Transfer of Personal Data to US
In carrying out the CAI Services, we may collect personal data about data subjects being relocated or receiving other CAI Services either from our corporate clients or directly from data subjects, in either case using questionnaires or similar processes. We do not collect personal data of such data subjects other than as provided to us by corporate clients or directly by the data subjects themselves.
CAI is located in the United States. As described below under “EU-U.S. and Swiss-U.S. Privacy Shield,” CAI adheres to the EU-U.S. and Swiss-U.S. Privacy Shield Principles for the protection of personal data received from data subjects in the European Economic Area (EEA) and Switzerland. If you are located in a jurisdiction with comprehensive laws regulating personal data other than the EEA or Switzerland, please be aware that personal data you provide to CAI is being transferred to and stored in a jurisdiction that may not provide the same level of protection for such data as those of your own jurisdiction. If you do not agree with this, please do not use the CAI Services.
Personal Data Collected and Purposes for Use
In the course of its business, CAI collects the personal data described below for the purposes described below.
- Data Subjects Receiving CAI Services
CAI’s corporate clients make requests of CAI under which data subjects associated with these clients receive CAI Services such as relocation or cultural awareness training services. As part of this process, CAI collects data about the data subjects from the controller (CAI’s clients) and/or the data subjects themselves are presented with CAI questionnaires, which may request personal data such as name, email address, phone numbers, intended city and country of relocation, birthdate, citizenship, languages spoken, as well as similar information for family members receiving similar services. Where necessary to facilitate the CAI Services, financial information such as salary may be requested. Additional personal data may be requested electronically, in person or by phone in the course of providing CAI Services where necessary to carry out the requested CAI Services. All such personal data is used in order to carry out the requested CAI Services. As part of this use, personal data may be shared with the designated subcontractors as described below under “How We Share Your Data” or with third parties where necessary to carry out the contracted CAI Services (for example, with a rental company as necessary to arrange housing).
- Data from Business Relationships
CAI collects and stores certain personal data in the course of maintaining its business relationships, such as with its corporate clients, partners and subcontractors. Data collected may include corporate name, address and phone number (where applicable), as well as the name, email address, mailing address, and phone number of the individual representatives of such clients, partners or subcontractors with whom CAI transacts business. This data is collected and processed in order to carry out business transactions requested by such clients or partners, in order to receive and make payment on such business transactions, and to communicate with such persons about our services or other information we believe of interest. Please see “Your Choices and Opt-Out” below for information on how data subjects associated with our clients, partners and subcontractors may direct how we use their personal data.
- Website Data
If you submit personal data to us via our website, we will use the information in order to respond to your requests.
- Non-Personal Information
When you visit our website, we collect non-personal information such as your Internet browser type, operating system, and the IP address of the website from which you are linked to our website. We use this information to help us tailor the presentation of the website in a manner to better match your computer settings, interests and preferences.
- Google Analytics
- General Uses
We may also use personal in order to analyze and improve our products and services, to better understand our clients and their needs, to investigate or settle any disputes, to collect amounts due to us, and to meet our legal obligations such as providing personal data requested under subpoena or other mandatory legal process or by a government authority.
How We Share Your Data
We will not share your personal data with third parties without your permission, other than (i) as necessary or appropriate to carry out the CAI Services, (ii) comply with applicable law, court order or other judicial processes, (iii) enforce or apply agreements with you, (iv) protect the rights, property, or safety of us, other users or third parties, (v) as noted in the two paragraphs immediately following below, or (vi) as otherwise required or permitted under applicable law.
In the unlikely event of a corporate transaction such as a sale or reorganization, or the bankruptcy or similar restructuring of CAI or part of CAI, we reserve the right to disclose and/or transfer your personal and other data to potential buyer(s) as part of such process. Your personal data will not be sold or assigned separately from the goodwill of our company.
We may also hire contractors to provide certain services to our clients on our behalf, including localized relocation and cultural awareness training services. In such cases, we transfer to such subcontractors the personal data about data subjects necessary to enable the subcontractors to carry out their contracted services. All such subcontractors are required under agreements to maintain all personal data in confidence and to use the data only in order to provide the requested services.
Your Choices and Opt-Outs
CAI may communicate with you regarding CAI Services, planned events, or other subjects using emails. You may choose to discontinue receiving any promotional emails by following the opt-out instructions contained in the email or otherwise by contacting us as described below under “Contact Us.” Please allow at least ten (10) days for us to process any such request.
Children Under 16
Our website and our CAI Services are not directed to children under the age of 16. If you are a child under the age of 16, please do not use the website.
CAI has reasonable organizational, technical, and administrative security measures in place to protect the loss, misuse, and alteration of the personal data under our control. Within our organization, only our employees who need to access the information to perform a specific task have access to your personal data. However, in the course of providing the CAI Services, some personal data is being transmitted via email over the Internet. No electronic data transmission can be guaranteed as 100% secure. As a result, while we strive to protect your personal data during transmission, we cannot ensure or warrant the security of any personal data you transmit to us or receive from us.
EU-U.S. and Swiss-U.S. Privacy Shield
- Our Role as Controller/Processor
We collect and process data in different capacities. As data controller, we collect and process personal data directly from our corporate clients, partners and vendors. As data processor, we process data obtained from our corporate clients in the course of providing CAI Services to those clients. In that context, we only process personal data on behalf of and on instructions from such clients, who are the data controller. We take reasonable steps to ensure that the personal data we process is relevant and reliable for its intended use, accurate, complete, and current to the extent necessary for the purposes for which we use it. We will not process personal data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by our clients. We will adhere to the Privacy Shield Principles for as long as we retain the personal data collected under Privacy Shield Frameworks. When we process personal data on behalf of our clients, we process and retain personal data as necessary to provide the CAI Services, or as required or permitted under applicable law.
- Complaints Under Privacy Shield
- Third Party Transfers
CAI remains accountable for personal data that it receives under the Privacy Shield and any subsequent transfers to a third party as described in the Privacy Shield Principles. CAI remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless CAI proves that it is not responsible for the event giving rise to the damage.
- Enforcement of Privacy Shield
CAI’s commitments under the Privacy Shield are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. CAI may be compelled to disclose personal data in response to lawful requests by public authorities, including for purposes of national security or law enforcement.
- Rights of Access/Correction/Deletion
In compliance with the Privacy Shield Principles, individuals in the EEA and Switzerland have the right to: receive confirmation of whether CAI possesses personal data about them; to request access to the personal data that CAI maintains about them; and to request deletion of their personal data, or corrections or limitations on the use of such personal data. Such requests shall be processed and a response given within the timeframes set out under applicable law. If you have purchased services or have opted-in to receive our marketing communications, you may opt to no longer receive these messages as set forth in “Your Choices and Opt-Outs” above.
Third Party Websites and Social Media Websites
CAI is not responsible for and has no liability for the privacy or other practices of any third-party Social Media platforms or other sites linked on our website. CAI recommends that you review the privacy policies of each third-party website or Social Media platform that you visit or provide data to.
Suggestions, materials, or other intellectual property sent to us are the property of CAI, and you hereby relinquish any claim to such items, or for remuneration for the same. All such items are deemed non-confidential and we shall have no obligation of any kind with respect to such items and shall be free to use and distribute them to others, including making products or services using or incorporating them.