Privacy Policy

Last Updated and Effective Date: January 2023

This Privacy Policy describes how Crowley (“we,” or “us”) uses, discloses, and processes your personal information. Your continued use of our website and/or apps means that you accept the terms of this Privacy Policy. We reserve the right to change this Privacy Policy at any time. If we change our Privacy Policy, we will post an updated version on this website. Please check back periodically to see if our Privacy Policy has been updated. Updates to the Privacy Policy will be referenced by the “Last Updated” date shown above.

Personal Information We Collect About You and Its Business Purpose

We collect personal information for a variety of business reasons as indicated in the charts below. Please note the specific pieces of personal information we may collect about you can vary depending on the nature of your interactions with us. The term “personal information” as used in this Privacy Policy means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. “Personal information” does not include: (i) publicly available information or lawfully obtained, truthful information that is a matter of public concern; or (ii) information that is deidentified or aggregate consumer information.

We also collect “sensitive personal information”, as set forth below. Sensitive personal information means personal information that reveals information such as: (a) social security, driver’s license, state identification card, or passport number; (b) account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; (c) precise geolocation; (d) racial or ethnic origin, religious or philosophical beliefs, or union membership; (e) the contents of a consumer’s mail, email, and text messages unless we are the intended recipient of the communication; and (f) genetic data. Sensitive personal information that is publicly available is not considered sensitive personal information or personal information.

Set for the below are the categories of personal information we collected and have collected in the preceding 12 months, the categories of sources from which the personal information was collected, and the business purpose for such collection.

Category of Personal Information	Examples	Categories of Sources from which Personal Information Collected	Business or Commercial Purpose for Collection
PERSONAL INFORMATION
Identifiers	Real name Alias Postal address Unique personal identifier Online identifier Internet protocol address Email address Phone number Unique account name	Directly from you Automatically, when you visit our website, such as cookies on our websites (see below for more information) Automatically from systems that we use, such as for operations, logistics, shipping and corporate services	For processing operations, logistics, shipping, corporate, transactional and other services we provide For reporting purposes For analytics purposes For diagnostic purposes
Any personal information described in subdivision (e) of Section 1798.80 of California Civil Code (Not Included in Other Rows)	Signature Insurance policy number Financial information	Directly from you Automatically from systems that we use, such as for operations, logistics, shipping and corporate services	For processing operations, logistics, shipping, corporate, transactional and other services we provide For reporting purposes For analytics purposes
Protected Characteristics	Race Sex/gender Marital status Military or veteran status Disability Request for family care leave Request for leave Age (over 40)	Directly from you Automatically from systems that we use, such as for shipping and corporate services	For processing operations, logistics, shipping, corporate, transactional and other services we provide For reporting purposes For analytics purposes
Commercial Information	Products or services purchased, obtained, or considered Other purchasing or consuming histories or tendencies	Directly from you Automatically from systems that we use, such as for operations, logistics, shipping and corporate services	For processing operations, logistics, shipping, corporate, transactional and other services we provide For reporting purposes For analytics purposes
Internet Information	Electronic network activity information Website activity Information regarding interaction with an internet website application	Directly from you Automatically	For information security For legal purposes For reporting purposes For analytics purposes
Geolocation Data	IP address	Automatically	For information security For legal purposes For reporting purposes For analytics purposes
Audiovisual Information	Security cameras Recordings of meetings	Directly from you Automatically	For security For keeping records of meetings
Professional Information	Professional certifications CV information Work-related Information	Directly from you Automatically from systems that we use, such as for shipping and corporate services	For reporting purposes For analytics purposes
Education Information	Professional certifications CV information	Directly from you Automatically from systems that we use, such as for shipping and corporate services	For reporting purposes For analytics purposes
SENSITIVE PERSONAL INFORMATION
Sensitive Protected Characteristics	Race Union membership	Directly from you Service providers, including Core HCM and Taleo Consumer reporting agencies	For reporting purposes For analytics purposes To comply with law or regulations

We do not “sell” your personal information, nor do we have actual knowledge of any “sale” of personal information of minors under 16 years of age, as the term “sell” is commonly understood. However, we use third party companies such as Meta (Facebook and Instagram), Twitter, LinkedIn and Google to place ads on their sites who may collect your personal information. We also use Google Analytics to ensure website functionality and improve our website and services. This software may record information such as your IP address, location, age and gender, browser type and language, operating system, access time, duration of visit, pages you view within our website, search terms you enter and other actions you take while visiting us, the pages you view immediately before and after you access the services, how often you use our Services, aggregated usage and performance data, app errors and debugging information. You may opt-out of having your activity on our website made available to Google Analytics by installing the Google Analytics browser add-on, available here: https://tools.google.com/dlpage/gaoptout. These companies use the information in accordance with their privacy policies, which we encourage you to review. Their use of your personal information may constitute a sale under California law.

We may also use your personal information, including the identifiers, commercial information, internet information and geolocation, identified above, for cross-context behavioral advertising (targeted advertising).

In addition, we have disclosed personal information to our service providers and contractors for during the last 12 months for the following business purposes.

Auditing of Ad Impression: For auditing purposes related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.
Services on Our Behalf: In order to receive services performed on our behalf, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on our behalf.
Advertising and Marketing Services: To provide advertising or marketing services on our behalf.
Research & Development: For our internal research related to technological development and demonstration.
Quality Control & Improvement of Products and Services: To verify, maintain, and improve our products and services.

The following chart sets forth the categories of personal information we disclose for a business purpose.

Categories of Personal Information that We Disclose	Business Purposes for the Disclosure of Personal Information
PERSONAL INFORMATION
Identifiers	Auditing of Ad Impression Services on Our Behalf Advertising and Marketing Services Research & Development Quality Control & Improvement of Products and Services
Any personal information described in subdivision (e) of Section 1798.80 of California Civil Code (Not Included in Other Rows)	Services on Our Behalf
Protected Characteristics	Services on Our Behalf
Commercial Information	Auditing of Ad Impression Services on Our Behalf Advertising and Marketing Services Research & Development Quality Control & Improvement of Products and Services
Internet Information	Auditing of Ad Impression Services on Our Behalf Advertising and Marketing Services Research & Development Quality Control & Improvement of Products and Services
Geolocation Data	Auditing of Ad Impression Services on Our Behalf Advertising and Marketing Services Research & Development Quality Control & Improvement of Products and Services

As Necessary: We may also disclose personal information, as necessary: (a) to comply with any legal process; (b) to respond to requests from public and government authorities; (c) to enforce our terms and conditions; (d) to protect our operations and protect our rights, privacy, safety or property, and/or that of you or others; and (e) to allow us to pursue available remedies or limit the damages that we may sustain. We may also use personal information in connection with or during negotiation of any reorganization, acquisition, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).

We only use sensitive personal information for purposes disclosed herein. We do not use or disclose sensitive personal information for purposes other than those specified herein.]

Our Retention Policy – How Long We Keep Your Personal Information

We will retain each category of your personal information identified above for an amount of time that is reasonably necessary for us to use the information for the purposes disclosed herein and for any other permitted purposes, including retention of personal information pursuant to any applicable contract, law or regulation. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

Your Rights if You Are a Resident of California

The rights set forth in this section apply only to California residents.

California Rights

California residents have certain rights, which are described below. Please note that these rights are subject to certain exceptions and certain of these rights are subject to verification mechanisms.

Right to Know Personal Information Collected About You You have the right to know: (1) the categories of personal information we have collected about you; (2) the categories of sources from which the personal information is collected; (3) the business or commercial purpose for collecting, selling, or sharing personal information; (4) the categories of third parties to whom we disclose personal information; and (5) the specific pieces of personal information we have collected about you. You may submit a request by emailing your request to dataprivacy@crowley.com or contacting us by phone at (888) 912-4847.
Right to Know Personal Information Disclosed, Sold or Shared and to Whom Since we sell, share and/or disclose your personal information, as described above, you have the right to request that we disclose to you: (1) the categories of personal information that we collected about you; (2) the categories of personal information that we sold or shared about you and the categories of third parties to whom the personal information was sold or shared, by category or categories of personal information for each category of third parties to whom the personal information was sold or shared; and (3) the categories of personal information that we disclosed about you for a business purpose and the categories of persons to whom it was disclosed for a business purpose. You may submit a request by emailing your request to dataprivacy@crowley.comor contacting us by phone at (888) 912-4847.
Right to Request Deletion of Your Personal Information You have the right to request that we delete your personal information. Following receipt of a request, we will let you know what, if any, personal information we can delete from our records. If we cannot delete all of your personal information, we will let you know the reason. You may submit a request by emailing your request to dataprivacy@crowley.com or contacting us by phone at (888) 912-4847.
Right to Correct Inaccurate Information If you believe that any of the personal information we maintain about you is inaccurate, you have the right to submit a request for us to correct that information. Upon receipt of a request, we will use commercially reasonable efforts to correct the information as you direct. You may submit a request by emailing your request to dataprivacy@crowley.com or contacting us by phone at (888) 912-4847.
Right to Opt-Out of the Sale and Sharing of Your Personal Information You may opt-out of the sale or sharing of your personal information by clicking here: https://www.crowley.com/lp/request-data-removal/.
Right to Limit the Use of Your Sensitive Personal Information You have the right to limit the use of sensitive personal information under circumstances. Given the nature of our use of your sensitive personal information, you do not have the right to request that we limit the use of your sensitive personal information.
Right to Non-Discrimination for Exercising Your Rights If you choose to exercise any of your rights, you have the right to not receive discriminatory treatment by us.

Verification Regarding the Rights to Know, Correct and Delete

To help protect your privacy and maintain security in exercising rights to know, correct and/or delete, we will take steps to verify your identity before granting you access to your personal information or complying with the requests to know, delete and/ or the correct.

Our verification procedure may differ depending on whether you have an account with us or not and the request you are making. The following generally describes the verification processes we use:

Password Protected Accounts. If you have a password-protected account with us, we may use existing authentication practices to verify your identity but will require re-authentication before disclosing, correcting or deleting data. If we suspect fraudulent or malicious activity relating to your account, we will require further verification (as described below) before complying with a request to know or delete.
Verification for Non-Accountholders. If you do not have, or cannot access, a password-protected account with us, we will generally verify your identity as follows:
- For requests to know categories of personal information, we will verify your identity to a reasonable degree of certainty by matching at least two data points provided by you with reliable data points maintained by us.
- For requests to know specific pieces of personal information, we will verify your identity to a reasonably high degree of certainty by matching at least three data points provided by you with reliable data points maintained by us. We will also require a declaration, signed under penalty of perjury, that the person requesting the information is the person whose information is the subject of the request or that person’s authorized representative. We will maintain all signed declarations as part of our records.
- For requests to correct or delete personal information, we will verify your identity to a reasonable degree or a reasonably high degree of certainty depending on the sensitivity of the personal information and the risk of harm posed by unauthorized deletion. We will act in good faith when determining the appropriate standard to apply.

If there is no reasonable method by which we can verify your identity, we will state so in response to a request to know or delete personal information, including an explanation of why we have no reasonable method to verify your identity.

If you use an authorized agent to submit a request to know, delete or correct, we may require the authorized agent to provide proof that you gave the agent signed permission to submit the request. We may also require you to do either of the following: (a) verify your own identity directly with us; or (b) directly confirm with us that you provided the authorized agent permission to submit the request. This requirement does not apply if you have provided the authorized agent with power of attorney pursuant to Probate Code sections 4121 to 4130.

We will respond to requests to know, requests to delete and / or delete no later than 45 calendar days. If we cannot verify your request within 45 days, we may deny your request. If necessary, we may take up to an additional 45 days to respond to your request but in such an event will provide you a notice and an explanation of the reason that we will take more than 45 days to respond to your request.

Contact Information

If you have any questions or concerns about our privacy policies and practices, please feel free to contact us at (888) 912-4847 or by email at dataprivacy@crowley.com.

California Employee and Job Applicant Privacy Policy

This California Employee and Job Applicant Privacy Policy (“Privacy Policy”) applies only California residents and describes how Crowley (“we,” or “us”) uses, discloses, and processes your personal information. We reserve the right to change this Privacy Policy at any time. If we change our Privacy Policy, we will post an updated version of it. Please check back periodically to see if our Privacy Policy has been updated. Updates to the Privacy Policy will be referenced by the “Last Updated” date shown above.

Personal Information We Collect About You and Its Business Purpose.

We also collect “sensitive personal information”, as set forth below. Sensitive personal information means personal information that reveals information such as: (a) social security, driver’s license, state identification card, or passport number; (b) account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; (c) precise geolocation; (d) racial or ethnic origin, religious or philosophical beliefs, or union membership; (e) the contents of a consumer’s mail, email, and text messages when we are the intended recipient; and (f) genetic data. Sensitive personal information that is publicly available is not considered sensitive personal information or personal information.

Set forth below are the categories of personal information we collect and have collected in the preceding 12 months, the categories of sources from which the personal information was collected, and the business purpose for such collection.

Category of Personal Information	Examples	Categories of Sources from which Personal Information Collected	Business Purpose for Collection
PERSONAL INFORMATION
Identifiers	Name Postal address Employee ID Internet protocol address Email address Account name Social security number Driver’s license number Passport number Other similar identifiers Cookies, beacons, pixel tags, mobile ad identifiers, or similar technology	Directly from you Automatically when you visit our website, such as cookies on our websites (see below for more information)* Our service providers	To assess your employment application To manage workforce activities and personnel To maintain your contact information To assist you in case of emergency To recruit employees and perform background screening To process payroll and W2 To administer healthcare and other benefits To perform identity verification, accounting, audit, and other internal functions To comply with law or legal process such as tax deductions, reporting, and record-keeping requirements
Any personal information described in subdivision (e) of Section 1798.80 of California Civil Code.	Name Signature Social Security Address Telephone Passport/DL ID Employee Benefit information Education Employment Bank account information Health insurance information	Directly from you Automatically Our service providers	Same as above.
Protected Characteristics	Race Color Religion Sex/gender Gender identity, gender expression Sexual orientation Marital status Medical Condition Military or veteran status National origin Disability Genetic information Age (over 40) Certain family care leave information Certain parental leave information	Directly from you Service providers, including Core HCM and Taleo	To comply with demographic reporting requirement For recruitment purposes To design employee retention programs and diversity initiatives To comply with law or legal process, such as tax deductions, reporting, and record-keeping requirements
Commercial Information	Personal property information	Directly from you Our service providers	In connection with employee relocation purposes
Biometric Information	Fingerprints	Our vendors, including Fieldprint	For government service employees who need top security clearance, this information is uploaded to the government’s system (SWFT) to have a FBI background check (SAC) completed
Internet Information	Electronic network activity information Browsing history Search history Internet protocol address	Directly from you Automatically	To Manage workforce activities and personnel Operate and manage IT and communications systems and facilities To maintain security on our websites and Internet-connected assets To manage employee programs
Geolocation Data	GPS information on trucks Vessel systems data, including vessel routes and positions	Automatically through GPS technology	To track loads on trucks To track vessels
Audiovisual Information	Calls or meetings may be recorded by meeting sites, such as Microsoft Teams	Directly from you Automatically	To keep record of meetings in case necessary to refer to such information
Professional Information	Professional history Employment history Certifications	Directly by you, such as through Core Consumer reports Various other systems* *This information may be collected or stored on various systems, including Core HCM, FileNet, Sharepoint, Teams and Email	To assess your candidacy as an employee To manage workforce activities and personnel To recruit employees and perform background screening To ensure compliance with work-related licensing and credentialing To facilitate a better, safer, and more efficient working environment To monitor, investigate, prevent, and redress potential breaches of applicable policies, regulations, and laws To carry out our obligations and enforce our rights arising from any contracts entered into between you and us
Education Information	Educational history	Service providers, such as HCM Core and Taleo Other sites used to submit resume (i.e. LinkedIn, emails, etc.)	See previous row
Inferences from Other Information	Job evaluation information	Directly from you	Employee assessments
SENSITIVE PERSONAL INFORMATION
Sensitive Personal Identifiers	Social security number Driver’s license number State identification card number Passport number	Consumer reporting agencies, such as Equifax Service providers, such as Core HCM and Taleo Internal Spreadsheets (Shared drive)	This is collected via I-9 completion, background check processing in retained in Core HCM, Equifax/I-9 Express, Taleo
Account Information	Account log-in in combination with any required security or access code, password, or credentials allowing access to an account	Directly by you	To authenticate, reset or unlock your employee account access
Precise Geolocation	GPS information on trucks Vessel systems data, including vessel routes and positions	Automatically through GPS technology	To track loads on trucks To track vessels
Sensitive Protected Characteristics	Racial origin Ethnic origin Religious belief Philosophical belief Union membership	Directly from you Service providers, including Core HCM and Taleo Consumer reporting agencies	See the row above regarding Protected Characteristics
Contents of Communications	Information on emails and messages via Teams lives on the network	Directly from you Automatically	Security Compliance
Health Information	Certain information regarding Family and Medical Leave Act and Americans with Disability Act	Directly from you Service providers	To administer benefits
Sexual Orientation Information	Sexual orientation**	Directly from you	To design employee diversity initiatives

* Cookies are small text files that store information on computer or mobile device, and enable websites like ours to capture and remember information about you. We use cookies and other similar technologies to save your website preferences for future visits, allow you to login automatically, and to compile data about your interactions with our website so that we can offer better website experiences and tools in the future.

** We do not currently collect gender identity, gender expression or sexual orientation information. However, we may collect this in the future for diversity, equity and inclusion purposes.

Personal Information We Disclose About You and Its Business Purpose.

We do not sell or share your personal information, as those terms are defined by the California Consumer Protection Act, as amended by the California Privacy Rights Act, and related regulation.

We do, however, disclose personal information to our service providers and for the following business purposes.

We may disclose personal information for our security and fraud detection services including detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity; and prosecuting those responsible for that activity.
We may disclose personal information in order to receive services performed on our behalf, including maintaining or servicing accounts, providing service for employees, processing or fulfilling requests and transactions, verifying employee information, processing payroll, benefits, expenses and payments, providing analytic services, evaluating and responding to requests, providing storage, or providing other services on our behalf.

The following chart sets forth the categories of personal information we have disclosed for a business purpose over the past 12 months.

Categories of Personal Information that We Disclose	Business Purposes for the Disclosure of Personal Information
PERSONAL INFORMATION
Identifiers	Security and Fraud Detection Services on Our Behalf
Any personal information described in subdivision (e) of Section 1798.80 of California Civil Code.	Security and Fraud Detection Services on Our Behalf
Protected Characteristics	Services on Our Behalf
Commercial Information	Services on Our Behalf
Biometric Information	Security and Fraud Detection Services on Our Behalf
Internet Information	Security and Fraud Detection Services on Our Behalf
Geolocation Data	Security and Fraud Detection Services on Our Behalf
Audiovisual Information	Services on Our Behalf
Professional Information	Security and Fraud Detection Services on Our Behalf
Education Information	Security and Fraud Detection Services on Our Behalf
SENSITIVE PERSONAL INFORMATION
Sensitive Personal Identifiers	Services on Our Behalf
Precise Geolocation	Security and Fraud Detection Services on Our Behalf
Sensitive Protected Characteristics	Services on Our Behalf
Contents of Communications	Services on Our Behalf
Sexual Orientation Information	Services on Our Behalf

We only use sensitive personal information for purposes disclosed herein. We do not use or disclose sensitive personal information for purposes other than those specified herein.

We will retain each category of your personal information identified above for an amount of time that is reasonably necessary for us to use the information for the purposes disclosed herein and for any other permitted purposes, including retention of personal information pursuant to any applicable contract, law or regulation. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

Your Rights if You Are a Resident of California.

The rights set forth in this section apply only to California residents.

California Rights.

. You have the right to know: (1) the categories of personal information we have collected about you; (2) the categories of sources from which the personal information is collected; (3) the business or commercial purpose for collecting information; (4) the categories of third parties to whom we disclose personal information; and (5) the specific pieces of personal information we have collected about you.
. Since we disclose your personal information, as described above, you have the right to request that we disclose to you: (1) the categories of personal information that we collected about you; and (2) the categories of personal information that we disclosed about you for a business purpose and the categories of persons to whom it was disclosed for a business purpose.
. You have the right to request that we delete your personal information. Following receipt of a request, we will let you know what, if any, personal information we can delete from our records. If we cannot delete all of your personal information, we will let you know the reason.
. If you believe that any of the personal information we maintain about you is inaccurate, you have the right to submit a request for us to correct that information. Upon receipt of a request, we will use commercially reasonable efforts to correct the information as you direct.
. As noted, we do not sell or share your personal information. As such, you don’t have this right.
. We only use your sensitive personal information for the following purposes: (i) to that use which is necessary to perform the services reasonably expected by you; (ii) to help to ensure security and integrity; (iii) to perform services on our behalf; (iv) to undertake activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us; and (v) to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by us. Given the nature of our use of your sensitive personal information, you do not have the right to request that we limit the use of your sensitive personal information.
. If you choose to exercise any of your rights, you have the right to not receive discriminatory treatment by us. This includes the right not to be retaliated against for the exercise of your rights.

How to Exercise Your Rights And Related Issues.

You may submit requests regarding your rights to know, delete and correct, described above, by emailing your request to dataprivacy@crowley.com or contacting us by phone at the toll-free number (888) 912-4847.

To help protect your privacy and maintain security in exercising these rights, we will take steps to verify your identity before granting you access to your personal information or complying with the requests to know, delete and/ or the correct.