Privacy Policy · ETHOSLINK

This Privacy Policy describes how ETHOSLINK LLC, a North Carolina limited liability company ("ETHOSLINK," "we," "our," or "us"), collects, uses, shares, and protects personal information when you visit ethoslinkadvisory.com (the "Site"), contact us, submit a résumé, engage our executive search or advisory services, or interact with us in any business capacity.

We are a boutique executive search and advisory firm headquartered in Charlotte, North Carolina. We respect your privacy. We do not sell personal information. We collect only what we need to respond to inquiries, evaluate candidates, deliver retained engagements, and meet our legal obligations. This document explains what that means in practice and what rights you have.

1. Information We Collect

Information you provide directly

When you contact us — by emailing hello@ethoslinkadvisory.com, resume@ethoslinkadvisory.com, or jeremy@ethoslinkadvisory.com; submitting a résumé or candidate profile; booking a discovery call through our scheduling provider; engaging us under a written retained or advisory agreement; or otherwise communicating with us — you may provide:

Identifying information: full name, job title, current and prior employer(s)
Contact information: email address, telephone number, business mailing address
Professional information (candidates): employment history, education, professional licenses and certifications, references, compensation history and expectations, work-authorization status, and any other information you choose to include in materials you submit
Engagement information (clients): hiring needs, organizational structure, role specifications, compensation ranges, strategic priorities, and other information necessary to scope and deliver our services
Communications: the contents of emails, calls, messages, documents, and other materials you send us

Sensitive personal information. We do not solicit Social Security numbers, government-issued ID numbers, financial account numbers, payment card information, health information, or biometric data through the Site or through general inquiries. If a specific search engagement requires verification of identity or work authorization, we collect that information only after a written engagement agreement is in place, only directly from the candidate, and only for the purpose of that engagement.

Information collected automatically

When you visit the Site, our hosting provider (Netlify, Inc.) records standard server-log information for security, abuse-prevention, and operational purposes — IP address, browser user-agent, referring URL, pages requested, and timestamps. This data is retained according to Netlify's standard logging policy. We do not combine it with personal information you provide to build behavioral or marketing profiles.

We do not deploy cookies, web beacons, pixels, session replay tools, or device-fingerprinting on this Site for advertising, retargeting, or analytics. We do not use Google Analytics, Meta Pixel, LinkedIn Insight Tag, Hotjar, or any comparable tracker on ethoslinkadvisory.com.

Information from third parties

In the course of executive search engagements, we may receive or independently develop information about candidates from sources including: references you authorize us to contact, publicly available professional sources (LinkedIn, company websites, professional registries), prior employers (where you have authorized contact), and — when expressly authorized by you in writing as part of an engagement — pre-employment screening providers retained by our client. We use this information solely to evaluate candidate fit for the specific role for which we are engaged.

2. Why We Collect and How We Use Information

We process personal information for the following purposes:

To respond to inquiries and schedule and conduct discovery calls
To negotiate, execute, and deliver retained executive search, fractional placement, advisory, and growth consulting services pursuant to a written engagement agreement
To evaluate, vet, and present candidates for specific roles we are retained to fill
To maintain ongoing professional relationships with our network of candidates, clients, references, and advisory partners
To send transactional communications related to active engagements
To comply with applicable legal, tax, accounting, and regulatory obligations
To detect, investigate, and prevent fraud, abuse, security incidents, and unauthorized access
To enforce our engagement agreements and these terms, and to defend legal claims

No automated decision-making. We do not make decisions that produce legal or similarly significant effects about you solely through automated processing. Candidate evaluation always involves human judgment.

3. How We Share Information

With your authorization (candidates)

If you are a candidate, we share your information with a prospective employer client only after you have given us specific authorization to do so for a defined role. You retain the right to withdraw that authorization at any time prior to an offer being extended.

With service providers acting on our behalf

We use a small number of vendors who process limited information only to provide the services they have contracted to provide to us:

Netlify, Inc. — Site hosting and content delivery
Apple Inc. (iCloud Custom Domain) — email hosting for our @ethoslinkadvisory.com addresses
Cal.com, Inc. — discovery-call scheduling
GoDaddy.com, LLC — domain registration

These providers are contractually obligated to use information only as instructed and consistent with their own published privacy policies and applicable law.

For legal and protective purposes

We may disclose information when we reasonably believe disclosure is required by applicable law, court order, subpoena, or other valid legal process; to enforce our engagement agreements or these terms; to defend against legal claims; to protect the rights, property, or safety of ETHOSLINK, our clients, candidates, or others; or in connection with a corporate transaction such as a merger, acquisition, financing, or sale of substantially all assets (in which case the acquirer would be bound by this Privacy Policy or a successor policy at least as protective).

We do not sell or "share" personal information

We do not sell, rent, lease, or otherwise commercially exchange personal information for monetary or other valuable consideration, and we do not "share" personal information for cross-context behavioral advertising, as those terms are defined in the California Consumer Privacy Act and similar laws.

4. Cookies and Site Analytics

The Site does not set first-party cookies for tracking, analytics, or advertising. Some embedded third-party features (such as a Cal.com booking link you click) may set their own cookies in your browser when you interact with them; those cookies are governed by the third party's policy.

5. Your Rights

Depending on the laws of the jurisdiction where you reside, you may have one or more of the following rights:

Access — request a copy of the personal information we hold about you
Correct — request that we correct inaccurate or incomplete information
Delete — request that we delete your personal information, subject to legal and operational retention obligations
Restrict or object — to certain types of processing
Portability — receive a copy of your information in a structured, commonly used format
Withdraw consent — for processing that relies on your consent
Non-discrimination — you will not be denied services, charged different prices, or provided lower quality services for exercising these rights

To exercise any of these rights, email hello@ethoslinkadvisory.com with subject line "Privacy Request." We will acknowledge your request promptly and respond substantively within forty-five (45) days, consistent with applicable law. We may need to verify your identity before fulfilling a request involving sensitive information.

North Carolina residents

North Carolina has not yet enacted a comprehensive consumer privacy statute analogous to the California Consumer Privacy Act. However, the North Carolina Identity Theft Protection Act, N.C.G.S. § 75-60 et seq., governs our handling of "personal information" (as defined in N.C.G.S. § 75-61) belonging to North Carolina residents, and the North Carolina Unfair and Deceptive Trade Practices Act, N.C.G.S. § 75-1.1, applies to our consumer-facing representations and practices. We honor reasonable access and correction requests from North Carolina residents on the same terms described above.

California residents

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), grants you specific rights — including the right to know what personal information we have collected about you in the prior twelve (12) months, the right to delete, the right to correct, the right to limit use of sensitive personal information (we do not use sensitive personal information beyond what is necessary to provide our services), and the right to opt out of any "sale" or "sharing" of personal information (we engage in neither). We do not knowingly process personal information of California residents under sixteen (16) without affirmative consent. To exercise CCPA/CPRA rights, contact us using the address above. You may also designate an authorized agent to make a request on your behalf.

European Economic Area, United Kingdom, and Switzerland residents

If you are located in the EEA, UK, or Switzerland, the EU/UK General Data Protection Regulation grants you the rights listed above plus the right to lodge a complaint with your local supervisory authority. Our legal bases for processing are: (a) your consent, where required; (b) performance of a contract to which you are a party; (c) compliance with our legal obligations; and (d) our legitimate interests in operating the Site, delivering our services, and maintaining a professional network — interests we have balanced against your rights and freedoms.

6. Data Security

We maintain reasonable administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, alteration, disclosure, or destruction, as required by the North Carolina Identity Theft Protection Act and applicable federal law. These safeguards include HTTPS/TLS encryption in transit on the Site, HSTS (HTTP Strict Transport Security) enforcement, X-Content-Type-Options, X-Frame-Options, Referrer-Policy, and Permissions-Policy security headers, multi-factor authentication on hosting and email accounts, and access controls limited to authorized personnel. No system of electronic transmission or storage is completely secure, however, and we cannot guarantee absolute security.

7. Security Breach Notification

In the event of a "security breach" as defined in N.C.G.S. § 75-61(14) — the unauthorized access to or acquisition of unencrypted, unredacted records containing personal information of North Carolina residents where illegal use has occurred or is reasonably likely to occur — we will provide notice to affected persons without unreasonable delay, consistent with the requirements of N.C.G.S. § 75-65, and will notify the Consumer Protection Division of the North Carolina Attorney General's Office as required. We comply with comparable breach-notification statutes in other U.S. states and applicable foreign jurisdictions when residents of those jurisdictions are affected.

8. Data Retention

We retain personal information only for as long as reasonably necessary for the purposes described in this Policy. Specifically:

Inquiry-stage communications — retained for up to twelve (12) months from last contact, then deleted unless the relationship has progressed to an engagement
Active candidate records — retained for the duration of the engagement plus the standard placement-guarantee period set forth in the applicable client engagement agreement, then archived
Archived candidate network — retained for up to seven (7) years to support future role matching, after which records are deleted unless the candidate has re-engaged within that period
Client engagement records — retained for the duration of the engagement plus seven (7) years thereafter for tax, accounting, professional liability, and contract-claim limitation purposes (the applicable contract-claim limitation under N.C.G.S. § 1-52 is three (3) years; we retain longer as a conservative practice)

You may request earlier deletion at any time using the rights process above; we will honor the request subject to bona fide legal and operational retention requirements.

9. Children's Privacy

Our services are directed exclusively to business professionals and corporate clients. We do not knowingly collect personal information from individuals under the age of sixteen (16). If you believe a child has provided us with personal information, contact us and we will promptly delete it.

10. Equal Opportunity and Non-Discrimination in Candidate Handling

ETHOSLINK conducts executive search and advisory work in compliance with applicable federal and state equal-opportunity, anti-discrimination, and fair-employment laws, including Title VII of the Civil Rights Act of 1964, the Age Discrimination in Employment Act, the Americans with Disabilities Act, and the North Carolina Equal Employment Practices Act, N.C.G.S. § 143-422.1 et seq. We do not solicit information about, and do not consider in candidate evaluation, any protected characteristic except as permitted by law and disclosed in this Policy.

11. International Transfers

ETHOSLINK is based in the United States. If you contact us from outside the U.S., your information will be transferred to and processed in the U.S., which may not provide the same level of data protection as your home jurisdiction. By contacting us or engaging our services, you consent to that transfer.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be noted at the top of this page with an updated "Last updated" date and, where required by law, communicated directly to active candidates and clients. Continued use of the Site or our services after a revision constitutes acceptance of the revised Policy.

13. Contact Us

For privacy questions, to exercise rights, or to report a suspected breach involving your information, contact:

ETHOSLINK LLC
Attn: Privacy & Data Protection
Charlotte, North Carolina, United States
Email: hello@ethoslinkadvisory.com
Subject line for requests: "Privacy Request"

Plain-English summary. We collect what you give us — résumés, business inquiries, references — store it securely, use it only to do our job, share it only with vetted vendors or with your express permission, never sell it, and delete it when we no longer need it. We comply with the North Carolina Identity Theft Protection Act on data security and breach notification. If you want to see what we have, correct it, or delete it — email us and we will respond within forty-five days.