1. Overview
Oppenheimer & Co. Inc. is committed to protecting the confidentiality, integrity, and availability of information. This Privacy Policy outlines what information we may collect, how it is used, and the safeguards we apply to protect it.
This policy applies to visitors of our website and individuals who contact us through available channels. It is designed to reflect an institutional, security-first approach aligned with industry expectations and professional standards.
2. Information We Collect
We collect only the information that is necessary to operate our website, respond to inquiries, and maintain security. Depending on your interaction with our site, this may include:
- Contact details you provide voluntarily (such as name, email address, company name, and message content).
- Technical and usage data (such as browser type, device information, pages visited, and approximate location derived from IP).
- Security and log data used to prevent abuse, detect suspicious activity, and maintain service stability.
- Cookie and preference data where applicable (see our Cookies Policy for details).
We do not intentionally collect sensitive categories of personal data through this website. If you choose to send such information, it will be handled with heightened care and limited access.
3. How We Use Information
Information is processed for legitimate, professional purposes. Typical uses include:
- Responding to your inquiry and maintaining relevant correspondence.
- Providing requested information about our services and capabilities.
- Operating, maintaining, and improving website functionality and performance.
- Protecting our systems, users, and business against fraud, abuse, and unauthorized access.
- Meeting internal governance requirements and maintaining an auditable security posture.
We do not sell personal information. We do not use your information for automated decision-making that produces legal or similarly significant effects.
4. Legal Basis for Processing
Where applicable, we rely on one or more of the following lawful bases:
- Legitimate interests (e.g., security, fraud prevention, and responding to business inquiries).
- Consent (e.g., where you voluntarily submit information or accept optional cookies).
- Performance of steps requested by you prior to entering into a potential engagement.
- Compliance with legal obligations where required.
We apply data minimization and purpose limitation principles to ensure that processing remains appropriate and proportionate.
5. Sharing of Information
We may share information only when necessary and under appropriate safeguards, including:
- Service providers supporting hosting, security monitoring, and technical operations (under confidentiality obligations).
- Professional advisors when required for legitimate business purposes (e.g., legal or compliance support).
- Regulatory, legal, or law-enforcement authorities where disclosure is required by applicable law.
- In connection with corporate transactions, subject to strict confidentiality and security controls.
We do not disclose personal information for marketing by third parties. Access is restricted on a need-to-know basis and governed by contractual controls where applicable.
6. Data Retention
We retain information only for as long as necessary for the purposes described in this policy, including security, operational, and governance requirements.
Retention periods vary based on context. When information is no longer required, it is deleted or anonymized in accordance with internal procedures.
7. Security Measures
We implement layered technical and organizational controls to protect information, including:
- Access controls and role-based restrictions.
- Secure hosting, monitoring, and logging to detect anomalies and prevent abuse.
- Operational discipline, confidentiality standards, and controlled internal handling.
No security measure is absolute; however, we maintain a security-first posture and continuously review controls to meet institutional expectations.
8. Your Rights
Depending on applicable law and jurisdiction, you may have rights regarding your personal information, including:
- Access to the information we hold about you.
- Correction of inaccurate or incomplete information.
- Requesting deletion where legally permitted.
- Restriction or objection to certain processing activities.
- Withdrawal of consent where processing is based on consent.
To exercise rights, please contact us. We may request reasonable verification to protect against unauthorized requests.
9. Contact
For questions about this Privacy Policy or our handling of information, please contact us using the address below. We respond with discretion and appropriate prioritization.
We may update this policy periodically to reflect operational changes, security practices, or legal requirements. The most current version will be published on this page.