Chronus Privacy Policy

 

Last updated August 19, 2021

This Privacy Policy sets out how Chronus LLC (“we”, “us” or “our”) may collect and use information from individuals (collectively “you”) in connection with your use of the Chronus websites (including Chronus.com), Chronus mobile applications, or any other Chronus products or services that reference or otherwise incorporate this Privacy Policy (collectively “the Services”).

We recognize that privacy is an ongoing responsibility and we will update this Privacy Policy as we adopt new privacy practices. If we make any material changes to this Privacy Policy, we will notify you by email or by means of a notice on this website.

Please note that this Privacy Policy does not apply in the following circumstances:

Third-Party Sites: The Services may include links or references to websites, services or materials that are not controlled by us. This Privacy Policy does not apply to such third-party sites, which are subject to their own privacy notices.

Existing Customers and Users: In some cases, we may access or use your information on behalf of your organization who is our customer. In such cases, we will treat your information as prescribed in the respective agreements between us and your organization, rather than as described in this Privacy Policy. Please reach out to your organization for more information or if you would like to exercise any of your data subject rights in connection with our use of your information.

 
1. INFORMATION WE COLLECT ABOUT YOU.

We will only collect your personal data (“information”) about you in accordance with applicable law. The information we collect depends on the context of your interactions with us and the choices you make, including your own privacy settings and the specific Services you use. Depending on your particular use, we may collect the following categories of information about you. You can contact us at any time via https://get.chronus.com/preference-center.html to learn more.

• personal identifiers (such as real name, alias, postal address, unique personal identifier, online identifier internet protocol Internet Protocol address, email address, account name or other similar identifiers);
• protected classification information (such as demographic information you provide to us);
• commercial information (such as products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies);
  internet or other electronic network activity information (ie browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement);
• audio/visual information;
• professional, educational or employment related information;
• any other information that you communicate to us directly during your communications with us; and
  inferences drawn from the foregoing.

 
2. SOURCES OF INFORMATION.

We may collect your information both online (for example, through your use of our websites and products) and offline (for example at events or over the phone) and we may combine information collected from disparate sources.

Most of the information we collect or maintain about you is provided directly by you to us.

For example, we receive and store information you voluntarily enter on our Services or otherwise provide to us (e.g., when you register for and use the Services, when you make payments to us, or submit requests for support to us or when you have a direct communication with us). Such information typically includes personal identifiers, commercial information, protected classification information and professional or educational information. If you do not want to provide us with your information you may decide at any time not to visit our sites, install our apps, or provide information to directly us. However, if you choose not to provide us with certain information, we may not be able to provide certain Services to you.

Third-party collection. Where permitted by law, we may also collect information about you from various third-parties, including your company, marketers, partners, researchers, customers or vendors, suppliers or from public online sources. Such information typically includes personal identifiers, commercial information, and professional or educational information.

Cookies and related technologies: In some cases, we may also passively collect internet or other electronic network activity information about you and your use of our Services through the use of cookies, server logs, web beacons, navigational data collection (clickstream, log files, server logs, etc.) and related technologies. We use this information to help improve and optimize the Services for you and for security purposes. For more information please go to our Cookie Policy.

 
3. HOW WE USE YOUR INFORMATION.

At all times in accordance with, and solely where permitted by applicable law, we use the information that we collect from you for such purposes as communicating with you, facilitating and responding to your requests, providing, improving, and developing our Services, processing your transactions, customizing your experience, providing you with quality assurance and support for our Services, preventing or investigating fraudulent or inappropriate uses of our Services, and for marketing and analytics purposes.

We may also use your information as otherwise disclosed to you at the point of the collection of your information.

We may also make full use of data that is aggregated, anonymized or not otherwise in a personally identifiable form.

Cookies and related technology.We may use the information collected from cookies and related technologies for the purposes identified above, as well as to analyze trends, administer the website, track users’ movements, gather broad demographic information for aggregate use and to confirm that a particular individual affirmed his/her consent to specific legal terms (e.g. a clickwrap license agreement). From time to time, electronic communications we provide may contain code that enable our database to understand whether the communication was opened and/or what links (if any) you have clicked. We may combine such information with other information we have about you and may use this information to improve your experience with our Services and/or provide customized communications to you. For additional information about cookies and related technologies, please go to our Cookie Policy.

Marketing opt-outs. Where permitted by applicable law, and with your prior consent where required by applicable law, we may use your information for marketing and to provide you with promotional communications about our products and services. You can unsubscribe from further marketing at any time by selecting the “unsubscribe” link at the end of the various marketing and promotional communications we send you, or by submitting your request via: https://get.chronus.com/preference-center.html. Please keep in mind that even if you unsubscribe from our marketing communications, we may still contact you for other legitimate reasons (e.g. in relation to an order you placed, an inquiry you made, a membership you undertook, an event for which you registered, a legally required notice, etc.).

 
4. WHEN WE SHARE YOUR INFORMATION WITH OTHERS.

We will share your information with third-parties solely as permitted by law and only as described in this Privacy Policy or as otherwise expressly permitted by you. Any third-parties that we may share your information with are obliged to keep your information confidential, secure and in manner no less protective of your information than this Privacy Policy.

We may disclose your information to our affiliates, consultants, service providers, and contractors we use to facilitate the Services and our business operations. These parties provide services directly to us upon our instruction such as delivery services, payment services, fulfillment services, technical support, advertising support, public relations, media and marketing services, legal services, call-in centers, e-commerce and other web-related services such as web hosting and web monitoring services. All such parties are under contractual obligations to safeguard your information and are not permitted to use your information for their own purposes. You can find more information on these types of third parties with which we share your data at our subprocessor list located at https://www.chronus.local/subprocessors.

We may disclose your information if required to do so by law or if we have a good faith belief that disclosure is necessary to (1) comply with the law or, as applicable, to bring or defend against a legal action; (2) respond to governmental and/or law enforcement requests; (3) protect and defend our rights or property; or (4) act in an emergency to protect someone’s safety.

Finally, we may disclose your information if we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider. In such cases, your information may be sold or transferred in connection with the transaction and as permitted by law and/or contract.

 
5. INTERNATIONAL TRANSFER OF YOUR INFORMATION.

We may process your information in the United States, India or any other countries in which we have a presence or data processing facilities. Similarly, we may transfer information from the country in which you are located to the United States, India or any other countries in which we have a presence or data processing facilities. We will comply with all applicable law relating to the processing and transfer of your information. Where applicable law requires consent for such international processing or transfer, we will seek consent from you independent of this Privacy Policy.

 
6. USERS IN SWITZERLAND OR THE EUROPEAN ECONOMIC EEA.

If you are in Switzerland or the European Economic Area (EEA), you may have the right to request access to your personal data; request correction of the personal data that we hold about you; request erasure of your personal data; object to processing of your personal data; request the restriction of processing of your personal data or request the transfer of your personal data to another party.

Additionally, you may have the right to file a complaint with your applicable supervisory authority. We may need to request specific information from you to help us confirm your identity and applicable rights. We may, in limited circumstances, refuse to comply with your request or charge you a reasonable fee if your request is clearly unfounded or excessive. In all cases, we will notify you of any fee in advance. Alternatively, we may refuse to comply with the request in such circumstances. To obtain more information about exercising your rights, please contact us at contact us via: https://get.chronus.com/preference-center.html.

Where we are acting as a data controller under Swiss or EEA privacy laws, we process your personal data only (i) where the processing is in our legitimate interests (which are not overridden by your data protection interests or fundamental rights and freedoms); (ii) where we need the information to perform a contract with you; or (iii) where we have collected your consent to do so.

For the sake of clarity, where we are using your information based on the legal basis of consent, we will seek consent from you independent of this Privacy Policy. You can withdraw such consent at any time by contacting us contact us via: https://get.chronus.com/preference-center.html.

Where your information originates in the EEA or Switzerland and is transferred outside the EEA, we will take all steps reasonably necessary to ensure that your data is subject to appropriate safeguards, such as relying on a recognized legal adequacy mechanism, and that it is treated securely and in accordance with this privacy policy.

We may also process your personal data in our role as a data processor for your organization. In such cases, your company is acting as the data controller and we are processing your information on behalf of your organization. For more information, please reach out to your company.

 
7. CALIFORNIA RESIDENTS.

If you are a California consumer, you may have additional rights under the California Consumer Privacy Act of 2018 (“CCPA”) regarding how we use and share your information, including:

• The right to access your information;
• The right to request further details about how we collect, use, disclose or sell your information;
• The right to request that we delete your information that we collected from you;
• The right to opt-out of the sale of your information, if applicable; and
• The right not to receive discriminatory treatment from us based on your exercising of any other consumer rights under the CCPA.

To make a consumer rights request or to obtain more information about exercising your rights, including how to designate an authorized agent to make a consumer request for you, please contact us via: https://get.chronus.com/preference-center.html. Please be advised that upon the receipt of your request, we may ask you to provide additional information so that we can verify your identity and process your request.

For the purposes of the CCPA, we do not sell your personal information, except where you explicitly consent to such sale, in which case we will present you with further information about how your information may be sold and your ability to opt-out of such sale at the time of collection.

 
8. BRAZIL RESIDENTS

The provisions contained in this section apply to all Brazil consumers, according to the Brazil General Data Protection Law (Lei Geral de Proteção de Dados) No. 13.709/2018, as amended, replaced or superseded from time to time and any regulations or guidance by the ANDP (“LGPD”). “ANPD” means the National Data Protection Authority.

Where we are acting as a data controller under the LGPD, we can process your personal data solely if we have a legal basis for such processing. Legal bases are as follows:

• With your consent;
• For compliance with a legal or regulatory obligation by us;
• By the public administration, for the processing and shared use of data necessary for the execution of public policies provided in laws or regulations, or based on contracts, agreements or similar instruments, subject to the provisions of Chapter IV of the LGPD;
• For carrying out studies by research entities, ensuring, whenever possible, the anonymization of personal data;
• When necessary for the execution of a contract or preliminary procedures related to a contract of which you are a party, at your request;
• For the regular exercise of rights in judicial, administrative, or arbitration procedures, the last pursuant to Law No. 9,307, of September 23, 1996 (the “Brazilian Arbitration Law”);
• For the protection of life or physical safety of the data subject or a third party;
• To protect the health, exclusively, in a procedure carried out y health professionals, health services, or sanitary authorities;
• When necessary to fulfill the legitimate interests of us or a third party, except when your fundamental rights and liberties which require personal data protection prevail; or
• For the protection of credit, including as provided in specific legislation.

To find out more about the legal bases, you can contact us at any time using the contact details provided in this document.

As a user or Brazil consumer, you may have additional rights under the LGPD regarding how we collect, use, and share your information, including:

• The right to confirmation of the existence of the processing;
• The right to access your personal data;
• The right to correction of incomplete, inaccurate, or outdated personal data;
• The right to the anonymization, blocking or elimination of unnecessary or excessive personal data, or of personal data that is not processed in compliance with the LGPD;
• The right to obtain, on your express request, the portability of your personal information (except anonymized information) to another service or product provider, pursuant to the regulations of the ANPD, provided that our commercial and industrial secrets are safeguarded;
• The right to deletion of your personal data processed with your consent, unless one or more exceptions provided for in art. 16 of the LGPD apply;
• The right to obtain information about public and private entities with which we have shared your personal data;
• The right to information on the possibility to denying consent and the consequences of such denial;
• The right to revoke your consent as provided in section 5 of art. 8 of the LGPD;
• The right to lodge a complaint related to your personal data with the ANPD or consumer-defense entities;
• The right to oppose the processing carried out based on one of the situations of waiver of consent if there is noncompliance with the provisions of the LGPD;
• The right to request for the review of decisions made solely based on automated processing of personal data affecting your interests, including decisions intended to define your personal, professional, consumer and credit profile, or aspects of your personality; and
• The right to request clear and adequate information regarding the criteria and procedures used for an automated decisions, subject to commercial and industrial secrecy.

Please note that not all of the foregoing rights are absolute, and limitations or exceptions apply in some cases. Your consent to process your personal data is required to provide the Services to you. If you exercise your right to deny consent, or if you withdraw your consent, we will not be able to provide the Services to you.

To make a request or to obtain more information about exercising your rights, including the possibility and consequences of denying consent, please contact us via: https://get.chronus.com/preference-center.html. Please be advised that upon receipt of your request, we may ask you to provide additional information so that we can verify your identity and process your request.

If you file a confirmation of the existence of access to personal data request, please advise whether you want us to answer your request immediately, in which case we will answer in a simplified format, or if you need a complete disclosure instead. In the latter case, we will respond within fifteen (15) days from the time of your request, providing you a declaration that indicates the origin of your personal data, the nonexistence of registration, the criteria used, and the purpose of the processing, while safeguarding our commercial and industrial secrets. You should advise us whether you want your personal data to be provided by electronic means or in printed form. If the ANPD provides a different time period for the foregoing, that time period will control.

If you file a request for the correction, deletion, anonymization or blocking of personal data, we will immediately inform any third parties with whom we have shared your personal information in order to enable such third parties to also comply with your request, except in cases where such communication is proven impossible or involves disproportionate effort.

We may also process your personal data in our role as a data processor for your organization. In such cases, your company is acting as the data controller and we are processing your information on behalf of your organization. For more information, please reach out to your company.

 
9. SECURITY AND DATA RETENTION.
We follow generally accepted industry standards to protect your information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction, whether in transmission or storage.

We follow generally accepted industry standards to protect information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction, whether in transmission or storage. In particular, information at rest is protected using AES 256 encryption and we employ controlled interfaces (such as proxies, gateways, routers, firewall, and encrypted tunnels) as well as a variety of additional security controls (e.g., intrusion detection systems, data encryption).

All communications within the Chronus Mentor Service are secured via a high-grade 256-bit SSL encryption.

Although we will exercise reasonable care in providing secure transmission of information between your computer and our servers, we cannot ensure or warrant the security of any information transmitted to us over the Internet and we accept no liability for any unintentional disclosure.

We will retain your information in accordance with applicable law and, in general, for no longer than necessary for the purposes for which your information was processed by us. Where there are technical limitations that prevent deletion or anonymization, we will safeguard and limit the use of information as required by applicable law.

 
10. PUBLIC FORUMS.

The Services may, from time to time, make chat rooms, message boards, news groups and/or other public forums available to you. By submitting such information, you acknowledge that any information that is disclosed in these areas becomes public information.

 
11. CHILDREN.
The Services are not intended for or directed to children and we do not knowingly collect any information from children under 13 years of age through the Services. If we learn that we have collected information from children under 13, we will promptly take steps to delete such information.

 
12. CONTACT US.

You can always learn more about our privacy practices and GDPR at Chronus.com/GDPR. If you would like to opt-out of select communications from us or if you have questions or concerns related to this Privacy Policy, you may contact us via:https://get.chronus.com/preference-center.html.

 

You may also contact us by mail at our primary place of business:

Chronus LLC
Hitesh Kumar
Data Processing Officer/Data Protection Officer
450 Alaskan Way South, Suite 200
Seattle, Washington 98104