Skip to main content

Privacy Statement

Privacy Statement

Isaacson Miller, Inc. (“Isaacson, Miller,” “we,” “us,” or “our”) is an international retained executive search firm dedicated to recruiting exceptional leaders for important civic institutions (our “Services”) whose principal place of business is 263 Summer Street, 7th Floor, Boston, MA 02210, USA.

Isaacson, Miller is committed to providing you with complete and current information about the Site so that you are aware of the information Isaacson, Miller collects, how it is used, and under what circumstances it may be disclosed. If you do not consent to the terms of this privacy statement, you should exit the Site now.

This privacy statement is provided in a layered format so you can click through to the specific areas set out below.

[1. Important Information and Scope]

[2. Notice to EU Residents]

[3. No Use by Children]

[4. Third Party Links]

[5. How and What Personal Data We Collect]

[6. Why We Collect Your Personal Data]

[7. Cookies and Similar Technologies]

[8. Change of Purpose]

[9. Data Security]

[10. Disclosures of Your Personal Data]

[11. International Transfers to which GDPR/UK GDPR Applies]

[12. Data Retention]

[13. Summary of Your Legal Rights]

[14. Contact Us]

[15. Changes to the Privacy Statement and Your Duty to Inform Us of Changes]

1. Important Information and Scope

Your privacy is important to us. Accordingly, we have developed this statement to communicate transparently how we collect, process, and share your personal data (“Personal Data”) when you visit this website www.imsearch.com (the “Site”), or when we interact with you, or which we otherwise receive as part of providing the Services to our clients. Isaacson, Miller collects Personal Data from clients, candidates, sources, referees, and nominators in the course of providing our Services. We also collect Personal Data through technology embedded in the Site, as well as from other data sources. 

Personal Data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). It may include personal identifiers; personal information as defined by Cal. Civil Code § 1798.80; characteristics of protected classifications under federal or California law; professional or employment-related information; education information; and third-party opinions. However, not all these categories of Personal Data are gathered for any particular individual. For more information regarding what categories of Personal Data we collect, please see “How and What Personal Data We Collect,” below.

Isaacson, Miller does not sell Personal Data to third parties, and does not disclose your Personal Data to third parties other than in the course of providing recruitment services to our clients and only for the purpose of providing those services, as explained in this statement. When we do share Personal Data, we only share what is relevant and necessary to serve our clients. For more information regarding how we share Personal Data, please see “Disclosures of Your Personal Data,” below.

2. Notice to EU Residents

Where we collect and process Personal Data relating to individuals in the European Union or the United Kingdom for the purpose of providing the Services, we will do so in compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the UK GDPR and related applicable legislation. In this context, we are the data controller for all such Personal Data.

3. No Use by Children

Our Site is not intended for children under 18 years of age. No one under age 18 may provide any Personal Data on the Site. We do not knowingly collect Personal Data from children under 18. If you are under 18, do not use or provide any information on this Site. If we learn we have collected or received Personal Data from a child under 18 without verification of parental consent, we will delete that information.

4. Third Party Links

Through the Site, users may be able to link to other websites. This privacy statement does not apply to these other websites. Any Personal Data you provide on the linked pages is subject to that third party's privacy policy. We are not responsible for the content or privacy practices of websites to which we link. We recommend that you review the privacy policies of third-party websites.

5. How and What Personal Data We Collect

Data Collected from You

Site Users: We collect Personal Data when you correspond with us or apply, nominate, or inquire in regards to a search on the Site, this includes information such as your name and contact details as well as any other Personal Data provided by you when participating in our Services, requesting further information, or reporting problems with our Site.

Clients/Suppliers: We collect Personal Data including your name and professional contact details, job title, and employer in the course of providing the Services to clients and suppliers.

Job Applicants: We collect personal data which you provide to us through an application for consideration for a position with one of our clients, or a job application with us. Typically, this will be through the completion of online forms, which may include the following activities: user registration, employment application or resume submission, and contact requests.

Personal Data collected directly from job applicants is likely to include their name, work address, zip code, telephone number, e-mail addresses, job title, employment history, educational background, and other information voluntarily provided as part of the application process. We collect this information solely for use within the context of your job application and/or your role as our employee, for example, your emergency contact information, and other information as needed to administer employee benefits.

When we speak with candidates about their credentials, we may collect additional Personal Data that you share with us in order to evaluate the required experience and qualifications. This additional Personal Data may include further details on employment history, areas of specialization, and other relevant experience.

Referees: If you provide a personal or professional reference for a job applicant, we will collect your name, contact details, employment details, and any other information you provide to us in that reference. 

We may sometimes need to record Sensitive Personal Information (this includes any or Special Category Personal Data as defined under the EU/UK GDPR or Sensitive Personal Information or Sensitive Data as defined by state law, i.e. details about your race or ethnicity, religious or philosophical beliefs, political opinions). Very occasionally as your application progresses, we may need to collect information about criminal convictions and offenses. However, wherever we need to collect Sensitive Personal Information or information about past convictions/offenses we will always first seek your explicit consent. In such cases, we will apply enhanced security measures to ensure that the privacy of the data is maintained and will only process it in accordance with the purposes as set out in this privacy statement.

Data Collected from Third Parties

We receive information from clients or individuals affiliated with the client’s organization, as well as from nominators, sources, and candidates’ referees. This may include the Personal Data of candidates, participants, or sources. We also in some cases use third-party background check vendors with a candidate’s express consent who may provide information regarding current employment, public records, financial history, or other information used solely to aid in the assessment of candidates and the provision of our Services.

We sometimes receive unsolicited resumes and CVs through third parties. We may also collect information from public sources and licensed databases in the course of providing the Services. However, we will contact these potential candidates to offer them choices about if and how we can use such Personal Data in accordance with applicable law.

Personal Data Collected from Technology

Some Personal Data is collected automatically when you visit the Site. When any visitor links or connects to the Site, our web server automatically logs the IP/Internet address of your computer and recognizes the visitor’s domain name and e-mail address where possible. 

If you are only browsing the Site and have not logged in, we will not ask you to directly submit any Personal Data. However, certain technical information (which may be considered Personal Data) - including computer and connection information, browser type and version, operating system, platform details, traffic data, location data, weblogs, and other communication data, the resources that you access and the time of accessing the Site – will be automatically collected. 

For more information about cookies on our website, see “Cookies and Similar Technologies,” below. 

6. Why We Collect Your Personal Data

We will only collect and process your Personal Data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform a contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal obligation.
  • Where we have your consent to a particular processing activity. You have the right to withdraw consent to marketing at any time by contacting us.

Note that we may process your Personal Data on more than one lawful ground (such as those listed above) depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your Personal Data.

We collect and process Personal Data for our legitimate business interests in providing the Services, for marketing purposes, to improve the content of our Site, and for generally accepted business purposes such as data analysis. Our processing of Personal Data collected from the Site is based primarily on this justification. However, some uses of Personal Data are necessary to comply with applicable legal or regulatory requirements.

More specifically, we may use Personal Data about you in the following ways:

  • To perform or enter into contracts with Clients and provide the Services.
  • To manage relationships with clients, contacts, referrers, sources, and job applicants 
  • To manage relationships with our employees.
  • To conduct background checks or press checks on job applicants and to verify qualifications and experience.
  • To manage payments, fees and charges and collect and recover sums due to us.
  • To administer and protect our business, maintain accurate business records, and prevent fraud.
  • To improve the Site and ensure that content from the Site is presented in the most effective manner for you and for your computer.
  • To provide you with the information and services that you request from us or that we feel may interest you. For example, we may retain your Personal Data on file so that we can determine whether there are other positions for which we believe you may be qualified, and to contact you regarding those positions.
  • To allow you to participate in interactive features of the Site.
  • To notify you about changes to our Services or to our privacy information and deal with your requests, queries, or complaints.
  • To protect the integrity and security of the Site, our Services, and our reputation.
  • To exercise our legal rights, protect our/your interests and prosecute or defend legal claims.
  • To protect other users of the Site, and to ensure no unlawful or unethical activity occurs through our systems and organization.
  • In the context of a business reorganization, merger, acquisition, or restructuring exercise.
  • As required by applicable law, or in response to a legal request for information.

Additionally, we use technology to help us to administer and improve the Site (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data) and to deliver a better and more personalized service. For example, we use information (which can include Personal Data):

  • To estimate our audience size and usage pattern.
  • To speed up your Site searches.
  • To recognize you when you return to the Site.
7. Cookies and Similar Technologies

We use data collection devices such as “cookies” on the Site so that users are not required to input the same information in different parts of the Site or on repeat visits to the Site. Cookies are small text files that are transferred from your browser to a web server which a website can use to recognize a repeat visitor. 

Most browsers are initially set to accept cookies. You can set your browser to refuse all or some browser cookies or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. 

We occasionally conduct market research and business development using third-party cookies. More specifically, we use the web analytics services of Google Inc. (“Google”) through Google Analytics cookies. Google Analytics does not provide us with personally identifiable data; it provides us with aggregate (anonymized) data on the usage of our website.

The information generated by these cookies is transmitted and stored by Google to servers in the United States of America (US). Google will use this information for the purpose of evaluating your use of our website and will compile reports relating to website activity. If you have activated IP anonymization on our website, your IP address will be abridged by Google within the EU territory and the European economic area.

For further information about Google Analytics or to opt out of being tracked by Google Analytics across all websites, visit http://tools.google.com/dlpage/gaoptout.

8. Change of Purpose 

We will collect and use Personal Data with the objective of fulfilling the purposes specified as stated in this Statement, or for other compatible purposes. Should these purposes change, we will provide you notice of this change in purpose, at which time, where allowed by applicable law, you may exercise your right to object to such processing.

Please note that we may process your Personal Data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

9. Data Security

We protect your Personal Data by implementing appropriate security safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification. In addition, we limit access to your Personal Data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your Personal Data on our instructions, and they are subject to a duty of confidentiality.

However, please be aware that Internet security technology rapidly changes so there is no absolute guarantee that your information will always be secure online. We have put in place procedures to deal with any suspected Personal Data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

10. Disclosures of Your Personal Data

Examples of categories of information we collect include:

  • Contact information.
  • Employment history.
  • Educational background.
  • Relevant experience and qualifications.
  • Sensitive personal information (such as details about your race or ethnicity, religious or philosophical beliefs, or political opinions).
  • Website user information (cookies).

Categories of sources of personal information include:

  • Materials and other information received directly from applicants.
  • Materials and other information received from nominators/referees.
  • Materials and other information received directly from clients.
  • Publicly Available Data Sources (LinkedIn, news sources, employer’s websites, publicly available social media profiles, etc.)

Categories of the business uses of personal information include:

  • To perform a contract we are about to enter into or have entered into with you.
  • Where we need to comply with a legal obligation.
  • Where we have your consent to a particular processing activity. You have the right to withdraw consent to marketing at any time by contacting us.

We will need to disclose your Personal Data to our clients when you respond to their posting or position. This information can contain Personal Data collected directly from job applicants and is likely to include their name, work address, zip code, telephone number, e-mail addresses, job title, employment history, educational background, and other information voluntarily provided as part of the application process. It may also contain Personal Data shared with us from referees.

We may also disclose limited or anonymized Personal Data to clients in order to determine whether the client is interested in an individual with your qualifications. This is in our mutual interest in helping you find employment.

We may need to disclose Personal Data to external third parties in the good faith belief that we are required to do so by law, or that doing so is reasonably necessary to comply with legal processes, regulators, to respond to any legal claims, or to protect our rights, property, or the safety of our personnel, our clients, or the public. Information, including Personal Data, may be disclosed as part of, or during negotiations of, any merger, sale of company assets, or acquisition. 

We may also disclose Personal Data to third parties who provide services to us, such as employee benefits providers, business administration, IT, and network service providers.

In the event that we choose to sell, transfer or merge parts of our business or our assets we may need to disclose Personal Data with other parties involved in those transactions, under obligations of confidentiality. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your Personal Data in the same way as set out in this privacy policy.

We require all third parties to respect the security of your Personal Data and to treat it in accordance with the law. We do not allow our third-party service providers to use your Personal Data for their own purposes and only permit them to process your Personal Data for specified purposes and in accordance with our instructions.

11. International Transfers to which GDPR/UK GDPR Applies

Please note that we collect, process, and maintain information in the United States, where data protection and privacy laws may not be as strict as in your home country. 

If you are an Individual based in the European Economic Area (“EEA”) or the United Kingdom please understand that we will process your Personal Data in the United States, in order to provide the Services and/or as a step towards you entering into a contract of employment (i.e. as required to process your application).

We may share your Personal Data with the third-party service providers mentioned in section 5 above who are based in the United States.

Furthermore, in order to progress your application or pursue an opportunity for you with a client based outside your home country, we will need to make an onward international transfer of your Personal Data to that client. 

When undertaking such a transfer, we ensure that a similar degree of protection to that in your home country continues to apply by implementing at least one of the following safeguards:

  • We will only transfer your Personal Data to countries that have been deemed by the relevant supervisory authority to provide an adequate level of protection for personal data. 
  • We may use specific contracts approved for use in the EEA/UK which give Personal Data the same protection it has in the EEA/UK.
  • In some circumstances we may need to request your explicit consent to a particular transfer.
12. Data Retention

We will only retain your information for as long as reasonably needed to fulfill the purposes for which it was originally collected, for example, to provide you with the Services, or as otherwise required for the purposes of satisfying our legal, regulatory, tax, accounting, or reporting obligations. 

We may also need to retain Personal Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation with respect to our relationship with you.

While your information is held in electronic form, it is subject to encryption and can only be accessed with a password. 

To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data, and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements.

In some circumstances, we will anonymize Personal Data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

If you wish to request that we no longer use your information to provide you with Services, please contact us at compliance@imsearch.com.

13. Summary of Your Legal Rights

You have the choice whether or not to disclose Personal Data to us in the above activities. However, please note that if you do not provide us with complete and accurate information we may not be able to process or fulfill your request. By submitting information to us, you are representing that it is accurate. 

Depending on your country or state of residence, you may have certain rights regarding the Personal Data we collect about you and how we process your Personal Data. We have done our best to provide information about the most common rights below as they tend to apply to the individuals whose data we typically process but if you have any additional queries or concerns in this regard please contact us at compliance@imsearch.com

Rights of Individuals in the US

We do not sell or share your Personal Information to third parties or engage in cross-context behavioral marketing or the processing of personal data for purposes of targeted advertising. 

Even so, some devices or web browsers can be configured to signal a user’s privacy preferences to websites. At this time, our website is configured to recognize the Global Privacy Control as a request to opt-out of the sale or sharing of personal data.

If you would like to review your Personal Data, to opt out of the processing of your Personal Data, or for us to correct, amend, or delete your Personal Data, please make a verified request to compliance@imsearch.com or 617-933-1830. 

If you are a California resident, you have the right to ask to learn what Personal Data about you has been collected in the last twelve months, including the categories and specific pieces of personal information we have about you, the categories of sources from which the personal information has been obtained, the business or commercial purpose for collecting, selling, or sharing personal information, and the categories of third parties to whom we disclose personal information (as well as which categories of information were disclosed). Any such data will be provided in a format easily understandable to the average consumer, and to the extent technically feasible, in a structured, commonly used, machine-readable format.

If you are a California resident, you have the right to know whether we are processing your Personal Information and request that we disclose a report of your Personal Information, including the categories and specific pieces of personal information we have about you, the categories of sources from which the personal information has been obtained, the business or commercial purpose for collecting, selling, or sharing personal information, and the categories of third parties to whom we disclose personal information (as well as which categories of information were disclosed). Any such data will be provided in a format easily understandable to the average consumer, and to the extent technically feasible, in a structured, commonly used, machine-readable format.

If you are a California resident, you have the right to request that we correct, rectify and/or update any of your Personal Information that is incorrect, incomplete, or out of date. 

We may at times collect information that could suggest your association with specific racial or ethnic categories and/or sets of religious or philosophical beliefs, which may be considered Sensitive Personal Information to the extent such information could be used to reveal your racial or ethnic origin and/or your religious or philosophical beliefs. If you are a resident of California, you have the right to direct that we limit the use of such Sensitive Personal Information to those uses which an average consumer reasonably expects is necessary for us to perform the services requested, to help ensure data security, for non-personalized advertising, customer service, and quality control. 

When you contact us to exercise your rights to know, delete, or correct your personal information or limit the use of Sensitive Personal Information, we will verify your identity and then verify your request by asking you to confirm the action(s) to be taken by phone call or a response to an email. With a request to correct, we may require information from you to demonstrate that our data is incorrect. This information will only be used and/or maintained by the business for the purpose of correcting your personal information and to comply with any record-keeping obligations we may have under the law. 

You may use an authorized agent to exercise any of the rights above. In order to have an authorized agent exercise any of your rights on your behalf, you or your authorized agent must provide us with signed written permission from you to your authorized agent authorizing the agent to exercise these rights on your behalf or with a copy of a lawful power of attorney. When an authorized agent exercises any of these rights on your behalf, we will verify your identity by having your authorized agent send us a copy of a current utility bill showing your name and address. We will then verify the request by asking the authorized agent to confirm the action(s) to be taken by phone call or a response to an email. For avoidance of doubt, parents may make a verifiable request on behalf of their minor child to exercise any consumer rights described in this policy. 

You may make a verifiable consumer request up to two times within a 12-month period, without charge. Unfortunately, we cannot respond to your request to delete or correct or provide you with personal information if we cannot verify your identity or authority to make the request and confirm that the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request. 

We try to respond to a verifiable consumer request within 45 days of its receipt, and an opt-out request/request to limit the use of sensitive information will be processed within 15 days. If we require more time to respond to a verifiable consumer request, we will inform you of the reason and extension of the time period (up to 90 days). If we have an email address for you, we will deliver our response to that email address. If we do not, we will deliver our response by mail or electronically, at your option. The response we provide will also explain any reasons we cannot comply with a request, if applicable.

We will not discriminate against you for exercising the foregoing rights.

If you disagree with our decision, you may appeal any denial of a consumer right. If your request is denied in whole or in part, you may appeal your decision within 30 days. We will review and respond to your request within 45 days, and if your appeal is denied, we will provide you with an explanation of our reasons and a description of any further rights you may have at that time. 

Rights of Individuals based in the EEA/UK

Under certain circumstances, the GDPR/UK GDPR gives individuals based in the European Economic Area (EEA) or the United Kingdom the following legal rights in relation to their Personal Data: 

  • Request access to your Personal Data, to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.
  • Request correction of any mistakes in the Personal Data that we hold about you. 
  • Request the erasure of your Personal Data where there is no good reason for us to continue to process it. You also have this right where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully, or where we are required to erase your Personal Data to comply with local law. 
  • Object to processing of your Personal Data where we are relying on a legitimate interest (or those of a third party) but you feel this impacts on your fundamental rights and freedoms or where we are processing your Personal Data for direct marketing purposes. In some cases, we may demonstrate compelling legitimate grounds to continue to process your information which overrides your rights and freedoms.
  • Request restriction of processing of your Personal Data where:
  • You want us to establish the data's accuracy.
  • Our use of the data is unlawful, but you do not want us to erase it.
  • You need us to continue to hold the data to establish, exercise, or defend legal claims.
  • You have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.
  • Request the transfer of your Personal Data to you or to a third party in a structured, commonly used, machine-readable format where the relevant lawful basis for our processing is your consent or our performance of a contract with you. Please note that this right does not apply to hard-copy records.
  • Withdraw consent at any time where we are relying on consent to process your Personal Data. Please note, if you withdraw your consent, we may not be able to provide certain services to you.

If you wish to exercise any of the rights set out above, please contact us at compliance@imsearch.com or 1-888-496-4907.

You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights under the GDPR/UK GDPR). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that p Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

14. Contact Us

If you have any questions regarding this privacy statement or our privacy practices, please contact us at: compliance@imsearch.com or 1-888-496-4907.

For individuals located in the EU or UK, our appointed representatives for data protection concerns are as follows:

EU data protection Representative:

Studio Legale Gangi, Via del Falco n. 34, 00193, Rome, Italy

Telephone: +39.06.92963036 
 

UK data protection Representative:

Collyer Bristow, St. Martin’s Court, 10 Patersnoster Row, London, EC4M 7EJ 

Telephone: +44 20 7242 7363

Fax: +44 20 7405 0555

Individual data subjects in the EU/UK have the right to make a complaint at any time to the relevant supervisory authority for data protection matters in your home country. We would, however, appreciate the chance to deal with your concerns before you do so, please contact us in the first instance.

15. Changes to the Privacy Statement and Your Duty to Inform Us of Changes

We keep our privacy statement under regular review. This version was last modified on September 2, 2024.

We reserve the right to modify this privacy statement at any time. If we decide to change our privacy statement, we will post those changes to this privacy statement, the homepage, and other places we deem appropriate so that you are kept up-to-date about what information we collect, how we use it, and under what circumstances, if any, we disclose it. If we make material changes to this privacy statement, we will also contact you directly if we have your contact information on file.

It is important that the Personal Data we hold about you is accurate and current. Please keep us informed if your Personal Data changes during your relationship with us.