Privacy Policy

How we handle your information.

A straightforward account of the data we gather, our reasons for gathering it, who has access, and the controls available to you. Drafted for clarity — not to obscure the details in legal jargon.

Effective: April 15, 2026
Version: 4.2
Jurisdiction: United States

01 Overview

Winslow Search LLC ("Winslow Search," "we," "us," or "our") is a Delaware-registered employment agency conducting recruiting and staffing operations throughout the United States. We serve as the data controller for all personal information addressed in this Privacy Policy.

This Privacy Policy describes the personal information we obtain from candidates, clients, and visitors to our website (winslowsearch.com), the purposes behind its collection, how we use and disclose it, and the rights available to you. It covers every individual who engages with us, whether via our website, email, phone, or in person at any of our nine US offices.

We adhere to relevant US federal statutes (including Title VII, the ADA, and the FCRA where applicable), state privacy legislation (including California’s CCPA/CPRA, Virginia’s VCDPA, Colorado’s CPA, and Connecticut’s CTDPA), and SOC 2 Type II controls. California residents should additionally consult our dedicated Your Privacy Choices page.

One-sentence summary We gather only the information required to connect you with a suitable role or candidate, we do not sell your data under any circumstances, we honor deletion requests, and all our communications originate exclusively from @winslowsearch.com.

02 Information we collect

2.1 — Information you give us directly

When you apply for a position, provide your résumé, participate in a consultation, or otherwise engage with us, we collect:

  • Identifiers including your full name, mailing address, telephone number, and email address;
  • Professional and employment-related details such as résumé/CV, employment history, educational background, certifications, licenses, references, current and desired compensation, work authorization status, and notice period;
  • Job-preference data (target industry, geographic preferences, remote/hybrid/on-site flexibility, seniority level);
  • Records and notes from our conversations with you;
  • Diversity-equity-inclusion information you voluntarily provide, only where you have given explicit opt-in consent.

2.2 — Information we receive from third parties

With your permission (and only where legally permitted), we may obtain information from:

  • Professional networking services such as LinkedIn, where your profile is publicly accessible;
  • References and former employers you have authorized us to contact;
  • Background-check providers (FCRA-compliant) when a client’s offer depends on a completed check;
  • Our clients, when they refer you to us or provide search-related feedback;
  • Publicly available sources including corporate websites, news publications, and regulatory filings.

2.3 — Information we collect automatically

When you browse our website, certain technical data is collected automatically via cookies and comparable technologies: IP address, browser type and version, operating system, device identifiers, referring and exit pages, navigation patterns, and time spent on each page. Refer to Section 9 for further details.

2.4 — Sensitive personal information

We make every effort to avoid collecting sensitive personal information (as defined under US state privacy laws). We will request such data — for instance, a Social Security Number for an FCRA-compliant background check — only with your explicit consent and solely when it is essential to a specific search in which you are actively participating. We never ask for banking details, government-issued ID scans, or payment information.

03 How we use information

We process personal information for the purposes outlined below:

  • Search delivery: pairing candidates with appropriate open positions and introducing qualified individuals to clients;
  • Communication: reaching out to candidates regarding opportunities, coordinating interviews, and sharing updates on active engagements;
  • Client engagement: meeting our contractual commitments to retained-search and direct-hire clients;
  • Quality & compliance: conducting internal audits, upholding fair-hiring standards, and complying with EEO and state employment regulations;
  • Aggregate analytics: analyzing placement trends, time-to-hire benchmarks, and compensation ranges — always in de-identified form;
  • Marketing: delivering career-relevant communications and market updates (you may unsubscribe at any time);
  • Security: detecting and preventing fraud and impersonation (see our team directory for verified contacts).

04 Sharing & disclosure

We do not sell personal information. This has always been our position and it will not change. We share personal information only in the following circumstances:

  • With client employers for whom we are conducting a search, and only after you have provided informed consent to be presented for a particular opportunity;
  • With service providers operating under written confidentiality and data-processing agreements: our applicant-tracking system (Greenhouse), email infrastructure (Google Workspace), background-check vendor (Checkr), payment processor (Stripe, for client billing only), and cloud hosting provider (AWS us-east-1, SOC 2-compliant);
  • With professional advisors including our attorneys, accountants, and auditors when necessary for the operation of our business;
  • With law enforcement when required by a valid subpoena, court order, or warrant issued under US law;
  • In a corporate transaction — should Winslow Search LLC be acquired or merged, we will notify you before personal information is transferred and becomes governed by a different privacy policy.

Our processing of personal information rests on the following legal grounds under US state privacy law:

  • Consent — when you voluntarily submit your information for a particular search or subscribe to our market updates;
  • Performance of a contract — to carry out our engagement letter with the client and our placement commitments to you;
  • Legitimate interest — for fraud prevention, security monitoring, and internal quality assurance, weighed against your rights and interests;
  • Compliance with legal obligation — for tax reporting, EEO record-keeping, and regulatory audits.

06 Data retention

We keep candidate personal information for as long as reasonably required to deliver our services, satisfy our legal obligations, resolve disputes, and enforce our agreements. The specific retention periods are as follows:

Data categoryRetention period
Active candidate profileIndefinitely while you remain available for searches
Inactive candidate (no engagement in 36 months)Anonymized within 6 months unless you request earlier deletion
Placed candidate records7 years post-placement (EEO & client-audit compliance)
Communications & notes4 years from last interaction
Background-check data (FCRA)5 years from check completion, then destroyed
Website analytics26 months (Google Analytics default)

You may request earlier deletion at any time by using the contact information in Section 13, subject to any legal hold or contractual requirement that necessitates continued retention.

07 Security measures

We employ administrative, technical, and physical safeguards intended to protect personal information from accidental loss, unauthorized access, modification, or disclosure. Key elements of our program include:

  • SOC 2 Type II certification (audited each year by an AICPA-accredited firm);
  • Encryption in transit (TLS 1.3) and at rest (AES-256);
  • Access controls governed by least-privilege principles, with multi-factor authentication mandatory for all employees;
  • Annual security training for every team member, including phishing-awareness exercises;
  • Incident response plan providing notification within 72 hours of any confirmed breach that affects your personal data;
  • Background-checked employees bound by confidentiality agreements that cover candidate data.

No internet transmission method is completely secure. While we cannot guarantee absolute security, we apply industry-standard protections with diligence.

08 Your rights

Based on your state of residence, you may be entitled to:

  • Access the personal information we maintain about you;
  • Correct any inaccuracies in your information;
  • Delete your information (subject to the retention obligations described above);
  • Port your data to another service in a machine-readable format;
  • Opt out of marketing communications at any time;
  • Withdraw consent for active search engagements;
  • Non-discrimination — we will not penalize you or withhold services for exercising any of these rights.

California residents hold additional rights under the CCPA/CPRA; please see our Your Privacy Choices page. To exercise any right, email privacy@winslowsearch.com. We will respond within 30 days (45 days for California requests).

09 Cookies & tracking

Our website employs the following categories of cookies:

  • Strictly necessary — session and security cookies that are essential and cannot be disabled;
  • Analytics — Google Analytics 4 for measuring aggregate site usage (IP anonymization is enabled);
  • Functional — stores your preferences (e.g. cookie banner acknowledgment);
  • Marketing — activated only with your explicit opt-in through our cookie banner.

You may adjust your preferences at any time via your browser settings or by selecting "Manage Preferences" in our cookie banner. We recognize the Global Privacy Control (GPC) signal as a valid opt-out request.

10 Children’s privacy

Our services are designed exclusively for adults aged 18 and older who are seeking employment opportunities. We do not intentionally collect personal information from anyone under 18. If we discover that we have received information from a minor, we will delete it without delay. Please contact privacy@winslowsearch.com if you believe a child has submitted information to us.

11 International transfers

Winslow Search is headquartered in the United States, and all primary data processing takes place domestically. If you are located outside the US and provide information to us, you consent to the transfer of your data to the US for processing. We implement appropriate safeguards, including Standard Contractual Clauses, where mandated by the laws of your country of residence (e.g. EU/UK GDPR).

12 Changes to this policy

We may revise this Privacy Policy periodically to account for changes in our practices, technology, legal requirements, or other considerations. When we make material revisions, we will:

  • Update the "Effective" date displayed at the top of this page;
  • Notify candidates with an active engagement by email at least 30 days before the revision takes effect;
  • Display a prominent notice on our website for a minimum of 30 days;
  • Make prior versions available upon request for transparency.

13 Contact us

For questions regarding this Privacy Policy or to exercise your data-protection rights, please reach out to our Privacy team:

Winslow Search LLC · Attn: Privacy Officer
600 Third Avenue, 22nd Floor
New York, NY 10016

Email: privacy@winslowsearch.com
Toll-free: +1 (855) 407-2863
Response time: 30 days (45 days for California CCPA/CPRA requests)

If you feel we have not satisfactorily resolved your concern, you may also reach out to your state Attorney General’s office or, for California residents, the California Privacy Protection Agency at cppa.ca.gov.

Looking for something else?

All four of our policy documents, one click away.

PRIVACY Privacy Policy TERMS Terms of Service CCPA Your Privacy Choices ACCESSIBILITY Accessibility