What information we collect and why we collect it
How we use and share that information
The choices we offer, including how to access and update information
Irrespective of which country you live in, you authorize us to transfer, store, and use your information in the United States and Canada, unless otherwise agreed upon between CRS and your school, business or employer. The privacy and data protection laws and rules regarding when government authorities may access data may vary from those in the country where you live. Learn more about our data transfer operations in the “International Transfer” section below. If you do not agree to the transfer, storage and use of your information in the countries where we operate, please do not use the Sites.
We collect information, including personal data, to provide better services to all our Users. We use the term “Personal Data” to refer to any information that identifies or can be used to identify you. Common examples of personal data include: first and last name, address, email address, business email address, organization name, phone, digital identity such as a login name or handle, information about your device, and certain metadata.
“Sensitive Personal Data” refers to a smaller subset of personal data which is considered more sensitive to the individual, such as race and ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic or biometric information, physical or mental health information, medical insurance data, or sexual orientation. Also included in this subset is background location. This information is collected only when an alert is raised by your device and is shared only with the users allowed to see that alert. You can choose to share this information when installing the application but please be aware that your location will not be shared when an alert is raised unless your choose to share your location data. Other than location data CRS does not collect or use and other Sensitive Personal Data through these Sites and asks that you do not provide Sensitive Personal Data to us other that background location.
When registering for our Services, you may choose to provide us with personal data such as your name, phone number, email address, address, and medical or household information. When using our Services, you may provide us with information sent between you and individuals authorized to administer our services. This information may include location and address information you elect to share with the Services. You may also provide us with Personal Data about yourself when your report a problem or have a question about our Sites or services. Please note that if you do not provide us with Personal Data, your ability to use certain aspects of our products and services may be limited.
We collect certain information automatically, such as your operating system version, browser type, and internet service provider. When you use our Sites, we automatically collect and store this information in service logs. This includes: details of how you used our Sites; Internet protocol address; and cookies that uniquely identify your browser. We may also collect and process information about your actual location. The information we collect automatically is statistical data and may or may not include Personal Data, but we may maintain it or associate it with Personal Data we collect in other ways or receive from third parties.
Others buying our services for your use, such as your employer or your school, have the option to provide us with personal data and your eligibility to use the Services they purchased. The information provided by your employer or school may include your name, phone number, email address and address.
We use your personal data in ways that are compatible with the purposes for which it was collected or authorized by you, including for the following purposes:
To inform you about services available from CRS
To authorize access to our Sites and Services
To provide you with Services
To improve our customer service
To respond to and support customers regarding their use of the Sites and Services
To comply with all applicable legal requirements
We use the information we collect from our Sites to provide, maintain, and improve them, to develop new services, and to protect our Company and our customers.
We may use information collected from cookies and other technologies, to improve your user experience and the overall quality of our services. For example, by saving your language preferences, we’ll be able to have our services appear in the language you prefer. We may use your personal information to see which web pages you visit at our Sites and we may then develop statistics that help us understand how our visitors use our Sites and how to improve them. We may also use the information we obtain about you in other ways for which we provide specific notice at the time of collection.
Whenever we collect Personal Data from you, we may do so on the following legal grounds:
Your consent to such collection and use
Out of necessity for the performance of an agreement between us and you, such as your agreement to use our services and products
Our legitimate business interest, including but not limited to the following circumstances where collecting or using Personal Data is necessary to effectuate: i) Intra-company transfers for client data for administrative purposes; ii) Product development and enhancement, where the processing enables CRS to enhance, modify, personalize, or otherwise improve our services and communications for the benefit of our customers, and to better understand how people interact with our Sites; iii) Fraud detection and prevention; iv) Enhancement of our cybersecurity, including improving the security of our network and information systems; and v) General business operations and diligence
Provided that, in each circumstance, we will weigh the necessity of our processing for the purpose against your privacy and confidentiality interests, including taking into account your reasonable expectations, the impact of processing, and any safeguards which are or could be put in place. In all circumstances, we will limit such processing for our legitimate business interest to what is necessary for its purposes.
Your provision of Personal Data is required in order to use certain parts of our Sites and services. If you fail to provide such Personal Data, you may not be able to access and use our services on our Sites or parts of our services available via the Sites.
We may retain your Personal Data for a period of time consistent with the original purpose for collection. For example, we keep your Personal Data for no longer than reasonably necessary for your use of our products and services and for a reasonable period of time afterward. We also may retain your Personal Data during the period of time needed for us to pursue our legitimate business interests, conduct audits, comply with our legal obligations, resolve disputes, maintain security, prevent fraud and abuse, and enforce our agreements.
Whenever you use our services, we seek to provide you with choices about how we use your personal data. We also seek to provide you with access to your Personal Data. If that information is wrong, we strive to give you ways to update it quickly or to delete it – unless we have to keep that information for legitimate business or legal purposes. Subject to applicable law, you may obtain a copy of personal information we maintain about you or you may update or correct inaccuracies in that information through your Profile or Account, or by contacting us at email@example.com. To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to the information. In addition, if you believe that personal information we maintain about you is inaccurate, subject to applicable law, you may have the right to request that we correct or amend the information by contacting us as indicated in the How to Contact Us section below.
Some data protection laws, including the European Union’s General Data Protection Regulation (“GDPR”), provide you with certain rights in connection with Personal Data you have shared with us. If you are resident in the European Economic Area, you may have the following rights:
The right of access: You have the right to request a copy of your Personal Data which we hold about you.
The right of correction: You have the right to request correction or changes of your Personal Data if it is found to be inaccurate or out of date.
The right to be forgotten: You have the right to request us, at any time, to delete your Personal Data from our servers and to erase your Personal Data when it is no longer necessary for us to retain such data. Note, however, that deletion of your Personal Data will likely impact your ability to use our services.
The right to object (opt-out): You have the right to opt-out of certain uses of your Personal Data, such as direct marketing, at any time.
The right to data portability: You have the right to a “portable” copy of your Personal Data that you have submitted to us. Generally, this means your right to request that we move, copy or transmit your Personal Data stored on our servers / IT environment to another service provider’s servers / IT environment.
The right to refuse to be subjected to automated decision making, including profiling: You have the right not to be subject to a decision and insist on human intervention if the decision is based on automated processing and produces a legal effect or a similarly significant effect on you.
The right to lodge a complaint with a supervisory authority: You may contact us using the contact information below, and we will consider your request in accordance with applicable laws.
You may update your information stored on the Sites at any time, as applicable to your Sites and Services:
Where you have been given access to the Sites and Services, you may update your information in the "My Profile", and/or "My Account" areas.
Where your organization, school or employer provides your information on your behalf, you must contact the organization, school or employer to access this information or request changes to your information.
You may also update or correct information about yourself by emailing us at firstname.lastname@example.org. We may retain an archived copy of your records as required by law, to comply with our legal obligations, to resolve disputes, to enforce our agreements or for other legitimate business purposes.
We may contact you to request that you update your Personal Data on a regular basis to ensure its integrity for the purposes of ongoing data management.
We currently provide the following opt-out opportunities:
At any time, you can follow a link provided in offers, newsletters or other messages ( except for ecommerce confirmation or service notice emails) received from us to unsubscribe from the service.
Where you have been given access to the Sites and Services, you may update your subscription settings in your account.
Where your organization may provide your information on your behalf, you must contact the organization to access this information or request changes to your information.
We are committed to complying with applicable laws, regulations and mandatory government standards regarding the protection of Personal Data.
CRS maintains administrative, technical and physical safeguards designed to protect the User's Personal Data and information against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, taking into account technological reality, cost, the scope, context and purposes of processing weighted against the severity and likelihood that the processing could threaten individual rights and freedoms. For example, we use commercially reasonable security measures such as encryption, firewalls, and transport layer security (TLS) or hypertext transfer protocol secure (HTTPS) to protect Personal Data.
If CRS collects account information for payment or credit, CRS will use the information only to complete the task for which the account information was offered.
We do not intentionally collect any information about children under the age of 13 unless and until a legal guardian or authority has provided consent and authorization for a child under the age of 13 to use the Sites or services and for us to collect information from such child. If you believe that we might have inadvertently collected personal information from a child under age 13 without proper consent, please contact us at email@example.com. If we learn that we have inadvertently collected the personal information of a child under 13, or equivalent minimum age depending on jurisdiction, without proper consent, we will take steps to delete the information as soon as possible.
CRS does not track its customers over time and across third party websites to provide targeted advertising and therefore does not respond to Do Not Track (DNT) signals. However, some third-party sites do keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you. If you are visiting such sites, your browser may include controls to block and delete cookies, web beacons and similar technologies, to allow you to opt out of data collection through those technologies.
California residents are entitled under the California Consumer Privacy Act to contact us for various purposes, including to request information about whether we have disclosed personal information to third parties for their direct marketing purposes. We do not disclose personal information to third parties for their direct marketing purposes. California residents have the right to be informed as to what personal information about them we may have, how we collected and may use that information and how to have it corrected or deleted, and may request further information about our compliance with this law by contacting us by one of the means listed in the “How to Contact Us” section below.