Home Privacy Statement

Privacy Statement

Last Updated: 1 January 2026

Commercial & Industrial Operations L.L.C. (“COMINDUST”, “we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Statement explains how we collect, use, and share your personal information when you visit our website comindust.com (the “Site”).

“COMINDUST” refers to one or more of Commercial & Industrial Operations L.L.C. (“CIOP”, also known as “COMINDUST Global”), its global network of member firms, and their related entities (collectively, the “COMINDUST organization”). CIOP and each member firm and related entity are legally separate and independent entities, which cannot obligate or bind each other in respect of third parties, and are liable only for their own acts and omissions, and not those of each other. Each member firm and related entity may act as a separate data controller in respect of personal data it processes.

Our Site is intended for business-to-business (B2B) purposes and is directed at business users. It is not directed at children, and we do not knowingly collect personal information from children.

1. Information We Collect

We collect personal information that you choose to provide to us through our contact form and by email. This may include:

  • Contact details: name, email address, phone number (including country code), and company name.
  • Transaction information you choose to share: your transaction goal, sector or industry, approximate transaction value, geographic focus, timeframe, key information about the business (such as core activity, number of employees, yearly revenue), and any additional notes or geographic information you provide.
  • Usage and technical data: limited technical and analytics information collected through cookies, as described in our Cookie Notice, such as pages visited and time spent on pages, used to optimize our content. For consent-management purposes, an anonymized version of your IP address is stored. Where applicable, certain technical data (such as an IP address) may be processed by our caching and content-delivery provider to operate and secure the Site.

You decide what information to share with us. We ask that you do not submit any sensitive personal information or any confidential information through the Site until appropriate confidentiality arrangements have been made. Further confidentiality steps can be arranged upon request.

2. How We Use Your Information

We use your personal information for the following purposes:

  • To respond to your inquiries and requests, and to communicate with you about a potential transaction.
  • To operate, maintain, and improve our Site and content.
  • To comply with legal and regulatory obligations.

3. Legal Basis for Processing

Where the GDPR, UK GDPR, or similar laws apply, we process your personal information primarily on the basis of our legitimate interests in operating our business, responding to your inquiries, and developing and maintaining business relationships, in a manner that is not overridden by your interests or fundamental rights. Where required by law, we will rely on your consent (for example, for certain cookies), and you may withdraw that consent at any time.

4. Cookies

We use a limited set of cookies and similar technologies, restricted to those that are strictly necessary, functional, and analytics cookies used to optimize our content. We do not use advertising cookies and we do not track visitors for advertising purposes. Where required, cookies are used only with your consent, managed through the consent interface on our Site. For more information, please see our Cookie Notice.

5. Sharing Your Information

We may share your personal information:

  • With member firms, related entities, and partners within the COMINDUST organization, who may assist in responding to and progressing your inquiry. Such sharing is governed by appropriate confidentiality and data protection arrangements between the relevant entities.
  • With third-party service providers who perform services on our behalf (including hosting, caching, content-delivery, analytics, and consent-management providers) and who are bound by appropriate confidentiality and data protection obligations.
  • Where necessary to comply with legal obligations, including measures against fraud and money laundering, tax, and regulatory requirements, or in response to good-faith requests from rights holders or authorities.

We do not sell your personal information.

6. International Transfers

We operate globally. Your personal information may be transferred to, and processed in, countries other than the country in which you are located, including transfers between member firms and partners located in different countries, and transfers outside the European Economic Area (EEA) and the United Kingdom. Where such transfers occur, we take appropriate safeguards, such as Standard Contractual Clauses or equivalent mechanisms, to protect your information in accordance with applicable data protection laws.

7. Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, including responding to your inquiry, progressing a potential transaction, and complying with our legal, accounting, or reporting obligations. Information contained in email correspondence is retained for the period appropriate to the underlying matter and our legal obligations, after which it is deleted or anonymized.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access, correct, update, or delete your personal information.
  • Object to or restrict certain processing, including processing based on legitimate interests.
  • Withdraw your consent at any time, where processing is based on consent.
  • Request portability of your personal information.
  • Lodge a complaint with a supervisory authority or regulator.

To exercise any of these rights, please contact us at privacy@comindust.com. We will respond in accordance with applicable law.

9. Data Security

We implement reasonable security practices and procedures to protect your personal information against unauthorized access, disclosure, alteration, or destruction. However, no method of transmission over the internet or electronic storage is fully secure, and we cannot guarantee absolute security.

10. Automated Decision-Making

We do not make decisions that produce legal or similarly significant effects concerning you based solely on automated processing, including profiling.

11. EU Representative

We are established in the United States and do not currently maintain a physical establishment in the European Union. We are in the process of formally designating a representative in the Union pursuant to Article 27 of the GDPR. In the interim, and for the purposes of Article 27, you may contact our representative function regarding any matter relating to the processing of your personal data by writing to eu-representative@comindust.com, with “GDPR EU Representative” in the subject line. This contact point operates in addition to, and does not replace, your ability to contact us directly at privacy@comindust.com or to contact your local supervisory authority. The details of our formally designated representative will be published on this page once the designation is complete.

The same applies for the purposes of Article 27 of the UK GDPR; until a UK representative is formally designated, UK data subjects may use the same contact point with “UK GDPR Representative” in the subject line.

12. Changes to This Privacy Statement

We may update this Privacy Statement from time to time. The “Last Updated” legend indicates when this statement was last revised. Material changes will be reflected on the Site.

13. Contact Us

If you have any questions about this Privacy Statement or our data practices, please contact us at privacy@comindust.com.

Regional Annexes

The following annexes provide additional disclosures for residents of specific jurisdictions and supplement the main Privacy Statement above. In the event of a conflict, the annex applicable to your jurisdiction prevails for that jurisdiction.

Annex A. European Economic Area (EEA) and United Kingdom

This annex applies where the GDPR (EEA) or the UK GDPR applies to the processing of your personal information.

  • Controller: Commercial & Industrial Operations L.L.C. is the controller of personal information collected through this Site. Member firms and related entities may act as separate controllers in respect of personal data they process.
  • Legal bases: As described in Section 3, we rely principally on legitimate interests, and on consent where required (for example, non-essential cookies).
  • Your rights: In addition to the rights in Section 8, you have the right to lodge a complaint with your local supervisory authority (in the EEA) or the Information Commissioner’s Office (in the UK).
  • International transfers: As described in Section 6, transfers outside the EEA/UK are protected by appropriate safeguards such as Standard Contractual Clauses.
  • EU Representative: See Section 10.

Annex B. United States (California – CCPA/CPRA)

This annex applies to California residents whose personal information is subject to the California Consumer Privacy Act, as amended by the California Privacy Rights Act (CCPA/CPRA).

  • Categories collected: identifiers (such as name, email, phone), commercial information (such as the transaction details you provide), and internet activity information (limited analytics). We collect these from you directly and through cookies.
  • Purposes: as described in Section 2.
  • No sale or sharing: We do not sell or share (as those terms are defined under the CPRA) your personal information, and we do not use it for cross-context behavioral advertising.
  • Your rights: California residents have the right to know, access, delete, and correct their personal information, and to be free from discrimination for exercising these rights. To exercise these rights, contact us at privacy@comindust.com.
  • Sensitive personal information: We do not collect sensitive personal information through the Site, and we do not use it for purposes requiring a right to limit.

Annex C. Canada (PIPEDA and Quebec Law 25)

This annex applies to residents of Canada, including Quebec.

  • We process personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and, for Quebec residents, the Act respecting the protection of personal information in the private sector (Law 25).
  • We rely on consent or other lawful bases as permitted by applicable Canadian law, and we limit collection to what is necessary for the purposes described.
  • Personal information may be transferred outside Canada, including to the United States and other countries where our member firms and partners operate, subject to appropriate protections.
  • You may access and correct your personal information and may contact us at privacy@comindust.com.

Annex D. Brazil (LGPD)

This annex applies to residents of Brazil whose personal information is subject to the Lei Geral de Proteção de Dados (LGPD).

  • We process personal data on the legal bases set out in the LGPD, including legitimate interest and consent where applicable.
  • Data subjects in Brazil have the rights provided under the LGPD, including confirmation of processing, access, correction, anonymization, portability, deletion, and information about sharing.
  • International data transfers are carried out in accordance with the LGPD.
  • To exercise your rights, contact us at privacy@comindust.com.