Last updated: December 1st, 2019
When we refer to “CRG”, we mean the CRG Global, Inc. and its divisions that act as the controller or processor of your information, as explained in more detail in the “Identifying the Data Controller and Processor” section below.
Table of Contents:
Information We Collect and Receive
How We Use Information
How We Share and Disclose Information
International Data Transfers: Privacy Shield and Contractual Terms
Data Protection Officer
Identifying the Data Controller and Processor
Data Protection Authority
CRG may collect and receive Customer Data and other information and data (“Other Information”) in a variety of ways:
Respondents, individuals who participate in surveys, participate voluntarily in research conducted by CRG. Any time you participate, either as a survey respondent or in our online panel, and whenever you interact with CRG, whether in person, by telephone, mail or electronically, you can be assured that your individual responses will be securely stored, kept confidential and that your personal identifying information will never be released without your express permission. You are free to choose whether or not to participate in a survey and are free to discontinue participation at any time.
We will generally collect your personal information directly from you in the course of you participating in our research and/or surveys. However, we may also from time to time be provided with personal information about you from third parties, such as clients which may provide us with a list of potential participants for the research.
CRG also collects, generates and/or receives Other Information:
Generally, no one is under a statutory or contractual obligation to provide any Customer Data or Other Information (collectively, “Information”). However, certain Information is collected automatically and, if some Information, such as account details and in some cases contact information, is not provided, we may be unable to provide the Services.
We will not disclose any personal information or personally identifiable research information to a third party for a purpose other than conducting our research unless we have your express prior consent and will only report the information you provide in an aggregate form that will not personally identify you.
We may employ third party companies to facilitate specific services, such as for delivery of our mailings. These third party service providers may have limited access to your information only to perform these services on our behalf and are contractually bound to CRG Global, Inc. not to disclose or use it for any other purposes and must comply with this Policy.
CRG Global, Inc. may disclose personal information when required by law or in the good-faith belief that such action is necessary to conform to the edicts of the law or to comply with a legal process served on our website.
CRG uses Other Information in furtherance of our legitimate interests in operating our Services, Websites and business. More specifically, CRG uses Other Information:
CRG Global, Inc. will retain your personal information only for so long as required to fulfil the need for which it was collected, unless a longer retention period is required by law. We will destroy or de-identify your personal information as soon as possible once it is no longer needed for our research purposes. However, we may in certain circumstances be required by law to retain your personal information after our research has been completed. In this case your personal information will continue to be protected in accordance with this Policy. If we destroy personal information we will do so by taking reasonable steps and using up-to-date techniques and processes.
This section describes how CRG may share and disclose Information. Customers determine their own policies and practices for the sharing and disclosure of Information, and CRG does not control how they or any other third parties choose to share or disclose Information.
CRG takes security of data very seriously. CRG works hard to protect Other Information you provide from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the Other Information we collect, process and store, and the current state of technology.
CRG has technical and administrative measures in place to protect the data in our control. These measures include, among other things, such measures as; limiting who within CRG are allowed to have access to data, using technology measures like firewalls, encryption, malware protection, and intrusion detection, and holding our employees accountable for maintaining safe data-handling practices.
To the extent prohibited by applicable law, CRG does not allow use of our Services and Websites by anyone younger than 13 years old nor do we collect demographic or personal information from individuals who are under 13 years of age, without proper permission from a parent or legal guardian of this individual.
CRG may transfer your Personal Data to countries other than the one in which you live. We deploy the following safeguards if CRG transfers Personal Data originating from the European Union or Switzerland to other countries not deemed adequate under applicable data protection law:
To communicate with our Data Protection Officer, please email firstname.lastname@example.org.
Data protection law in certain jurisdictions differentiates between the “controller” and “processor” of information. In general, CRG is both the processor of Respondent Data and the controller of Other Information. Different CRG entities provide the Services in different parts of the world.
Individuals located in certain countries, including the European Economic Area, have certain statutory rights in relation to their personal data. Subject to any exemptions provided by law, you may have the right to request access to Information, as well as to seek to update, delete or correct this Information.
To the extent that CRG’s processing of your Personal Data is subject to the General Data Protection Regulation, CRG relies on its legitimate interests, described above, to process your data. CRG may also process Other Information that constitutes your Personal Data for direct marketing purposes and you have a right to object to CRG’s use of your Personal Data for this purpose at any time.
Subject to applicable law, you also have the right to (i) restrict CRG’s use of Other Information that constitutes your Personal Data and (ii) lodge a complaint with your local data protection authority. If you are a resident of the European Economic Area and believe we maintain your Personal Data within the scope of the General Data Protection Regulation (GDPR), you may direct questions or complaints to our Data Protection Officer.
CRG Global, Inc.
3 Signal Ave
Ormond Beach, FL 32174 USA