Cultural Awareness International, Inc. (“CAI” or “we/us”) believes in the importance of data privacy. This Privacy Policy describes CAI’s practices with respect to the collection and handling of personal data in its relocation services and cultural awareness training businesses (collectively, “CAI Services”). As used in this document, “personal data” means data that may be used to identify a living individual or that is about a specific individual, such as name, email address or phone number. “Data subject” or “you” refers to an individual whose personal data is being collected and processed.
Transfer of Personal Data to US
In carrying out the CAI Services, we may collect personal data about data subjects being relocated or receiving other CAI Services either from our corporate clients or directly from data subjects, in either case using questionnaires or similar processes. We do not collect personal data of such data subjects other than as provided to us by corporate clients or directly by the data subjects themselves.
CAI is located in the United States. As described below under “EU-U.S. Data Privacy Framework Principles” “the UK Extension to the EU-U.S. Data Privacy Framework Principles” and “Swiss-U.S. Data Privacy Framework Principles”, CAI adheres to the EU-U.S., UK Extension, and Swiss-U.S. Data Privacy Framework Principles for the protection of personal data received from data subjects in the European Economic Area (EEA), UK, and Switzerland. If you are located in a jurisdiction with comprehensive laws regulating personal data other than the EEA, UK, or Switzerland, please be aware that personal data you provide to CAI is being transferred to and stored in a jurisdiction that may not provide the same level of protection for such data as those of your own jurisdiction. If you do not agree with this, please do not use the CAI Services.
Personal Data Collected and Purposes for Use
In the course of its business, CAI collects the personal data described below for the purposes described below.
- Data Subjects Receiving CAI Services
CAI’s corporate clients make requests of CAI under which data subjects associated with these clients receive CAI Services such as relocation or cultural awareness training services. As part of this process, CAI collects data about the data subjects from the controller (CAI’s clients) and/or the data subjects themselves are presented with CAI questionnaires, which may request personal data such as name, email address, phone numbers, intended city and country of relocation, birthdate, citizenship, languages spoken, as well as similar information for family members receiving similar services. Where necessary to facilitate the CAI Services, financial information such as salary may be requested. Additional personal data may be requested electronically, in person or by phone in the course of providing CAI Services where necessary to carry out the requested CAI Services. All such personal data is used in order to carry out the requested CAI Services. As part of this use, personal data may be shared with the designated subcontractors as described below under “How We Share Your Data” or with third parties where necessary to carry out the contracted CAI Services (for example, with a rental company as necessary to arrange housing). - Data from Business Relationships
CAI collects and stores certain personal data in the course of maintaining its business relationships, such as with its corporate clients, partners and subcontractors. Data collected may include corporate name, address and phone number (where applicable), as well as the name, email address, mailing address, and phone number of the individual representatives of such clients, partners or subcontractors with whom CAI transacts business. This data is collected and processed in order to carry out business transactions requested by such clients or partners, in order to receive and make payment on such business transactions, and to communicate with such persons about our services or other information we believe of interest. Please see “Your Choices and Opt-Out” below for information on how data subjects associated with our clients, partners and subcontractors may direct how we use their personal data. - Website Data
If you submit personal data to us via our website, we will use the information in order to respond to your requests. - Non-Personal Information
When you visit our website, we collect non-personal information such as your Internet browser type, operating system, and the IP address of the website from which you are linked to our website. We use this information to help us tailor the presentation of the website in a manner to better match your computer settings, interests and preferences. - Cookies
In order to help make sure you receive information that is relevant to you, our website uses data “cookies.” Cookies are small text files that are stored on a user’s computer that identify a specific user the next time they access the website. We use session cookies in order to control the routing of requests to our servers, as well as to make it easier for you to navigate our website. This is an anonymous cookie and no personal data is stored. A session cookie expires when you close your browser. Cookies help us learn which areas of our website are useful and which areas need improvement. We will not use cookies to collect any personal information about you. You may configure your browser to prevent cookies from being set on your computer. - Google Analytics
Our website uses Google Analytics, a web analysis service provided by Google Inc., (“Google”). Google Analytics uses cookies, as described above. The information generated by the cookie regarding your use of the website is normally transferred to a Google server in the US and is stored there. As the IP anonymize function is activated on our website, your IP address will, within Member States of the European Union or other contracting states of the Agreement on the European Economic Area, first be shortened by Google. Only in exceptional cases will Google transfer the full IP address to a Google server in the USA and will shorten it there. On behalf of the operator of our website, Google will use this information to analyze your usage of the site, to compile reports on website activities, and to provide further services to the website provider relating to the usage of our site and the internet. The IP address transferred by your browser within the framework of Google Analytics will not be combined by Google with other data. In case you prevent the storage of cookies by setting your browser software accordingly, you may possibly not be able to fully use all features on our site. Furthermore, you can prevent collection by Google of the data generated by the cookie and relating to your use of our site (including your IP address), as well as processing of these data by Google, by downloading and installing the browser plug-in. - General Uses
We may also use personal in order to analyze and improve our products and services, to better understand our clients and their needs, to investigate or settle any disputes, to collect amounts due to us, and to meet our legal obligations such as providing personal data requested under subpoena or other mandatory legal process or by a government authority.
How We Share Your Data
We will not share your personal data with third parties without your permission, other than (i) as necessary or appropriate to carry out the CAI Services, (ii) comply with applicable law, court order or other judicial processes, (iii) enforce or apply agreements with you, (iv) protect the rights, property, or safety of us, other users or third parties, (v) as noted in the two paragraphs immediately following below, or (vi) as otherwise required or permitted under applicable law.
In the unlikely event of a corporate transaction such as a sale or reorganization, or the bankruptcy or similar restructuring of CAI or part of CAI, we reserve the right to disclose and/or transfer your personal and other data to potential buyer(s) as part of such process. Your personal data will not be sold or assigned separately from the goodwill of our company.
We may also hire contractors to provide certain services to our clients on our behalf, including localized relocation and cultural awareness training services. In such cases, we transfer to such subcontractors the personal data about data subjects necessary to enable the subcontractors to carry out their contracted services. All such subcontractors are required under agreements to maintain all personal data in confidence and to use the data only in order to provide the requested services.
Your Choices and Opt-Outs
CAI may communicate with you regarding CAI Services, planned events, or other subjects using emails. You may choose to discontinue receiving any promotional emails by following the opt-out instructions contained in the email or otherwise by contacting us as described below under “Contact Us.” Please allow at least ten (10) days for us to process any such request.
Children Under 16
Our website and our CAI Services are not directed to children under the age of 16. If you are a child under the age of 16, please do not use the website.
Security
CAI has reasonable organizational, technical, and administrative security measures in place to protect the loss, misuse, and alteration of the personal data under our control. Within our organization, only our employees who need to access the information to perform a specific task have access to your personal data. However, in the course of providing the CAI Services, some personal data is being transmitted via email over the Internet. No electronic data transmission can be guaranteed as 100% secure. As a result, while we strive to protect your personal data during transmission, we cannot ensure or warrant the security of any personal data you transmit to us or receive from us.
EU-U.S., UK Extension, and Swiss-U.S. Data Privacy Framework
CAI complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. CAI has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. CAI has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/
The following portions of this Privacy Policy are applicable as between CAI and EEA/UK/Swiss individuals (as provided under applicable law including the General Data Protection Regulation):
- Our Role as Controller/Processor
We collect and process data in different capacities. As data controller, we collect and process personal data directly from our corporate clients, partners and vendors. As data processor, we process data obtained from our corporate clients in the course of providing CAI Services to those clients. In that context, we only process personal data on behalf of and on instructions from such clients, who are the data controller. We take reasonable steps to ensure that the personal data we process is relevant and reliable for its intended use, accurate, complete, and current to the extent necessary for the purposes for which we use it. We will not process personal data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by our clients. We will adhere to the Data Privacy Framework Principles for as long as we retain the personal data collected under Data Privacy Framework. When we process personal data on behalf of our clients, we process and retain personal data as necessary to provide the CAI Services, or as required or permitted under applicable law. - Complaints Under EU-U.S., UK Extension, and Swiss-U.S. Data Privacy Framework
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, CAI commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU and UK individuals and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact CAI via the methods described below in the “Contacting Us” portion of this Privacy Policy. CAI will respond to your concern of compliance with the Data Privacy Framework within 45 days of receipt. For any complaints that cannot be resolved satisfactorily with CAI directly, you may contact the ICDR/AAA Data Privacy Framework Program, which is the independent third-party dispute resolution body chosen by CAI. The ICDR serves as the independent recourse mechanism for U.S. companies across the country. When designating the ICDR (the international division of the American Arbitration Association) you may contact them at the following website. This dispute body has committed to respond to complaints and to provide appropriate recourse at no cost to you. If neither CAI nor ICDR/AAA Data Privacy Framework Program resolves your complaint, a binding arbitration option is available to you to resolve residual complaints that have not been resolved by the other means offered by the Data Privacy Framework Program. This arbitration is managed by the Data Privacy Framework Panel. - Third Party Transfers
CAI remains accountable for personal data that it receives under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, the Swiss-U.S. DPF and any subsequent transfers to a third party as described in the Data Privacy Framework Principles. CAI remains responsible and liable under the Data Privacy Framework Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless CAI proves that it is not responsible for the event giving rise to the damage. - Enforcement of Data Privacy Framework
CAI’s commitments under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. CAI may be compelled to disclose personal data in response to lawful requests by public authorities, including for purposes of national security or law enforcement. - Rights of Access/Correction/Deletion
In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, individuals in the EEA, UK, and Switzerland have the right to: receive confirmation of whether CAI possesses personal data about them; to request access to the personal data that CAI maintains about them; and to request deletion of their personal data, or corrections or limitations on the use of such personal data. Such requests shall be processed and a response given within the timeframes set out under applicable law. If you have purchased services or have opted-in to receive our marketing communications, you may opt to no longer receive these messages as set forth in “Your Choices and Opt-Outs” above.
Third Party Websites and Social Media Websites
CAI is not responsible for and has no liability for the privacy or other practices of any third-party Social Media platforms or other sites linked on our website. CAI recommends that you review the privacy policies of each third-party website or Social Media platform that you visit or provide data to.
Suggestions
Suggestions, materials, or other intellectual property sent to us are the property of CAI, and you hereby relinquish any claim to such items, or for remuneration for the same. All such items are deemed non-confidential and we shall have no obligation of any kind with respect to such items and shall be free to use and distribute them to others, including making products or services using or incorporating them.
Contacting Us
Should you have any questions or concerns about the privacy of your data or this Privacy Policy, please contact us at dwise@culturalawareness.com and we will strive to resolve them.
Effective Date of Privacy Policy: May 21, 2018