Recognition of a CRC Customer’s/Client’s Expectation of Privacy
CRC recognizes and respects the privacy expectations of its customers/clients and will take the steps necessary to protect the privacy of personally identifiable information (“PII”) collected via this Site. Specifically, PII refers to any information that uniquely identifies or can be used to uniquely identify, contact, or locate the person to whom such information pertains. PII does not include information that is collected anonymously. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of PII about you which we have grouped together as follows:
- Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
- Contact Data includes billing address, delivery address, email address and telephone numbers.
- Financial Data includes bank account and payment card details.
- Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
- Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
- Usage Data includes information about how you use our website, products and services.
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We do not collect any special categories of PII about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
Please note that where we need to collect PII by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
Collection and Use of PII
CRC may collect, use and retain certain PII that you provide via this Site, and when you sign up for any CRC products or services, including conferences/seminars, webinars, or any other events hosted by CRC (collectively “events”), whether conducted in person, electronically or via conference telephone. PII may also be obtained via automated technologies or interactions or via third parties or publicly available sources. As stated above, such PII may include, without limitation, your name, your e-mail address, your company name, your title, your telephone number, and your physical address. Your credit card information may also be collected via this Site, including your credit card number, the credit card expiration date, the amount charged, and the conference or seminar that you are registering for. In all such cases, you choose whether to provide us with this PII.
In terms of using your PII, we will most commonly use your PII where we need to perform a contract we will enter into or have entered into with you, where it is necessary for our legitimate interests and fundamental rights do not override those interests, or where we need to comply with a legal obligation. In this context, Legitimate interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your PII for our legitimate interests. We do not use your PII for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
We may also use any PII you provide to us via this Site to respond to any inquiries, feedback or requests submitted by you via this Site and to communicate with you in connection with our provision and offering of CRC products and services requested by you, including, without limitation, seminars and/or events registered by you. Your failure to provide us with the requested PII may result in our inability to respond to any such inquiries, feedback or requests and to communicate with you in connection with our provision and offering of products and services. We may use the anonymous information that we collect to improve the design and content of our Site and to enable us to personalize your Internet experience. We also may use this information in the aggregate to analyze this Site’s usage.
We may disclose your PII in response to legal process – for example, in response to a court order or a subpoena. We also may disclose PII in response to a law enforcement agency’s request, or where we believe it is necessary to protect the confidentiality and security of our records pertaining to you, to limit our legal liability or to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person or as otherwise required or permitted by law.
This Site is operated in the United States, in the State of Ohio. If you are located in the European Economic Area (EEA), Canada or elsewhere outside of the United States, please be aware that any information that you provide to us will be collected within the United States. By using our Site, participating in any of our services, purchasing any of our products, and/or registering for any of our seminars, events, and/or providing us with your PII, you consent to this transfer. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data to the United States.
If you unsure about the lawful ground for the processing of your PII, or are unsure about any of the above, please contact us if you need to know further details.
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We may use your PII to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.
You will receive marketing communications from us if you have requested information from us or purchased goods or services from us and you have not opted out of receiving that marketing. We will get your express opt-in consent before we share your PII with any third party for marketing purposes.
We will only retain your PII for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your PII for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for PII, we consider the amount, nature and sensitivity of the PII, the potential risk of harm from unauthorized use or disclosure of your PII, the purposes for which we process your PII and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
Information from Other Sources
We might receive PII about you from other sources. Any information received from other sources will be used and retained per the above statements.
Electronic (Cookies) and Non-PII Information Collected via this Site
Links to Third-Party Websites
Our Site may include links to other websites. If so, except to the extent that such third parties represent an affiliate and/or agent of ours and are using information provided by us solely to perform their duties and functions for us, we do not provide any PII to these third-party websites.
Your use of CRC’s “login” features, i.e., any features for which login is required (all of the foregoing, collectively, “Login-Enabled Features”) is pursuant to and governed by the terms and conditions of the applicable agreement(s) by and between you and CRC. You represent and warrant that you have all right, title and interest in and to any information, whether anonymous or PII, that you provide via the Login-Enabled Features. You agree to indemnify and hold harmless CRC, its affiliates and subsidiaries, if applicable, and its or their respective officers, directors, employees and agents, and each of them, against any loss, cost, damage, claim, expense or liability arising out of, as a result of, or in connection with your use or misuse of the Login-Enabled Features and/or any use by CRC of the information you provide via the Login-Enabled Features.
CRC’s Research, Warranty Disclaimers, and Limitation of Liability
Please be advised that you and/or your organization, if applicable, may not use CRC research or materials as a source for further publication. CRC’s research information is highly confidential and may not be further disseminated. By registering for CRC conference, seminars and/or events, and/or by purchasing or subscribing to CRC materials, you acknowledge that CRC’s research and materials are highly confidential, proprietary to CRC, and, in some cases, CRC’s protectable trade secrets – and that you will not republish such information.
YOU ACKNOWLEDGE THAT ANY MATERIALS, SERVICES, CONFERENCES, EVENTS, AND/OR SEMINARS PROTECTED BY CRC ARE PROVIDED “AS IS” AND WITHOUT WARRANTY OF ANY KIND. CRC EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. CRC DOES NOT WARRANT OR MAKE ANY REPRESENTATIONS REGARDING THE USE OR THE RESULTS OF THE USE OF CRC’S MATERIALS OR INFORMATION LEARNED IN CRC CONFERENCES, SEMINARS AND/OR EVENTS. YOU ACKNOWLEDGE THAT ANY USE OF CRC’S PRODUCTS OR INFORMATION LEARNED IN CRC CONFERENCES, SEMINARS AND/OR EVENTS IS AT YOUR OWN RISK. CRC SHALL NOT BE LIABILE TO YOU OR YOUR ORGANIZATION, IF APPLICABLE, FOR ANY SPECIAL, EXEMPLARY, INDIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGES OR LOST PROFITS, LOST FUNDING, LOST SAVINGS, OR FOR CLAIMS OF A THIRD PARTY, ARISING OUT OF YOUR USE OF CRC MATERIALS AND/OR ARISING OUT OF YOUR ATTENDANCE AT CRC CONFERENCES, SEMINARS AND/OR EVENTS.
This Site is not directed at children and we do not knowingly collect any PII from children under sixteen (16) years of age. If you are under sixteen (16) years of age, do not send any information about yourself to us. If we discover that a child under the age of sixteen (16) years has provided us with PII, we will use commercially reasonable efforts to delete that child’s PII from our system.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Limited Access to Information
CRC limits employee access to PII to those with a business reason to access such information. CRC educates these relevant employees so that they will understand the importance of confidentiality and privacy. Through this statement, CRC also speaks to all employees as to the safeguarding of collected PII. We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
While we work to protect the security of your information by using a reasonable encryption technology that encrypts information you input, as well as physical, electronic, and managerial procedures as required by law and as we deem reasonable to safeguard and help to prevent unauthorized access, maintain data security, and correctly use the information we collect online, we cannot guarantee the security of any information that is disclosed by you via the Site. As a result, we make no warranty regarding the security of any information you transmit to us via this Site and you do so at your own risk. In addition, it is important for you to also protect against unauthorized access to your computer. Be sure to sign off when using a shared computer.
Notice and Revisions
Assignability; Governing Law