Privacy Policy
隐私政策 Chinese |
Politique de confidentialité French |
Datenschutzrichtline German |
プライバシーポリシー Japanese |
개인 정보 보호 정책 Korean |
Política de Privacidade Portuguese |
Política de Privacidad Spanish |
Heidrick & Struggles International, Inc., along with its subsidiaries and affiliates (collectively, “Heidrick"), is a leading provider of global executive search and leadership consulting services. Heidrick greatly values your privacy and is committed to protecting your personal data. We maintain this Privacy Policy to articulate our commitment to your privacy. For details on which Heidrick entity is the data controller of your Personal Information, see here.
In this Privacy Policy, we describe how we collect, use, transfer, disclose and otherwise process any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household, and includes any information that is subject to applicable data protection laws (“Personal Information” ”, which term includes sensitive Personal Information, if any) who visit our websites, participate or are included in our executive or board searches or leadership consulting services, whose Personal Information is provided to us as part of our Heidrick Digital service or is otherwise provided to us through any other business related services and/or activities (collectively, the “Services”). The websites are owned and operated by Heidrick and Struggles on behalf of its affiliates and subsidiaries, you can find details of all of our offices and affiliates by clicking here. We communicate our Privacy Policy to all employees, and strictly enforce the safeguards within Heidrick.
Summary of Key Points
Collection of Personal Information | In connection with our Services, we collect name, contact and employment details, as well as other Personal Information detailed below. This information may be collected from you, your employer or from third party sources. Click here to learn more. |
Indirect Data and Cookies | We automatically collect device information such as your IP address, browser, and operating system, along with information from Cookies in order to provide and maintain our Services and to present tailored advertisements that we believe are relevant to you, and provide choices on use of certain Cookies. Click here to learn more. |
Use of Personal Information and Legal Bases of Processing | We use Personal Information to respond to your inquiries, provide and maintain our Services, for marketing and business development purposes, and to satisfy our legal rights and obligations. We also use it for research, statistical and developmental purposes, and to improve our Services, albeit in a de-identified form. Where applicable, we rely on your consent, the need to perform a transaction, perform a contract in which you are a party or satisfy our legal obligations, and our legitimate interests (which you have the right to object to), as our legal bases for processing your Personal Information. Click here to learn more. |
Disclosure of Personal Information | We share Personal Information as necessary to provide and develop our Services, including with service providers and clients in connection with the Services, and as necessary or permitted to satisfy legal rights and obligations. Click here to learn more. |
Security of Personal Information | We maintain reasonable technical and organizational measures to protect Personal Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Click here to learn more. |
Cross-Border Transfers |
We provide appropriate protections for cross-border transfers of Personal Information. Click here to learn more. |
Retention | We retain your Personal Information related to marketing activities for as long as you continue to accept such communications, and otherwise maintain your information for as long as necessary to provide the Services and satisfy legal obligations. Click here to learn more. |
Data Subject Rights | Depending on where you reside, you have certain rights to access your Personal Information in order to correct, delete, port, object or withdraw consent (such as for marketing) to certain processing of your Personal Information by contacting us as detailed below. Click here to learn more. |
Contact Us | Please contact us as detailed below with any questions. Click here to learn more. |
Personal information we collect
With your consent or as otherwise legally permitted (in accordance with applicable law), we collect various categories of Personal Information in connection with the Services.
If you submit an inquiry or question via an online form or email to our website, we collect your name, email address, or other Personal Information contained in your correspondence, including information shared in a résumé or CV.
If you receive or participate in our executive, board search or leadership consulting services, we collect your name, title, professional and personal contact information, demographic data, results of any assessment, survey, or questionnaire you complete or which is completed by Heidrick or its clients about you post-placement, compensation, employment objectives, memberships, community involvement, details in your curriculum vitae (including your educational background, work history, and other qualifications), language skills, job performance, reputation, responses to interview questions, and financial details (to coordinate and reimburse for travel), which we collect from you or third party sources such as online searches and resources (such as company websites), professional contacts, and your employer (only for our leadership consulting services).
If your employer subscribes to our Heidrick Digital service, we receive your name, email address, photo, age, gender and ethnicity (only if disclosed by your employer), contact information, location, role, professional and educational backgrounds, performance ratings, feedback, and assessment results (including results of assessments completed through another Heidrick Service). This Personal Information is usually provided by your employer and forms part of your profile. We also receive Personal Information you upload to Heidrick Digital including additional contact information, professional and educational background, career aspirations, development goals, and other information included in your resume or CV. These are added to your profile. Where you complete assessments with Heidrick, these will also be added to your profile. We also collect Personal Information about you from various commercial or publicly available third party sources such as online searches and resources.
We may combine Personal Information we receive about you from our different Services. If you are a client or potential client, we collect your name, contact details, title or position, products or services requested, or other information that you provide including via online forms or email correspondence. We may use publicly accessible information to verify information we are provided with and to manage and expand our business. Unless required or authorized by law, we do not process sensitive Personal Information about you, unless you have affirmatively consented to this processing. If you have shared your personal information with us in a business-related context not listed above, we may collect your name, contact details, title or position, or other information that you choose to provide.
If you provide Personal Information of another individual, you must show a copy of this Privacy Policy to them and obtain their consent to share their Personal Information with us before you do so.
Indirect data collection and cookies
This website automatically collects certain device information such as your IP address, unique device identifier, Cookies (as discussed below), geographic data, country, browser, device operating system, application version, language settings, and pages that have been shown to you. Note, however, we do not consider this device information to be Personal Information except where we link it to you as an individual or where applicable law requires.
This website also uses small text files called cookies, tags and other tracking technologies (collectively, "Cookies"), which are stored on your device or browser. As discussed in detail below, we use Cookies to provide our website, gather information about your usage patterns when you navigate this website in order to personalize your experience and to understand how visitors generally use our website in order improve our website. We also allow certain trusted partners to place Cookies on our website to collect information about how you interact with our website and other websites you visit. The information collected from these Cookies is used to provide advertising on other websites based on your interests, also known as interest based advertising. We also use these Cookies to determine how effective our advertising efforts are in order to improve the advertisements you see.
The Cookies on our website are generally divided into:
- Strictly Necessary Cookies: Cookies that are necessary in order to operate our website, such as maintain the security of the website. These are session Cookies that are erased when you close your browser.
- Analytical/Performance Cookies: Cookies placed by trusted partners which we use to understand how visitors interact with our website and other third party websites you visit, including the pages you have visited and the links you have followed, in order to show you advertisements based on your interests (also known as interest based advertising). These Cookies qualify as persistent Cookies, because they remain on your device for us to use during a next visit to our website.Cookies that allow us to recognize and count the number of people who visit our website and understand how such visitors navigate through our website. This helps to improve how our website works, by ensuring that visitors can easily find what they are looking for on our website. These Cookies are session cookies which are erased when you close your browser.
- Functional Cookies: Cookies that improve the functional performance of our website and make it easier for you to use, including that you have previously visited our website in order to maintain your language preferences. These Cookies qualify as persistent Cookies, because they remain on your device so we can provide the same experience during your next visit to our website.
- Targeting Cookies: Cookies placed by trusted partners which we use to understand how visitors interact with our website and other third party websites you visit, including the pages you have visited and the links you have followed, in order to show you advertisements based on your interests (also known as interest based advertising). These Cookies qualify as persistent Cookies, because they remain on your device for us to use during a next visit to our website.
Cookie choices
In most cases we will need your consent in order to use cookies on the website; exceptions to this apply such as where the cookie is essential in order for us to provide you with a service you have requested. You can review your Internet browser settings, typically under "Help" or "Internet Options" for options you have to block certain Cookies. To learn more about Cookies used for interest based advertising, and to exercise certain choices you have regarding these Cookies, please visit the Digital Advertising Alliance, Digital Advertising Alliance-Canada, European Interactive Digital Advertising Alliance as applicable, or the Network Advertising Initiative. Please also visit the following specific links for additional information and choices on certain Cookies:
Google Analytics - to analyze how you use our website. Google may aggregate data they collect from their various services including Google Analytics (and also Google Translate, Google Maps and YouTube). You acknowledge and accept that we have no control over Google’s data collection.
Please note that by opting out of certain cookies, you will not be able to access important functions or enjoy certain conveniences of this website.
How we use personal information
We may use Personal Information to respond to your inquiries and answer your questions about our Services. We may use your Personal Information in order to provide and improve the Services, such as sourcing, identifying, assessing, and retaining talent for executive or board positions and teams, sending you executive or board positions that may be of interest to you, assessing leadership teams and organizations in efforts to improve their performance and culture, providing advisory guidance on needs and trends for our clients, sharing thought leadership that may be of interest to you, providing support to our clients in relation to their use of our online Services (such as Heidrick Digital) and maintaining, improving and training our Services, including our artificial intelligence-powered platform, Heidrick Navigator. We also may use Personal Information for the purposes of securing, improving and maintaining our website and IT systems and other business administration purposes, including as necessary to meet our legal and compliance obligations or in connection with regulatory inquiries, audits, legal claims, subpoenas, warrants, or other government/regulator/judicial processes or requests.
Where we wish to process your Personal Information for purposes other than those mentioned in this Privacy Policy, we will obtain your consent (as required by applicable law) or ensure we have an adequate legal basis to do so.
Legal Bases of Processing
Some jurisdictions require that we explain the legal bases we rely on to collect, use, and share your Personal Information. We rely on several different legal bases to use your Personal Information, including: (i) as necessary to perform a transaction (in order to respond to your request, such as for information about a specific Service); (ii) as necessary to comply with a legal obligation (such as when we use Personal Information for record keeping to substantiate tax liability); (iii) consent (such as to send marketing or certain cookies, and process sensitive Personal Information); and (iv) necessary for legitimate interests (such as providing, maintaining, securing, customizing, and improving the Services we provide to you - a legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests).
We also process information about you in an anonymized, pseudonymized or non-attributable form for research, statistical and development purposes, and to maintain, improve and train our Services. Our intention with this processing is to use information that does not and cannot identify you personally – in which case, this Privacy Policy will not apply to your anonymised data. However, in some cases, we may hold other information about you (either in our own right or on behalf of our clients) that would allow us to re-identify you. Merely having the ability to re-identify you (even though we do not intend to do it) means we cannot say that the information we use for these purposes is always truly anonymous.
The specific legal bases we rely on for this processing depend upon the Personal Information at issue and the context under which the information is collected. In the majority of cases, we will rely on your consent or our legitimate business interest in improving our Services or the performance of a contract. If you have questions about or need further information concerning the legal bases we rely upon to process your Personal Information, please contact us as detailed below.
If you reside in Mainland China, we receive and record your separate consent for the processing of your Personal Information as required by applicable law.
Disclosure of personal information
We share Personal Information with our subsidiaries and affiliates worldwide in connection with the performance of our Services in accordance with the conditions of this Privacy Policy. A list of such offices and affiliates is here.
We also disclose Personal Information to third party service providers, such as auditors, information technology providers or referees in order to provide the website or Services and to help support our business operations and business development. A list of third service providers is listed below; those applicable to Mainland Chinese Residents are marked with an asterisk. These organisations will have access to your Personal Information as necessary to perform their functions, but they may not use that data for any other purpose. We also share Personal Information with our clients as necessary in connection with an executive or board search for opportunities that we believe are of interest to you, as well as in connection with providing advice or assessments in connection with our leadership consulting services and as part of our clients’ (i.e. your employer’s) subscription to Heidrick Digital. We reserve the right to disclose Personal Information where we believe such disclosure is required by law or is appropriate in connection with any legal claims (actual or proposed litigation), subpoenas, warrants or other government/regulatory/judicial processes or requests, as well as to protect visitors or the company (people and property) and other rights or interests, or to comply with applicable law.
If we or any part of our organisation is sold, or some of its assets transferred to a third party, your Personal Information, as a valuable asset, may also be transferred to the acquirer, even if they are not in the same line of business as us. Our customer database could be sold separately from the rest of the business, in whole or in a number of parts. Potential purchasers and their advisors may have limited access to data as part of the sale process. However, use of your Personal Information will remain subject to this Privacy Policy. Similarly, your Personal Information may be passed on to a successor in interest in the unlikely event of a liquidation, bankruptcy or administration.
Security of personal information
Heidrick maintains what it considers to be reasonable and appropriate technical and organizational measures designed to protect Personal Information from accidental loss, misuse and unauthorized or unlawful access or processing, disclosure, alteration and destruction. To the extent that we disclose Personal Information to clients or third party service providers, we require that such third parties also maintain reasonable security and confidentiality measures and use the Personal Information in accordance with our instructions and applicable law.
We have security measures in place designed to protect our user database and access to this database is restricted internally.
Cross border transfers
Your Personal Information may be stored and/or processed in countries that do not provide the same level of protection for Personal Information as the data protection laws of your home country. We take appropriate steps, where required, to provide appropriate safeguards for Personal Information to be transferred, including, among others and as applicable, standard data protection clauses adopted or approved by the European Commission together with binding and enforceable commitments.
If you are located in the European Union, Heidrick participates in the EU-US Data Privacy Framework for Personal Data received in the United States (“EU-US DPF”) from the European Union and the European Economic Area, the UK Extension to the EU-US DPF (“UK-US DPF"), and the Swiss-US Data Privacy Framework (“Swiss-US DPF”). Heidrick adheres to the EU-US DPF as set out by the US Department of Commerce with respect to European Personal Information, including its Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement, and Liability. If there is any conflict between the terms in this privacy policy and the Data Privacy Framework Principles, the Principles govern. You can find the list of participants in the DPF here. Where required by law, you can request a copy of such safeguards by contacting us as detailed below. As a global company Personal Information may be accessible to those in other offices, a list of our office locations can be found here.
Under certain data protection laws, you may have the right to request a copy of such safeguards by contacting us as detailed below. As a global company Personal Information may be accessible to those in other offices, a list of our office locations can be found here. Your Personal Information may be accessed and processed by (i) our Global I.T. and Cybersecurity Team that is in United States of America and employed by Heidrick & Struggles International Inc., and (ii) our Global Data Protection Office that is in London (England) and employed by Heidrick & Struggles (UK) Limited, whose name and contact details are set out below. The purpose of the processing is to protect the safety of your Personal Information and to answer to any request made for the lawful exercise of your statutory rights as regard to your Personal Information as detailed below.
As a DPF participant, Heidrick is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). Heidrick is obligated to arbitrate certain claims, provided that an individual has invoked binding arbitration as set forth in Annex I of Principles.
Retention
We typically retain Personal Information related to marketing activities for as long as you accept marketing communications from us. For Personal Information that we collect and process for other purposes, as described above, we typically retain such Personal Information for no longer than the period necessary to fulfil the purposes outlined in this Privacy Policy, and as otherwise needed to address tax, corporate, compliance, litigation, and other legal rights and obligations, after which we will securely delete and/or take steps to properly anonymize your Personal Information. If you opt out of receiving marketing communications, you will continue to receive communications from us about your relationship with us where permitted by law.
Data Subject Rights; Choices about your personal information
Heidrick wishes to maintain Personal Information that is accurate, current, and complete. If Personal Information that you previously provided has changed, please submit your new information here or, if you have direct access to Heidrick Digital Solutions, you may be able to rectify the inaccuracies directly in your profile.
If you prefer not to receive any direct marketing communications from us, you can opt out at any time. To opt out of marketing communications from us, please follow the instructions detailed in our communications to you. If your objection is not to direct marketing in general, but to direct marketing by a particular channel e.g. email or telephone, please specify the channel you are objecting to.
Where required by applicable law, to the extent permitted by the laws of your country, you may have the right to obtain confirmation that we maintain certain Personal Information about you, to access the Personal Information we have about you, and to correct, port, delete (right to be forgotten), restrict, block or withdraw consent to the processing of certain Personal Information (without affecting the lawfulness of processing based on consent before its withdrawal), by contacting us as detailed below. In particular, you have the right to object to our use of your Personal Information, such as receiving executive or board openings. These abovementioned rights may be subject to some conditions and exceptions. You can find out more about these rights as applied in the EU and UK by reading the General Data Protection Regulation here: here. You also have the right to lodge a complaint with a data protection authority in the EU, or, with regard to the UK data protection regime (UK GDPR etc.) the Information Commissioner’s Office in the UK. Please contact us below and send the details of your request to enquire about or exercise such rights. Please note that we need to retain certain Personal Information as required or permitted by applicable law.
If you are resident in Mainland China, the abovementioned rights may be subject to some conditions and exceptions as otherwise provided by the applicable data protection law. You also have the right to lodge a complaint with us or with the relevant data protection authority in People’s Republic of China, namely the Cyberspace Administration of China. Please contact us using the contact information below and send the details of your request to enquire about or exercise such rights.
If you reside in California, you have the right to request what information we collect and use. You also have the right to ask what information we disclose and sell. You also have the right to request that we delete information we have collected from you. To exercise your rights you can contact us as set out below. These rights do not apply if you are a job applicant, employee, contractor, or employee with another company that is interacting with us in your role as an employee at that company. We will require, at a minimum, the following information in order to verify your request: first and last name, personal email address and phone number. We will not discriminate against you because you have exercised any of your rights under the California Consumer Privacy Act. You can designate an agent to make a request by providing the following: (1) written evidence of the agent’s authority, signed by the consumer as well as notarized; and (2) personal information of the authorized agent for verification purposes.
Links to other internet sites
The website provides links to other third-party internet sites. Despite these linkages, this Privacy Policy applies to our Services only. We are not responsible for the privacy practices or the content of those other third-party sites. Please read the privacy policy of each unrelated internet site that you visit before either agreeing to their terms or using those websites. Heidrick is not responsible for the privacy practices of such Internet sites. If you have asked us to share data with third party sites (such as social media sites), their servers may not be secure.
Changes to our privacy policy
Heidrick & Struggles reserves the right to change or amend Privacy Policy from time to time in its sole discretion, as permitted by applicable law. Any new policy will automatically be effective when it is published on the website. You should therefore return here regularly to view our most up to date policy. You should also print a copy for your records. If we make a material change to this Privacy Policy, we will post the revised policy on this web page, and obtain your consent if required by applicable law. Nothing in this Privacy Policy is intended to create an agreement or contract between Heidrick and any person or entity using this website or providing any Personal Information.
Contact information
If you have any questions about this Privacy Policy or how we handle your personal information, please contact our Data Protection Officer, Abigail Schuster (based In California, USA) at privacy@heidrick.com or submit a request electronically by clicking here. Alternatively you may call our US & Canada toll-free number at 1-844-916-1329.
If you would prefer to contact us by postal mail, please use the following addresses below, the address listed for your local office which can be found here, or contact us for a local address:
Attn: LEGAL Department
Heidrick & Struggles
233 S. Wacker Drive
Suite 4900
Chicago, IL 60606
Attn: LEGAL - Data Protection Officer
Heidrick & Struggles (UK) Limited
31 St. James's Square
London, GB SW1Y 4JR
United Kingdom
Attn: LEGAL Department
Heidrick & Struggles (Shanghai) Talent Consulting Co., Ltd.
Suites 3701-02, 3712-13, 37/F, Tower 2, Plaza 66
1366 Nanjing Road West
Shanghai, 200040, People’s Republic of China
Heidrick & Struggles (Shanghai) Talent Consulting Co., Ltd. – Beijing Branch
Suite 718, South Tower, Kerry Center
1 Guanghua Road, Chaoyang District
Beijing, 100020, People’s Republic of China
Due to the nature of our processing operations we have also nominated the following representative within the European Economic Area:
Attn: LEGAL - Data Protection Representative
Heidrick & Struggles Belgium
Blue Tower, Avenue Louise 326
15th floor, Brussels 1050
Belgium
We will respond to your request consistent with applicable law. As permitted by applicable law, you can contact your local data protection authority with any questions.
Third-Party Service Providers
Service Provider | Description |
6Sense | Account-based marketing tool |
Amazon Web Services, Inc. | Cloud hosting provider |
Atlassian | Collaboration software |
Avaamo | Cloud platform for conversational AI |
Box.com | Secure content management platform |
Censia | AI technology solution for job candidate profiles |
Cronofy | Scheduling tool software |
Docebo | AI-powered learning management system used by participants |
DocuSign | Electronic signature and contract software |
Dovetail | Interview insights software |
EightFold AI | AI talent management |
Envisia Learning | Platform to host survey-based organizational assessments |
Gainsight | Customer success management software |
GlobalRelay | Electronic communications archiving |
Gong.io |
Sales enablement tool |
Online advertising, storage | |
Heroku | Cloud application platform |
HireVue | Third-party assessment provider |
Hogan Assessments | Third-party assessment provider |
Kantata | Professional services automation |
Mailgun | Email delivery service |
Microsoft Corporation | Computer software, cloud services, and related services |
Mongo DB | Cloud hosted database |
Okta | Identity management/SSO provider |
Pardot | Sales and marketing email tool |
Peoplesoft/Concur | Finance software |
Pinpoint | Voice enablement services |
ReachDesk | Direct mail and gifting platform |
Ren Systems | Media tracking software |
Salesforce | Platform to support communications with clients and candidates |
Saville Assessments | Third-party assessment provider |
Snowflake | Cloud computing–based data cloud company |
Sovren | Resume parsing tool |
Tazio | Assessment platform provider |
WeCom | Business communication and office collaboration tool |
Zendesk | Cloud platform to support customer experience for candidates and clients |
Zoom | External/internal virtual meetings and video conferencing |