Privacy Policy

Last Updated: October 16, 2025

Cahill Consultants, Inc. (“Cahill Consultants, Inc.,” “we,” “our,” or “us”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you visit our websites, including [https://www.cahillconsultants.com] and any related pages that link to this Policy (collectively, the “Site”), and when you interact with us offline (e.g., by phone or at events).

Important HIPAA Note. In the course of our product-recall and claims-administration services, we may act as a Business Associate to healthcare clients under the U.S. Health Insurance Portability and Accountability Act (HIPAA). In those engagements, we process protected health information (PHI) under a Business Associate Agreement (BAA). This website Privacy Policy does not apply to PHI we process on behalf of covered entities or other clients; those activities are governed by the applicable BAA and client-specific privacy notices.

1. Who we are & how to contact us

Company: Cahill Consultants, Inc.
Corporate Address: 21 Bennetts Rd Ste 104, Setauket, NY 11733
Email: Info@CahillConsultants.com
Phone: +1-631-727-4963
Data Protection Contact: “Privacy Team” at the addresses above.

2. Personal information we collect

The information we collect depends on how you interact with us. We collect information directly from you, automatically via cookies and similar technologies, and from third parties (e.g., service providers, partners, public sources).

A. Information you provide directly

    • Contact & Inquiry Data (name, business name, email, phone, job title, state/country, message content) when you fill out forms, book a consultation, or contact us.
    • Client Account & Project Data (engagement scope, contracts, billing contacts, addresses, purchase orders) for our B2B services.
    • Claims/Recall Interaction Data you submit to us for recall or claims projects (e.g., incident details, product info, receipts). If a project involves PHI or highly sensitive data, it is handled under separate agreements and not covered by this website policy.
    • Payment & Invoicing Data (invoice details, limited payment metadata). Payment card numbers are processed by our payment processors and are not stored by us.
    • Events & Marketing Preferences (RSVPs, attendance, communication preferences).

B. Information collected automatically

    • Device & Usage Data (IP address, approximate location, device identifiers, browser type/version, operating system, pages viewed, time spent, referring/exit pages, and clickstream).
    • Cookies/Tags/SDKs for essential site functions, analytics (e.g., Google Analytics), and to remember preferences. See Cookies & Tracking below.

C. Information from third parties

    • Business Leads & Referrals from partners and platforms (e.g., Zoho, Airtable, HubSpot, Google, LinkedIn).
    • Service Metadata from our vendors (e.g., telephony providers like RingCentral, email delivery metrics, error logs, anti-spam tools like hCaptcha/ReCAPTCHA).

3. How we use personal information

We use personal information to:

    1. Provide our services (consulting, recall/claims administration, customer support, account management).
    2. Operate and improve the Site (debugging, analytics, fraud prevention, and securing our systems).
    3. Communicate with you (respond to inquiries, send service notices, proposals, invoices, and updates you request).
    4. Marketing (B2B) (send newsletters, event invites, or content where permitted; you may opt out at any time).
    5. Comply with law and enforce rights (legal obligations, contract enforcement, protecting against misuse and security incidents).

For visitors from the EEA/UK, we rely on one or more of the following legal bases: performance of a contract, legitimate interests (e.g., B2B marketing to professionals, Site operation and security), consent (where required), and compliance with legal obligations.

4. How we disclose information

We do not sell personal information in the traditional sense. We disclose information to:

    • Service Providers & Processors who perform services for us (e.g., hosting, cloud storage, email, telephony, analytics, CRM, e-signature, ticketing). Typical providers used in our stack may include: Google Workspace, Zoho (CRM/Desk/Sign/Books), Airtable, Softr, Bubble, RingCentral, Amazon Web Services (AWS) or comparable hosting, hCaptcha/Google reCAPTCHA (anti-spam), and website analytics platforms. We contractually require processors to protect personal information and use it only to provide services to us.
    • Professional Advisors (attorneys, accountants, auditors) under confidentiality.
    • Business Transfers (merger, acquisition, financing, or sale of assets), subject to standard safeguards.
    • Legal & Compliance (to comply with law, lawful requests, or to protect rights, safety, and security, including detecting, investigating, and preventing fraud or security incidents).

We may share aggregated or de-identified data that cannot reasonably be used to identify you.

5. Cookies & tracking technologies

We use cookies and similar technologies to enable Site functionality, perform analytics, and remember your preferences.

    • Essential cookies are required for core features (e.g., page navigation, security, anti-bot). These cannot be switched off in our systems.
    • Analytics cookies help us understand Site usage and improve content. Where required, we seek your consent.

You can control cookies via your browser settings and (where implemented) our cookie banner/preferences center. Blocking some cookies may impact Site functionality.

6. Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Policy, including to

7. Security

We maintain reasonable and appropriate administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, use, and disclosure. No method of transmission or storage is completely secure; we cannot guarantee absolute security. If you suspect a security issue, contact us immediately at Info@CahillConsultants.com.

8. Your choices & rights

Email marketing

You can opt out of marketing emails at any time by using the “unsubscribe” link or contacting us. We may still send you service/transactional communications.

U.S. State privacy rights (including California)

Residents of certain U.S. states (e.g., CA/CPRA, CO, CT, UT, VA) may have rights to:

    • Know/Access the categories and specific pieces of personal information we collected about you.
    • Delete personal information, subject to exceptions.
    • Correct inaccurate information.
    • Opt out of certain processing, such as targeted advertising or sharing for cross‑context behavioral advertising (we do not engage in behavioral advertising on our Site at this time) and profiling in furtherance of decisions that produce legal or similarly significant effects.
    • Limit the use and disclosure of sensitive personal information (we do not use sensitive data for inferring characteristics or for purposes beyond what is reasonably expected to provide our services).

How to exercise your rights: Email us at Info@CahillConsultants.com with “Privacy Request” in the subject, or use our web form: [link to request form]. We may verify your identity and, where applicable, your state residency. Authorized agents may submit requests with appropriate proof of authorization.

Notice at Collection (California): We collect the categories listed in Section 2 for the purposes in Section 3. We retain data as described in Section 6. We do not sell personal information and we do not share it for cross‑context behavioral advertising. We use service providers as described in Section 4.

EEA/UK/Swiss residents

Where the GDPR/UK GDPR/FDPA applies, you may have rights to access, rectification, erasure, restriction, portability, and objection, and the right to withdraw consent at any time (without affecting prior processing). You may lodge a complaint with your local supervisory authority. To exercise rights, contact us at [privacy@cahillconsultants.com].

Do Not Track

Our Site does not respond to Do Not Track (DNT) signals.

9. Children’s privacy

Our Site and services are directed to business professionals. We do not knowingly collect personal information from children under 13 (or under 16 in applicable jurisdictions) without appropriate consent. If you believe a child provided personal information to us, please contact us so we can take appropriate action.

10. International data transfers

We are based in the United States and process information in the U.S. and other countries where our service providers operate. Where required, we implement appropriate safeguards for international transfers (e.g., Standard Contractual Clauses for EEA/UK data).

11. Third‑party sites and services

The Site may link to third‑party websites or services. We are not responsible for their privacy practices. We encourage you to review the privacy policies of any third‑party sites you visit.

12. Changes to this Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with a new “Last Updated” date. Material changes may be communicated by additional notice.

13. Additional notices for clients and claimants

For clients and parties interacting with our recall/claims administration services:

    • Data Processing Addendum (DPA): We make a DPA available upon request for controller‑processor relationships.
    • Business Associate Agreements (BAA): For HIPAA‑regulated engagements, we execute BAAs with covered entities and process PHI as required by law and contract.
    • Project‑Specific Notices: Certain projects may provide additional privacy disclosures or intake notices that complement or supersede this Policy.

14. How to contact us

For questions or to exercise your rights, contact:

Cahill Consultants, Inc.

Attn: Privacy Team
21 Bennetts Rd Ste 104
Setauket, NY 11733
United States

Email: Info@CahillConsultants.com
Phone: +1-631-727-4963