Privacy Policy

Last Updated and Effective Date: November 30, 2023

This Privacy Policy describes how Crowley (“we,” or “us”) uses, discloses, and processes your personal information.  Your continued use of our website and/or apps means that you accept the terms of this Privacy Policy.  We reserve the right to change this Privacy Policy at any time.  If we change our Privacy Policy, we will post an updated version on this website.  Please check back periodically to see if our Privacy Policy has been updated.  Updates to the Privacy Policy will be referenced by the “Last Updated and Effective Date” date shown above. 

1. Personal Information We Collect About You and Its Business Purpose.

We collect personal information for a variety of business reasons as indicated in the charts below. Please note the specific pieces of personal information we may collect about you can vary depending on the nature of your interactions with us.  The term “personal information” as used in this Privacy Policy means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.  “Personal information” does not include: (i) publicly available information or lawfully obtained, truthful information that is a matter of public concern; or (ii) information that is deidentified or aggregate consumer information.  We also collect certain “sensitive personal information”, which is a subset of personal information, as set forth below. 

Set for the below are the categories of personal information we collected and have collected in the preceding 12 months, the categories of sources from which the personal information was collected, and the business purpose for such collection.  Please note that we may not collect all of the personal information referenced below regarding you and we may not use the personal information that we collect from you for all of the purposes that are listed. 

• Cookies and Other Tracking Technologies. 

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer.  Cookies contain information that is transferred to your computer’s hard drive. We use cookies or similar technologies, such as web beacons and tracking pixels to analyze trends, administer our website, personalize content and ads, track users’ movements around our website to provide you with the most relevant browsing experience, and to gather demographic information about our user base as a whole. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our website or of the service we provide as some of our features or services may not function properly without cookies. 

We use the following cookies:

• Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website.
• Functionality/preference cookies. These are used to recognize you when you return to our website. This enables us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
• Statistical, analytical or performance cookies. These allow us to recognize and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
• Marketing/targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests.
• Third party cookies.  These cookies are placed on your device by a website from a domain other than our website.  Please note that various third parties may also use these types of cookies, over which we have no control. These named third parties may include, for example, advertising networks and providers of external services like web traffic analysis services. These third party cookies are likely to be analytical cookies or performance cookies or targeting cookies.

If you want to remove existing cookies from your device you can do this using your browser options. If you want to block future cookies being placed on your device you can change your browser settings to do this.  Please bear in mind that deleting and blocking cookies may have an impact on your user experience as parts of the site may no longer work. Unless you have adjusted your browser settings to block cookies, our system may issue cookies as soon as you visit our site or click on a link in a targeted email that we have sent you, even if you have previously deleted our cookies.

In addition, we use web beacons and pixels, which are images that can be placed in web pages and some forms of email.  These technologies can be used to deliver cookies and to collect information about your use of the site.  Finally, we may also collect information through tracking pixels. A tracking pixel is a transparent graphic image (usually 1 pixel x 1 pixel or Javascript tag) that is placed on a web page and, in combination with a cookie, allows us to collect information regarding the use of the page of the site that contains the tracking pixel.  We may use tracking pixels to trigger ads on participating websites based on activity tracked from the browser on a device used to visit our Sites.  Other entities may have access to some of this information. 

• Personal Information We Sell, Share or Disclose About You and Its Business Purpose.

We do not “sell” your personal information, nor do we have actual knowledge of any “sale” of personal information of minors under 16 years of age, as the term “sell” is commonly understood (which is in exchange for money).  However, we use third party companies such as Meta (Facebook and Instagram), Twitter, LinkedIn and Google to place ads on their sites who may collect your personal information.  We also use Google Analytics to ensure website functionality and improve our website and services.  This software may record information such as your IP address, location, age and gender, browser type and language, operating system, access time, duration of visit, pages you view within our website, search terms you enter and other actions you take while visiting us, the pages you view immediately before and after you access the services, how often you use our Services, aggregated usage and performance data, app errors and debugging information. You may opt-out of having your activity on our website stored and shared with third party companies by updating your cookie consent settings on the banner located in the bottom left corner of our website. These companies use the information in accordance with their privacy policies, which we encourage you to review.  Please see the Cookies section above for more information.  Their access to and use of your personal information by these third-parties may constitute a sale under California law.

We may also use your personal information, including the identifiers, commercial information, internet information and geolocation, identified above, for cross-context behavioral advertising (targeted advertising).

In addition, we have disclosed personal information to our service providers and contractors for during the last 12 months for the following business purposes.  Please note that we may not disclose all of the personal information regarding you to service providers or contractors for the purposes set forth below. 

• Auditing of Ad Impression: For auditing purposes related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.
• Services on Our Behalf: In order to receive services performed on our behalf, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on our behalf.
• Advertising and Marketing Services: To provide advertising or marketing services on our behalf.
• Research & Development: For our internal research related to technological development and demonstration.
• Quality Control & Improvement of Products and Services: To verify, maintain, and improve our products and services.

The following chart sets forth the categories of personal information we disclose for a business purpose.

As Necessary:  We may also disclose personal information, as necessary: (a) to comply with any legal process; (b) to respond to requests from public and government authorities; (c) to enforce our terms and conditions; (d) to protect our operations and protect our rights, privacy, safety or property, and/or that of you or others; and (e) to allow us to pursue available remedies or limit the damages that we may sustain.  We may also use personal information in connection with or during negotiation of any reorganization, acquisition, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).

We only use sensitive personal information for purposes disclosed herein.  We do not use or disclose sensitive personal information for purposes other than those specified herein.]

• Our Retention Policy – How Long We Keep Your Personal Information.

We will retain each category of your personal information identified above for an amount of time that is reasonably necessary for us to use the information for the purposes disclosed herein and for any other permitted purposes, including retention of personal information pursuant to any applicable contract, law or regulation.  To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

• Video Content.

Our website may include content that is governed by the Video Privacy Protection Act (“VPPA”).  Some of the cookies and other tracking technologies that we have disclosed above may provide to others access to your personal information (or personally identifiable information as that term is used under the VPPA).  To the extent that the VPPA applies to our website, or any content on our website, by using our Sites you explicitly consent to our practices, including those that relate to video contents or otherwise governed by the VPPA.

• Security Measures.

We choose to use suppliers that implement security in accordance with industry practices for good IT security, and we only use encrypted data communications when transferring sensitive and confidential personal information. We also maintain organizational, physical, and technical security arrangements for all the personal information we hold. We have protocols, controls and relevant policies, procedures, and guidance to maintain these arrangements taking into account the risks associated with the categories of personal information and the using we undertake. We store personal information on servers with limited access located in secured facilities, and our security measures are evaluated on an ongoing basis. The servers are protected by anti-virus software and firewalls, among other measures.

• Your Rights if You Are a Resident of California.

The rights set forth in this section apply only to California residents. 

1. California Rights.

California residents have certain rights, which are described below.  Please note that these rights are subject to certain exceptions and certain of these rights are subject to verification mechanisms.

1. Right to Know Personal Information Collected About You.  You have the right to know: (1) the categories of personal information we have collected about you; (2) the categories of sources from which the personal information is collected; (3) the business or commercial purpose for collecting, selling, or sharing personal information; (4) the categories of third parties to whom we disclose personal information; and (5) the specific pieces of personal information we have collected about you.  You may submit a request by emailing your request to dataprivacy@crowley.com or contacting us by phone at (888) 912-4847.
2. Right to Know Personal Information Disclosed, Sold or Shared and to Whom.  Since we sell, share and/or disclose your personal information, as described above, you have the right to request that we disclose to you: (1) the categories of personal information that we collected about you; (2) the categories of personal information that we sold or shared about you and the categories of third parties to whom the personal information was sold or shared, by category or categories of personal information for each category of third parties to whom the personal information was sold or shared; and (3) the categories of personal information that we disclosed about you for a business purpose and the categories of persons to whom it was disclosed for a business purpose.  You may submit a request by emailing your request to dataprivacy@crowley.com or contacting us by phone at (888) 912-4847.
3. Right to Request Deletion of Your Personal Information.  You have the right to request that we delete your personal information.  Following receipt of a request, we will let you know what, if any, personal information we can delete from our records.  If we cannot delete all of your personal information, we will let you know the reason.  You may submit a request by emailing your request to dataprivacy@crowley.com or contacting us by phone at (888) 912-4847.
4. Right to Correct Inaccurate Information.  If you believe that any of the personal information we maintain about you is inaccurate, you have the right to submit a request for us to correct that information.  Upon receipt of a request, we will use commercially reasonable efforts to correct the information as you direct.  You may submit a request by emailing your request to dataprivacy@crowley.com or contacting us by phone at (888) 912-4847.
5. Right to Opt-Out of the Sale and Sharing of Your Personal Information.  You may opt-out of the sale or sharing of your personal information by selecting your opt-out preferences in our cookie banner.
6. Right to Limit the Use of Your Sensitive Personal Information.  You have the right to limit the use of sensitive personal information under circumstances.  Given the nature of our use of your sensitive personal information, you do not have the right to request that we limit the use of your sensitive personal information.
7. Right to Non-Discrimination for Exercising Your Rights.  If you choose to exercise any of your rights, you have the right to not receive discriminatory treatment by us. 

• Verification Regarding the Rights to Know, Correct and Delete.

To help protect your privacy and maintain security in exercising rights to know, correct and/or delete, we will take steps to verify your identity before granting you access to your personal information or complying with the requests to know, delete and/ or the correct.  

Our verification procedure may differ depending on whether you have an account with us or not and the request you are making.  The following generally describes the verification processes we use:

1. Password Protected Accounts.  If you have a password-protected account with us, we may use existing authentication practices to verify your identity but will require re-authentication before disclosing, correcting or deleting data.  If we suspect fraudulent or malicious activity relating to your account, we will require further verification (as described below) before complying with a request to know or delete.
2. Verification for Non-Accountholders.  If you do not have, or cannot access, a password-protected account with us, we will generally verify your identity as follows:

• For requests to know categories of personal information, we will verify your identity to a reasonable degree of certainty by matching at least two data points provided by you with reliable data points maintained by us.
• For requests to know specific pieces of personal information, we will verify your identity to a reasonably high degree of certainty by matching at least three data points provided by you with reliable data points maintained by us.  We will also require a declaration, signed under penalty of perjury, that the person requesting the information is the person whose information is the subject of the request or that person’s authorized representative.  We will maintain all signed declarations as part of our records.
• For requests to correct or delete personal information, we will verify your identity to a reasonable degree or a reasonably high degree of certainty depending on the sensitivity of the personal information and the risk of harm posed by unauthorized deletion.  We will act in good faith when determining the appropriate standard to apply.

If there is no reasonable method by which we can verify your identity, we will state so in response to a request to know or delete personal information, including an explanation of why we have no reasonable method to verify your identity.

If you use an authorized agent to submit a request to know, delete or correct, we may require the authorized agent to provide proof that you gave the agent signed permission to submit the request. We may also require you to do either of the following: (a) verify your own identity directly with us; or (b) directly confirm with us that you provided the authorized agent permission to submit the request.  This requirement does not apply if you have provided the authorized agent with power of attorney pursuant to Probate Code sections 4121 to 4130.

We will respond to requests to know, requests to delete and / or delete no later than 45 calendar days.  If we cannot verify your request within 45 days, we may deny your request.  If necessary, we may take up to an additional 45 days to respond to your request but in such an event will provide you a notice and an explanation of the reason that we will take more than 45 days to respond to your request.  

• Your Rights If You Are a Resident of a State Other Than California.

If you are a resident of a state, other than California, you may have, or may soon have, certain additional rights set forth below.  Please note that some or all of these rights may not apply to you, that they are subject to certain exceptions and certain of these rights are subject to verification mechanisms. 

1. Right to Know:  You have the right to know whether we are processing your personal information, and, if you are a resident of Oregon, the categories of your Personal Information we have processed and the specific third parties to which we have disclosed it.
2. Right of Access: You have the right to access your personal information, and to obtain a copy of it in a readily usable format, if feasible.
3. Right to Correct Inaccuracies: You may request that inaccuracies in your personal information be corrected.  Utah law does not provide for this right.  
4. Right to Delete:  You have the right to request that your personal information be deleted, except in cases where retention is required by law or contractual obligation.
5. Right to Data Portability: You have the right to obtain a copy of your data in a portable and, if feasible, readily usable format.
6. Right to Opt-Out: You may elect to prevent your personal information from being:
   1. Used in targeted advertising;
   1. Sold;
   1. Used for profiling purposes that may produce legal or similarly significant effects.
7. Right to Non-Discrimination for Exercising Your Rights:  If you choose to exercise any of your rights, you have the right to not receive discriminatory treatment by us.
8. Rights Regarding Sensitive Personal Information:  In connection with your Sensitive Personal Information, depending on the state of your residence you may also have the right that: (a) we not process that information without first presenting you with clear notice and an opportunity to opt out of the processing; or (b) we not process that information without obtaining your consent.  Assuming this right applies to you, you have the right to withdraw your previous consent and opt out of further processing of your Sensitive Personal Information. 

Furthermore, assuming you reside in a state that provides the following, if we have actual knowledge that you are 13 years of age and not older than 16 years of age, we will not without your consent process your Personal Information for the purposes of targeted advertising, profiling in furtherance of decisions that produce legal effects or effects of similar significance or selling your Personal Information.

You may submit a request by emailing your request to dataprivacy@crowley.com or contacting us by phone at (888) 912-4847.  When you make a request, to help protect your privacy and maintain security, we will take steps to verify your identity.  Our verification procedure may differ depending on whether you have an account with us or not and the request you are making.  The following generally describes the verification processes we use: 

1. Password Protected Accounts.  If you have a password-protected account with us, we may use existing authentication practices to verify your identity but will require re-authentication before disclosing, correcting or deleting data.  If we suspect fraudulent or malicious activity relating to your account, we will require further verification (as described below) before complying with a request to know or delete.
   1. Verification for Non-Accountholders.  If you do not have, or cannot access, a password-protected account with us, we will generally verify your identity to a reasonable degree of certainty by matching at two or three data points provided by you with reliable data points maintained by us. For valid requests to delete Personal Information, we will verify your identity to a reasonable degree or a reasonably high degree of certainty depending on the sensitivity of the Personal Information and the risk of harm posed by unauthorized deletion. We will act in good faith when determining the appropriate standard to apply.

We may also require a declaration, signed under penalty of perjury, that the person requesting the information is the person whose information is the subject of the request or that person’s authorized representative.  We will maintain all signed declarations as part of our records.

If there is no reasonable method by which we can verify your identity, we will state so in response, including an explanation of why we have no reasonable method to verify your identity.

If you use an authorized agent to submit a request to know, delete or correct, we may require the authorized agent to provide proof that you gave the agent signed permission to submit the request. We may also require you to do either of the following: (a) verify your own identity directly with us; or (b) directly confirm with us that you provided the authorized agent permission to submit the request. 

There may be situations where we cannot grant your request. For example, if you ask us to delete Personal Information that we are obligated to keep to comply with applicable law we may not be able to fulfill some or all of your request. We may also decline to grant your request where our use of your Personal Information serves a legitimate purpose such as for security purposes.  Your request may also be denied if it compromises the privacy of others, is overly repetitive or extremely burdensome to fulfill.  

Information requests under “Right of Access” and “Right to Data Portability” will be transmitted securely. If we cannot fulfill your request, we will notify you of that decision and the reasons why within 45 days. At that point if you believe our decision was in error, you may have the right to submit an appeal using the method(s) above.  If the result is the same, you can also seek assistance and/or redress from your state attorney general.

• Nevada Privacy Notice.

Nevada law provides that Nevada residents may opt-out of the “sale” of “covered information” to third parties, including but not limited to name, address, social security number, and online service activity.  Our uses of your personal information are not sales under Nevada law, so no opt-out right applies.

1. Contact Information.

If you have any questions or concerns about our privacy policies and practices, please feel free to contact us at (888) 912-4847 or by email at dataprivacy@crowley.com.