• Privacy Policy – HamptonTCI & CorpDoc

    Effective Date: May 2026
    Last Updated: May 2026

    1. Introduction

    HamptonTCI (“we,” “us,” “our”) operates an executive search firm and, through its brand CorpDoc, provides advisory services, consulting, and free online tools (including financial calculators).

    This Privacy Policy explains how we collect, use, disclose, and protect personal information when you:

    • Visit our websites (including hamptontci.com and any CorpDoc‑branded sites)

    • Sign up for email updates to access free tools offered by CorpDoc

    • Fill out a contact form on the HamptonTCI site (for executive search or advisory inquiries)

    • Engage us under a separate written contract for paid payroll or advisory services (that contract governs that data – this policy does not apply)

    We comply with applicable laws, including the GDPR (EU/UK), CCPA/CPRA (California), Canada’s PIPEDA, Australia’s Privacy Act (APPs), New Zealand’s Privacy Act 2020, Hong Kong’s PDPO, and Singapore’s PDPA.

    By using our sites and providing your information, you acknowledge that you have read and understood this policy.

    2. What Information We Collect – By Context

    We collect only the information necessary for each specific interaction.

    A. CorpDoc – Free Tools Sign‑Up (Email List)
    When you sign up to access free tools (e.g., financial calculators) offered by CorpDoc, you voluntarily provide your name and email address. We do not collect any other personal data through this sign‑up process.

    Important: The tools themselves (calculators) process data only on your device – we do not store, see, or receive any numbers or results you enter.

    You will be asked to opt in via an unchecked checkbox. Your consent is required before we send any communications.

    B. HamptonTCI – Contact Form (Executive Search or Advisory Inquiries)
    When you fill out a contact form on the HamptonTCI site to connect with us, you may provide your name, email address, optional phone number, company name and title, and a message describing your inquiry. We use this information solely to respond to your request.

    C. Automatic Collection (Limited)
    Our sites use no tracking cookies or analytics except for strictly necessary session cookies. See our Cookie Notice below (Section 12). We do not collect IP addresses, browsing behaviour, or device information through the sign‑up or contact forms.

    D. Separate Contract Engagements (Payroll / Advisory Work)
    If you become a client under a separate written contract for payroll processing or paid advisory services, we will collect client information (e.g., employee data, financial, operational, or strategic business data) as defined in that contract. That contract, not this website privacy policy, governs how we handle that data. This policy does not apply to those engagements.

    E. Executive Search Candidates
    If you are a candidate for executive search, we collect information you provide (CV, employment history, compensation, references, etc.). That processing is covered by a separate candidate privacy notice provided to you at the time of collection.

    3. How We Use Your Information

    • CorpDoc sign‑up (free tools): To provide access to free tools and send related emails (e.g., tool updates or important notices). Legal basis: your consent (opt‑in).

    • HamptonTCI contact form: To respond to your inquiry. Legal basis: legitimate interest (to communicate with potential clients/candidates).

    • Improve our services and site functionality: Legal basis: legitimate interest.

    • Comply with legal obligations: Legal basis: legal obligation.

    We do not sell or share your personal information with any third party for cross‑context behavioural advertising or any other purpose.

    4. How We Share Your Information

    We share your information only as strictly necessary:

    • With HubSpot (our data processor) – We use HubSpot, accessed through our site builder Carrd, to manage names and email addresses from the CorpDoc sign‑up and contact form submissions. HubSpot acts as a processor under a Data Processing Agreement (including EU Standard Contractual Clauses). We have accepted that agreement.

    • Within HamptonTCI – Information may be shared between HamptonTCI and the CorpDoc brand for internal administration, but the CorpDoc email list is never shared with the executive search side.

    • With service providers – Other trusted third parties (e.g., email delivery, hosting) who are contractually bound to protect your data.

    • For legal compliance – When required by law, subpoena, or court order.

    • Business transfers – In the event of a merger or acquisition.

    We do not sell, rent, or trade your personal information.

    5. International Data Transfers

    We operate globally. Your information may be transferred to and processed in countries outside your own (including the US, where HubSpot is located). When we transfer data from regions with strict data protection laws (e.g., EEA, UK, Australia, New Zealand, Hong Kong, Singapore, Canada) to countries not deemed adequate, we implement appropriate safeguards, such as Standard Contractual Clauses with HubSpot.

    6. Data Security

    We implement industry‑standard technical and organisational measures, including encryption and strict access controls, to protect your personal information against unauthorised access, alteration, or destruction.

    7. Data Retention

    • CorpDoc email sign‑up: We retain your name and email until you unsubscribe or withdraw consent. After you unsubscribe, we delete your information within 30 days. Note: Unsubscribing from emails does not revoke your access to the free tools – you may continue using the calculators without providing an email.

    • Contact form inquiries: Retained for up to 12 months after last contact, unless a longer period is required by law.

    • Separate contract data: Retained as specified in the applicable contract.

    8. Global Rights for All Users

    Regardless of your location, you have the right to:

    • Access – Request a copy of your personal information.

    • Correction – Ask us to correct inaccurate information.

    • Deletion – Request deletion of your information (subject to legal exceptions).

    • Withdraw consent – If you previously opted in, you can withdraw at any time (using the unsubscribe link in emails or by contacting us).

    To exercise any of these rights, contact us at privacy@hamptontci.com.

    9. Region‑Specific Notices

    Depending on your location, additional rights or notices apply. Please read the section that applies to you.

    For Residents of the European Union / European Economic Area (including Ireland) and the United Kingdom (GDPR)
    In addition to the global rights above, you have:

    • The right to restriction of processing.

    • The right to data portability.

    • The right to object to processing based on legitimate interests (e.g., our contact form responses).
      You also have the right to lodge a complaint with your local data protection authority (e.g., the ICO in the UK or the DPC in Ireland).

    For California Residents (CCPA/CPRA)
    We do not sell or share your personal information for cross‑context behavioural advertising. You have the right to know what personal information we collect, use, and disclose; to request deletion; and to non‑discrimination for exercising your rights. A “Your Privacy Choices” link is provided on our website footer.

    For Australian Residents (Privacy Act – APPs)
    At the time we collect your information, we provide this Collection Notice (APP 5):

    • Identity and contact: HamptonTCI, privacy@hamptontci.com.

    • Purpose: To provide access to free tools (CorpDoc) or to respond to your inquiry.

    • Consequences if you do not provide: You will not be able to access the free tools or receive a response.

    • Disclosure: To HubSpot (processor) as described in section 4.

    • Overseas disclosure: Your information may be transferred to the US.

    • Access and correction: You have the right to access and correct your information.

    For New Zealand Residents (Privacy Act 2020 – IPPs)
    We collect your personal information directly from you. If we ever collect information about you from a third party indirectly, we will take reasonable steps to notify you, unless an exception applies. You have the right to access and correct your information and to complain to the New Zealand Privacy Commissioner.

    For Hong Kong Residents (PDPO)
    Before collecting your information, we inform you (Personal Information Collection Statement):

    • Purpose: Granting access to free tools or responding to your inquiry.

    • Data transfer: To HubSpot (US) and as described in section 4.

    • Your rights: You may request access to or correction of your data by contacting privacy@hamptontci.com.

    • Direct marketing: We do not use your data for direct marketing without separate explicit consent. The CorpDoc sign‑up is for tool access and related service emails only.

    For Singapore Residents (PDPA)
    We obtain your prior consent for collection and use (unchecked opt‑in box). You may withdraw consent at any time. If we collect business contact information (e.g., corporate email address for work‑related purposes), certain PDPA obligations may not apply, but we apply the same protections.

    For Canadian Residents (PIPEDA)
    We comply with PIPEDA. You have the right to access, correct, and challenge our compliance. If you reside in Alberta, British Columbia, or Quebec, additional provincial laws may apply, but for our minimal collection (name and email), this policy meets core requirements. You may complain to the Office of the Privacy Commissioner of Canada if unresolved.

    10. How to Unsubscribe or Withdraw Consent

    Every email we send from the CorpDoc sign‑up list contains a clear unsubscribe link. You may also contact us at privacy@hamptontci.com to request removal.

    Withdrawing consent (unsubscribing) does not affect your access to the free tools. The calculators work entirely on your device without requiring an active email subscription.

    11. Data Breach Response

    We take data protection seriously. A data breach could occur if, for example:

    • An unauthorised person gains access to our HubSpot account (e.g., through stolen credentials or a system vulnerability).

    • Our email service provider suffers a security incident that exposes our mailing list.

    • A physical breach (e.g., lost or stolen laptop) exposes unencrypted personal information.

    While we maintain industry‑standard security, no system is 100% secure. In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

    • Notify the relevant supervisory authority within 72 hours where required (e.g., ICO for UK, DPC for Ireland, OAIC for Australia, etc.).

    • Notify affected individuals without undue delay if the breach is likely to result in a high risk to their rights.

    • Keep internal records of all breaches, regardless of whether notification is required.

    If we become aware of a breach involving your information, we will follow the procedures required by your local law (e.g., GDPR, CCPA, Privacy Act, PDPO, PDPA, PIPEDA, or NZ Privacy Act). You may also contact us at privacy@hamptontci.com for breach‑related queries.

    12. Cookie Notice

    Our websites use only strictly necessary session cookies. These cookies are essential for the website to function properly (e.g., to maintain your session or to remember your consent preferences). They do not collect any personal information and are deleted when you close your browser.

    We do not use:

    • Analytics cookies (e.g., Google Analytics)

    • Advertising or tracking cookies

    • Third‑party cookies for social media or embedded content

    Because we use no non‑essential cookies, we do not display a cookie consent banner. However, if you wish to block all cookies (including necessary ones), you may adjust your browser settings – but this may prevent the website from working correctly.

    13. Third‑Party Links

    Our sites may contain links to third‑party websites. This policy does not apply to those sites, and we are not responsible for their privacy practices.

    14. Updates to This Policy

    We may update this policy periodically. The “Last Updated” date at the top indicates changes. If we make material changes, we will notify you via email (if you have signed up) or a notice on our site.

    15. Contact Us

    HamptonTCI Data Protection Contact
    Email: privacy@hamptontci.com

    For data protection officer inquiries (required for GDPR, PIPEDA, etc.), please use the same email.

    16. Separate Contract Exception – Reminder

    If you are a client under a separate written contract for payroll or paid advisory services, the handling of your business or employee data is governed exclusively by that contract. This website privacy policy does not apply to those engagements.

  • Cookies Policy for HamptonTCI

    Effective Date: March 2026
    Last Updated: March 2026

    1. Introduction

    This Cookies Policy explains how HamptonTCI and its advisory arm, CorpDoc ("we," "us," "our") uses cookies and similar tracking technologies on our website, hamptontci.com. It should be read alongside our Privacy Policy, which provides comprehensive details on our overall data protection practices.

    As a global executive search and leadership advisory firm, we are committed to transparency. While our headquarters are in Hong Kong, we adhere to high international standards of data protection, including the principles of the EU General Data Protection Regulation (GDPR) where applicable.

    2. What Are Cookies & Similar Technologies?

    Cookies are small text files that are placed on your device (such as a computer, smartphone, or tablet) when you visit our website. They are widely used to "remember" you and your preferences, enable essential site functionality, and help us understand how visitors interact with our services—whether they are candidates, executive search clients, or advisory clients of CorpDoc.

    This policy also covers similar tracking technologies, such as web beacons, pixels, and local storage, which serve analogous purposes.

    3. How & Why We Use These Technologies

    We use cookies and similar technologies for specific purposes, each aligned with a legal basis as defined in our main Privacy Policy:

    Essential Operation

    • Purpose: These technologies are strictly necessary for the website to function. They enable core features like security, load balancing, and basic session management for all visitors.

    • Legal Basis: Legitimate Interest (to provide a secure and operational website).

    Performance & Analytics

    • Purpose: We use these to count page visits, understand traffic sources, and identify which content and service pages—whether related to executive search or CorpDoc advisory services—are most valuable to our visitors. This helps us measure and improve site performance.

    • Legal Basis: Legitimate Interest (in analyzing and enhancing our website and services).

    Functionality

    • Purpose: These technologies remember choices you make to improve your experience, such as your preferred language or region setting.

    • Legal Basis: Legitimate Interest (in providing an enhanced and personalized user experience).

    Marketing/Advertising

    • Purpose: We may allow trusted third-party partners to use technologies that help measure the effectiveness of our advertising. We do not engage in extensive cross-site tracking or profiling for advertising purposes.

    • Legal Basis: Consent (where required by law).

    Important Note: We do not use cookies or automated technologies to make decisions that have legal or similarly significant effects concerning candidates, clients, or advisory clients.

    4. Your Choices & Control

    You have meaningful control over non-essential cookies, consistent with the privacy rights described in our Privacy Policy.

    • Initial Consent: When you first visit our website, a consent banner will provide you with clear options to accept, reject, or customize your preferences for non-essential cookies.

    • Browser Settings: You can manage or delete cookies through your web browser's settings. Please be aware that blocking all cookies may impact the functionality of our website.

    • Changing Preferences: You can revisit and change your cookie preferences at any time by clicking the "Cookie Preferences" link, which is typically found in the footer of our website.

    • Third-Party Opt-Outs: For cookies set by specific service providers (e.g., for analytics), you can often manage your preferences directly through their individual opt-out mechanisms.

    5. Third-Party Cookies & International Transfers

    Certain cookies are placed on our site by trusted third-party service providers, such as analytics companies (e.g., Google Analytics). Their processing of information is governed by their own privacy policies. These providers help us understand how candidates, clients, and advisory clients engage with our content.

    Given our global operations, data collected via these technologies may be transferred to and processed in countries outside your country of residence. When we transfer personal data from regions with strict data protection laws (like the EEA or UK) to other countries, we implement robust safeguards as outlined in our Privacy Policy. These safeguards include the use of Standard Contractual Clauses approved by relevant authorities to ensure an adequate level of data protection.

    6. Data Retention

    Data collected by cookies is retained for varying periods:

    • Session Cookies: Temporary and expire automatically when you close your web browser.

    • Persistent Cookies: Remain on your device for a predefined period, which can range from a few minutes to several years, unless you manually delete them earlier through your browser settings.

    7. Contact & Your Rights

    If you have any questions about this Cookies Policy or wish to exercise your data protection rights (such as access, correction, or deletion), please contact our Data Protection Contact. This is the same point of contact specified in our Privacy Policy for all privacy-related matters:

    HamptonTCI Data Protection Contact
    Email: privacy@hamptontci.com

    8. Updates to This Policy

    We may update this Cookies Policy from time to time to reflect changes in our practices, technology, or legal requirements. Any updates will be posted on this page, and the "Last Updated" date at the top will be revised accordingly. We encourage you to review this policy periodically.

     

  • Legal Notice for HamptonTCI

    Effective Date: January 2026

    This Legal Notice governs your use of the HamptonTCI website and outlines our firm's compliance principles. By accessing this site, you agree to these terms.

    1. Intellectual Property & Trademarks

    All content on this website—including text, graphics, logos, articles, and compilations—is the property of HamptonTCI or its licensors and is protected by copyright and other intellectual property laws.
    The "HamptonTCI" name, logo, and related marks are trademarks of HamptonTCI. You may not use, reproduce, or distribute any website content or trademarks without our prior written consent.

    2. Website Content & Disclaimer

    The information on this site is provided for general informational purposes related to our executive search, board advisory, and CorpDoc transformation services.
    We strive to ensure information is accurate and current, but we make no warranties or representations regarding its completeness, accuracy, or suitability for any purpose. Content is provided on an "as is" and "as available" basis. To the fullest extent permitted by applicable law, HamptonTCI shall not be liable for any loss or damage arising from your use of, or reliance on, this site's content.

    3. Professional Services & Engagement

    The content on this website does not constitute professional advice or a binding service offer. A formal client engagement with HamptonTCI is established only through a separate, signed agreement. The outcomes of past searches or case studies described on the site are not a guarantee of future results.

    4. Compliance & Ethical Principles

    Equal Opportunity: HamptonTCI is committed to equality, diversity, and inclusion. We conduct our executive search and advisory services without discrimination.
    Confidentiality: We adhere to strict confidentiality standards in all client and candidate engagements, as detailed in our service agreements.
    Anti-Bribery & Corruption: We comply with all applicable anti-bribery and corruption laws, including the Hong Kong Prevention of Bribery Ordinance.

    5. Governing Law

    This Legal Notice, and any disputes relating to this website, shall be governed by and construed in accordance with the laws of the Hong Kong Special Administrative Region.

    6. Contact for Legal Inquiries

    For questions regarding this Legal Notice, permissions to use content, or other legal matters, please contact:
    Legal & Compliance
    HamptonTCI
    Email:clientservices@hamptontci.com

  • HamptonTCI Information Security Policy

    Policy Effective Date: January 2026
    Last Updated: January 2026

    1. Policy Purpose & Commitment

    HamptonTCI is entrusted with highly sensitive and confidential information, including the personal data of executives, candidates, and clients, as well as the proprietary business intelligence of our corporate partners. Protecting this information is fundamental to our integrity, professionalism, and success as a leadership advisory firm.

    This Information Security Policy establishes the framework for safeguarding all data and information assets within our control. It reflects our commitment to maintaining the confidentiality, integrity, and availability of information.

    2. Scope

    This policy applies to all employees, contractors, consultants, temporary staff, and other third parties who access, process, or manage HamptonTCI information assets or technology systems.

    3. Core Security Principles

    Our security practices are built on the following foundational principles:

    • Confidentiality: Sensitive information is accessed only by authorized individuals with a legitimate business need.

    • Integrity: Information is protected from unauthorized alteration.

    • Availability: Information and critical systems are accessible to authorized users when needed.

    • Accountability: All personnel are responsible for adhering to this policy.

    4. Information Classification & Handling

    We classify information based on its sensitivity to ensure appropriate protection:

    • Confidential/Restricted: Includes candidate CVs, client search mandates, personal identification data, compensation details, and contractual agreements. Requires the highest level of protection.

    • Internal Use Only: Includes internal operational documents and communications. Must not be disclosed externally.

    • Public: Information intentionally published for public consumption.

    Handling procedures, including storage, transmission, and disposal, are defined for each classification level.

    5. Access Control & User Responsibilities

    Access to information systems and data is granted on a strict "need-to-know" basis.

    • Authentication: Access to systems handling confidential data requires strong, unique credentials.

    • Access Reviews: System access rights are reviewed regularly and revoked immediately upon role change or termination.

    • Clear Desk/Screen: Personnel must secure all Confidential information (both physical and digital) when not in use, including locking workstations.

    6. Technical Safeguards

    We implement and maintain technical measures to protect our digital infrastructure:

    • Network Security: Firewalls and other protections are utilized to guard our network perimeter and internal segments.

    • Endpoint Protection: Company-managed devices must have approved anti-malware software and be kept updated with the latest security patches.

    7. Incident Response & Reporting

    A security incident is any event that potentially compromises the confidentiality, integrity, or availability of information assets.

    • Mandatory Reporting: All personnel are required to immediately report any suspected or actual security incident to the designated Security Lead.

    • Response Plan: HamptonTCI maintains a formal incident response plan to contain, assess, and recover from security incidents.

    8. Third-Party & Vendor Security

    Third-party service providers with access to our systems or data must demonstrate they maintain appropriate security controls.

    • Due Diligence: Security assessments are conducted prior to engaging vendors that handle Confidential information.

    • Contractual Obligations: Contracts with such vendors include clear data protection and security obligations.

    9. Security Awareness & Training

    Security is a shared responsibility. HamptonTCI provides security awareness training to all personnel to ensure they understand their roles, recognize threats, and follow secure practices.

    10. Policy Governance & Review

    This policy is owned and maintained by HamptonTCI's leadership. It will be reviewed at least annually to ensure its continued relevance and effectiveness.

    Policy Acknowledgment: All personnel are required to acknowledge they have read, understood, and agree to comply with this Information Security Policy.

    For questions regarding this policy, please contact the designated Security Lead at privacy@hamptontci.com.