Privacy Policy

This policy explains how Paul Murphy Associates collects, uses, and protects your personal data – in accordance with U.S. privacy law and the EU General Data Protection Regulation.

Last updated: 20 May 2026

Paul Murphy Associates LLC, Chicago, Illinois, United States

Paul Murphy Associates LLC (“Company”, “we”, “our”, or “us”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and protect your personal data when you visit our website.
This policy is prepared in accordance with applicable U.S. privacy laws, including the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), as well as the General Data Protection Regulation (EU) 2016/679 (GDPR) for visitors accessing this website from the European Union or United Kingdom.

1. Data Controller / Business Contact

Company name: Paul Murphy Associates LLC
Registered address: 4658 N. Kedzie, Chicago, IL 60625, United States
Email: info@paulmurphyassociates.com
Telephone: +1 708 831 2206

2. Personal Data We Collect

2.1 Data you provide directly

  • Name and surname
  • Email address
  • Phone number
  • Company name and job title
  • Any information you provide via contact forms or email communication

2.2 Automatically collected data

When you visit our website, certain data may be collected automatically:

  • IP address (anonymized where possible)
  • Browser type and version
  • Operating system
  • Date and time of access
  • Referring URL
  • General geographic location (country/region level)

3. Purposes of Processing

We process personal data for the following purposes:

  • Responding to inquiries and communication requests
  • Providing information about our executive search and talent advisory services
  • Maintaining business communication with institutional clients and candidates
  • Improving website functionality and security
  • Fulfilling legal and regulatory obligations

4. Legal Basis for Processing

For EU/UK visitors (GDPR):

We process your personal data based on one or more of the following legal grounds:

  • Article 6(1)(a) GDPR – your consent
  • Article 6(1)(b) GDPR – performance of a contract or pre-contractual steps
  • Article 6(1)(c) GDPR – compliance with legal obligations
  • Article 6(1)(f) GDPR – legitimate interests (e.g. website security, communication with business partners)

For U.S. visitors (CCPA/CPRA):

We collect and process personal information for the business purposes described in Section 3. We do not sell personal information as defined under the CCPA. California residents have specific rights described in Section 10 below.

5. Cookies and Tracking Technologies

Our website may use cookies to ensure proper functionality and improve user experience. Cookies may include necessary cookies (required for website operation) and analytical cookies (e.g. Google Analytics). You can manage or withdraw your consent at any time via the cookie settings on our website. For more details, please refer to our Cookie Policy.

6. Google Analytics

If Google Analytics is used, it is configured with IP anonymization. Google may process data on servers located outside the EU/UK. In such cases, appropriate safeguards (Standard Contractual Clauses) are applied in accordance with GDPR requirements.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by applicable law:

  • Contact inquiries: up to 12 months
  • Business communication: according to applicable legal retention obligations

8. Data Sharing and Transfers

We do not sell or rent personal data. Personal data may be shared only with IT and hosting service providers, and legal or tax authorities where required by law. All processors are contractually bound to comply with applicable data protection requirements. Where data is transferred outside the United States or the EEA, appropriate safeguards are applied.

9. Data Security

We apply appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, or alteration.

10. Your Rights

EU/UK residents (GDPR):

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (“right to be forgotten”) (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent at any time

California residents (CCPA/CPRA):

  • Right to know what personal information is collected, used, shared, or sold
  • Right to delete personal information
  • Right to correct inaccurate personal information
  • Right to opt out of the sale or sharing of personal information
  • Right to non-discrimination for exercising your privacy rights

All requests can be submitted to: info@paulmurphyassociates.com

11. Right to Lodge a Complaint

EU/UK residents have the right to lodge a complaint with their competent supervisory authority. For EU residents, this is the data protection authority in your country of residence. For UK residents, this is the Information Commissioner’s Office (ICO) at https://ico.org.uk.

California residents may contact the California Privacy Protection Agency (CPPA) at https://cppa.ca.gov.

12. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy at any time. The current version is always available on this website. Material changes will be communicated where required by applicable law.

13. Contact Information

If you have any questions regarding this Privacy Policy or the processing of your personal data, please contact us:

Paul Murphy Associates LLC
4658 N. Kedzie, Chicago, IL 60625
United States

Email: info@paulmurphyassociates.com
Telephone: +1 708 831 2206