Logo of Crimson EducationCrimson Education 10 year anniversary

我們的服務

寒暑期遊學團

中小學興趣培養專案 (11-14歲)

Crimson Global Academy線上菁英高中

關於我們

創立理念

學生榮譽榜

成功學生案例

我們的評價

媒體報導

全球服務據點

最新講座資訊

免費升學資源

免費電子書

美國申請文件成功範例

英美大學落點分析

GPA換算器

SAT/ACT分數轉換器

美國頂尖大學介紹

英國頂尖大學介紹

部落格文章

+886-2-8758-2823

Last updated: 20 September 2024

  1. What is this Privacy Policy for?
  2. What Personal Data do we collect?
  3. What do we use Personal Data for and under which legal bases?
  4. How do we use cookies?
  5. Who do we share Personal Data with?
  6. What are your rights relating to Personal Data?
  7. How do we keep your Personal Data safe?
  8. How long do we keep Personal Data?
  9. How do we process Personal Data for children under 13?
  10. Do we transfer your Personal Data internationally?
  11. Will this Privacy Policy Change?
  12. Contacting us

–––

1. What is this Privacy Policy for?

Introduction

Crimson Consulting Limited and our related entities (“Crimson”, “we”, “us”, or “our”) are committed to protecting your privacy. This Privacy Policy outlines how we collect, use, share and process identifiable information about you (“Personal Data”) across all websites, applications and platforms that we own or operate, and all services we provide (“Services”). Unless specified otherwise, Crimson acts as the controller of your Personal Data. This Privacy Policy also explains your privacy rights.

Third Party Links and Platforms

Our Services may contain links to websites, applications, platforms and services maintained by third parties. The privacy practices of these third parties, including social media platforms that host our branded content, are governed by their respective privacy policies. We encourage you to review their policies to better understand their privacy practices.

Crimson’s Role as a Processor

This Privacy Policy does not apply to the extent Crimson processes Personal Data in the role of a processor or service provider on behalf of our customers. For example, where our customer is an employer, school or organisation that has purchased our Services for its own employees, students or users, they control the data processing, and their privacy practices apply. Crimson is not responsible for the data privacy and security practices of its customers.

–––

2. What Personal Data do we collect?

Directly or Automatically

We may collect Personal Data both directly from you, and automatically when you interact with our Services. The Personal Data we collect from you may include identifiers, financial information, commercial details, educational records, visual data, professional or employment-related information, internet activity, as well as any other such information from time-to-time. Below are the situations in which we collect this information and the types of Personal Data involved:

Indirectly

We may also collect Personal Data indirectly from third party sources such as marketing and research partners, or from publicly available sources such as social media profiles or professional networking sites. We may generate information based on the Personal Data provided by you combined with Personal Data from such third party or public sources in accordance with applicable law. This information may be used to detect, prevent or otherwise address fraudulent, deceptive or illegal activity, misuse of our Services, security or technical issues, and to protect the rights, property and safety of Crimson, our staff members, customers, students, or the public. We may also infer or generate information based on the Personal Data we collect to provide you with the most relevant user experience and keep our databases up to date.

If you provide us or our affiliates with any Personal Data relating to other individuals, you represent that you have the authority to do so and have obtained the necessary consent (where required). You acknowledge that such Personal Data may be used in accordance with this Privacy Policy. If you believe your Personal Data has been provided to us improperly, or wish to exercise your rights under applicable law, please contact us using the details in Section 12 below.

–––

3. What do we use Personal Data for and under which legal bases?

Crimson processes the Personal Data collected about you for a number of purposes, including:

(1) To perform a contract or to take steps prior to entering a contract:

  • Delivering, administering or providing our Services to you, including those Services you have purchased or received through a free trial
  • Verifying your identity
  • Processing payments
  • Sending you necessary communications
  • Providing you with customer service or support

(2) Where you have given consent to the processing of your Personal Data:

  • Sending you information about Crimson’s products and Services
  • Sharing your Personal Data with third parties for their own marketing purposes
  • Accessing Personal Data stored on your browser relating to your use of our Services
  • Placing cookies and other similar technologies through our products, Services and in email communications, in accordance with our Cookies Policy

(3) Where necessary to conduct our business and pursue our legitimate interests

  • Delivering or providing our Services to you
  • Sending you information about Crimson’s products and Services, including through direct marketing activities
  • Analysing and measuring the effectiveness of our Services to better understand usage and improve user engagement and retention
  • Diagnosing and addressing any problems with our Services
  • Investigating and responding to any comments or complaints from you
  • Conducting market research to understand user interests, the effectiveness of our advertising campaigns, and customer satisfaction
  • Analysing the use and navigation of our Services to detect, prevent, or otherwise address fraudulent, deceptive or illegal activity or misuse of our Services

(4) Where necessary to protect the vital interests of another individual:

  • Protecting personal property or safety, including safeguarding the rights, property or safety of our users or the public
  • Ensuring the safety and welfare of children, consistent with applicable child safeguarding policies, guidelines, regulations, or laws

(5) Where necessary for legal reasons:

  • Responding to requests from government or law enforcement authorities, including for compliance, regulatory and investigative purposes
  • Complying with judicial proceedings, court orders or legal processes
  • Using or disclosing Personal Data as reasonably necessary to detect, prevent, or otherwise address fraudulent, deceptive or illegal activity, misuse of our Services, security issues, or piracy, to protect both you and Crimson

If we need to collect and process Personal Data by law, or under an agreement with you, and you fail to provide the requested Personal Data, we may not be able to perform our agreement with you. Where we collect and process your Personal Data based on legitimate interests, you may object to this processing in certain circumstances. In such cases we will stop processing such Personal Data unless we have overriding legitimate grounds or legal obligations to continue processing. Where a particular legitimate interest is not a recognised legal basis in a certain jurisdiction, we will rely on other available legal grounds for the data collection and processing activities described above.

–––

4. How do we use cookies?

Crimson uses cookies when you interact with our website or Services. Cookies are small text files stored by your web browser when you visit websites. In addition to cookies, we may also use other similar technologies such as HTML5 Local Storage, local shared objects, web beacons, and embedded scripts. These technologies help us remember your preferences when you return to our sites, analyse how you use the website, conduct market research, and gather information about the ads you see and interact with.

You can control how Crimson uses cookies and similar technologies by adjusting your browser or by using our cookie management tool available in the footer of this page. By allowing cookies, we can improve your experience by:

  • tailoring our website and content based on your preferences;
  • keeping track of your settings and preferences for future visits;
  • better understanding your likely interests to provide you with more relevant Crimson ads and content on non-Crimson websites and apps; and
  • helping us enhance the performance of our website for you.

If you choose to disable cookies and similar technologies, our websites may not function properly, and your user experience may be different from what you expect. We won’t be able to remember your preferences across sessions, so your experience may not be tailored to your interests. You will still have access to the content on our website, but certain features that rely on cookies may not function. Additionally, you will still see ads, but they might not be relevant to your interests.

There are also strictly necessary cookies. These cookies are essential for our website to function and cannot be disabled  through our systems. They are usually only set in response to actions you take which amount to a request for services, such as setting your privacy preferences, logging in, or filling out forms. While you can set your browser to block or alert you about these cookies, doing so may prevent parts of our website from working. These cookies do not store any Personal Data.

–––

5. Who do we share Personal Data with?

Crimson may share your Personal Data with various parties, either with your consent or where consistent with a purpose and legal basis outlined in this Privacy Policy, including:

  • Crimson affiliates: Entities, affiliates or subsidiaries within the Crimson corporate group, including any future acquisitions that become part of the group.
  • Partners: Entities or individuals that we collaborate with to sell, promote or advertise our Services, including those who sponsor, organise, or run events and webinars with us.
  • Service providers: External entities, contractors or suppliers that we engage to provide the Services to you, including IT and system administration, credit card processing, market research,customer analytics, marketing, event planning, customer support and accounting services. These service providers may utilise artificial intelligence technologies to analyse Personal Data, detect trends, make predictions, and create AI-generated responses or content.
  • Other users with whom you are affiliated: This includes individuals connected to your use of our Services. For example, (a) for students or children, this may include their parents, guardians or caregivers, and (b) for authorised users, it may include their employer, school, or other organisation.
  • Third parties: Social media networks, job vacancy and recruitment platforms, advertising websites, and internet service providers.
  • Professional advisers: Professional service providers such as lawyers, bankers, auditors, accountants and insurers who provide legal, banking, auditing, accounting, insurance and consultancy services.
  • Third parties involved in a corporate transaction: The prospective or actual purchaser of all or substantially all of Crimson’s assets or shares (whether through merger, reorganisation, acquisition, dissolution or other fundamental corporate change), and their professional advisers, to the extent required. Your Personal Data will likely be one of the assets transferred as part of the transaction.
  • Public authorities: Regulatory, governmental, compliance or judicial bodies (federal, state, city or otherwise), to the extent required for legal reasons.

Crimson may share aggregated information, such as statistical data to show trends about the general use of our Services. Where such disclosure is public, it will be on an anonymised basis only.

–––

6. What are your rights relating to Personal Data?

Your rights

Where provided by applicable law, you may have the following rights concerning your Personal Data:

  • to request a copy of your Personal Data;
  • to correct, delete or restrict processing of your Personal Data;
  • know more about how we process your Personal Data; and
  • object to the processing of your Personal Data in certain circumstances (such as opting out of our direct marketing activities).

These rights apply only to Personal Data that we actually hold and may be limited in certain circumstances. For example, we may fully or partially deny your request if fulfilling it would reveal personal information about another individual. Any request to delete Personal Data may be limited where such data must be kept in order to fulfil any legal or reporting obligations, or where it may be relied on to defend any claims made against us.

You also have the right to not provide us with your Personal Data, although this may mean we are unable to carry out the Services or otherwise perform our agreement with you. As set out under Section 4, you may adjust your web browser or operating system settings to prevent certain types of automatic data collection, although this may result in our Services not functioning as intended.

Exercising your rights

To exercise your rights, please contact us using the information in Section 12 below. In order to respond to any request, your Personal Data may be processed. We will aim to respond to legitimate requests within a reasonable timeframe, unless a specific deadline is required by law. Occasionally it will take us longer to respond, taking into account the complexity and number of requests we receive. If your request is denied, we will explain the reasons for the refusal.

You may be able to exercise your rights by editing or deleting your Personal Data by logging into and accessing the “My Account”, “My Profile” or a similar feature within the Service you are using. By doing so, you may be able to update or delete certain Personal Data.

Crimson may send you direct marketing communications using the Personal Data you provide to us. You can opt-out of receiving marketing communications at any time by clicking the unsubscribe link at the bottom of our emails, or by emailing us at info@crimsoneducation.org.

–––

7. How do we keep your Personal Data safe?

Crimson takes appropriate technical, organisational and physical measures to help safeguard Personal Data against accidental, unlawful, or unauthorised alteration, destruction, loss or disclosure. Some of the security controls we use include encryption, two-factor authentication and identity verification, educational measures, and appropriate contractual confidentiality obligations for employees and contractors.

While we follow generally accepted standards to protect Personal Data, no method of storage or transmission is 100% secure. You remain responsible for limiting access to your devices, protecting your password, and signing out of websites and applications after each session.

–––

8. How long do we keep Personal Data?

Crimson will retain and process your Personal Data for as long as we have a legal basis to do so. We will delete certain Personal Data once we no longer have a business reason to retain it. However, certain types of Personal Data may need to be retained even after you discontinue the Services in order for us to comply with legal, business and reporting obligations. This may include information related to our business and contractual transactions with you, and will be retained for as long as required to fulfil our legal obligations.

Upon expiry of the applicable retention period, your Personal Data will be deleted. In the event that any Personal Data cannot be entirely deleted from our systems due to technical reasons, we will implement appropriate measures to prevent its further use.

–––

9. How do we process Personal Data for children under 13?

Crimson’s Services are not intended for children under the age of 13 except in limited situations under the direct supervision of an appropriate adult. In these circumstances, Crimson is authorised to collect only the Personal Data that is necessary to deliver the Services and with consent from the minor’s parent, guardian or caregiver (or in some cases, the participating school). Our COPPA Disclosure provides more information about the collection and use of Personal Data for those under the age of 13.

If you believe we have mistakenly or unintentionally collected Personal Data of a minor without appropriate consent, please contact us by using the information in Section 12 below.

–––

10. Do we transfer your Personal Data internationally?

Crimson is a global organisation. Your Personal Data may be collected, transferred to and stored by Crimson, affiliates or third parties that may be in your jurisdiction or in other jurisdictions. Therefore, your Personal Data may be processed outside your country or jurisdiction, including in places that are not subject to an adequacy decision by the European Commissioner or your local legislature or regulator, and may not provide for the same level of data protection. We ensure that the recipient of your Personal Data offers an adequate level of protection and security, including by making sure such processing will be in a manner and for a purpose consistent with this Privacy Policy.

–––

11. Will this Privacy Policy Change?

This Privacy Policy will be updated from time to time to accommodate and reflect changes to industry practices, new technologies, legal requirements, and other factors. If we make any changes, the “last updated” date at the top of this page will be modified, and the revised version will be published. We encourage you to periodically review this Privacy Policy so that you remain informed about the Personal Data we collect, how we use it, and under what circumstances it may be disclosed.

Under certain circumstances, such as where we make a material change to this Privacy Policy or where required by law, we will notify you of such changes before they come into effect. This may include posting a notice on our website or by contacting you directly. Where required under applicable law and feasible, we will seek your consent to these changes.

–––

12. Contacting us

Crimson has a Data Protection Committee (headed by a Data Protection Officer) to oversee our compliance with data protection obligations. The Data Protection Officer also handles data subject access requests (or similar) and liaises with data privacy regulators in each jurisdiction Crimson operates in.

To exercise your rights regarding your Personal Data, or if you have any questions regarding this Privacy Policy or our data privacy practices, please email us at privacy@crimsoneducation.org or write to us at:

Crimson Education Data Protection Officer
c/- Director, Legal & Compliance
18 Viaduct Harbour Avenue
Auckland 1010
New Zealand

When you contact us, please ensure you provide all relevant information to assist with your request or query, including the jurisdiction you reside in.

Crimson is committed to working with you to fairly resolve any complaint or concern about privacy. However, if you believe that we have not been able to assist with your complaint or concern, you may wish to exercise your right to lodge a complaint with the appropriate authority in your jurisdiction. If you work or reside in a country that is a member of the European Union or that is in the European Economic Area, you may find the contact details of the appropriate authority here. Otherwise, you may be able to locate the contact details of the appropriate authority in your jurisdiction here.