Privacy policy

  1. CRCC Asia Privacy Policy

CRCC Asia Limited and its wholly owned subsidiaries (“CRCC”) are committed to ensuring the privacy of confidential information, accuracy of personal data, and compliance with international, federal, and state laws and regulations concerning the use of personal information.  Other than as required or permitted by law, Personal Data or Personally Identifiable Information (“PII”) is not shared.  In particular, and regardless of how the information was collected, CRCC does not sell PII and it does not re-distribute PII for any non-CRCC purpose.  The instances in which CRCC will share PII with third parties are described below.

  1. People from whom CRCC Collects PII

The majority of PII comes from CRCC program participants (and members of their families), employees and suppliers, alumni, friends, and people who apply to be program participants or employees.

  1. What PII do we Collect from Participants and Applicants?

Prior to participating on one of our programs, we collect information from you when you complete our online form.

When submitting your application or registering on our website, as appropriate, you may be asked to enter your: name, e-mail address, nationality, phone number, or university. You may, however, visit our website anonymously.

Once you have paid a deposit or have been confirmed as a participant on one of our programs, we collect additional information from you when you complete our online Essential Information Form.  When submitting this Form, you may be asked to enter: mailing address, gender, passport information, personality evaluation, emergency contact information. You may also (but are not required to) enter the following sensitive PII into the Essential Information Form: medical conditions, allergies, dietary requirements, racial or ethnic origin, religious or other beliefs.

We may also process financial information when you make a payment to CRCC, although as explained below, we do not retain this PII once the transaction has been completed.

  1. Lawful Bases for Processing and Use of Collected Information

PII collected from program participants or program applicants is processed where necessary to perform our contract with an individuals, to take steps necessary for entering into a contract for an individual, or for CRCC’s legitimate interests.  The ways in which CRCC uses your PII in accordance with these legal bases include: (a) to register or enroll persons in CRCC programs, (b) to provide and administer housing to program participants, (c) assist our staff with host company placements, management and communications relating to health, safety and security issues, and visa processing, (d) to manage participant accounts, (e) to provide program advising, develop and deliver internship and other education programs, (f) to track participant progress, analyze and improve CRCC programs, recruitment, and retention, and (g) for regulatory reporting, legal compliance, auditing, and other related CRCC processes and functions.

CRCC also uses PII to conduct general demographic and statistical research to improve CRCC programs, to identify appropriate support services or activities, provide reasonable accommodations, and enforce CRCC policies.  CRCC collects and processes PII from individuals who are employees or applicants for employment for the purpose of administering various employment benefits and functions.  CRCC also collects and processes PII from alumni, parents, and friends of CRCC.  As set out below, PII may be shared by CRCC with third parties who have entered into contracts to perform functions on behalf of CRCC, but only when the third parties agree to protect PII and prevent unauthorized disclosure.

The email address you provide may be used to send you information (including information about third-party promotions that we believe would be of interest to you), respond to inquiries, and/or other requests or questions.

CRCC only processes sensitive PII on the basis of explicit consent or in order to safeguard its participants’ vital interests.

  1. Use of Cookies

Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the sites or service provider’s systems to recognize your browser and capture and remember certain information.

We use cookies to compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

The table below explains the cookies we use and why:

Cookie Name Purpose More Details
Google Analytics _utma

_utmb

_utmc

_utmz

These cookies are used to collect information about how visitors use our site.  We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. Click here for an overview of privacy at Google
  1. Third Party Use of Personal Information

CRCC may disclose PII and other information as follows:

  • Consent: We may disclose information if we have an individual’s consent to do so.
  • Emergency Circumstances: We may share information when necessary to protect your health and safety interests, including informing your parent or guardian if you are involved in an incident, even if an individual is physically or legally incapable of providing consent.
  • Employment: We may share information when necessary for administering employment or social security benefits in accordance with applicable law, subject to the imposition of appropriate safeguards to prevent unauthorized disclosure.
  • Public Information: We may share information if the information already has been made public.
  • Archiving: We may share information for archival purposes in the public interest, and for historical research and statistical purposes.
  • Performance of a Contract: We may share information when necessary to comply with a contractual obligation.
  • Legal Obligation: We may share information when the disclosure is required or permitted by international, federal, or state laws and regulations. CRCC will comply with lawfully issued subpoenas.
  • Service Providers: We use third parties who have entered into a contract with CRCC to support the administration of CRCC operations.  In such cases, we share information with such third parties subject to the imposition of appropriate safeguards to prevent unauthorized disclosure.
  • University Partners:If an individual is a student at one of CRCC’s partner universities, CRCC may need to share information with the university in order to comply with our contract with them.  In such cases, we share information with such partners subject to the imposition of appropriate safeguards to prevent unauthorized disclosure.
  • De-Identified and Aggregate Information: We may use and disclose information in de-identified or aggregate form without limitation.

 

  1. Children’s Online Privacy Protection Act Compliance

CRCC complies with the requirements of the COPPA (Children’s Online Privacy Protection Act).  We do not collect any information from anyone under 13 years of age.  Our website, products and services are all directed to people who are at least 13 years old or older.

  1. Notification of Changes

The CRCC Privacy Policy is reviewed periodically and may be modified at the discretion of CRCC.  Changes to the privacy policy will be incorporated and posted on CRCC’s web site.  Information will be handled according to the privacy policy in effect at the time the information is used.

  1. Security

CRCC will implement appropriate technical and organizational security measures to protect PII collected by CRCC, regardless of the method of collection.

We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information.

We offer the use of a secure server.  All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our payment gateway provider’s database only to be accessible by those authorized with special access rights to such systems, and a requirement to keep the information confidential.

After a financial transaction, your private information (credit cards, social security numbers, financials, etc.) will not be stored on our servers.

  1. Contacting Us

If you have any questions or comments about this Privacy Policy, would like to exercise your rights or would like us to update information we have about you or your preferences, you may contact us at: [email protected]

 

 

EUROPEAN UNION PRIVACY NOTICE

  1. GDPR

The purpose of the General Data Protection Regulation (“GDPR”) is to protect all European Union (“EU”) citizens from privacy and data breaches by allowing citizens to maintain control of the personal information retained and processed by organizations, which includes CRCC.  The GDPR also protects the personal information of individuals, regardless of citizenry, conducting business in the EU.

CRCC is committed to safeguarding the privacy of personal information.  The privacy policy above outlines the collection, use, and disclosure of personal information provided to CRCC by CRCC program participants and applicants, staff, alumni, other members of the CRCC community, and third parties.  When information is submitted to CRCC, or you use CRCC’s websites and services, you consent to the collection, use, and disclosure of that information as described in this policy.

CRCC will not share personal information with any third party for the purpose of direct marketing without your consent.

  1. Access to Your Own Information

You have the right to request access to, a copy of, modification, restriction in the use of, or erasure of your information in accordance with all applicable laws.  The erasure of your information shall be subject to applicable retention periods of international, federal, and state laws.  If you have provided consent to the use of your information, you have the right to withdraw consent without affecting the lawfulness of CRCC’s use of the information prior to receipt of your request.

Information created in the European Union may be transferred to CRCC entities located outside the European Union.  All CRCC entities located outside the European Union have signed specific approved contracts that give your personal data the same protection it has in the European Union.  We may also make occasional transfers of your personal data to service providers located outside the European Union where necessary in order to perform our contract with you.  If you believe CRCC has not complied with applicable foreign laws regulating such information, you have the right to file a complaint with the appropriate supervisory authority in the European Union.

  1. Retention and Destruction of Your Information

Your information will be retained by CRCC in accordance with applicable retention periods of international, federal and state laws.  Your information will be destroyed upon your request unless applicable law requires destruction after the expiration of an applicable retention period, or CRCC operations necessitate its retention.  The manner of destruction shall be appropriate to preserve and ensure the confidentiality of your information given the level of sensitivity, value and criticality to CRCC.


GET STARTED