Privacy policy
This template is designed for a recruiting / executive search firm. Customize it to match your actual practices.
1. Who we are
MDS Search (“we,” “us,” “our”) is an executive search and recruiting firm based in Los Angeles, CA. This policy explains how we collect, use, disclose, and protect information when you visit our website, contact us, apply to roles, or submit candidate information.
2. Information we collect
Information you provide:
- Contact details (name, email, phone, company)
- Candidate information (LinkedIn URL, resume link, role interests, notes you submit)
- Any communications you send us by email or form
Information collected automatically:
- Device and usage data (IP address, browser type, pages viewed, approximate location)
- Cookies or similar technologies (see Cookies section)
3. How we use information
- To respond to inquiries and communicate with clients and candidates
- To evaluate candidates for current or future opportunities (with appropriate confidentiality)
- To operate, maintain, secure, and improve our website and services
- To comply with legal obligations and enforce our agreements
4. Legal bases (GDPR)
If the GDPR applies to you, our legal bases may include: (a) your consent, (b) performing a contract or taking steps at your request, (c) our legitimate interests (e.g., operating a recruiting business, preventing fraud), and (d) compliance with legal obligations.
5. How we share information
We may share information with:
- Service providers (hosting, analytics, form processing) that help us operate the site
- Clients only as part of an active recruiting process and typically only with your consent (candidate submissions)
- Legal / compliance where required by law or to protect rights and safety
EDIT: If you use LOXO, list LOXO here as an ATS/CRM vendor and link to their privacy policy.
6. Cookies and analytics
We may use cookies or similar technologies to operate the site and understand usage. You can control cookies through your browser settings. EDIT: If you add Google Analytics, Meta Pixel, or similar tools, describe them here and consider a cookie banner if required in your jurisdiction.
7. Data retention
We retain information as long as necessary for the purposes described above, unless a longer retention period is required or permitted by law. EDIT: Add a typical retention window for candidate data (e.g., 12–24 months) if you can commit to one.
8. Your rights
GDPR (EEA/UK) rights may include:
- Access, correction, deletion
- Restriction or objection to processing
- Data portability
- Withdrawal of consent (where applicable)
- Lodging a complaint with a supervisory authority
CCPA/CPRA (California) rights may include:
- Right to know what personal information we collect/use/disclose
- Right to delete (with certain exceptions)
- Right to correct inaccurate information
- Right to opt out of “sale” or “sharing” (if applicable)
- Right to limit use of sensitive personal information (if applicable)
- Right to non-discrimination for exercising your rights
We do not sell personal information in the conventional sense. EDIT: Confirm this is accurate for your business and vendors.
9. Security
We use reasonable administrative, technical, and physical safeguards to protect information. No method of transmission or storage is 100% secure.
10. International transfers
If you submit information from outside the United States, your information may be transferred to and processed in the United States or other countries where our service providers operate.
11. Children
Our services are not directed to children under 16 and we do not knowingly collect their information.
12. Contact us
For privacy requests or questions, contact: howard@mdssearch.com.