Last updated: 9th Dec 2019
Crimson Interactive Inc. (hereafter CII) along with its group companies, including without limitation to, Enago, Ulatus, Voxtab, and Enago Academy (collectively “CII”, “we”, “our”, “ours”, “us”), is a company federally incorporated in the US. The services provided by CII (hereafter Services) require your personal information for providing you the services we offer. This Privacy Notice gives you details of the information CII collects when you visit our websites or use our services and how we collect it. It also explains how we use your data.
We take your privacy very seriously. This Privacy Notice sets out your rights and answers any queries you may have about your personal data. If you need more information, please contact us at firstname.lastname@example.org.
If you have entered into a contract with us, we will be the controller of your data as stated in the contract.
Our personal information handling policy and procedures have been developed in line with the requirements of the 1995 European Union Data Protection Directive (Directive 95/46/EC) and the General Data Protection Regulation (in force from 25 May 2018) and the applicable national law.
WHAT INFORMATION DO WE COLLECT?
We collect and process personal data about you when you interact with us and our products and when you purchase services from us. The personal data we process includes the following.
Information collected from you
- Contact information, such as name, e-mail address, and other demographic information
- Billing information, such as credit card number, bank account number, and billing address
- Unique identifiers, such as username, account number or password
- Information shared through surveys and polls conducted by CII
- Media files or documents
- Correspondence between you and CII
- Information you choose to make available to us as part of your CII user profile
- Information of referrals, such as referral’s name and e-mail address
- Information you choose to make available to us at CII-organized events, such as webinars and workshops
- Testimonials which may contain your Personal Data, such as name and photograph, where you have given consent
We will use Personal Data, including without limitation, to
- Deliver the Services, product, or information requested by you
- Send you communication from the Services, where you have given consent
- Assess your service-related requirements to determine or suggest suitable Services
- Send you requested information about the Services
- Respond to customer service requests, questions, complaints, and concerns
- Administer your Account
- Conduct scientific research and statistical analysis
- Send you promotional and marketing communications, where you have given consent. You can stop receiving our promotional emails by following the Unsubscribe instructions included in every email we send.
- Verify your identity when required.
Information collected automatically (hereafter Usage Data)
- Electronic identification data, such as IP address, cookies, device model
- Browsing activity, such as your visit(s) to our websites, your operating system, browser type, internet service provider (ISP)
- Analytics data, such as clicks and scrolls, referring and exit pages, and information on how you interacted with our websites.
We will use Usage Data, including without limitation, to
- Assess needs and/or suggest suitable Service(s)
- Send you information you request about the Service(s)
- Administer the website(s), application(s), and/or Services
- Authenticate users for security purposes
- Improve, enhance, support and operate the websites
- Compile statistical reports and record insights into usage patterns
- Develop new products and services
- Conduct scientific research and statistical analysis
HOW DO WE USE THIS INFORMATION?
We do not sell, rent to, or share your Personal Data obtained through the channels mentioned in WHAT INFORMATION DO WE COLLECT? with other companies or organizations for commercial purposes. Your Personal Data may be shared in the following cases or when we have your explicit consent.
- To comply with applicable law and regulation;
- To protect CII’s business interests and legal rights, including but not limited to, use in connection with legal claims, compliance, regulatory and investigative purposes;
- To comply with governance and quality standards;
- With your express consent, to respond to any comments or complaints we may receive from you and/or to investigate any complaints received from you or from others about our websites, products, or services;
- To personalise (i) our communications to you; (ii) our websites; and (iii) products or services for you;
- To monitor use of our websites and online services, we may use your information to help us check, improve, and protect our products, content, services, and websites, both online and offline;
- If you provide a credit or debit card, we may also use third parties (such as POS payment providers) to check the validity of the sort code, account number, and card number you submit in order to prevent fraud, in accordance with our legitimate interests and those of third parties;
- We may monitor any customer account to prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime, in accordance with applicable law and our legitimate interests;
- In circumstances where you contact us by telephone, calls may be recorded for quality, training, and security purposes;
- We may use your information to invite you to take part in market research or surveys;
- We may communicate with any person you have referred to us, where we will request their explicit consent;
- We may also send you direct marketing in relation to relevant products and services. Electronic direct marketing will only be sent where you have given your consent to receive it, or (where this is allowed) you have been given an opportunity to opt-out. You will continue to be able to opt-out of electronic direct marketing at any time by following the instructions in the relevant communication.
WITH WHOM WILL WE SHARE YOUR PERSONAL DATA?
We may share your personal data with our group companies to process it for the purposes of inter-group administration and to deliver products or services.
We may also share your personal data with the third parties mentioned below:
- Our professional advisors such as our auditors and external legal and financial advisors;
- Marketing and communications agencies where they have agreed to process your personal data in line with this Privacy Notice;
- Market research companies;
- Our suppliers, business partners and sub-contractors; and/or
- Search engine and web analytics.
Personal data may be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if needed for the legal protection of our legitimate interests in compliance with applicable laws.
Personal data may also be shared with third party service providers who will process it on behalf of CII for the purposes mentioned above. Such third parties include, but are not limited to, providers of website hosting, maintenance, call centre operations, and identity checking.
If our business or any part of it is sold or merged with another business, your details will be disclosed to our advisers and those of any prospective purchaser and will be passed to the new owners of the business.
FOR HOW LONG WILL YOU KEEP MY PERSONAL DATA?
We will keep your personal information for no longer than is reasonably necessary and will only retain necessary personal information. This is because by law, your personal information is needed to meet regulatory requirements, resolve disputes, prevent fraud and abuse, and/or enforce our terms and conditions.
Where you are a customer, we will keep your personal information for the duration of any contractual relationship you have with us and after that for as long as is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions.
Where you are a prospective customer and you have expressly consented to us contacting you, we will only retain your data (a) until you unsubscribe from our communications; or (b) if you have not unsubscribed.
If you have contacted our customer service team, we will retain those details for as long as is reasonably necessary to resolve your query.
WHERE IS MY DATA STORED?
The personal data that we collect from you may be transferred to and stored in a CII-owned server in India and a third-party server in Singapore. It may also be processed by staff operating outside the above locations, who work for us or for one of our suppliers, in which case, the third country’s data protection laws will have been approved as adequate by the European Commission or other applicable safeguards are in place. You can get further information by emailing us at email@example.com.
WHAT ARE MY RIGHTS IN RELATION TO MY PERSONAL DATA?
- You have the right to ask us not to process your personal data for marketing purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data, clicking the unsubscribe button on any communication we have sent to you, or by contacting us.
- Where you have consented to us using your personal data, you can withdraw that consent at any time.
- If the information we hold about you is inaccurate or incomplete, you can notify us and ask us to correct or supplement it.
- You also have the right, with some exceptions and qualifications, to ask us to provide a copy of any personal data we hold about you.
- Where you have provided your data to us and it is processed by automated means, you can request that we provide it to you in a structured, machine-readable format.
- If you have a complaint about how we have handled your personal data, you can ask us to restrict how we use your personal data while your complaint is resolved.
- In some circumstances, you can ask us to erase your personal data (a) by withdrawing your consent for us to use it; (b) if it is no longer necessary for us to use your personal data; (c) if you object to the use of your personal data and we don’t have a good reason to continue to use it; or (d) if we haven’t handled your personal data in accordance with our obligations.
We take the security of your information very seriously. We have been very careful in developing processes and employing technology to protect against any current and future security threats in these areas.
CII is committed to protecting the security of your information and adopts reasonable standard, industry-wide practices for protecting your information. However, no internet data transmission is 100% secure, and hence we cannot ensure that the information you transmit to us won’t be intercepted over the internet. We recommend that you practice online security measures such as having strong passwords and not disclosing your password to anyone.
If CII learns of a security system breach, we may attempt to notify you and provide information on protective steps, if available, through the email address that you have provided to us or by posting a notice on the Site.
We use 128-bit Public/Private key encryption for data and files transfers and hold high-assurance SSL Certificates—a worldwide accepted security certificate and the highest measure to prevent threats and plagiarism.
Confidentiality refers to limiting information access and disclosure to authorized users and preventing access by or disclosure to unauthorized ones.
Data confidentiality covers data in storage, during processing, and in transit. CII guarantees that your data will not be accessed or disclosed to unauthorized individuals, entities, or processes and will be protected from intentional or accidental attempts to perform unauthorized data reads.
Physical Access Control
Access control is determined by the software, hardware and liveware (humans) that enforce it. CII has a system of controls that limit access to the organizations’ resources.
Also critical to confidentiality are protections against malicious software (malware), spyware, spam, and phishing attacks. CII servers are protected behind a firewall to prevent users from accessing them other than by specifically allowed protocols and methods. CII also maintains a detection method which picks up suspicious activity that may signal an intrusion and tracks each transaction by the user login details and provides a timestamp for each event.
ISO/IEC 27001:2013 INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS)
CII is an ISO/IEC 27001:2013-certified organization committed to adhering to the highest standards of information security, client confidentiality, and trust. To learn more about the ISO/IEC 27001:2013, visit https://www.iso.org.
CHILDREN’S PERSONAL DATA
CII does not knowingly collect any Personal Data from children under the age of 18. If you are under the age of 18, please do not submit any Personal Data through our websites or services. We encourage parents and legal guardians to monitor their children’s internet usage and to help enforce this notice by instructing their children never to provide Personal Data through our services or websites without their permission. If you have reason to believe that a child under the age of 18 has provided Personal Data to us through our websites or services, please contact us at firstname.lastname@example.org, and we will delete that information and terminate the child’s account from our databases.
What are cookies?
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
Types of cookies CII uses
The cookies used on CII websites have been categorized based on the categories found in the ICC UK Cookie guide. Here are the main types of cookies we use and why we use them:
- Strictly Necessary Cookies
These cookies are essential in order to enable you to move around our websites and use their features, such as accessing secure areas of our websites. Without these cookies, services you have asked for, like e-billing, cannot be provided.
- Performance Cookies
These cookies collect information about how you use our websites. For instance, they tell us which pages you visit most often and if you receive any error messages from our web pages. These cookies do not identify you. All information they collect is aggregated and therefore anonymous. We use these cookies to measure and analyze how our customers use our websites and to improve their functionality and the user experience.
- Functionality Cookies
These cookies allow our websites to remember choices you make (such as your user name, language, or the region you are in) and provide enhanced, more personalized features. These cookies can also be used to remember changes you have made to customizable parts of our websites including text size and font. The information these cookies collect may be anonymized and they cannot track your browsing activity on other websites.
- Targeting or Advertising Cookies
These cookies are used to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as to help measure the effectiveness of the advertising campaign. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website and this information is shared with other organizations such as advertisers. Quite often targeting or advertising cookies will be linked to site functionality provided by the other organization.
CII websites are designed to function optimally with cookies enabled. You can, however, disable cookies via your website browser settings. This may mean, however, that you may no longer have access to some of our website features. Please note that even with all cookies disabled, a tiny amount of information will continue to be retrieved from your web browser. This information is necessary for the basic functioning of our website.
- Entire Agreement/No Waiver
- Correction of Errors and Inaccuracies
The content may contain typographical errors or other errors or inaccuracies and may not be complete or current. We reserve the right to correct any errors, inaccuracies or omissions and to change or update the content at any time without prior notice. We do not, however, guarantee that any errors, inaccuracies or omissions will be corrected.
WHERE CAN I FIND MORE INFORMATION ABOUT CII HANDLING MY DATA?
Should you have any queries regarding this Privacy Notice about CII’s processing of your personal data or wish to exercise your rights, you can contact CII’s Privacy Team at email@example.com.
Crimson Interactive Inc.
1732, 1st Ave #22627,
New York, 10128