Who we are
Our website address is: https://crewcible.com.
This policy outlines our protocols and obligations for the collection and management of sensitive or personal information, ‘protected information’, that ensure our compliance with privacy and information laws.
What information is collected, and how
In communicating with us, using our services or accessing our website, there are circumstances in which we may collect personal information from you. Personal information refers to any information that could be used to identify you, or is sensitive in nature. This may include:
- your name, email or other contact details provided by you when you contact us through the website or by other means;
- payment and other financial information provided by you to inform development of contracts and invoices;
- Information collected by cookies on our website, such as browser details, site activity, device information, your IP address and geolocation; and,
- any other information that you provide to us yourself.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you submit personal information to us via the online form, it will be forwarded to our secure information server, where we will be notified of your correspondence. The information we collect is what you provide within the form combined with data collected by cookies which tell us who sent the information.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
How we use your data
We do not transmit or sell any protected data for marketing purposes. We may use your information in order to administer our business, provide a service to you or optimise those services, for example:
- contacting you about a service,
- responding to enquiries,
- monitoring and analysing online trends through Google Analytics and website log files, or
- processing payments or compiling company financial information
Third parties with which we may share your personal information for the purposes of administering our business include, but are not limited to, Notion, Google, Eversign and our financial management.
We may share personal information for the purposes of providing a service that is specific to the needs of a particular project or situation, such as contractors or consultants, site workers, financial institutions, venue staff or other service providers. We will endeavour to inform you before we provide your information to a newly identified third party however there are circumstances where this may not be possible, such as an emergency, where it is unlawful, where it may cause harm to an individual or when we were not reasonably able to do so. In this case, we will provide you with details as soon as we are reasonably able to do so after the event.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
How we protect your data
We are committed to ensuring your information is kept secure and is appropriately managed. Your data will only be transmitted or stored where necessary as part of business operations or as required by law. The systems used to collect, transmit and store data, such as our email servers, web servers and our information management system, are secured through encrypted channels, accessible only by authorised employees, and managed by senior staff as administrators.
- “We use SSL everywhere, within the data center and out.
- Your data is encrypted at rest in our database.
- We run 100% on the cloud, within a virtual private network that cannot be accessed via the public internet, except via our public-facing proxy servers.
- We perform quarterly independent security audits using established security firms.
- We will notify you within 72 hours of learning about a data breach.
- All employees receive regular security training.
- We are in the process of obtaining our SOC2 certificate.”
Whilst we endeavour to take all reasonable steps to ensure your data is secure, it is impossible for us to provide 100% assurance that breaches won’t occur. However, should there be one, it will be managed in accordance with best practice and the law, including any Notifiable Data Breach policy provisions.
What rights you have over your data
You have the right to refuse (opt-out) to the collection of protected information. You also have the right to request deletion of any protected information held by us, where it is lawful for us to do so. By law, we must maintain accurate employment, financial and other operational records in order to satisfy our obligations as a trading entity.
Should you wish to revoke your consent to the collection of your information, request its deletion from our records, or seek further information based on this policy, please advise us by email at firstname.lastname@example.org