CRG Global, Inc. logo

Privacy Statement

Last updated: December 1st, 2019

This Privacy Policy describes how CRG Global, Inc. (CRG) collects, uses and discloses information, and what choices you have with respect to the information. It describes how we collect, use and disclose your personal information and how this personal information can be consulted and corrected when necessary. This policy also explains how cookies are used on our Website.

When we refer to “CRG”, we mean the CRG Global, Inc. and its divisions that act as the controller or processor of your information, as explained in more detail in the “Identifying the Data Controller and Processor” section below.

Table of Contents:

Applicability of this Privacy Policy

Information We Collect and Receive

How We Use Information

Data Retention

How We Share and Disclose Information

Security

Age Limitations

Changes to this Privacy Policy

International Data Transfers: Privacy Shield and Contractual Terms

Data Protection Officer

Identifying the Data Controller and Processor

Your Rights

Data Protection Authority

Contacting CRG

Applicability Of This Privacy Policy

This Privacy Policy applies to CRG’s websites, surveys, and software, mobile applications, (collectively, the “Services”), crgglobalinc.com, cssdatatelligence.com, eci-research.com, datatelligence.net, crgtestamerica.com, testamericaonline.com, qualtopics.com and other CRG websites (collectively, the “Websites”) and other interactions (e.g., customer service inquiries, user conferences, etc.) you may have with CRG or its divisions. If you do not agree with the terms, do not access or use the Services, Websites or any other aspect of CRG’s business.

This Privacy Policy does not extend to websites operated by third parties. CRG is therefore not liable for their privacy policies, procedures and practices.

Information We Collect And Receive

CRG may collect and receive Customer Data and other information and data (“Other Information”) in a variety of ways:

Respondent Data.

Respondents, individuals who participate in surveys, participate voluntarily in research conducted by CRG. Any time you participate, either as a survey respondent or in our online panel, and whenever you interact with CRG, whether in person, by telephone, mail or electronically, you can be assured that your individual responses will be securely stored, kept confidential and that your personal identifying information will never be released without your express permission. You are free to choose whether or not to participate in a survey and are free to discontinue participation at any time.

We will generally collect your personal information directly from you in the course of you participating in our research and/or surveys. However, we may also from time to time be provided with personal information about you from third parties, such as clients which may provide us with a list of potential participants for the research.

Other Information.

CRG also collects, generates and/or receives Other Information:

  • Account Information. To create an account for our online panel and/or Survey Passport platform, you supply CRG with an email address, phone number, password and/or similar account details.
  • Log data. As with most websites and technology services delivered over the Internet, our servers automatically collect information when you access or use our Websites or Services and record it in log files. This log data may include the Internet Protocol (IP) address, the address of the web page visited before using the Website or Services, browser type and settings, the date and time the Services were used, information about browser configuration and plugins, language preferences and cookie data.
  • Device information. CRG collects information about devices accessing the Services, including type of device, what operating system is used, device settings, application IDs, unique device identifiers and crash data. Whether we collect some or all of this Other Information often depends on the specific Service and type of device used and its settings.
  • Location information. We receive information from you that helps us approximate your location. We may, for example, use a business address submitted by you, or an IP address received from your browser or device to determine approximate location. CRG may also collect location information from devices in accordance with the consent process provided by your device.
  • Cookie Information. CRG uses cookies and similar technologies in our Websites and Services that help us collect Other Information. The Websites and Services may also include cookies and similar tracking technologies of third parties, which may collect Other Information about you via the Websites and Services and across other websites and online services. For more details about how we use these technologies, please see our Cookie Policy.
  • Contact Information. In accordance with the consent process provided by you or your device, any contact information that a Respondent chooses to provide is collected for the purposes described and for no other purposes unless specifically requested at the time consent is provided.
  • Third Party Data. CRG may receive data about organizations, industries, Website visitors, marketing campaigns and other matters related to our business from affiliates and subsidiaries, our partners or others that we use to make our own information better or more useful. This data may be combined with Other Information we collect and might include aggregate level data, such as which IP addresses correspond to zip codes or countries. Or it might be more specific: for example, how well an online marketing or email campaign performed.
  • Additional Information Provided to CRG. We receive Other Information when submitted to our Websites or if you participate in a focus group, contest, activity or event, apply for a job, request support, interact with our social media accounts or otherwise communicate with CRG.

Generally, no one is under a statutory or contractual obligation to provide any Customer Data or Other Information (collectively, “Information”). However, certain Information is collected automatically and, if some Information, such as account details and in some cases contact information, is not provided, we may be unable to provide the Services.

How We Use Information

Respondent Data will be used by CRG for market research purposes and as required by applicable law. Your personal identifying information will never be sold to anyone. We will only use and disclose your personal information for the purpose of conducting our research and in accordance with this Privacy Policy. We will not use or disclose your personally identifiable information for the purpose of advertising, promotions or direct marketing activities. If you have agreed to participate in our research, we will only re-contact you if you were previously informed of this ahead of time or we have valid reasons to believe a genuine research concern warrants such re-contact.

We will not disclose any personal information or personally identifiable research information to a third party for a purpose other than conducting our research unless we have your express prior consent and will only report the information you provide in an aggregate form that will not personally identify you.

We may employ third party companies to facilitate specific services, such as for delivery of our mailings. These third party service providers may have limited access to your information only to perform these services on our behalf and are contractually bound to CRG Global, Inc. not to disclose or use it for any other purposes and must comply with this Policy.

CRG Global, Inc. may disclose personal information when required by law or in the good-faith belief that such action is necessary to conform to the edicts of the law or to comply with a legal process served on our website.

CRG uses Other Information in furtherance of our legitimate interests in operating our Services, Websites and business. More specifically, CRG uses Other Information:

  • To provide, update, maintain and protect our Services, Websites and business. This includes use of Other Information to support delivery of the Services under a Customer Agreement, prevent or address service errors, security or technical issues, analyze and monitor usage, trends and other activities or at an Authorized User’s request.
  • As required by applicable law, legal process or regulation.
  • To communicate with you by responding to your requests, comments, questions, and as defined in each study you participate in as a respondent. If you contact us, we may use your Other Information to respond.
  • To send emails, notifications and other communications. We may send you service, technical and other administrative emails, messages and other types of communications. We may also contact you to inform you about changes in our Services, our Services offerings, and important Services-related notices, such as security and fraud notices. These communications are considered part of the Services and you may not opt out of them. In addition, we sometimes send communications about new product survey opportunities, promotional communications or other news about CRG. These are marketing messages so you can control whether you receive them.
  • For account management and other administrative matters. CRG may need to contact you for account management and similar reasons and we use account data to administer said accounts.
  • To investigate and help prevent security issues and abuse.

If Information is aggregated or de-identified so it is no longer reasonably associated with an identified or identifiable natural person, CRG may use it for any business purpose. To the extent Information is associated with an identified or identifiable natural person and is protected as personal data under applicable data protection law, it is referred to in this Privacy Policy as “Personal Data.”

Data Retention

CRG Global, Inc. will retain your personal information only for so long as required to fulfil the need for which it was collected, unless a longer retention period is required by law. We will destroy or de-identify your personal information as soon as possible once it is no longer needed for our research purposes. However, we may in certain circumstances be required by law to retain your personal information after our research has been completed. In this case your personal information will continue to be protected in accordance with this Policy. If we destroy personal information we will do so by taking reasonable steps and using up-to-date techniques and processes.

How We Share And Disclose Information

This section describes how CRG may share and disclose Information. Customers determine their own policies and practices for the sharing and disclosure of Information, and CRG does not control how they or any other third parties choose to share or disclose Information.

  • Corporate Affiliates. CRG may share Other Information with its corporate affiliates, and/or subsidiaries.
  • Contractors and service providers. CRG may share Other Information with contractors and service providers. For example, we may share information to ship research product to your home or to validate survey responses.
  • Aggregated or De-identified Data. We may disclose or use aggregated or de-identified Other Information for any purpose. For example, we may share aggregated or de-identified Other Information with prospects or partners for business or research purposes.
  • To Comply with Laws. If we receive a request for information, we may disclose Other Information if we reasonably believe disclosure is in accordance with or required by any applicable law, regulation or legal process. Please see the Data Request Policy to understand how CRG responds to requests to disclose data from government agencies and other sources.
  • To enforce our rights, prevent fraud, and for safety. To protect and defend the rights, property or safety of CRG or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud or security issues.
  • With Consent. CRG may share Other Information with third parties when we have consent to do so.

Security

CRG takes security of data very seriously. CRG works hard to protect Other Information you provide from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the Other Information we collect, process and store, and the current state of technology.

CRG has technical and administrative measures in place to protect the data in our control. These measures include, among other things, such measures as; limiting who within CRG are allowed to have access to data, using technology measures like firewalls, encryption, malware protection, and intrusion detection, and holding our employees accountable for maintaining safe data-handling practices.

Age Limitations

To the extent prohibited by applicable law, CRG does not allow use of our Services and Websites by anyone younger than 13 years old nor do we collect demographic or personal information from individuals who are under 13 years of age, without proper permission from a parent or legal guardian of this individual.

Changes To This Privacy Policy

CRG may change this Privacy Policy from time to time. Laws, regulations and industry standards evolve, which may make those changes necessary, or we may make changes to our business. We will post the changes to this page and encourage you to review our Privacy Policy to stay informed. If you disagree with the changes to this Privacy Policy, you should deactivate your Services account or contact us to request the removal of Personal Data under our control.

International Data Transfers: Privacy Shield And Contractual Terms

CRG may transfer your Personal Data to countries other than the one in which you live. We deploy the following safeguards if CRG transfers Personal Data originating from the European Union or Switzerland to other countries not deemed adequate under applicable data protection law:

  • U.-U.S. Privacy Shield and Swiss-U.S. Privacy Shield. To comply with European Union and Swiss data protection laws, CRG Global, Inc. (“CRG US”) self-certified under the E.U.-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield. These frameworks were developed to enable companies to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States. For more information, including the types of Information covered, see CRG US’s Privacy Shield Notice. To learn more about the Privacy Shield Program, please see http://www.privacyshield.gov/welcome.
  • European Union Model Clauses. CRG offers European Union Model Clauses, also known as Standard Contractual Clauses, to meet the adequacy and security requirements for our Respondents that reside in the European Union, and other international transfers of Respondent Data.

Data Protection Officer

To communicate with our Data Protection Officer, please email dpo@crgglobalinc.com.

Identifying The Data Controller And Processor

Data protection law in certain jurisdictions differentiates between the “controller” and “processor” of information. In general, CRG is both the processor of Respondent Data and the controller of Other Information. Different CRG entities provide the Services in different parts of the world.

Your Rights

Individuals located in certain countries, including the European Economic Area, have certain statutory rights in relation to their personal data. Subject to any exemptions provided by law, you may have the right to request access to Information, as well as to seek to update, delete or correct this Information.

To the extent that CRG’s processing of your Personal Data is subject to the General Data Protection Regulation, CRG relies on its legitimate interests, described above, to process your data. CRG may also process Other Information that constitutes your Personal Data for direct marketing purposes and you have a right to object to CRG’s use of your Personal Data for this purpose at any time.

Data Protection Authority

Subject to applicable law, you also have the right to (i) restrict CRG’s use of Other Information that constitutes your Personal Data and (ii) lodge a complaint with your local data protection authority. If you are a resident of the European Economic Area and believe we maintain your Personal Data within the scope of the General Data Protection Regulation (GDPR), you may direct questions or complaints to our Data Protection Officer.

Contacting CRG

Please feel free to contact CRG if you have any questions about this Privacy Policy or CRG’s practices, or if you are seeking to exercise any of your statutory rights. You may contact us at feedback@crgglobalinc.com or by calling us on our tollfree number at (800) 831-1718 or by sending us mail at the below address:

CRG Global, Inc.
Attn: Privacy Policy Agent
3 Signal Ave
Ormond Beach, FL 32174 USA