Privacy policy

The CP&KRELL Group Privacy Policy

At CP&KRELL Group (“Company,” “we,” “us,” or “our”), your privacy is important to us. We are committed to handling personal information in a transparent, secure, and responsible manner. This Privacy Policy explains how and why we collect, use, disclose, and safeguard personal information across our website, recruitment activities, marketing communications, and business operations.

We comply with applicable data protection and marketing laws, including the CAN-SPAM Act, TCPA, CCPA/CPRA, and where applicable, the GDPR. We continuously review our practices to ensure they remain aligned with evolving legal standards and industry best practices.

Personal information refers to any information that can identify you directly or indirectly, including your name, contact details, professional information, and online identifiers.

In the event our domains link to third-party sites and services, please be aware that those sites and services have their own privacy policies. After following a link to any third-party content, you should read their posted privacy policy information about how they collect and use personal information. This Privacy Policy does not apply to any of your activities after you leave our site.

This policy is effective as of 26 June 2023.

Last updated: 1 April 2026

Information We Collect

We collect personal information in two primary ways: information you provide directly to us and information that is automatically collected when you interact with our services.

Information you voluntarily provide includes details such as your name, email address, phone number, professional background, and any other information you share when communicating with us or engaging in recruitment processes.

In addition, we automatically collect certain technical and usage data. This may include your IP address, browser type, device information, pages visited, and timestamps. This data helps us understand how our website and services are used and allows us to improve performance and user experience.

We may also collect log data when errors occur, including technical information about your device and the actions being performed at the time. While this information may not always identify you directly, it may be combined with other data to do so.

Sources of Data

We obtain personal information from multiple sources in order to support recruitment services and business development activities.

These sources include direct interactions with you, such as when you fill out forms, send emails, or communicate with our team. We also collect data from professional platforms such as LinkedIn Recruiter and Loxo, as well as from third-party providers like ZoomInfo. In addition, we may collect information from publicly available professional sources, including company websites and public profiles.

While we rely on these third-party providers to collect and share data lawfully, we take independent steps to ensure responsible use. This includes validating the relevance of outreach, honoring opt-out requests, and maintaining internal suppression lists to prevent unwanted contact.

Purpose of Processing

We use personal information strictly for legitimate business purposes related to recruitment and professional services.

This includes contacting candidates regarding job opportunities, managing recruitment processes for our clients, and providing talent placement services. We may also use personal data to send newsletters or job alerts where consent has been provided, and to conduct business-to-business outreach offering our recruitment services.

Additionally, we use data to improve our internal processes, analyze campaign performance, and enhance the overall quality of our services.

We do not use personal information for purposes that are unrelated or incompatible with these objectives.

Legal Bases for Processing

We process personal information based on one or more of the following legal grounds.

In many cases, we rely on legitimate interest, particularly for recruitment outreach and professional communications where there is a reasonable expectation of relevance.

For marketing communications, including newsletters and SMS messages, we rely on consent where required by law. Consent is obtained in a clear and affirmative manner and may be withdrawn at any time.

We may also process data where it is necessary to fulfill contractual obligations or to comply with legal requirements.

Communication Practices

We are committed to responsible communication practices and compliance with anti-spam regulations.

In relation to email communications, we comply with the CAN-SPAM Act by ensuring that all messages clearly identify the sender, include accurate subject lines, and provide a clear and functional unsubscribe mechanism. We process opt-out requests promptly and maintain suppression lists to prevent future communication with individuals who have opted out.

For SMS and text messaging, we comply with TCPA and 10DLC requirements. Messages are only sent where prior express consent has been obtained. Individuals may opt in through online forms, verbal agreements, or written consent. Every message includes the option to opt out by replying STOP, and support instructions are provided where applicable.

We do not share SMS opt-in data or consent with third parties for marketing purposes.

When using professional platforms such as LinkedIn, we ensure that communications are targeted, relevant, and respectful. We will discontinue messaging and honor all requests to discontinue contact.

Third-Party Data

We utilize third-party data providers such as ZoomInfo to obtain business contact information for professional outreach.

Although we rely on these providers to ensure lawful data collection, we take additional steps to ensure responsible use. We validate the relevance of contacts before outreach, respect all opt-out and removal requests, and maintain internal do-not-contact lists.

We do not sell or rent personal information to third parties.

Sensitive Information

Sensitive information refers to categories of data that require a higher level of protection, such as health data, political beliefs, or biometric information.

We do not collect sensitive personal information unless it is necessary and we have obtained explicit consent, or where it is otherwise permitted by law.

User-Generated Content

Any content that you voluntarily submit to us for publication, including text, images, or other materials, may become publicly accessible once published.

We advise users to be mindful of the information they choose to share, as we cannot control how third parties may use publicly visible content.

Security

We implement commercially reasonable administrative, technical, and organizational safeguards to protect personal information from unauthorized access, disclosure, or misuse.

However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

Data Retention

We retain personal information only for as long as necessary to fulfill the purposes outlined in this policy.

For example, candidate data may be retained for a period of up to five years to support future opportunities, while marketing data is retained until an individual unsubscribes or becomes inactive.

We may retain data for longer periods where required to comply with legal or regulatory obligations.

Children’s Privacy

We do not aim any of our products or services directly at children under the age of 13, and we do not knowingly collect personal information about children under 13.

Disclosure of Information

We may disclose personal information to trusted third parties who assist us in operating our business, including service providers, technology partners, and professional advisors.

We may also disclose information where required by law, in connection with legal proceedings, or as part of a business transfer such as a merger or acquisition.

Under no circumstances do we share SMS consent data with third parties for marketing purposes.

SMS and Mobile Information

No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. All other categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

Third parties we currently use include:

• Google Analytics
• Mixpanel
• LinkedIn
• International Transfers of Personal Information

The personal information we collect is stored and processed in North America, Europe, and Asia, or where we or our partners, affiliates, and third-party providers maintain facilities.

The countries to which we store, process, or transfer your personal information may not have the same data protection laws as the country in which you initially provided the information. If we transfer your personal information to third parties in other countries: (i) we will perform those transfers in accordance with the requirements of applicable law, and (ii) we will protect the transferred personal information in accordance with this Privacy Policy.

Examples based on method of opt-in:

If users opt in via web forms:
Users may provide consent to receive SMS communications by submitting their phone number through our online forms. By doing so, they agree to receive text messages related to our services.

If opt-in is verbal or offline:
We may also collect SMS consent through verbal agreements or written documentation during phone conversations, meetings, or other business interactions. These records are maintained where appropriate.

Our website is not used to collect consumer opt-in for this 10DLC campaign.

International Transfers

Personal information may be stored or processed in jurisdictions outside your country of residence, including the United States, Europe, and other regions where our service providers operate.

Where such transfers occur, we take appropriate measures to ensure that personal data remains protected in accordance with applicable laws.

Your Rights and Controlling Your Personal Information

Your choice: By providing personal information to us, you understand we will collect, hold, use, and disclose your personal information in accordance with this privacy policy. You do not have to provide personal information to us, however, if you do not, it may affect your use of our website or the products and services offered on or through it.

Information from third parties: If we receive personal information about you from a third party, we will protect it as set out in this privacy policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such person’s consent to provide the personal information to us.

Marketing permission: If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us using the details below.

Access: You may request details of the personal information that we hold about you.

Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, please contact us using the details provided in this privacy policy. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading, or out of date.

Non-discrimination: We will not discriminate against you for exercising any of your rights over your personal information. Unless your personal information is required to provide you with a particular service or offer, we will not deny you goods or services, charge different prices or rates for goods or services, or provide a different level or quality of goods or services.

Notification of data breaches: We will comply with laws applicable to us in respect of any data breach.

Complaints: If you believe that we have breached a relevant data protection law and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You also have the right to contact a regulatory body or data protection authority in relation to your complaint.

Unsubscribe: To unsubscribe from our email database or opt-out of communications (including marketing communications), please contact us using the details provided in this privacy policy, or opt-out using the opt-out facilities provided in the communications. We may need to request specific information from you to help us confirm your identity. Use of Cookies: We use “cookies” to collect information about you and your activity across our site. A cookie is a small piece of data that our website stores on your computer, and accesses each time you visit, so we can understand how you use our site. This helps us serve you content based on preferences you have specified.

Text Message Communications

By providing your mobile number and opting in, you consent to receive SMS text messages from us related to your inquiry, appointment, or account. Message frequency may vary depending on your interaction. Message and data rates may apply. You can opt out at any time by replying STOP to any message or by contacting us directly. For help, reply HELP or reach out via our contact form. Your mobile number and opt-in consent will not be shared with third parties or affiliates for marketing purposes.

CCPA Notice

If you are a California resident, you have rights under the CCPA/CPRA, including the right to know, delete, and correct your personal information.

We do not sell or share personal information for cross-context behavioral advertising.

GDPR Notice

If you are located in the European Economic Area, you have rights under GDPR, including access, rectification, erasure, restriction, objection, and data portability.

You also have the right to lodge a complaint with a supervisory authority.

Data Processing Agreement

When we process personal data on behalf of clients, we act as a data processor and follow client instructions.

We implement appropriate safeguards, ensure confidentiality, and assist clients in meeting their data protection obligations.

Limits of Our Policy

Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and policies of those sites, and cannot accept responsibility or liability for their respective privacy practices.

Changes to This Policy

At our discretion, we may change our privacy policy to reflect updates to our business processes, current acceptable practices, or legislative or regulatory changes. If we decide to change this privacy policy, we will post the changes here at the same link by which you are accessing this privacy policy.

If the changes are significant, or if required by applicable law, we will contact you based on your selected preferences for communications from us and our registered users with the new details and links to the updated or changed policy.

If required by law, we will get your permission or give you the opportunity to opt in to or opt out of, as applicable, any new uses of your personal information.

Contact Us

For any questions or concerns regarding your privacy, you may contact us using the following details:

Privacy Officer

carlos@cpkrell.com