Privacy Policy

Pearl Consulting Group, Inc.

Effective Date: May 5, 2026

Last Updated: May 5, 2026

1. Overview

Pearl Consulting Group, Inc. ("PCG," "we," "us," or "our") is a cybersecurity and IT consulting firm headquartered at 200 E Randolph St., Suite 5100, Chicago, IL 60601. We are committed to protecting your personal information and your right to privacy.

This Privacy Policy explains how we collect, use, disclose, and safeguard your Personally Identifiable Information (PII) when you visit our website at www.PearlConsultingGroup.com, engage with us for professional services, or otherwise interact with us. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person. Please read this policy carefully. If you do not agree with its terms, please discontinue use of our site and services.

2. Information We Collect

We collect information in the following ways:

Information You Provide Directly

Contact & Inquiry Data: Name, email address, phone number, company name, and job title submitted via contact forms or consultation requests.
Career & Application Data: Resume, professional history, and references submitted when applying for a position at PCG.
Business Relationship Data: Information exchanged during a client engagement, including contracts, project documentation, and communications.
Event & Webinar Registration: Name, employer, and email when you register for a PCG-hosted event or webinar.

Information Collected Automatically

Usage Data: Pages visited, time spent, referral source, and navigation paths across our website.
Device & Technical Data: IP address, browser type, operating system, and device identifiers.
Cookies & Tracking Technologies: Session and persistent cookies as described in Section 5.

Information from Third Parties

Business Intelligence Sources: Publicly available professional profiles used for outreach to prospective clients or partners.
Partner Referrals: Contact information shared by a technology partner in connection with a potential engagement.

3. How We Use Your Information

We use the information we collect only for legitimate business purposes, including:

Responding to inquiries, proposals, and consultation requests
Delivering and managing professional consulting services
Communicating updates, thought leadership content, and relevant insights (with opt-out available)
Processing and evaluating employment applications
Improving website functionality, content, and user experience
Conducting internal analytics to understand service demand and market trends
Complying with legal and regulatory obligations applicable to our business
Protecting our rights, preventing fraud, and ensuring the security of our systems

We do not sell, rent, or trade your personal information to third parties for their independent marketing purposes.

4. Sharing & Disclosure

We do not sell, trade, or otherwise transfer your Personally Identifiable Information to outside parties unless we provide you with advance notice. This does not include trusted third parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when its release is appropriate to comply with the law, enforce our site policies, or protect our or others' rights, property, or safety.

Specifically, we may share your information with:

Service Providers: Trusted vendors who support our operations (e.g., CRM platforms, email delivery, analytics) under contractual data protection obligations.
Technology Partners: When a joint engagement or partner referral requires information sharing, only with your knowledge and in connection with a specific opportunity.
Legal Requirements: When required by law, subpoena, or court order, or to protect the rights, property, or safety of PCG, our clients, or others.
Business Transfers: In connection with a merger, acquisition, or restructuring, subject to standard confidentiality protections and notification where required.

5. Cookies & Tracking Technologies

Our website uses cookies and similar technologies to enhance your experience and help us understand how visitors interact with our content. Cookies are small files that a site or its service provider transfers to your computer's hard drive through your web browser (if you allow) that enable the site's systems to recognize your browser and capture and remember certain information.

We use cookies to:

Essential Cookies: Required for basic website functionality. These cannot be disabled without affecting site performance.
Analytics Cookies: Help us understand which pages are visited most frequently and where visitors come from. We use tools such as Google Analytics, configured to anonymize IP addresses.
Functional Cookies: Remember your preferences and settings to improve return visits.
Marketing Cookies: Track engagement with our content across channels to support relevant outreach. These are only deployed where consent mechanisms are in place.

You may configure your browser to reject cookies or alert you when cookies are being set. You can do this through your browser's settings or Help Menu. Note that disabling certain cookies may impact your experience on our site.

6. Data Security

We implement administrative, technical, and physical safeguards consistent with industry best practices and appropriate to the sensitivity of the information we hold. Our security measures include:

Encrypted data transmission (TLS/HTTPS) across all web properties
Access controls and authentication requirements for internal systems
Role-based access limiting data exposure to personnel with a legitimate business need
Regular security assessments, malware scanning, and vulnerability management processes
Employee security awareness training and acceptable use policies
Incident response protocols for timely detection and notification

While no system can guarantee absolute security, our cybersecurity expertise means we hold ourselves to the same rigorous standards we advise our clients to meet. In the event of a data breach that affects your rights, we will notify you and applicable regulators as required by law.

7. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, maintain business records, comply with legal obligations, and resolve disputes.

Website Inquiries: Retained for up to 3 years from last contact, or longer if a client relationship develops.
Client Engagement Records: Retained for the duration of the engagement and for 7 years thereafter, consistent with professional services and regulatory requirements.
Job Applications (not selected): Retained for up to 12 months unless you consent to longer retention for future opportunities.
Marketing Communications: Until you opt out, after which we process your request promptly and retain a suppression record.
Website Analytics: Aggregated, anonymized data may be retained indefinitely for trend analysis.

8. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information. We honor these rights and will respond to verified requests within the timeframes required by applicable law.

Right to Know: Request disclosure of the categories and specific pieces of personal information we hold about you.
Right to Correct: Request correction of inaccurate or incomplete personal information. You may also update your personal information by emailing us directly.
Right to Delete: Request deletion of your personal data, subject to legal retention obligations.
Right to Portability: Receive your data in a structured, machine-readable format where technically feasible.
Right to Opt Out: Opt out of marketing communications at any time via the unsubscribe link in any email or by contacting us directly.
Right to Non-Discrimination: Exercising your privacy rights will not affect the quality or availability of our services.

California residents may have additional rights under the California Consumer Privacy Act (CCPA/CPRA). EU/UK residents may have rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with a supervisory authority.

To exercise any of the above rights, please contact us at Info@PearlConsultingGroup.com.

9. California Online Privacy Protection Act (CalOPPA)

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. In accordance with CalOPPA, we agree to the following:

Users can visit our site anonymously.
A link to this Privacy Policy is accessible from our homepage and is clearly labeled with the word "Privacy."
You will be notified of any material Privacy Policy changes on this Privacy Policy page.
You may update your personal information by emailing us at Info@PearlConsultingGroup.com.

Do Not Track (DNT): We honor Do Not Track signals. When a DNT browser mechanism is in place, we do not plant cookies or use advertising tracking for that session.

10. Children's Privacy (COPPA)

The Children's Online Privacy Protection Act (COPPA) puts parents in control of the collection of personal information from children under the age of 13. Our website and services are directed to business professionals and we do not specifically market to or knowingly collect personal information from children under the age of 13. If you believe a child has submitted personal information to us, please contact us immediately and we will take steps to delete such information promptly.

11. Third-Party Links

Our website may contain links to third-party websites, partner portals, or resources that are not owned or controlled by Pearl Consulting Group. This Privacy Policy applies solely to our website and services. We encourage you to review the privacy policies of any third-party sites you visit, as we have no responsibility for their content or data practices.

12. Fair Information Practices & Data Breach Notification

The Fair Information Practices Principles form the backbone of privacy law in the United States. In order to be in line with these principles, should a data breach occur, we will take the following responsive action:

We will notify affected users via email within 7 business days of confirmed breach discovery.
We will notify users via in-site notification within 7 business days where technically feasible.
We will notify applicable regulators as required by federal and state law.

We also agree to the Individual Redress Principle, which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.

13. CAN-SPAM Act Compliance

The CAN-SPAM Act establishes requirements for commercial email, gives recipients the right to stop receiving emails, and spells out penalties for violations. We collect your email address in order to:

Send information, respond to inquiries, and/or other requests or questions
Send marketing communications and updates to our mailing list, where you have opted in or an existing business relationship exists

In accordance with CAN-SPAM, we agree to the following:

Not use false or misleading subjects or email addresses
Identify any marketing message as an advertisement in a reasonable way
Include the physical address of our business headquarters in all commercial emails
Monitor any third-party email marketing services used for compliance
Honor opt-out and unsubscribe requests promptly
Allow users to unsubscribe by using the link at the bottom of each email

If at any time you would like to unsubscribe from receiving future emails, you may contact us at Info@PearlConsultingGroup.com and we will promptly remove you from all correspondence.

14. Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, applicable law, or business operations. When we make material changes, we will update the "Last Updated" date at the top of this page and, where appropriate, notify you by email or via a notice on our website. Your continued use of our website or services after any changes constitutes your acknowledgment of the revised policy.

15. Contact Us

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or would like to report a privacy concern, please contact us: