Effective Date: 25th May, 2018
Crimson Interactive Inc. (hereafter CII) along with its group companies, including without limitation to, Enago, Ulatus, Voxtab, and Enago Academy (collectively “CII”, “we”, “our”, “ours”, “us”), is a company federally incorporated in the US. The services provided by CII (hereafter Services) require your personal information for providing you the services we offer. This Privacy Notice gives you details of the information CII collects when you visit our websites or use our services and how we collect it. It also explains how we use your data.
We take your privacy very seriously. This Privacy Notice sets out your rights and answers any queries you may have about your personal data. If you need more information, please contact us at firstname.lastname@example.org.
If you have entered into a contract with us, we will be the controller of your data as stated in the contract.
Our personal information handling policy and procedures have been developed in line with the requirements of the 1995 European Union Data Protection Directive (Directive 95/46/EC) and the General Data Protection Regulation (in force from 25 May 2018) and the applicable national law.
WHAT INFORMATION DO WE COLLECT?
We collect and process personal data about you when you interact with us and our products and when you purchase services from us. The personal data we process includes the following.
Information collected from you
- Contact information, such as name, e-mail address, mailing address, geographic location, and other demographic information
- Billing information, such as credit card number, bank account number, and billing address
- Unique identifiers, such as username, account number or password
- Information shared through surveys and polls conducted by CII
- Media files or documents
- Correspondence between you and CII
- Information you choose to make available to us as part of your CII user profile
- Information of referrals, such as referral’s name and e-mail address
- Information you choose to make available to us at CII-organized events, such as webinars and workshops
- Testimonials which may contain your Personal Data, such as name and photograph, where you have given consent
We will use Personal Data, including without limitation, to
- Deliver the Services, product, or information requested by you
- Send you communication from the Services, where you have given consent
- Assess your service-related requirements to determine or suggest suitable Services
- Send you requested information about the Services
- Respond to customer service requests, questions, complaints, and concerns
- Administer your Account
- Conduct scientific research and statistical analysis
- Send you promotional and marketing communications, where you have given consent. You can stop receiving our promotional emails by following the Unsubscribe instructions included in every email we send.
- Verify your identity when required.
Information collected automatically (hereafter Usage Data)
- Electronic identification data, such as IP address, cookies, device model
- Browsing activity, such as your visit(s) to our websites, your operating system, browser type, internet service provider (ISP)
- Analytics data, such as clicks and scrolls, referring and exit pages, and information on how you interacted with our websites.
We will use Usage Data, including without limitation, to
- Assess needs and/or suggest suitable Service(s)
- Send you information you request about the Service(s)
- Administer the website(s), application(s), and/or Services
- Authenticate users for security purposes
- Improve, enhance, support and operate the websites
- Compile statistical reports and record insights into usage patterns
- Develop new products and services
- Conduct scientific research and statistical analysis
Information from our public blogs and newsletters (also Usage Data)
When you visit our publicly accessible blogs or subscribe to our newsletters, we may collect the following information.
- Contact information, such as name, e-mail address, or phone number
- When you actively subscribe to our newsletters, we collect your e-mail address to share our newsletters with you.
We will use such Usage Data, including without limitation, to
- Send you promotional and marketing communications, where you have given consent.
- Respond to your questions and concerns
- Send you notifications of new content
Information from CII Careers (also Usage Data)
When you apply for employment at CII by filling out a job application form, we may collect the following information.
- Contact information, such as name, email address, mailing address, phone number, links to your social networking profiles
- Any other information contained in the resume that you submit to us
We will use such data to
- Evaluate you for the position you have applied for
- Respond to your questions and concerns
WHAT INFORMATION DO WE COLLECT?
We do not sell, rent to, or share your Personal Data obtained through the channels mentioned in WHAT INFORMATION DO WE COLLECT? with other companies or organizations for commercial purposes. Your Personal Data may be shared in the following cases or when we have your explicit consent
- To comply with applicable law and regulation;
- To protect CII’s business interests and legal rights, including but not limited to, use in connection with legal claims, compliance, regulatory and investigative purposes;
- To comply with governance and quality standards;
- With your express consent, to respond to any comments or complaints we may receive from you and/or to investigate any complaints received from you or from others about our websites, products, or services;
- To personalise (i) our communications to you; (ii) our websites; and (iii) products or services for you;
- To monitor use of our websites and online services, we may use your information to help us check, improve, and protect our products, content, services, and websites, both online and offline;
- If you provide a credit or debit card, we may also use third parties (such as POS payment providers) to check the validity of the sort code, account number, and card number you submit in order to prevent fraud, in accordance with our legitimate interests and those of third parties;
- We may monitor any customer account to prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime, in accordance with applicable law and our legitimate interests;
- In circumstances where you contact us by telephone, calls may be recorded for quality, training, and security purposes;
- We may use your information to invite you to take part in market research or surveys;
- We may communicate with any person you have referred to us, where we will request their explicit consent;
- We may also send you direct marketing in relation to relevant products and services. Electronic direct marketing will only be sent where you have given your consent to receive it, or (where this is allowed) you have been given an opportunity to opt-out. You will continue to be able to opt-out of electronic direct marketing at any time by following the instructions in the relevant communication.
WITH WHOM WILL WE SHARE YOUR PERSONAL DATA?
We may share your personal data with our group companies to process it for the purposes of inter-group administration and to deliver products or services.
We may also share your personal data with the third parties mentioned below:
- Our professional advisors such as our auditors and external legal and financial advisors;
- Marketing and communications agencies where they have agreed to process your personal data in line with this Privacy Notice;
- Market research companies;
- Our suppliers, business partners and sub-contractors; and/or
- Search engine and web analytics.
Personal data may be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if needed for the legal protection of our legitimate interests in compliance with applicable laws.
Personal data may also be shared with third party service providers who will process it on behalf of CII for the purposes mentioned above. Such third parties include, but are not limited to, providers of website hosting, maintenance, call centre operations, and identity checking.
If our business or any part of it is sold or merged with another business, your details will be disclosed to our advisers and those of any prospective purchaser and will be passed to the new owners of the business.
FOR HOW LONG WILL WE KEEP YOUR PERSONAL DATA?
We will keep your personal information for longer than is reasonably necessary and will only retain necessary personal information. This is because by law, your personal information is needed to meet regulatory requirements, resolve disputes, prevent fraud and abuse, and/or enforce our terms and conditions.
Where you are a customer, we will keep your personal information for the duration of any contractual relationship you have with us and after that for as long as is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions.
Where you are a prospective customer and you have expressly consented to us contacting you, we will only retain your data (a) until you unsubscribe from our communications; or (b) if you have not unsubscribed.
If you have contacted our customer service team, we will retain those details for as long as is reasonably necessary to resolve your query.
WHERE DO WE STORE YOUR DATA?
The personal data that we collect from you may be transferred to and stored in a CII-owned server and a third-party server It may also be processed by staff operating outside the above locations, who work for us or for one of our suppliers, in which case, the third country's data protection laws will have been approved as adequate by the European Commission or other applicable safeguards are in place. You can get further information by emailing us at email@example.com.
WHAT ARE YOUR RIGHTS IN RELATION TO YOUR PERSONAL DATA?
- You have the right to ask us not to process your personal data for marketing purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data, clicking the unsubscribe button on any communication we have sent to you, or by contacting us.
- Where you have consented to us using your personal data, you can withdraw that consent at any time.
- If the information we hold about you is inaccurate or incomplete, you can notify us and ask us to correct or supplement it.
- You also have the right, with some exceptions and qualifications, to ask us to provide a copy of any personal data we hold about you.
- Where you have provided your data to us and it is processed by automated means, you can request that we provide it to you in a structured, machine-readable format.
- If you have a complaint about how we have handled your personal data, you can ask us to restrict how we use your personal data while your complaint is resolved.
- In some circumstances, you can ask us to erase your personal data (a) by withdrawing your consent for us to use it; (b) if it is no longer necessary for us to use your personal data; (c) if you object to the use of your personal data and we don't have a good reason to continue to use it; or (d) if we haven't handled your personal data in accordance with our obligations.
We take the security of your information very seriously. We have been very careful in developing processes and employing technology to protect against any current and future security threats in these areas.
CII is committed to protecting the security of your information and adopts reasonable standard, industry-wide practices for protecting your information. However, no internet data transmission is 100% secure, and hence we cannot ensure that the information you transmit to us won't be intercepted over the internet. We recommend that you practice online security measures such as having strong passwords and not disclosing your password to anyone.
If CII learns of a security system breach, we may attempt to notify you and provide information on protective steps, if available, through the email address that you have provided to us or by posting a notice on the Site.
We use 128-bit Public/Private key encryption for data and files transfers and hold high-assurance SSL Certificates—a worldwide accepted security certificate and the highest measure to prevent threats and plagiarism.
Confidentiality refers to limiting information access and disclosure to authorized users and preventing access by or disclosure to unauthorized ones.
Data confidentiality covers data in storage, during processing, and in transit. CII guarantees that your data will not be accessed or disclosed to unauthorized individuals, entities, or processes and will be protected from intentional or accidental attempts to perform unauthorized data reads.
Physical Access Control
Access control is determined by the software, hardware and liveware (humans) that enforce it. CII has a system of controls that limit access to the organizations’ resources.
Also critical to confidentiality are protections against malicious software (malware), spyware, spam, and phishing attacks. CII servers are protected behind a firewall to prevent users from accessing them other than by specifically allowed protocols and methods. CII also maintains a detection method which picks up suspicious activity that may signal an intrusion and tracks each transaction by the user login details and provides a timestamp for each event.
ISO/IEC 27001:2013 INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS)
CII is an ISO/IEC 27001:2013-certified organization committed to adhering to the highest standards of information security, client confidentiality, and trust. To learn more about the ISO/IEC 27001:2013, visit https://www.iso.org.
CHILDREN'S PERSONAL DATA
CII does not knowingly collect any Personal Data from children under the age of 18. If you are under the age of 18, please do not submit any Personal Data through our websites or services. We encourage parents and legal guardians to monitor their children’s internet usage and to help enforce this notice by instructing their children never to provide Personal Data through our services or websites without their permission. If you have reason to believe that a child under the age of 18 has provided Personal Data to us through our websites or services, please contact us at firstname.lastname@example.org, and we will delete that information and terminate the child's account from our databases.
WHERE CAN I FIND MORE INFORMATION ABOUT CII HANDLING MY DATA?
Should you have any queries regarding this Privacy Notice about CII’s processing of your personal data or wish to exercise your rights, you can contact CII’s Privacy Team at email@example.com.