Chronus Privacy Policy

Important: California consumers can find specific disclosures, including “Notice at Collection” details, by clicking here.

Last updated: 07/20/2023

This Privacy Policy sets out how Chronus LLC (“Chronus,” “we”, “us” or “our”) may collect, use, retain or disclose your personal information in connection with your use of the Chronus websites (including Chronus.com), Chronus mobile applications, or any other Chronus products, services or events that reference or otherwise incorporate this Privacy Policy (collectively “the Services”). In addition to this Privacy Policy, in certain cases, we may also provide you with notice of additional practices concerning how we use your personal information in connection with a particular Service or activity.

Please note that this Privacy Policy does not apply in the following circumstances:

• Third-Party Sites. The Services may include links, integrations or references to websites, services or materials that are controlled by third parties and which maintain different data practices than we do. If you provide personal information to any of those third parties, or direct us to share personal information with them, that personal information is governed by their privacy statements.
• Existing Customers and Users: In some cases, we may access or use your personal information on behalf of your organization who is our customer. In such cases, we are a “service provider” or a “data processor” to those organizations and we will treat your information as prescribed in the respective agreements between us and your organization rather than as described in this Privacy Policy. Please reach out to your organization for more information or if you would like to exercise any of your data subject rights in connection with such use of your personal information.

We recognize that privacy is an ongoing responsibility and we will update this Privacy Policy as we adopt new privacy practices or as privacy requirements change. Each time this Privacy Policy is updated, we will update the “Last Updated” date at the top of the page. If we make any material changes to this Privacy Policy, we will notify you by email or by means of a notice on this website.

1. INFORMATION WE COLLECT ABOUT YOU.

We will only collect your personal information in accordance with applicable law. The information we collect depends on the context of your interactions with us and the choices you make, including your own privacy settings and the specific Services you use.  As further detailed below, we collect your personal information from different sources, including information you provide directly, information collected automatically, information from third-party data sources, and information we infer or generate ourselves. 

We may collect your information both online (for example, through your use of the Services) and offline (for example at events or over the phone) and we may combine information collected from disparate sources.

When you are asked to provide personal information, you may decline, or you may decide at any time not to visit our sites, use our Services, or provide information directly to us. As further described below, in certain cases, you may use web browser or operating system controls to prevent certain types of automatic data collection. However, if you choose not to provide or allow personal information that is necessary for certain Services or features of a Service, those Services or features may not be available or fully functional. 

If you choose to provide us with personal information about another person, you shall ensure that you have obtained the consent of that person to share their information with us.

Personal information collected directly from you. Most of the personal information we collect or maintain about you is provided directly by you to us.  For example, we receive and store personal information you voluntarily enter on our Services or otherwise provide to us (e.g., when you register for and use the Services, when you make payments to us, or submit requests for support to us or when you have a direct communication with us). 

Such information we collect directly from you typically includes: 

• Personal identifiers (such as real name, alias, postal address, unique personal identifier, online identifier internet protocol Internet Protocol address, email address, account name or other similar identifiers);
• Protected classification information (such as demographic information you provide to us);
• Commercial information (such as products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies);
• Internet or other electronic network activity information (i.e., browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement);
• Audio/visual information;
• Professional, educational or employment related information; and
• Any other information that you communicate to us directly during your communications with us;.

Personal information collected automatically. In some cases, we may also passively collect personal information, such as internet or other electronic network activity information about you and your use of our Services through the use of cookies, server logs, web beacons, navigational data collection (clickstream, log files, server logs, etc.) and related technologies. For more information, please go to our Cookie Policy.

Personal information from third-party collection. Where permitted by law, we may also collect information about you from various third-parties, including: 

• Data brokers. Data brokers and aggregators from which we obtain personal information to supplement the data we collect.
• Third party partners.  Third party applications and services, including those you choose to connect with or interact with through our services.
• Co-branding/marketing partners.  Partners with which we offer co-branded services or engage in joint marketing activities
• Service providers.  Third parties that collect or provide personal information in connection with work they do on our behalf, for example companies that determine your device’s location based on its IP address.
• Publicly available sources.  Public sources of personal information such as open government databases.

Such information typically includes personal identifiers, commercial information, and professional or educational information.

Inferences about you. Finally, we may also infer new information from other personal information we collect, including using automated means to generate information about your likely preferences or other characteristics. For example, we infer your general geographic location (such as city, state, and country) based on your IP address.

2. HOW WE USE YOUR INFORMATION AND YOUR CHOICES AND CONTROL OVER YOUR PERSONAL INFORMATION.

At all times in accordance with, and solely where permitted by applicable law, we use the categories of personal information identified in Section 1 above  for the specific business or commercial purposes of communicating with you, facilitating and responding to your requests, providing, improving, and developing our Services, processing your transactions, customizing your experience, providing you with quality assurance and support for our Services, preventing or investigating fraudulent or inappropriate uses of our Services, and marketing and analytics. We may also use your information as otherwise disclosed to you at the point of the collection of your information.

We may also make full use of data that is aggregated, anonymized or not otherwise in a personally identifiable form.

We provide a variety of ways for you to control the personal information we hold about you, including choices about how we use that data. In some jurisdictions, these controls and choices may be enforceable as rights under applicable law. In particular, see below for more information about your individual rights under California and European privacy laws.

Requests to access, copy, correct or delete – If you wish to access, copy, correct, or delete personal data about you that we hold, or to obtain more information about your rights, please contact us at legal@chronus.com or 1-800-515-1206 for more information.  

Please be advised that upon receipt of your request, we may ask you to provide additional information so that we can verify your identity and process your request. Additionally, before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf.

We may, in limited circumstances, refuse to comply with your request or charge you a reasonable fee if your request is clearly unfounded or excessive. In all cases, we will notify you of any fee in advance. Alternatively, we may refuse to comply with the request in such circumstances.   If you receive a response from us informing you that we have declined your request, in whole or in part, you may appeal that decision by submitting your appeal to our data protection officer using the contact method described at the bottom of this privacy statement. 

Marketing and targeted advertising – Where permitted by applicable law, and with your prior consent where required, we may use your information for marketing and advertising purposes, including to provide you with promotional communications about our products and services. You can unsubscribe from further promotional communications from us at any time by selecting the “unsubscribe” link at the end of the various marketing and promotional communications we send you, or by submitting your request via: https://get.chronus.com/preference-center.html. Please keep in mind that even if you unsubscribe from our marketing communications, we may still contact you for other legitimate reasons (e.g., in relation to an order you placed, an inquiry you made, a membership you undertook, an event for which you registered, a legally required notice, etc.).

To opt-out from or otherwise control targeted advertising, you can use the controls available through our website cookie banner to decline advertising-related cookies. You may also be able to use the opt-out controls offered by the organizations our advertising partners may participate in, which you can access at:

• United States: NAI (http://optout.networkadvertising.org) and DAA (http://optout.aboutads.info/) 
• Canada: Digital Advertising Alliance of Canada (https://youradchoices.ca/) 
• Europe: European Digital Advertising Alliance (http://www.youronlinechoices.com/) 

Finally, you may be able to use your browser or platform settings to opt-out of such activities.

Cookies and related technology. We may use the information collected from cookies and related technologies for the purposes identified above, as well as to analyze trends, administer the website, track users’ movements, gather broad demographic information for aggregate use and to confirm that a particular individual affirmed his/her consent to specific legal terms (e.g., a clickwrap license agreement). From time to time, electronic communications we provide may contain code that enables our database to understand whether the communication was opened and/or what links (if any) you have clicked. We may combine such information with other information we have about you and may use this information to improve your experience with our Services and/or provide customized communications to you. 

Most web browsers are set to accept cookies by default. If you prefer, you can go to your browser settings to learn how to delete or reject cookies. If you choose to delete or reject cookies, this could affect certain features or services of our website. If you choose to delete cookies, settings and preferences controlled by those cookies, including advertising preferences, may be deleted and may need to be recreated.

For additional information about cookies and related technologies, including your options to opt-out of certain processing related to our cookies, please go to our Cookie Policy.

3. WHEN WE SHARE YOUR INFORMATION WITH OTHERS.

We share your personal information with third-parties solely as permitted by law and only with your consent or in furtherance of the purposes described herein

In particular, we may share the categories of personal information described in Section 1 above with the types of third parties or in the circumstances described below. All such parties are under contractual obligations to safeguard your information and are not permitted to use your information for their own purposes. Further, such parties are obliged to keep your information confidential, secure and in manner no less protective of your personal information than as required by applicable law.

• Service providers, consultants and contractors. We share personal information with vendors, contractors or agents working on our behalf for the purposes described in this Privacy Policy. These parties provide services directly to us upon our instruction such as delivery services, business administration and payment services, fulfillment services, system administration and technical support, advertising support, public relations, media and marketing services, legal services, call-in centers, e-commerce and other web-related services such as web hosting and web monitoring services.
• Financial services & payment processing. When you provide payment data, for example to make a purchase, we will share payment and transactional data with banks and other entities as necessary for payment processing, fraud prevention, credit risk reduction, or other related financial services.
• Affiliates. We enable access to personal information across our subsidiaries or affiliates, for example, where we share common data systems or where access is needed to provide our services and operate our business. 
• Third parties in connection with the protection of security, safety, and legal rights. We may disclose personal information if we believe it is necessary to:
• protect our customers and others, for example to prevent spam or attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone; 
• operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks; or 
• protect the rights or property or ourselves or others, including enforcing our agreements, terms, and policies.
• Third-parties providing analytics or advertising. Third party analytics and advertising companies acting on our behalf as our service providers also collect personal information through our website and apps including identifiers and device information (such as cookie IDs, device IDs, and IP address), geolocation data, usage data, and inferences based on and associated with that data, as further described in our Cookie Policy.

We may also disclose your information if required to do so by law or if we have a good faith belief that disclosure is necessary to (1) comply with the law or, as applicable, to bring or defend against a legal action; (2) respond to governmental and/or law enforcement requests; (3) protect and defend our rights or property; or (4) act in an emergency to protect someone’s safety.

Finally, we may disclose your information if we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider. In such cases, your information may be sold or transferred in connection with the transaction and as permitted by law and/or contract.

4. LOCATION AND INTERNATIONAL TRANSFER OF YOUR INFORMATION.

We may process (including transfer or store) your personal information in your country or region or in any other country or region where we or our service providers have a presence or maintain data processing facilities, including the United States and India.  We will comply with all applicable law relating to the processing and transfer of your information to such locations. Where applicable law requires consent for such international processing or transfer, we will seek consent from you independent of this Privacy Policy.

5. USERS IN SWITZERLAND OR THE EUROPEAN ECONOMIC EEA.

If you are in Switzerland or the European Economic Area (EEA), you may have the right to:

• Request access to or correction or erasure of your personal information; 
• Object to processing of your personal information under certain circumstances; 
• Request the restriction of processing of your personal information; 
• Transfer or receive a copy of your personal information in a usable and portable format where such personal information is subject to automated processing or processing is based on your consent or a contract with you; 
• Withdraw consent at any time for future processing of your personal information where such processing is based on consent; and
• For residents of France, send us specific instructions regarding the use of your personal information after your death.

Additionally, you may have the right to file a complaint with your applicable supervisory authority, though we encourage you to first contact us with any questions or concerns. To make such requests or to contact our Data Protection Officer, please refer to the contact information at the bottom of this statement.  

Where we are acting as a data controller under Swiss or EEA privacy laws, we process your personal information only (i) where the processing is in our legitimate interests (which are not overridden by your data protection interests or fundamental rights and freedoms); (ii) where we need the information to perform a contract with you; or (iii) where we have collected your consent to do so.

For the sake of clarity, where we are using your information based on the legal basis of consent, we will seek consent from you independent of this Privacy Policy. You can withdraw such consent at any time by contacting us contact us via: https://get.chronus.com/preference-center.html.

Where your information originates in the EEA or Switzerland and is transferred outside the EEA, we will take all steps reasonably necessary to ensure that your data is subject to appropriate safeguards, such as relying on a recognized legal adequacy mechanism, and that it is treated securely and in accordance with this privacy policy.

We may also process your personal information in our role as a data processor for your organization. In such cases, your company is acting as the data controller and we are processing your information on behalf of your organization. For more information, please reach out to your organization.

6. CALIFORNIA RESIDENTS.

If you are a California consumer, you may have additional rights under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act, (“CCPA”), including:

• Notice at Collection. At or before the time of collection, you have a right to receive notice of our practices, including the categories of personal information and sensitive personal information to be collected, the purposes for which such information is collected or used, whether such information is sold or shared, and how long such information is retained. You can find those details in this Privacy Policy by clicking on the above links. 
• Right to Know.  You have a right to request that we disclose to you the personal information we have collected about you.  You also have a right to request additional information about our collection, use, disclosure, or sale of such personal information.  Note that we have provided much of this information in this Privacy Policy. 
• Rights to Request Correction or Deletion. You also have the right to request that we correct inaccurate personal information we maintain about you and that we delete personal information that we have collected from you, subject to certain exceptions. 
• Right to Opt-Out / “Do Not Sell or Share My personal information”. You have a right to opt-out from future “sales” or “sharing” of personal information as those terms are defined by the CCPA. Note that we do not “sell” or “share” personal information as defined by the CCPA and have not done so in the past 12 months.
• Right to Limit Use and Disclosure of Sensitive personal information. You have a right to limit our use of sensitive personal information for any purposes other than to provide the Services or goods you request or as otherwise permitted by law. Note that we do not currently use sensitive personal information for any such additional purposes.
• Right against discrimination. Finally, you have a right to not be discriminated against for exercising these rights as set out in the CCPA.

To make a consumer rights request or to obtain more information about exercising your rights, including how to designate an authorized agent to make a consumer request for you. please contact us via: https://get.chronus.com/preference-center.html or 1-800-515-1206. Please be advised that upon receipt of your request, we may ask you to provide additional information so that we can verify your identity and process your request. 

7. BRAZIL RESIDENTS

The provisions contained in this section apply to all Brazil consumers, according to the Brazil General Data Protection Law (Lei Geral de Proteção de Dados) No. 13.709/2018, as amended, replaced or superseded from time to time and any regulations or guidance by the ANDP (“LGPD”). “ANPD” means the National Data Protection Authority.

Where we are acting as a data controller under the LGPD, we can process your personal information solely if we have a legal basis for such processing. Legal bases are as follows:

• With your consent;
• For compliance with a legal or regulatory obligation by us;
• By the public administration, for the processing and shared use of data necessary for the execution of public policies provided in laws or regulations, or based on contracts, agreements or similar instruments, subject to the provisions of Chapter IV of the LGPD;
• For carrying out studies by research entities, ensuring, whenever possible, the anonymization of personal information;
• When necessary for the execution of a contract or preliminary procedures related to a contract of which you are a party, at your request;
• For the regular exercise of rights in judicial, administrative, or arbitration procedures, the last pursuant to Law No. 9,307, of September 23, 1996 (the “Brazilian Arbitration Law”);
• For the protection of life or physical safety of the data subject or a third party;
• To protect the health, exclusively, in a procedure carried out by health professionals, health services, or sanitary authorities;
• When necessary to fulfill the legitimate interests of us or a third party, except when your fundamental rights and liberties which require personal information protection prevail; or
• For the protection of credit, including as provided in specific legislation.

To find out more about the legal bases, you can contact us at any time using the contact details provided in this document.

As a user or Brazil consumer, you may have additional rights under the LGPD regarding how we collect, use, and share your information, including:

• The right to confirmation of the existence of the processing;
• The right to access your personal information;
• The right to correction of incomplete, inaccurate, or outdated personal information;
• The right to the anonymization, blocking or elimination of unnecessary or excessive personal information, or of personal information that is not processed in compliance with the LGPD;
• The right to obtain, on your express request, the portability of your personal information (except anonymized information) to another service or product provider, pursuant to the regulations of the ANPD, provided that our commercial and industrial secrets are safeguarded;
• The right to deletion of your personal information processed with your consent, unless one or more exceptions provided for in art. 16 of the LGPD apply;
• The right to obtain information about public and private entities with which we have shared your personal information;
• The right to information on the possibility to denying consent and the consequences of such denial;
• The right to revoke your consent as provided in section 5 of art. 8 of the LGPD;
• The right to lodge a complaint related to your personal information with the ANPD or consumer-defense entities;
• The right to oppose the processing carried out based on one of the situations of waiver of consent if there is noncompliance with the provisions of the LGPD;
• The right to request for the review of decisions made solely based on automated processing of personal information affecting your interests, including decisions intended to define your personal, professional, consumer and credit profile, or aspects of your personality; and
• The right to request clear and adequate information regarding the criteria and procedures used for an automated decision, subject to commercial and industrial secrecy.

Please note that not all of the foregoing rights are absolute, and limitations or exceptions apply in some cases. Your consent to process your personal information is required to provide the Services to you. If you exercise your right to deny consent, or if you withdraw your consent, we will not be able to provide the Services to you.

To make a request or to obtain more information about exercising your rights, including the possibility and consequences of denying consent, please contact us via: . Please be advised that upon receipt of your request, we may ask you to provide additional information so that we can verify your identity and process your request.

If you file a confirmation of the existence of access to personal information request, please advise whether you want us to answer your request immediately, in which case we will answer in a simplified format, or if you need a complete disclosure instead. In the latter case, we will respond within fifteen (15) days from the time of your request, providing you a declaration that indicates the origin of your personal information, the nonexistence of registration, the criteria used, and the purpose of the processing, while safeguarding our commercial and industrial secrets. You should advise us whether you want your personal information to be provided by electronic means or in printed form. If the ANPD provides a different time period for the foregoing, that time period will control.

If you file a request for the correction, deletion, anonymization or blocking of personal information, we will immediately inform any third parties with whom we have shared your personal information in order to enable such third parties to also comply with your request, except in cases where such communication is proven impossible or involves disproportionate effort.

We may also process your personal information in our role as a data processor for your organization. In such cases, your company is acting as the data controller and we are processing your information on behalf of your organization. For more information, please reach out to your company.

8. SECURITY 

We follow generally accepted industry standards to protect your information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction, whether in transmission or storage. 

In particular, information at rest is protected using AES 256 encryption and we employ controlled interfaces (such as proxies, gateways, routers, firewall, and encrypted tunnels) as well as a variety of additional security controls (e.g., intrusion detection systems, data encryption). All communications within the Chronus Mentor Service are secured via a high-grade 256-bit SSL encryption.

Although we will exercise reasonable care in providing secure transmission of your personal information between your computer and our servers, we cannot ensure or warrant the security of any information transmitted to us over the Internet and we accept no liability for any unintentional disclosure.

9. DATA RETENTION.

We will retain your personal information in accordance with applicable law and, unless otherwise provided by applicable law, for no longer than necessary to provide the Services and fulfill the transactions you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and in furtherance of our other business purposes outlined hereunder. 

Because these needs can vary for different types and uses of personal information, actual retention periods can vary based on criteria such as user expectations or consent, the sensitivity of your personal information, the availability of automated controls that enable you to delete data, and our legal or contractual obligations.  

Where there are technical limitations that otherwise prevent the deletion or anonymization of your personal information, we will safeguard and limit the use of your personal information as required by applicable law.

10. PUBLIC FORUMS.

The Services may, from time to time, make chat rooms, message boards, news groups and/or other public forums available to you. By submitting such information, you acknowledge that any information that is disclosed in these areas becomes public information.

11. CHILDREN.

The Services are not intended for or directed at children and we do not knowingly collect any information from children under 13 years of age through the Services. If we learn that we have collected information from children under 13, we will promptly take steps to delete such information.

12.HOW TO CONTACT US.

If you have questions, concerns or a complaint related to this Privacy Policy, you may contact us at legal@chronus.com.

You may also contact us by mail at our primary place of business:

Chronus LLC
Sabarish Sankar 

Data Processing Officer/Data Protection Officer
450 Alaskan Way South, Suite 200
Seattle, Washington 98104