The Business Records maintained onsite must be filed pursuant to the procedures implemented by the Corporate Records Manager and the Department Records Coordinator for each department s records. Corporate Records Management can be called upon to assist in the design and implementation of files and records systems. Each Employee should be aware of what documents or records are required and/or important to his or her respective functions and how they are maintained. Records Management_ Page 7

8 Identifying New Records: Departments will be surveyed annually with a Retention Schedule Validation Notice requesting all updates, additions or deletions to the existing Retention Schedules. Each department must identify additional Business Record types that need to be added to the Department Retention Schedule or removed because they are no longer relevant. Identifying Permanent Records: A Permanent Records Notice will be sent to Department Heads periodically as a reminder about record types that require permanent retention under the approved Retention Schedules. Transferring Records to Offsite Storage: Business Records that are eligible for offsite storage are identified in the Retention Schedules. Generally, records are eligible for offsite storage when they become inactive or are no longer referenced regularly for business reasons. Only the Business Records should be sent to storage. Copies, duplicates and drafts should be discarded as Transient Documents. Offsite records will be stored only under the record type names shown on the Retention Schedules. Only Corporate Records Management personnel are authorized to request shipment of records to offsite storage, request the temporary return of records from offsite storage or approve the destruction of records stored offsite. Records that are past their retention period or are not subject to retention under the Policy will not be approved for offsite storage. Suspension of Records Destruction/Legal Holds: The Corporate Records Manger or the Law Department can initiate a Legal Hold to protect records that are believed to be subject to actual or anticipated litigation, tax issues, information requests from federal or state authorities or other governmental audits or inquiries. When records are subject to Legal Holds, a notice will be sent to individuals believed to own or have custody or control of the records under the scope of the Legal Hold notice. Recipients of a Legal Hold notice must immediately communicate the directive to any other appropriate personnel and ensure that the requirements to locate and protect all records related to the Legal Hold notice are enforced. These individuals are required to confirm receipt, understanding and compliance with the notice. Recipients are responsible for strict adherence to the requirements set forth in any Legal Hold notice. All records potentially responsive, including both Business Records and Transient Documents, that exist or are created after the Legal Hold is issued are subject to the Legal Hold and must be maintained until the Legal Hold is modified or lifted. In addition, employees have a responsibility to notify the Corporate Records Manager if they are aware of any threatened or anticipated litigation, maintain any such records in their possession and allow for appropriate action to protect any records potentially responsive to the matter. Records Management_ Page 8

9 Controlling Nature of Contracts and Consent Decrees: From time to time, GATX may enter into legally binding agreements, including business contracts or governmental consent decrees that will require the Company to retain certain types of business records for specified periods. To the extent that such agreements exist and require retention for periods longer than required by this Policy, the longer retention periods are controlling. All questions concerning retention required of any contract or consent decree agreement should be directed to the Law Department. Further, the retention of attorney-client and attorney work product documents may also require special attention. Such material should be maintained in a manner that protects their confidentiality, accessible only on a need to know basis. The Law Department should be contacted about any questions regarding the handling of attorney-client or attorney work product documents. Drafts: Drafts, versions and renditions of records should be discarded once the final documents have been published and/or finalized or abandoned. Unless otherwise specified in the Retention Schedules or as subject to a Legal Hold, drafts will not be saved. However, drafts that demonstrate or prove intent should be retained as Business Records. These types of drafts are typically found in the Law Department. Company-Wide Records: Company-wide records include all records listed on the Company-Wide Retention Schedule or not otherwise listed on a Department Retention Schedule, but still exist. Those records may be kept for any period up to but not exceeding three years. The three-year period is measured from the date such a record ceases being active or current. Such records will be kept in the department and not sent to a Department of Record or an offsite records center. If you have records that are not listed, but should be retained longer than three years, contact the Corporate Records Manager. Active vs. Inactive Records: Some retention periods include multiple periods of retention. This occurs when a record has a retention condition that must be satisfied before initiating the count down for the retention period. As an example, a car service contract may be active for an undefined contract period because of renewals. The contract and all related documents must be maintained during the active life of the contract. Only after the agreement has been terminated does the retention period applicable to inactive agreements begin. In this example, the qualifying retention condition, the termination of the agreement, would be stated on the Retention Schedule and the word suspend will be used to signify a Legal Hold on retention until the condition was met. The retention applicable after the condition is met would be displayed under the suspended condition. Records Management_ Page 9

10 Records of Departed Employees: When an employee departs the Company, the Department Records Coordinator or designee must review all files and records (paper and electronic) to ensure that all information subject to retention is retained. Information, documents and records that do not meet retention criteria or that are not otherwise needed by the departing employee s successor should be disposed of appropriately. The Information Systems Department ( IS ) must consult with the Corporate Records Manager before restaging the computer for a new employee to ensure that all of the electronic records have been managed appropriately. Section IV: Electronic Records Retention Procedures Electronic Records that are Transient Documents: Electronic records containing content with no business or legal significance are characterized as Transient Documents. As with paper records, electronic Transient Documents are not listed in the Schedules and should be discarded when they no longer have business value since they have no minimum retention period. Electronic Records that are Business Records: Electronic records that document an action, transaction, decision or advice that have a long term legal, regulatory or business value are Business Records and must be retained for the retention period specified in the Retention Schedule by the Department of Record. The following specific procedures should be applied to these records. Please note the special procedures set forth for the retention of electric records in the form of in Section V below. Electronic Business Records must be stored on network drives or servers that are managed and backedup by IS and should not be stored in employee maintained media, such as the hard drive of a personal computer, or removable media, such as flash drives or discs. At the ARR, any records stored on employee maintained media will be moved to appropriate storage locations. Employees should not rely on IS s management and back-up of electronic records for disaster recovery purposes for compliance with record retention requirements. Backup data is maintained solely to facilitate rapid recovery from data destruction, equipment failure, disaster, or any other information technology service disruption. Backup data is managed and retained for periods set forth in the data backup and retention policies and is not subject to the retention periods set forth in the Retention Schedules. Storage of electronic records in backup tapes or other backup media is not a substitute for a records management system that organizes and stores records by type. Discrete Electronic Records: Electronic records in the form of discrete documents such as word processing files, spreadsheets, presentation materials, individually maintained databases and intranet postings should be stored on the network drive designated for the Department of Record. Records Management_ Page 10

11 Nondiscrete Electronic Records: Where the electronic record cannot be easily reduced to a discrete document and is a record of business activity, such as information maintained in an SAP or Oracle enterprise data repository or database, the record will be maintained by IS in electronic form as long as required by the applicable schedule. The electronic business processes and systems that capture records in electronic form will manage the content and structure of each electronic record. The systems must ensure that records are reliable and authentic. Other Electronic Record Obligations: Employees must promptly produce all electronic records relevant to document production requests and preserve electronic records relevant to a Legal Hold when required by the Law Department or the Corporate Records Manager. The obligation to produce and /or preserve these records applies to Transient Documents as well as Business Records. Electronic Records Stored with Application Server Providers: Some Business Records may now or in the future be stored with Application Service Providers (ASPs) or other vendors. These vendors are responsible for maintaining the records for as long as is specified in the Retention Schedule and disposing of these Business Records, including all backup tapes, when that retention has expired unless there is a Legal Hold overriding the normal retention. When a contract with an ASP is entered into or renegotiated, it is the responsibility of the person negotiating the contract to advise the Corporate Records Manager to ensure that the records will be managed in accordance with the Retention Schedules. Section V: Retention Procedures , as discussed here, is intended to mean the message and any attachments, as well as any calendaring entries and attachments. Messages that are Transient Documents: s containing content with no business or legal significance are characterized as Transient Documents. Employees are not required to retain such and may read and immediately delete such . messages left stored within whether in the inbox, sent file, folder or trash file will be deemed Transient Documents and automatically deleted after 90 days unless stored in an archiving folder as described in the following subsection. Business Records Messages: messages that document an action, transaction, decision or advice that have a long term legal, regulatory or business value are Business Records and must be retained for the retention period specified in the Retention Schedule. Records Management_ Page 11

12 In order to ensure that messages which are Business Records are retained for the proper periods, employees must archive these records using the capability provided by the system within 90 days of the receipt or creation of the . Archived s will not be subject to the automatic deletion mechanism as it is applied to messages that are Transient Records. Employees should refrain from archiving Transient Records. However, there will be circumstances when it is appropriate to temporarily archive an that may be a Transient Document. During the course of in-progress business transactions, you may generate or receive of undeterminable value or that is initially valuable but loses long term value as a result of subsequent developments or negotiations. Upon completion of the transaction, you will need to make a final determination concerning what should remain archived as a Business Record and remove s that are Transient Documents from the archive. Transient Records subject to a Legal Hold should also be archived. In order to ensure ongoing diligence in the retention and subsequent disposal of these records, Department Records Coordinators will be notified periodically of records disposal requirements. All users must comply with these routine destruction notices, and Department Heads will be required to periodically confirm such compliance. must also be preserved in response to Legal Holds. In no event should users save messages in electronic form outside the GATX server environment (this includes hard drives, diskettes and other external storage devices), or send to unauthorized outside addresses or to unauthorized or unnecessary recipients. Section VI: Records Disposition Business Records must be disposed of following the expiration of their retention period. Final disposition is typically the total destruction of the record or, for a select few, the transfer of the record to a historical archive for permanent retention. Records are destroyed annually in the normal course of business in compliance with this Policy. Shredding is the preferred method of destruction for all paper records. Annual Records Review (ARR) and Records Retention: Records destruction will be performed annually at a time to be communicated to all Employees. The process will include automatic Records Destruction Notices that have been reviewed and approved by the Law and Tax Departments to determine whether the records are subject to a Legal Hold due to litigation or regulatory proceedings. The Records Destruction Notices then will be sent to the Department Heads who will be responsible for compliance with assistance as needed from the Corporate Records Manager and Department Records Coordinators. Offsite Records: Records in offsite storage eligible for routine destruction in accordance with the approved Retention Schedule will be systematically destroyed at the offsite location. Each Department Head will receive notices identifying offsite records to be destroyed. The notice will be a Response to Halt Destruction Memorandum and destruction will take place at the specified time, unless the Department Head provides Corporate Records Management with a reason to retain such a record. Records Management_ Page 12

13 Onsite Records: An ARR and Records Destruction Notice will be sent to departments annually as a triggering event to authorize and control disposal of department and Employee controlled records (paper or electronic) that have met the retention requirements under the approved Retention Schedule (excluding records that are in a Legal Hold status). The recipient of the notice will be required to respond to confirm receipt, understanding and compliance with the notice. At the ARR, all Employees are required to manage their records according to this Policy which includes: Reviewing all records, in both paper and electronic form, in their personal work space and determining which are Business Records or Transient Documents; Ensuring that any records subject to Legal Holds are properly segregated and labeled; Moving electronic Business Records into appropriate archived storage locations; Moving paper Business Records into appropriate central or long term storage locations; and Disposing of any Transient Documents that no longer have business value and Business Records that have met their retention dates. Corporate Records Management will sponsor ARR Clean-Up Days and will be on hand to answer questions and assist with the destruction of records. Permanent Records Archive: Records that have value beyond their original purpose because they document significant business activities, products or services should be safeguarded in a permanent archived collection. An archival collection may include, but is not limited to, articles of incorporation, trademarks, copyrights, deeds, product development documents, photographs, high-level financial reports, artifacts and memorabilia. The special storage requirements imposed by a long-term preservation effort necessitate outside protection for our archives. The paper documents will be preserved and kept in a vault-like storage area. The preservation of the Company s photographs, artifacts and memorabilia will be handled by the Investor Relations Department ( Investor Relations ). Investor Relations will document the loaned or gifted archival material to a state, city, university or other archival collector. If you have archival articles that you want to have preserved, please contact Corporate Records Management or Investor Relations. Section VII: Records Retention Audits Records Retention Audits: Compliance with this Policy is essential to ensure that the legal, fiscal and tax positions of the Company are protected. The Internal Audit Department will audit the Company s and each department s Records Management_ Page 13

14 compliance with the Policy. Additionally, spot audits at the direction of the Corporate Records Manager may occur throughout the year as a means of monitoring the effectiveness of the program. The Internal Audit Department will work with Corporate Records Management to audit compliance with the policies and procedures. This will include the use of an annual certification program to be completed by each Employee. Section VIII: Training and Education Initial Training Program: Initial training program will consist of the program rollout and individual department training. Information regarding the initial and subsequent training and learning aids is available on the GATX intranet on the Records Management web site at Information concerning training may also be obtained by submitting an to Records.Management@gatx.com. Compliance Training: After the initial program training, mandatory periodic training for all Employees will be required. On a predetermined basis, Employees will be sent a reminder of the program via which will provide the Policy, supporting procedures and Retention Schedules. Training links and schedules will be provided as applicable. Records Management Policy Site: All Records Management policies are published on the GATX intranet at The site contains the policies and procedures, a list of Department Records Coordinators, a Company-Wide Retention Schedule and Departmental Retention Schedules. Policy Help: Requests for assistance, questions or other communications regarding this Policy and the related Retention Schedules should be sent to Records.Management@gatx.com. Frequently Asked Questions, related business processes and training material can be found on the GATX intranet on the Records Management web site at Changes to Policy or Schedules: Any request for changes to this Policy, Retention Schedules or related business process should be submitted in writing through to Records.Management@gatx.com. All requests for change will be reviewed by the Corporate Records Manager. The Company reserves the right to change or edit this Records Management_ Page 14

15 Policy at any time without prior notice. All Policy amendments and changes will be posted on the GATX intranet on the Records Management web site at Section IX: Appendices Glossary: Annual Records Review or ARR: Annual Records Review or ARR is the annual process established by GATX to review, retain and discard records consistent with the Policy, the Company-Wide Retention Schedule and the Departmental Retention Schedules. Application Service Providers or ASPs: Application Service Providers or ASPs are the application service providers of GATX. Company-Wide Retention Schedule: Company-Wide Retention Schedule is the retention schedule for records found Company-wide across GATX departments. Corporate Records Manager: Corporate Records Manager is the person designated as the Manager of the Corporate Records Department. Corporate Records Management: Management Department. Corporate Records Management is the Corporate Records Department of Record: Department of Record is the GATX department, field office or area responsible for keeping the original documentation of a specific record. Department Records Coordinator(s): Department Records Coordinator or Department Records Coordinators are those persons who are designated and approved to act as liaison between GATX departments and the Corporate Records Manager. Departmental Retention Schedule(s): Departmental Retention Schedule or Departmental Retention Schedules are the Retention Schedules for records found in GATX departments. Employees: Employees are all people who work at the Company including salaried, hourly or temporary personnel. Legal Hold(s): Legal Hold or Legal Holds is the process to identify, locate and preserve all documents and data that may be relevant to filed litigation or litigation that is reasonably anticipated or foreseeable, tax issues, information requests from federal or state authorities or other governmental audits or inquiries. The following is a nonexhaustive list of circumstances where courts have found that parties have a duty to preserve relevant evidence: a complaint is filed; a discovery request is received; a preservation order has been rendered; a subpoena has been served; a government or regulatory agency institutes an investigation; an incident occurs that results in death or serious bodily injury; a third-party or nonparty requests facts relating to an incident or dispute; an attorney requests facts on behalf of a client relating to an incident or dispute; a potential claimant threatens litigation, verbally or otherwise, to an employee or other agent; an employee makes a formal complaint to management regarding impropriety by the employer or its personnel; and notification of a lawsuit is received from a third-party. Records Management_ Page 15

16 Manager of the Corporate Records Management Department: Manager of the Corporate Records Management Department is the person designated by the General Counsel to manage the Corporate Records Management Department and perform other tasks outlined in the Records Management Policy. Business Records: Business Records are records that: document a specific business-related event, transaction or activity; support facts of a particular business-related event, activity or transaction; or are needed for other specific legal, accounting, business or compliance reasons. Business Records must be retained for the retention period specified in the Retention Schedules. Permanent Records: Permanent Records are those record types that require permanent retention under the Retention Schedules. Permanent Records Notice: Permanent Records Notice is the notice sent to the Company departments notifying them about those record types that require permanent retention under the Departmental Retention Schedules. Policy: Policy is the Records Management Policy. Records Destruction Notice(s): Records Destruction Notice or Records Destruction Notices are the notices generated to permit the destruction of records which have met their retention dates and are not subject to a Legal Hold. Records Management Program: Records Management Program is the program to manage, retain and discard records for GATX, including the Records Management Policy, Retention Schedules and related procedures and processes. Records Management Policy: Records Management Policy is the Records Management Policy. Records Retention Policy Site: Records Retention Policy Site l is the material on the GATX intranet at and consists of policies and procedures, a list of Department Records Coordinators, the Company-Wide Retention Schedule and Departmental Retention Schedules. Records Retention Schedule(s): Records Retention Schedule or Retention Schedules are the Company-Wide Retention Schedule and/or the Departmental Records Schedule(s). Response to Halt Destruction Memorandum: Response to Halt Destruction Memorandum is the notice sent to each department regarding records eligible for routine destruction in accordance with the Retention Schedule(s). Retention Schedule Validation Notice: Retention Schedule Validation Notice is an annual survey of all Company departments requesting all updates, additions or deletions to the Departmental Retention Schedules. Records Storage Box Identification Form: Records Storage Box Identification Form is a transmittal form sent to Corporate Records Management for verification and approval prior to shipment of files to offsite locations. Transient Documents: Transient Documents are documents that move the Company forward on a day-to day basis but do not have long term business value. Records Management_ Page 16

17 Section X: Records Retention Schedules Retention Schedules: The company-wide retention schedule and the department retention schedules are located at: and at Records Management_ Page 17