FinLink Master Privacy Policy
Effective date: June 9, 2026
1. Scope and Overview
This Privacy Policy explains how Succession Link, LLC d/b/a FinLink collects, uses, shares, stores and protects information across FinLink. It applies to the FinLink website, apps, social network, direct messaging, profiles, member directory, M&A marketplace, succession and continuity tools, recruiting marketplace, jobs, office space marketplace, business directory, advertising, AI-enabled tools, calculators, simulations, analytics, enterprise and white-label services.
FinLink is a professional network and online platform for financial services professionals and related businesses. Users use FinLink to build professional identity, find and be found for opportunities, exchange professional information, engage with content, participate in marketplaces, discover vendors, recruit talent, plan succession, evaluate M&A opportunities and use AI-enabled tools.
This Policy should be read with the Master Terms of Service. Additional privacy or data processing terms may apply through enterprise agreements, data processing addenda, advertising terms, white-label agreements or other written arrangements.
Privacy requests and questions may be sent to support@fin.link.
2. Categories of Information We Collect
We collect information provided by users, generated by use of the Services, received from other users or enterprise customers, obtained from service providers or integrations, and collected through cookies or similar technologies. Categories may include identifiers, contact details, account credentials, professional profile data, company affiliation, title, role, location, billing data, support communications, user content, marketplace listings, messages, posts, engagement data, search activity, device data, logs, advertising interactions and AI interaction data.
FinLink does not seek to collect end-client personally identifiable financial data through standard platform features. Users should not upload client account numbers, Social Security numbers, protected health information, non-public personal financial information, material non-public information or other sensitive information unless a specific enterprise workflow expressly authorizes and governs that submission.
Outside of email, standard account information and information a user chooses to provide, FinLink does not intend to collect sensitive personal information. Users control what optional profile, practice and marketplace information they provide.
3. Account, Profile and Registration Data
To create and maintain an account, users may provide name, email address, password or authentication credentials, company, title, phone number, location, profile photo, professional background, networking interests, subscription information and similar data. Premium or enterprise services may require billing, payment, tax, invoice or administrative information.
Profile information helps users be discovered and helps FinLink provide relevant matches and recommendations. Users may choose not to provide optional profile data, but doing so may limit platform functionality, discovery, messaging, matching, recommendations and marketplace participation.
Enterprise and white-label environments may receive user information from the sponsoring organization, including work email, role, firm affiliation, group membership, SSO identifiers, permissions, administrator roles and compliance settings.
4. Practice, Marketplace and Professional Information
Users may provide practice-level and business information such as AUM ranges, revenue ranges, office location, state, geography, staffing needs, services offered, firm type, business model, succession interests, buyer/seller intent, merger intent, continuity planning interests, sunset planning interests, next-generation planning interests, recruiting preferences, job interests, vendor interests and office space information.
This information is used for matchmaking, opportunity recommendations, search, filters, marketplace discovery, AI outputs, analytics, benchmarking, advertising relevance and platform improvement. Users decide what information to provide, but more complete information may improve match quality.
Some practice or marketplace information may be visible to other users, enterprise administrators, white-label administrators, advertisers or visitors depending on feature design, settings and agreements. Users should not submit information they are not authorized to share.
5. Social Network, User Content and Messaging Data
We collect posts, comments, reactions, messages, follows, connections, listing inquiries, responses, files, images, logos, resumes, job postings, directory content, advertising content, feedback and other information submitted through the Services. We also collect interaction metadata such as views, clicks, searches, impressions, response times, message timestamps, listing engagement and connection activity.
FinLink may log, store, monitor, analyze, moderate and archive messages and social interactions for platform operation, compliance support, security, dispute resolution, user reports, abuse prevention, analytics, customer support and enterprise administration.
White-label or enterprise customers may access, review, export or archive communications and user activity as part of compliance oversight or administrative functions, subject to applicable agreements and law.
6. AI, Automated Tools, Calculators and Simulation Data
FinLink may collect data used by AI-enabled tools, including prompts, user inputs, outputs, feedback, ratings, profile attributes, marketplace information, listing data, search activity, engagement signals, usage logs and interaction history.
AI and automated features may power matchmaking, recommended opportunities, suggested users, search ranking, social feed personalization, recruiting compatibility, succession readiness, acquisition readiness, affordability modeling, valuation ranges, merger simulations, benchmarking, summaries, dashboards, business intelligence and support responses.
AI outputs may be inaccurate or incomplete. FinLink may use AI interaction data to monitor performance, improve safety, reduce abuse, improve matching, evaluate quality, test features, develop new functionality and improve user experience, subject to applicable law and enterprise agreements.
7. Cookies, Pixels, Local Storage and Tracking Technologies
FinLink uses cookies, web beacons, pixels, tags, local storage, device identifiers, software development kits and similar technologies to authenticate users, remember preferences, maintain sessions, secure accounts, prevent fraud, measure performance, personalize experiences, test features, provide analytics, measure advertising and support retargeting or attribution.
Cookies may be first-party or third-party. Some are necessary for the Services to function; others support analytics, personalization or advertising. Users may control some cookies through browser settings or platform controls where available, but disabling cookies may affect functionality.
FinLink may not respond to browser Do Not Track signals unless required by law. Where required, FinLink may provide cookie choices or consent mechanisms.
8. How We Use Information
We use information to provide, operate, maintain, secure, personalize and improve the Services; create and manage accounts; process memberships and payments; display profiles and listings; facilitate messaging; operate social feeds; power M&A, succession, recruiting, jobs, office space and directory marketplaces; provide support; send communications; detect abuse; enforce policies; comply with law; and administer enterprise environments.
We use information to provide matchmaking, recommendations, search results, ranking, AI outputs, calculators, simulations, dashboards, analytics, advertising relevance, sponsored content measurement, benchmarking, industry insights, product development, research, fraud prevention, security monitoring and compliance support.
We may use information to contact users about account activity, messages, marketplace opportunities, matches, subscriptions, invoices, renewals, security, support, product updates, surveys, events, webinars, promotions and policy changes.
9. Advertising, Sponsored Content and Measurement
FinLink may use profile, professional, marketplace, usage, search, engagement, cookie, device and advertising interaction data to display, personalize, measure, limit, report on and improve advertisements, sponsored content, promoted listings, directory placements, vendor campaigns and retargeting.
We may provide advertisers with aggregated or campaign-level metrics such as impressions, clicks, leads, categories, general location, engagement, audience segments or conversion events. Sponsored content does not imply endorsement by FinLink.
Certain cookie or advertising technologies may be considered "sharing" or targeted advertising under privacy laws. Users may have rights to opt out where applicable.
10. How We Share Information
We may share information with service providers and subprocessors who help us operate the Services, including hosting, cloud infrastructure, identity, payments, analytics, AI, security, logging, customer support, email delivery, messaging, advertising, archiving, CRM and professional services providers.
We share information with other users as part of normal platform functionality, including profiles, posts, comments, messages, listing inquiries, job applications, office space inquiries, directory pages, marketplace responses, sponsored content and other interactions initiated or authorized by users.
We may share information with enterprise or white-label administrators consistent with enterprise configurations, user roles, compliance features and agreements. We may also disclose information to professional advisers, auditors, insurers, business partners, acquirers, investors or successor entities in connection with corporate transactions.
We may disclose information where required or appropriate for legal, regulatory, law enforcement, safety, security, fraud prevention, dispute resolution or platform integrity purposes.
11. Aggregated, De-Identified and Benchmarking Data
FinLink may create, use and commercialize aggregated, anonymized or de-identified information for benchmarking, analytics, AI training and evaluation, industry intelligence, product development, advertising measurement, enterprise reporting, market research, fraud prevention, security and performance optimization.
Examples include aggregated marketplace activity, response rates, search trends, listing demand, recruiting trends, directory category performance, office space interest, anonymized practice ranges, advertising metrics, AI quality metrics and benchmark outputs.
FinLink will not intentionally use de-identified data to identify a specific individual where prohibited by applicable law, and may require service providers to observe similar restrictions.
12. Enterprise and White-Label Data Practices
Enterprise customers may provide information about users, roles, groups, firm affiliation, permissions, SSO identifiers, compliance settings, private marketplace criteria and administrative configuration. Enterprise administrators may have access to user activity, communications, listings, reports, analytics and exports, depending on agreements and settings.
Enterprise customers are responsible for providing required notices and obtaining necessary rights, consents and authorizations before submitting information to FinLink or enabling users to access an enterprise environment.
Where FinLink acts as a processor or service provider for enterprise customer data, processing may be governed by a DPA or enterprise agreement. Where FinLink determines its own purposes and means for public platform services, FinLink may act as a controller or business responsible for such processing.
13. Data Processing Addendum Summary
A DPA may apply when FinLink processes personal data on behalf of an enterprise customer. The DPA may address processing instructions, confidentiality, subprocessors, security measures, breach notification, assistance with privacy rights, audits, deletion or return of data and international transfers.
Customers are responsible for determining whether a DPA is required and for ensuring instructions are lawful. FinLink may decline instructions that violate law, conflict with platform functionality, create security risk or exceed the applicable scope.
14. User Choices, Settings and Communications Controls
Users may update certain account, profile, notification, privacy, directory and listing settings through the dashboard where available. Users may choose not to provide optional information, though this may limit functionality or match quality.
Users may unsubscribe from certain promotional communications through unsubscribe links or account settings. Transactional, security, billing, legal, support and account-related messages may still be sent where necessary.
Users may request access, correction, deletion or other privacy rights by contacting support@fin.link. FinLink may verify identity and may decline requests where permitted by law.
15. California Privacy Notice (CCPA/CPRA)
California residents may have rights to know/access personal information, request deletion, request correction, opt out of sale or sharing, limit use of sensitive personal information where applicable, and not be discriminated against for exercising rights. Requests may be submitted to support@fin.link.
Categories collected may include identifiers, professional or employment-related information, commercial information, internet or electronic network activity, general location, audio/visual or uploaded content where provided, inferences, account credentials and other information described in this Policy. Sources include users, other users, enterprise customers, service providers, cookies, platform activity and public or professional sources.
FinLink does not intend to sell sensitive personal information. FinLink may use cookies and advertising technologies that could be considered "sharing" for cross-context behavioral advertising under California law. Users may contact FinLink for applicable opt-out requests.
FinLink may retain categories of personal information for the periods described in the Data Retention section, based on business, legal, security, compliance and operational needs.
16. GDPR, UK and EEA Privacy Notice
For users in the EEA, UK or Switzerland, legal bases for processing may include performance of a contract, legitimate interests, consent, compliance with legal obligations, and establishment, exercise or defense of legal claims. Legitimate interests may include operating a professional network, securing the Services, preventing fraud, improving products, providing recommendations, analytics, advertising measurement and business communications.
Subject to applicable law, users may have rights to access, correct, delete, restrict, object, port data, withdraw consent and lodge a complaint with a supervisory authority. Requests may be submitted to support@fin.link. FinLink may need to verify identity and may decline requests where permitted by law.
Where consent is used, users may withdraw consent at any time, but withdrawal does not affect prior processing. Where processing is based on legitimate interests, users may object, and FinLink will assess the request under applicable law.
17. Security, SOC 2-Aligned Safeguards and Incident Response
FinLink maintains commercially reasonable administrative, technical and organizational safeguards designed to protect information. Safeguards may include encryption in transit and at rest, access controls, authentication, monitoring, logging, vulnerability management, vendor review, backup, secure cloud infrastructure, incident response processes and SOC 2-aligned practices.
No system is completely secure. Users are responsible for safeguarding credentials, limiting access by their personnel, configuring enterprise controls appropriately and notifying FinLink of suspected unauthorized access.
If FinLink determines that a security incident triggers legally required notice obligations, FinLink will provide notices consistent with applicable law and contractual obligations.
18. Data Retention
FinLink retains information for as long as reasonably necessary to provide Services, maintain accounts, comply with legal obligations, support enterprise archiving, resolve disputes, enforce agreements, prevent fraud, maintain security, improve the platform, support backups, preserve business records and satisfy regulatory or contractual obligations.
Retention periods may vary by data type, user role, enterprise configuration, legal requirement, regulatory need, backup cycle, dispute status and operational purpose. Deletion requests may not result in immediate deletion from backups, archives, legal holds, compliance records, enterprise records or aggregated/de-identified datasets.
FinLink may retain limited records after account closure for audit, billing, security, fraud prevention, dispute, enforcement, tax, legal, compliance and legitimate business purposes.
19. International Transfers
FinLink may process and store information in the United States and other jurisdictions where FinLink or its service providers operate. Privacy laws in those jurisdictions may differ from laws in your jurisdiction.
Where required, FinLink may rely on contractual safeguards, adequacy decisions, standard contractual clauses or other lawful transfer mechanisms.
20. Children and Sensitive Information
FinLink is intended for business and professional users and is not directed to children under 18. FinLink does not knowingly collect personal information from children under 13. If you believe a child has provided information, contact support@fin.link.
Users should not post or upload sensitive personal information, client confidential information, regulated non-public information, health information, precise geolocation, government identifiers or other sensitive information unless expressly authorized and governed by an applicable enterprise workflow.
21. Legal, Regulatory and Law Enforcement Disclosures
FinLink may preserve or disclose information where required or appropriate to comply with law, subpoenas, court orders, regulatory requests, FINRA, SEC, state securities or insurance regulators, law enforcement, enterprise compliance obligations, dispute resolution, safety, fraud prevention, security, rights enforcement or platform integrity.
FinLink may preserve records in response to legal holds, investigations, litigation, suspected fraud, user complaints, compliance reviews or requests from regulators or self-regulatory organizations.
22. Business Transfers
Information may be disclosed or transferred as part of a merger, acquisition, financing, diligence process, reorganization, bankruptcy, sale of assets, corporate transaction or change of control. The receiving party may continue to process information consistent with this Policy unless otherwise required by law.
23. Changes to this Privacy Policy
FinLink may update this Privacy Policy from time to time. If changes are material, FinLink may provide notice through the Services, by email, by website posting or by other reasonable means. Continued use after the effective date means the updated Policy applies.
Users should review this Policy periodically. If a user objects to changes, the user may stop using the Services and close the account, subject to retention and legal obligations.
24. Contact Information
Privacy requests, rights requests, cookie inquiries, data protection inquiries and questions about this Policy may be sent to support@fin.link. Mail may be sent to Succession Link, LLC d/b/a FinLink, 350 Lincoln Ave, 2nd Floor, Miami Beach, FL 33139. FinLink may update contact information or request procedures through the website or account dashboard.
Appendix A: Incorporated Privacy Supplements
A1. Cookie Policy
FinLink uses necessary, performance, functional, analytics and advertising cookies. These technologies support authentication, preferences, security, measurement, personalization, ad attribution and fraud prevention. Users may control cookies through browser settings, but disabling them may limit the Services.
A2. AI Transparency Disclosure
AI features may use user-provided information, profile information, marketplace data, engagement signals, search activity and model outputs to personalize and recommend opportunities. Outputs may be inaccurate and should not be treated as professional advice.
A3. Advertising and Analytics Disclosure
FinLink may personalize, measure and report on ads using professional categories, marketplace interests, cookies and engagement data. Advertisers may receive aggregated campaign metrics, not unrestricted access to user accounts.
A4. Communications Monitoring and Archiving Disclosure
FinLink may log, archive, monitor, analyze and disclose communications for operations, safety, compliance, enterprise administration, legal process and support. Users should avoid transmitting confidential client information through standard messaging tools.
A5. Enterprise DPA Summary
Enterprise customers may require a DPA for processor/service-provider processing. A DPA should address instructions, confidentiality, subprocessors, security, audits, breach notice, deletion/return, rights requests and international transfers.