Privacy Policy

Cleveland Research Company Privacy Policy

This Cleveland Research Company Privacy Policy (“Privacy Policy”) was updated on and is effective as of January 1, 2024. We keep our privacy policy under regular review. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

This Privacy Policy governs Cleveland Research Company’s (hereafter referred to as “our”, “we”, “CRC” or “us”) practices with respect to your use of this website operated by CRC (this “Site”) Certain laws, specifically the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”) requires us to tell you how we collect, process, share and protect any personal information provided to us via this Site by whatever means. CRC is the controller and processor and we are responsible for your personal data. Please read this Privacy Policy carefully to understand what we do. By visiting and using this Site, you indicate that you have read, agree to and accept the practices described in this Privacy Policy. This Privacy Policy is limited to how we collect, share and protect any personal information provided to us via this Site and does not apply to information that is collected through offline means (i.e., other than via this Site, the Internet, or other interactive media).

As set out in more detail below, this website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

Recognition of a CRC Customer’s/Client’s Expectation of Privacy

CRC recognizes and respects the privacy expectations of its customers/clients and will take the steps necessary to protect the privacy of personally identifiable information (“PII”) collected via this Site. Specifically, PII refers to any information that uniquely identifies or can be used to uniquely identify, contact, or locate the person to whom such information pertains (PII does not include information that is collected anonymously. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of PII about you which we have grouped together as follows:

  • Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender
  • Contact Data includes billing address, delivery address, email address and telephone numbers.
  • Financial Data includes bank account and payment card details.
  • Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
  • Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
  • Usage Data includes information about how you use our website, products and services.
  • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your PII but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your PII so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

We do not collect any special categories of PII about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

Please note that where we need to collect PII by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

Collection and Use of PII

CRC may collect, use and retain certain PII that you provide via this Site, and when you sign up for any CRC products or services, including conferences/seminars, webinars, or any other events hosted by CRC (collectively “events”), whether conducted in person, electronically or via conference telephone. PII may also be obtained via automated technologies or interactions or via third parties or publicly available sources. As stated above, such PII may include, without limitation, your name, your e-mail address, your company name, your title, your telephone number, and your physical address. Your credit card information may also be collected via this Site, including your credit card number, the credit card expiration date, the amount charged, and the conference or seminar that you are registering for. In all such cases, you choose whether to provide us with this PII.

We will not share the PII you have provided via this Site with any non-affiliated third parties, except for (1) legal compliance purposes; (2) purposes as stated in the “Assignability” section below; (3) to notify you about new CRC products, services, seminars, conferences and events; or (4) if you give us your consent. We may share PII and anonymous information with entities that perform functions on our behalf (such as credit card companies or shipping companies that may deliver any of our products to you). These third parties may have access to the information you have provided via this Site, including any PII, only to the extent it is necessary to perform their duties and functions, and subject to this Privacy Policy. We require all third parties to respect the security of your PII and to treat it in accordance with the law. We do not allow our third-party service providers to use your PII for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

In terms of using your PII, we will most commonly use your PII where we need to perform a contract we will enter into or have entered into with you, where it is necessary for our legitimate interests and fundamental rights do not override those interests, or where we need to comply with a legal obligation. In this context, Legitimate interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your PII for our legitimate interests. We do not use your PII for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

We may also use any PII you provide to us via this Site to respond to any inquiries, feedback or requests submitted by you via this Site and to communicate with you in connection with our provision and offering of CRC products and services requested by you, including, without limitation, seminars and/or events registered by you. Your failure to provide us with the requested PII may result in our inability to respond to any such inquiries, feedback or requests and to communicate with you in connection with our provision and offering of products and services. We may use the anonymous information that we collect to improve the design and content of our Site and to enable us to personalize your Internet experience. We also may use this information in the aggregate to analyze this Site’s usage.

We may disclose your PII in response to legal process – for example, in response to a court order or a subpoena. We also may disclose PII in response to a law enforcement agency’s request, or where we believe it is necessary to protect the confidentiality and security of our records pertaining to you, to limit our legal liability or to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person or as otherwise required or permitted by law. This Site is operated in the United States, in the State of Ohio. If you are located in the European Economic Area (EEA), Canada or elsewhere outside of the United States, please be aware that any information that you provide to us will be collected within the United States. By using our Site, participating in any of our services, purchasing any of our products, and/or registering for any of our seminars, events, and/or providing us with your PII, you consent to this transfer. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data to the United States.

If you unsure about the lawful ground for the processing of your PII, or are unsure about any of the above, please contact us if you need to know further details.

Marketing

We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We may use your PII to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.

You will receive marketing communications from us if you have requested information from us or purchased goods or services from us and you have not opted out of receiving that marketing. We will get your express opt-in consent before we share your PII with any third party for marketing purposes.

Data Retention

We will only retain your PII for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your PII for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for PII, we consider the amount, nature and sensitivity of the PII, the potential risk of harm from unauthorized use or disclosure of your PII, the purposes for which we process your PII and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

Information from Other Sources

We might receive PII about you from other sources. Any information received from other sources will be used and retained per the above statements.

Electronic (Cookies) and Non-PII Information Collected via this Site

We may collect certain information when you visit this Site, such as the type of browser you are using (e.g., Internet Explorer, Firefox, Google Chrome), the type of operating system you are using (e.g., Windows or Mac OS), and the domain name or IP address of your Internet service provider (e.g., AT&T, Time Warner) and your IP address. One manner of collecting such information is through cookies, which are small bits of data cached or stored on your computer based on Internet activity. The cookies used by our Site do not contain any of your PII but may include your IP address, user language, the operating system, browser type, the presence/absence of “flash” plug-ins, your screen resolution, connection type and information that identifies the cookie. You may configure your browser to reject cookies but, if you do so, you may not be able to use the full functionality of this Site. We may use cookies, GIFs and similar technology to enhance your experience on this Site, monitor individual activity in the aggregate to improve this Site, and provide a better web experience for the viewing public in general.

Links to Third-Party Websites

Our Site may include links to other websites. If so, except to the extent that such third parties represent an affiliate and/or agent of ours and are using information provided by us solely to perform their duties and functions for us, we do not provide any PII to these third-party websites.

Such third-party websites sometimes use technology to send their websites (whose links may appear on our Site) directly to your browser. They automatically receive your IP address when this happens. They may also use cookies and other similar technologies to measure the effectiveness of the links and/or their respective websites. We do not have access to or control over cookies or other features that such third party websites may use, and the information practices of these third-party websites are not covered by this Privacy Policy. You should consult the other sites’ respective privacy policies and contact them directly for more information about their privacy practices or any questions you may have. We are not responsible for the policies or practices of third parties.

Login Features

Your use of CRC’s “login” features, i.e., any features for which login is required (all of the foregoing, collectively, “Login-Enabled Features”) is pursuant to and governed by the terms and conditions of the applicable agreement(s) by and between you and CRC. You represent and warrant that you have all right, title and interest in and to any information, whether anonymous or PII, that you provide via the Login-Enabled Features. You agree to indemnify and hold harmless CRC, its affiliates and subsidiaries, if applicable, and its or their respective officers, directors, employees and agents, and each of them, against any loss, cost, damage, claim, expense or liability arising out of, as a result of, or in connection with your use or misuse of the Login-Enabled Features and/or any use by CRC of the information you provide via the Login-Enabled Features.

CRC’s Research, Warranty Disclaimers, and Limitation of Liability

Please be advised that you and/or your organization, if applicable, may not use CRC research or materials as a source for further publication. CRC’s research information is highly confidential and may not be further disseminated. By registering for CRC conference, seminars and/or events, and/or by purchasing or subscribing to CRC materials, you acknowledge that CRC’s research and materials are highly confidential, proprietary to CRC, and, in some cases, CRC’s protectable trade secrets – and that you will not republish such information.

YOU ACKNOWLEDGE THAT ANY MATERIALS, SERVICES, CONFERENCES, EVENTS, AND/OR SEMINARS PROTECTED BY CRC ARE PROVIDED “AS IS” AND WITHOUT WARRANTY OF ANY KIND. CRC EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. CRC DOES NOT WARRANT OR MAKE ANY REPRESENTATIONS REGARDING THE USE OR THE RESULTS OF THE USE OF CRC’S MATERIALS OR INFORMATION LEARNED IN CRC CONFERENCES, SEMINARS AND/OR EVENTS. YOU ACKNOWLEDGE THAT ANY USE OF CRC’S PRODUCTS OR INFORMATION LEARNED IN CRC CONFERENCES, SEMINARS AND/OR EVENTS IS AT YOUR OWN RISK. CRC SHALL NOT BE LIABILE TO YOU OR YOUR ORGANIZATION, IF APPLICABLE, FOR ANY SPECIAL, EXEMPLARY, INDIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGES OR LOST PROFITS, LOST FUNDING, LOST SAVINGS, OR FOR CLAIMS OF A THIRD PARTY, ARISING OUT OF YOUR USE OF CRC MATERIALS AND/OR ARISING OUT OF YOUR ATTENDANCE AT CRC CONFERENCES, SEMINARS AND/OR EVENTS.

Children’s Privacy

This Site is not directed at children and we do not knowingly collect any PII from children under sixteen (16) years of age. If you are under sixteen (16) years of age, do not send any information about yourself to us. If we discover that a child under the age of sixteen (16) years has provided us with PII, we will use commercially reasonable efforts to delete that child’s PII from our system.

CALIFORNIA RESIDENTS

If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, visit Privacy Information for California Residents found in Appendix A.

Contact Us

If you have any questions or concerns about this Privacy Policy for this Site or about its implementation, or if you wish to update or correct any PII you provided via this Site, you may contact us at (216) 649- 7250. Any questions or concerns regarding the terms of this Privacy Policy or the PII you have provided should be directed to: info@cleveland-research.com, or via mail to Cleveland Research Company, attention: Privacy Policy, 1375 East 9th Street, Suite 2700, Cleveland, Ohio 44114. We will contact any person lodging a formal complaint or requesting a correction of PII and will cooperate with appropriate regulatory authorities to resolve any complaints that cannot be resolved between us and any individual(s). You should be aware that it is not always possible to completely remove or delete all of the provided PII or anonymous information from our databases without some residual data because of backups or for other reasons.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

Limited Access to Information

CRC limits employee access to PII to those with a business reason to access such information. CRC educates these relevant employees so that they will understand the importance of confidentiality and privacy. Through this statement, CRC also speaks to all employees as to the safeguarding of collected PII. We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Electronic Security

While we work to protect the security of your information by using a reasonable encryption technology that encrypts information you input, as well as physical, electronic, and managerial procedures as required by law and as we deem reasonable to safeguard and help to prevent unauthorized access, maintain data security, and correctly use the information we collect online, we cannot guarantee the security of any information that is disclosed by you via the Site. As a result, we make no warranty regarding the security of any information you transmit to us via this Site and you do so at your own risk. In addition, it is important for you to also protect against unauthorized access to your computer. Be sure to sign off when using a shared computer.

Notice and Revisions

If you choose to visit this Site, your visit and any dispute related to our privacy practices and/or your PII is subject to this Privacy Policy. If you have any concern about our privacy practices, please contact us pursuant to the “Contact Us” details stated above. Our business changes constantly. We may update our Privacy Policy from time to time. Such revised Privacy Policy will be effective as of the date posted to this Site and as stated in the revised Privacy Policy. We will not use PII in a manner materially different than as described in the Privacy Policy in effect at the time the information was collected. You should check our Site frequently to see recent changes. We may also let you know about material changes to our Privacy Policy by posting a notice on this Site.

Assignability; Governing Law

We reserve the right to disclose, share, assign and/or otherwise transfer user information, including, without limitation, PII, in connection with a merger, acquisition, consolidation, the sale of substantially all of CRC’s assets, or any other corporate transfer, exchange or restructuring, whatever form it may take. You further agree that this Privacy Policy shall be governed by and construed in accordance with the laws of the State of Ohio, United States of America. Any dispute under or related to this Privacy Policy shall be brought exclusively in the state or federal courts in Cuyahoga County, Ohio.

Appendix A

PRIVACY NOTICE FOR CALIFORNIA RESIDENTS

Effective January 1, 2024

(A) This Notice

This Privacy Notice for California Residents (“CCPA Notice”) supplements, and should be read in conjunction with, the information contained in our Privacy Notice above and applies solely to all visitors, users, and others who reside in the State of California (”consumers” or “you”). CRC adopts this notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and any terms defined in the CCPA have the same meaning when used in this CCPA Notice.

This CCPA Notice does not apply to employment-related personal information collected from California- based employees, job applicants, contractors, or similar individuals.

(B) Information We Collect

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“personal information”). Personal information does not include:

  • Publicly available information from government records.
  • Deidentified or aggregated consumer information.
  • Information excluded from the CCPA’s scope, like:  health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and the California Confidentiality of Medical Information Act (“CMIA”) or clinical trial data; and personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (“FCRA”), the Gramm-Leach-Bliley Act (“GLBA”) or California Financial Information Privacy Act (“FIPA”), and the Driver’s Privacy Protection Act of 1994.

In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:

CategoryExamples
IdentifiersA real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).A name, signature, address, telephone number, driver’s license or state identification card number, employment, employment history, and bank account number. Some personal information included in this category may overlap with other categories.
Commercial InformationRecords of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Internet or other similar network activityBrowsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
Professional or employment-related
information.
Current or past job history.

(C) Use of Personal Information

In addition to all the stated uses of Personal Data set forth in Paragraph (G) of the Privacy Notice above, we may use or disclose your personal information for any purpose described to you when collecting your personal information or as otherwise set forth in the CCPA.

(D) Sharing Personal Information

We may disclose your personal information to a third party for a business purpose. In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:

  • Identifiers.
  • California Customer Records personal information categories.
  • Commercial Information.

 (E) Your Rights and Choices

The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you (also called a data portability request).
  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:  sales, identifying the personal information categories that each category of recipient purchased; and disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

We do not provide these access and data portability rights for B2B personal information.

Deletion Request Rights

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request we will delete your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

  • Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfil the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
    • Debug products to identify and repair errors that impair existing intended functionality.
    • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
    • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
    • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
    • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us, such as future field campaigns or product safety issues.
    • Comply with a legal obligation.
    • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

We do not provide these deletion rights for B2B personal information.

Exercising Access, Data Portability, and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must: Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include:

  • Your name
    • Email Address
    • Additional information depending upon the type of request and the sensitivity of the information.
    • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is

readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
    • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
    • Provide you a different level or quality of goods or services.
    • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.