Privacy Policy

1. Types of Personal Data Collected

We collect various categories of personal information depending on your relationship with us:

1.1 Personal Identifiers

• Name, title, and contact information (email, phone, business address)

• Company name and professional affiliations

• Online identifiers (IP address, device identifiers)

​

1.2 Professional and Employment Information

• Job title, role, and responsibilities

• Company information and industry details

• Professional background and experience

• Business relationships and network connections

​

1.3 Commercial Information

• Service interests and engagement history

• Records of services provided

• Client preferences and requirements

• Transaction history and billing records

​

1.4 Payment Information

• Credit card or bank account details (when provided for payment processing)

• Billing addresses and payment preferences

• Transaction records and payment history

​

1.5 Internet and Network Activity

• IP addresses and browser information

• Website usage data and navigation patterns

• Device type, operating system, and browser version

• Cookies and similar tracking technologies

• Pages visited, time spent, and user interactions

​

1.6 Communications Data

• Email correspondence and attachments

• Meeting notes and call recordings (with consent)

• Forms submissions and survey responses

• Support requests and feedback

​

1.7 Public Source Information

• Publicly available business information

• Social media profiles and public posts

• Professional directory listings

• News articles and press releases

​

2. How Personal Data Is Collected

​

We collect personal information through various methods:

​

2.1 Direct Collection

• During client onboarding and service agreements

• Through service delivery and ongoing engagements

• Via email, phone, and in-person communications

• From forms, surveys, and intake processes

• During meetings, calls, and consultations

​

2.2 Online Interactions

• Website visits and user interactions

• Contact forms and download requests

• Cookie and analytics technologies

• Newsletter subscriptions and marketing interactions

​

2.3 Third-Party Sources

• Business partners and referral sources

• Service providers and technology platforms

• Public databases and professional directories

• Social media platforms and online sources

• Client-authorized third-party integrations

​

3. Use of Personal Data

​

We use personal information for the following business purposes:

​

3.1 Service Delivery

• Providing strategic financial advisory services

• Conducting analysis, modeling, and research

• Preparing deliverables, reports, and recommendations

• Managing client relationships and communications

• Coordinating meetings and project activities

​

3.2 Business Operations

• Account management and client service

• Billing, invoicing, and payment processing

• Internal training and quality assurance

• Service improvement and development

• Record keeping and compliance

​

3.3 Marketing and Communication

• Sending service-related communications

• Marketing our services (with appropriate consent)

• Conducting surveys and collecting feedback

• Newsletter distribution and content sharing

• Networking and business development activities

​

3.4 Website and Technology

• Website analytics and performance monitoring

• Security monitoring and fraud prevention

• Technical support and troubleshooting

• User experience optimization

• Cookie and preference management

​

3.5 Legal and Compliance

• Complying with applicable laws and regulations

• Responding to legal process and government requests

• Protecting our rights and business interests

• Enforcing agreements and preventing fraud

​

4. Legal Basis for Processing

 

We process personal data based on the following legal grounds:

​

4.1 Contractual Necessity

Processing necessary to perform our Services Agreement and deliver contracted services.

​

4.2 Legal Obligations

Processing required to comply with applicable laws, regulations, and legal requirements.

​

4.3 Legitimate Interests

Processing necessary for our legitimate business interests, including:

• Providing and improving our services

• Marketing and business development

• Security and fraud prevention

• Internal operations and administration

​

4.4 Consent

Processing based on your explicit consent, which you may withdraw at any time.

​

5. Sharing and Disclosure of Personal Data

We may share personal information in the following circumstances:

​

5.1 Internal Sharing

• With employees and contractors directly involved in service delivery

• Among affiliated entities under common control

• For administrative, legal, and compliance purposes

​

5.2 Service Providers

We share information with trusted third-party service providers, including:

• Technology infrastructure and hosting providers

• Payment processing and billing services

• Marketing and analytics platforms

• Professional services (legal, accounting, insurance)

• Communication and collaboration tools

​

All service providers are contractually required to protect your information and use it only for specified purposes.

​

5.3 Legal and Regulatory Disclosure

We may disclose information when required by:

• Court orders, subpoenas, or legal process

• Government agencies and regulatory authorities

• Law enforcement investigations

• Legal obligations or to protect our rights

​

5.4 Business Transactions

In connection with mergers, acquisitions, or sale of business assets, personal information may be transferred to the acquiring entity, subject to confidentiality protections.

​

5.5 With Your Consent

We may share information with third parties when you provide explicit consent, such as:

• Referrals to other professional service providers

• Introductions to potential business partners

• Collaborative engagements with your other advisors

​

6. Cookies and Tracking Technologies

 

6.1 Cookie Usage

Our website uses cookies and similar technologies for:

• Essential website functionality and navigation

• Analytics and performance monitoring

• User preference storage and customization

• Security and fraud prevention

• Marketing and advertising optimization

​

6.2 Third-Party Analytics

We use analytics services such as Google Analytics to understand website usage and improve user experience. These services may collect:

• Page views and navigation patterns

• Device and browser information

• Geographic location (general)

• Referral sources and marketing attribution

​

6.3 Cookie Management

You can manage cookies through:

• Browser settings and preferences

• Cookie consent tools on our website

• Opt-out mechanisms provided by analytics services

• Third-party privacy tools and extensions

​

7. Data Retention

​

7.1 Retention Periods

We retain personal information for different periods based on:

• Active Client Relationships: Throughout the duration of our engagement

• Financial Records: Seven (7) years after engagement completion

• General Business Records: Five (5) years after last interaction

• Marketing Information: Until you opt out or we determine retention is no longer necessary

• Website Analytics: As determined by third-party service provider policies

​

7.2 Retention Criteria

Retention periods are determined by:

• Professional standards and industry practices

• Legal and regulatory requirements

• Business operational needs

• Client relationship status and engagement type

​

7.3 Secure Deletion

When retention periods expire, we securely delete or anonymize information using industry-standard methods and procedures.

​

8. Data Security

​

8.1 Security Measures

We implement comprehensive security measures to protect personal information, including:

• Encryption of data in transit and at rest

• Multi-factor authentication and access controls

• Regular security assessments and monitoring

• Employee training on data protection protocols

• Secure backup and disaster recovery procedures

• Vendor security assessments and agreements

​

8.2 Access Controls

Access to personal information is limited to:

• Employees with legitimate business needs

• Authorized service providers under contract

• Senior management for oversight purposes

• Legal and compliance personnel when necessary

​

8.3 Limitations and Responsibilities

While we implement robust security measures, no system is completely secure. You are responsible for:

• Protecting your own devices and accounts

• Using secure communication methods when sharing sensitive information

• Promptly notifying us of any suspected security incidents

​

9. International Data Transfers

​

Personal information may be transferred to and processed in countries other than your country of residence, including the United States. When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

• Contractual protections and data processing agreements

• Compliance with applicable data protection frameworks

• Implementation of technical and organizational security measures

​

10. Your Privacy Rights

​

Depending on your location and applicable laws, you may have the following rights regarding your personal information:

​

10.1 Right to Know and Access

• Request confirmation of what personal information we maintain about you

• Obtain copies of your personal information

• Receive information about our data practices and sharing

​

10.2 Right to Correction

• Request correction of inaccurate or incomplete personal information

• Update your contact information and preferences

​

10.3 Right to Deletion

• Request deletion of your personal information, subject to legal and contractual limitations

• Withdraw consent for processing based on consent

​

10.4 Right to Restrict or Object

• Restrict certain types of processing

• Object to processing for marketing purposes

• Opt out of marketing communications

​

10.5 Right to Data Portability

• Receive your personal information in a portable format

• Transfer information to another service provider (where applicable)

​

10.6 Exercising Your Rights

To exercise these rights:

• Email: legal@thelhgrp.com with subject line "Privacy Rights Request"

• Include: Your name, contact information, and specific request

• Verification: We may request additional information to verify your identity

• Response Time: We will respond within 30 days of receipt

​

10.7 Appeals Process

If your privacy rights request is denied, you may appeal by contacting us at legal@thelhgrp.com with subject line "Privacy Rights Appeal" within 30 days of our response.

​

11. Children's Privacy

​

Our services are not directed to individuals under 18 years of age, and we do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete such information promptly.

​

12. Changes to This Policy

​

12.1 Policy Updates

We may update this Privacy Policy periodically to reflect:

• Changes in our business practices or services

• New legal or regulatory requirements

• Enhanced privacy protections

• Feedback from clients and stakeholders

​

12.2 Notification of Changes

We will notify you of material changes through:

• Email notification to active clients

• Prominent notice on our website

• Direct communication during active engagements

​

12.3 Effective Date

The effective date at the top of this policy indicates when the current version became effective. Your continued use of our services after policy updates constitutes acceptance of the revised Privacy Policy.

​

13. Contact Information

​

For questions, concerns, or requests regarding this Privacy Policy or our privacy practices:

​

The Lighthouse Group LLC

Privacy Contact: legal@thelhgrp.com

​

We are committed to addressing your privacy concerns promptly and transparently. Please allow up to 30 days for a response to privacy-related inquiries.

​

​