Crater Privacy Policy

Last Updated May 25th, 2018

At Crater, we see privacy as essential to communication. CRATER has carefully implemented  privacy by design and default. We ensure that personal information is properly protected. Our systems have protection designed into them and access to data is strictly controlled and only given when required.

This privacy policy summarizes what information Crater Group Co (“Crater”, “we”, or “us”) may collect from a registered user or other visitor (“you”), and what we will and will not do with it.

Please note that this privacy policy does not govern the collection and use of information by companies that we do not control, nor by individuals who we do not employ or manage. If you visit a website that we mention or link to, be sure to review its privacy policy before providing the site with information.

What we do with your personally identifiable information

It is always up to you whether to disclose personally identifiable information to us, although if you elect not to do so, we reserve the right not to register you as a user or provide you with any products or services. “Personally identifiable information” means information that can be used to identify you as an individual, such as:

For Clients:

  • your name, company, email address, phone number, billing address, and shipping address
  • your Crater username and password
  • credit card information
  • any account-preference information you provide us
  • your computer’s domain name and IP address, indicating where your computer is located on the Internet
  • session data for your login session, so that our computer can “talk” to yours while you are logged in

For Consumers:

  • your name, email address, and phone number
  • your origin and destination home addresses, if provided
  • your computer’s domain name and IP address, indicating where your computer is located on the Internet
  • credit card information, if applicable
  • video and still images of you and your household goods items

If you do provide personally identifiable information to us, either directly or through a reseller or other business partner, we will:

  • not sell or rent it to a third party without your permission—although unless you opt out (see below), we may use your contact information to provide you with information we believe you need to know or may find useful, such as news about our services and products and modifications to the Terms of Service;
  • take commercially reasonable precautions to protect the information from loss, misuse, and unauthorized access, disclosure, alteration, and destruction;
  • not use or disclose the information except:
  • as necessary to provide services or products you have ordered, such as providing it to a carrier to deliver products you have ordered;
  • in other ways described in this privacy policy or to which you have otherwise consented;
  • in the aggregate with other information in such a way so that your identity cannot reasonably be determined (for example, statistical compilations);
  • as required by law, for example, in response to a subpoena or search warrant;
  • to outside auditors who have agreed to keep the information confidential;
  • as necessary to enforce the Terms of Service;
  • as necessary to protect the rights, safety, or property of Crater, its users, or others; this may include exchanging information with other organizations for fraud protection and/or risk reduction.

Other information we collect

We may collect other information that cannot be readily used to identify you, such as the domain name and IP address of your computer. We may use this information, individually or in the aggregate, for technical administration of our website(s); research and development; customer- and account administration; and to help us focus our marketing efforts more precisely.

Cookies

Crater uses “cookies” to store personal data on your computer. We may also link information stored on your computer in cookies with personal data about specific individuals stored on our servers. If you set up your web browser (for example, Google Chrome or Mozilla Firefox) so that cookies are not allowed, you might not be able to use some or all of the features of our website(s).

We use cookies  for the following purposes:

  • Necessary purposes: To let you login and to ensure site security. Without this type of technology, our Services won’t work properly or won’t be able to provide certain features and functionalities.
  • Performance purposes: To analyse how visitors use a website, in order to provide a better user experience. We also use tracking to check if you have opened our emails, so we can see if they are being delivered correctly.
  • Personalisation purposes To remember choices you have made — such as language or region.

How to manage & remove cookies
If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. The Help menu on the menu bar of most browsers also tells you how to prevent your browser from accepting new cookies, how to delete old cookies, how to have the browser notify you when you receive a new cookie and how to disable cookies altogether.

 

You can also visit http://www.aboutcookies.org for more information on how to manage and remove cookies across a number of different internet browsers.

External data storage sites

We may store your data on servers provided by third party hosting vendors with whom we have contracted.

Your privacy responsibilities

To help protect your privacy, be sure:

  • not to share your username or password with anyone else;
  • to log off the Crater website when you are finished;
  • to take customary precautions to guard against “malware” (viruses, Trojan horses, bots, etc.), for example by installing and updating suitable anti-virus software.

Information collected from children

You must be at least 16 years old to use Crater’s website(s) and service(s). Crater does not knowingly collect information from children under 16. (See the U.S. Children’s Online Privacy Protection Act.)

European Union Data Protection Directive

The Article 29 Working Party, set up under the E.U. Data Protection Directive of the European Parliament and of the Council, is made up of representatives from the data protection authorities of all E.U. Member States and from the European Commission.

All data on our website(s) and service(s) is stored on Amazon Web Services (“AWS”) servers. The Article 29 Working Party has:

  • approved the AWS Data Processing Agreement which includes the Model Clauses, and
  • found that the AWS Data Processing Agreement meets the requirements of the Directive with respect to Model Clauses.

This means that the AWS Data Processing Agreement is not considered “ad hoc”. For more information on E.U. Data Protection on AWS, visit: aws.amazon.com/compliance/eu-data-protection.

The Luxembourg Data Protection Authority (“CNPD”) acted as the lead authority on behalf of the in accordance with procedure of the Article 29 Working Party. For more detail on the approval of the AWS Data Processing Agreement from the Article 29 Working Party, visit:
cnpd.public.lu/en/actualites/international/2015/03/AWS

Having signed the Data Processing Addendum, we (Crater) are also a part of the agreement with E.U. Model Contract Clauses.

Compliance with EU-U.S. Privacy Shield

Crater complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, respectively. Crater has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

Collection, Use, and Onward Transfer of Personal Data

Crater collects, uses, and discloses EU and Swiss Personal Information relating to customers and clients for the purposes of providing virtual survey and cubing services. We may provide this personal information only to contracted third parties for the same purpose of providing survey and cubing services. Such third parties include contracted surveyors and cubers. If we transfer personal information received under the Privacy Shield to a third party, the third party’s access, use, and disclosure of the personal data must also be in compliance with our Privacy Shield obligations, and we will remain liable under the Privacy Shield for any failure to do so by the third party unless we prove we are not responsible for the event giving rise to the damage. We may also be required to disclose personal information that we handle under the Privacy Shield in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Means for Individuals to Limit Use and Disclosure of Personal Data

With respect to Personal Data we may share with our third parties, we provide customers and clients an opportunity to opt-out of such sharing. Please email us at security@crater.co if you would like to opt-out. We do not use Personal Data for purposes incompatible with the purposes for which the information was originally collected. Should you opt-out as described above, Crater may not be able to provide you with the services you have requested or access certain features of your system.

Rights of Access to Personal Data

Individuals may obtain access to EU and Swiss Personal Data about them that Crater holds. For this purpose, “access” means the individual’s right to: (i) obtain from Crater confirmation of whether or not Crater is processing Personal Data relating to them; (ii) have communicated to them Personal Data relating to them so that they can verify its accuracy and lawfulness of the processing; and (iii) have the Personal Data corrected, amended, or deleted where it is inaccurate or processed in violation of the Principles. Individuals may request access to their Personal Data by contacting security@crater.co.

Inquiries and Complaint Handling

In compliance with the Privacy Shield Principles, Crater commits to resolve complaints about our collection or use of your personal information. European Union and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact us at security@crater.co. Crater has further committed to refer unresolved Privacy Shield complaints to BBB EU Privacy Shield, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit BBB EU Privacy Shield for more information or to file a complaint. Their services are at no cost to you. To learn more about BBB EU Privacy Shield dispute resolution or to refer a complaint visit here.

Invoking Binding Arbitration

Individuals have the right, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. For additional information on binding arbitration visit: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

Federal Trade Commission Jurisdiction

The Federal Trade Commission (FTC) has jurisdiction over Crater’s compliance with the Privacy Shield. We may be required to disclose personal information that we handle under the Privacy Shield in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Changes to this privacy policy

We reserve the right to change this privacy policy as we deem necessary or appropriate because of legal compliance requirements or changes in our business practices. If you have provided us with an email address, we will endeavor to notify you, by email to that address, of any material change to how we will use personally identifiable information.

Questions or comments?

If you have questions or comments about Crater’s privacy policy, email us at security@crater.co or contact us via crater.co/contact. Thanks for choosing Crater!