Privacy Statement, Privacy Shield Notice & Cookie Policy
Last updated: 12/19/2019
WE ENCOURAGE YOU TO READ THIS PRIVACY STATEMENT CAREFULLY TO UNDERSTAND OUR PRIVACY PRACTICES. BY USING OUR WEBSITE, YOU ACKNOWLEDGE THAT YOU HAVE READ AND YOU UNDERSTAND THIS PRIVACY STATEMENT. IF YOU DO NOT AGREE TO THE TERMS AND CONDITIONS OF THIS PRIVACY STATEMENT, PLEASE DO NOT USE OUR WEBSITE.
We at CrossCountry Consulting (“CrossCountry,” “we,” “us” or “our”) respect your concerns about privacy and value the relationship that we have with you. This Privacy Statement explains what information we collect, how we intend to use that information, and how we may share that information with third parties.
This Privacy Statement applies only to the websites and services controlled by CrossCountry, where this Privacy Statement is posted (the “Site(s)”). Your use of the Sites is also subject to our Terms and Conditions.
When we refer to our Site, we mean the specific webpages of CrossCountry-Consulting.com and to specific webpages with a URL starting:
www.crosscountry-consulting.com
www.insights.crosscountry-consulting.com
https://jobs.lever.co/crosscountry-consulting/
In addition to this Privacy Statement, CrossCountry Consulting has self-certified to the EU-U.S. Privacy Shield. Please view our Privacy Shield Notice for more information.
To contact us with questions about this Privacy Statement or any other privacy-related issues, see “How to Contact Us,” below.
CrossCountry and its compliance with this Privacy Statement are subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
Information We Collect
In general, you can visit our Site without telling us who you are, but you may choose to subscribe to our blog, apply for a job, or contact us. In these cases, you will be asked to provide personal information such as those below:
- Contact information: First name, last name, email address, phone number
- Employment information: Company name, resume content
- Social media information: LinkedIn profile
- Technology usage information: Web pages you visit, search terms entered, browser, operating system, IP address, device identifiers (See our Cookies Notice for more ways we collect information through our use of cookies)
- Other information you provide to us: Additional content and information that you voluntarily provide us, such as when you post a comment, submit a complaint, or send us feedback
If you object at any time to the collection or processing of any of the data categories above, or other data that is collected during your interactions with us, we may not be able to continue providing some or all of our services to you as a candidate or client.
Personal Information We Collect from Third parties About You
In addition to the information we collect on our own, the personal information we process collected from third parties may include:
- Contact information: First name, last name, email address, phone number
- Demographic information: Gender, age, date of birth, ethnicity, and social security number
- Employment information: Company name, resume content
- Social media information: LinkedIn profile
- Technology usage information: Web pages you visit, search terms entered, browser, operating system, IP address, device identifiers (See our Cookies Notice for more ways we collect information through our use of cookies)
- Other information you provide to us: Additional content and information that you voluntarily provide us, such as when you post a comment, submit a complaint, or send us feedback
How We Use Your Personal Information
CrossCountry uses your personal information for a number of purposes including the following:
- Provide and administer our services to you
- Provide you with support and to respond to inquiries
- Measure and improve those services and features
- Internal record keeping
- Invite you to participate in surveys or research about CrossCountry
- Alert you to updated information from CrossCountry or other third parties, or to forward promotional materials
- To inform you of upcoming events
- Analyze and improve the activities and content offered by the CrossCountry website to provide you with the most user-friendly navigation experience. We may also use and disclose information in aggregate (so that no individuals are identified) for marketing and strategic development purposes
- Notify you about a material change to this Privacy Statement, if necessary, or to contact you in response to sign-up forms
- Protect the rights of CrossCountry and others. There may be instances when we may disclose your personal information, including situations where we have a good faith belief that such processing is necessary in order to:
- Protect, enforce or defend the legal rights, privacy, safety or property of CrossCountry, our affiliates or their employees, agents and contractors (including enforcement of our agreements and terms and conditions)
- Protect the safety, privacy and security of users of our Site(s) or members of the public
- Protect against fraud or for risk management purposes;
- Comply with applicable laws or legal process and/or respond to requests from public and government authorities.
- For any other legitimate business reasons
Our Legal Bases for Processing
We process personal information per applicable law and with transparency and fairness. Our processing activities are conducted on one of the following bases for processing:
- With your consent
- In order to fulfill our contractual obligations to you
- For the legitimate purpose of operating our business, including to improve and develop our services to members, for fraud prevention purposes, and to improve users’ experience
- As otherwise determined in compliance with the law
Will We Contact You for Marketing Purposes?
CrossCountry will contact you for marketing purposes where you have provided us with consent to do so in accordance with applicable law.
Please see “Your Rights Regarding Your Personal Information” for information on how to change your communication preferences, including opting-out of future marketing communications.
Information We Share
We will use your personal information within CrossCountry for the purposes for which it was obtained. CrossCountry may share your personal information with the following categories of recipients:
- Service providers helping to administer the services, products, programs and events. Our service providers are required by contract to protect the confidentiality of the personal information we share with them and to use it only to provide specific services on our behalf.
- Subsidiaries and affiliates to better serve CrossCountry and its evolving needs.
- Third parties who provide products and services of interest to CrossCountry clients.
- Competent authorities including law enforcement, in order to comply with applicable laws or court orders.
Your Rights Regarding Your Personal Information
If we collected personal information directly from and about you, and you do not want to receive marketing communications from CrossCountry, you may change your contact preferences or unsubscribe by using the link included in each of our emails, or by contacting us as shown in “How to Contact Us” below.
Under current data protection laws and regulations, you also have the right to:
- Receive notification of data processing, sharing, or sale of personal information
- Obtain confirmation as to whether or not your personal information exists, and to be informed of its content and source, verify its accuracy and request its completion, update or amendment.
- Request, in a usable format, an electronic copy of your personal information if you would like such a copy for yourself or in order to port your personal information.
- Request the deletion, anonymization or restriction of the processing of your personal information processed in breach of the applicable law.
- Object to the processing of your personal information for legitimate reasons.
- Lodge a complaint with the relevant data protection supervisory authority
- Obtain equal services and pricing
The above rights are subject to applicable limitations and restrictions. In certain cases, your request may be denied based on a legitimate exception such as where we are prevented from disclosing such information based on legal requirements, fraud prevention or security concerns. For more information or to make a request, please contact:
Chief Operating Officer
1600 Tysons Blvd, Suite 1100
McLean, VA 22102
privacy@crosscountry-consulting.com
866.945.4462
Remember that even if you ask us to delete your personal information, copies of some information from your account may remain viewable in some circumstances where, for examples, you have shared information with other services. Because of the nature of caching technology, your account may not be instantly inaccessible to others. We may also retain backup information related to your account on our servers for some time after cancellation or your request for deletion, to comply with applicable law.
How Long Your Personal Information is Stored
We will retain your personal information for the period necessary to fulfill the purposes outlined in this Privacy Statement, unless a longer retention period is 1) necessary for the relevant activities or services, 2) subject to a mandated retention period required by litigation or investigation, or 3) otherwise required or permitted by law.
International Data Transfers:
For individuals located in the EU, your personal information may be transferred to countries outside the EU, in particular to the United States. We have appropriate and suitable safeguards in place to protect your personal information and the transfer of your personal information, as evidence by our certification under the EU-US Privacy Shield framework. See our Privacy Shield Notice for more details. CrossCountry may also use Standard Contractual Clauses for cross border data transfers to other countries that do not have an adequate level of data protection according to EEA standards.
If you choose to provide us with personal information, it will be stored in the US and may be stored in other jurisdictions. CrossCountry may transfer that information to its service providers, affiliates and subsidiaries, across borders, and from your country or jurisdiction to other countries or jurisdictions around the world. If you are visiting the Site from the EU or other regions with laws governing data collection and use, please note that your personal information is transferred to the US and may be transferred to other jurisdictions. The US does not, and these other jurisdictions may not, have the same data protection laws as the EU and may not afford many of the rights conferred upon data subjects in the EU. By providing your personal information, you acknowledge and agree to:
- The use of your personal information for the uses identified above in accordance with this Privacy Statement; and
- The transfer of your personal information to the United States as indicated above.
Links to Other Sites
Occasionally we may provide links to third-party websites for your convenience and information. The fact that we include links to other websites does not mean that CrossCountry approves of or endorses any other third party website or the content of that website. These sites operate independently from CrossCountry and are not under our control. CrossCountry takes no responsibility for the content of external Internet sites. These sites may have their own privacy notices in place, which we strongly suggest that you review if you choose to visit any linked websites. With the exception of any site(s) to which we refer you to apply for a job with CrossCountry or to receive other CrossCountry specific services, we are not responsible for the content of these sites, any products or services that may be offered through these sites, or any other use of these sites. We accept no liability for any statements, information, products, or services that are published on or are accessible through any websites owned or operated by third parties.
Data Protection
CrossCountry maintains reasonable physical, administrative, and technical safeguards to protect your personal information against unauthorized disclosure, use, alteration, or destruction, and we require the third-party service providers and business partners that we work with to do the same. No data transmissions over the Internet can be guaranteed to be 100% secure. Consequently, we cannot ensure or warrant the security of any information you transmit to us and you understand that any information you transfer to CrossCountry is done at your own risk.
Once we receive your transmission, we make commercially reasonable efforts to ensure security on our systems. If we learn of a security systems breach, we may attempt to notify you electronically so that you can take appropriate protective steps. By using the Sites or providing personal information to us, you agree that we can communicate with you electronically regarding security, privacy and administrative issues relating to your use of the Sites. We may post a notice on our Sites if a security breach occurs. We may also send an email to you at the email address you have provided to us in these circumstances. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.
Children’s Privacy
CrossCountry’s Site and consulting services are not directed to or intended for use by children under age 13. Accordingly, we do not knowingly collect information directly from anyone under 13 years of age. Where appropriate, CrossCountry will specifically instruct children not to submit such information to our Site. If we become aware that a child has provided us with personal information without parental consent, or a parent or guardian of a child contacts us as shown in “How to Contact Us” below, we will delete the child’s information from our databases.
Do Not Track Mechanisms
At this time our Sites do not recognize automated browser signals regarding tracking mechanisms, which may include “Do Not Track” instructions.
Choice of Law
This Privacy Statement has been made in, and shall be governed, construed and enforced in accordance with the laws of the Commonwealth of Virginia, without giving effect to any conflict of law principles. Notwithstanding the provision in the preceding paragraph with respect to applicable substantive law, any arbitration conducted pursuant to the terms of this Privacy Statement shall be governed by the Federal Arbitration Act (9 U.S.C. §§ 1-16).
Changes or Updates to this Privacy Statement
We may update or change this Privacy Statement from time to time and without prior notice to you. We will post a notice on our Site to notify you of any significant changes to our Privacy Statement and indicate at the bottom of the Statement when it was most recently updated.
How to Contact Us
Your visit to the Sites is subject to this Privacy Statement and Terms and Conditions. If you have any questions, comments or concerns regarding our privacy practices or this Privacy Statement, please contact us at the postal and email addresses below.
Chief Operating Officer
1600 Tysons Blvd, Suite 1100
McLean, VA 22102
privacy@crosscountry-consulting.com
866.945.4462
December 19, 2019
Please view our Privacy Statement for more information about our privacy practices. If there is any conflict between the terms in our Privacy Statement and the Privacy Shield Principles, the Privacy Shield Principles shall govern.
CrossCountry adheres and complies to the requirements of the EU-US Privacy Shield Frameworks as set forth by the U.S. Department of Commerce with respect to personal information transfers from the European Economic Area (“EEA”) to the United States. We have certified our participation in the Privacy Shield Frameworks to the Department of Commerce. The CrossCountry registration can be viewed at https://www.privacyshield.gov/list.
Information pertaining to (i) information we collect, (ii) how we use your personal information, and (iii) information we share can be found in our Privacy Statement.
Commitment to the Privacy Shield Principles
CrossCountry’s accountability for personal information it receives under the Privacy Shield is described in the Privacy Shield Principles. The Privacy Shield Principles comprise a set of seven commonly recognized privacy principles: Notice; Choice; Accountability for Onward Transfer; Security; Data Integrity and Purpose Limitation; Access; and Recourse, Enforcement and Liability. If data is subsequently transferred to a third party, we remain responsible and liable under the Privacy Shield Principles if our third-party agents process personal data on our behalf in a manner inconsistent with the Principles, unless we can demonstrate that we are not responsible for the event giving rise to the damage.
Enforcement
CrossCountry is subject to the investigatory and enforcement powers of the United States Federal Trade Commission. CrossCountry may be required to disclose personal information to law enforcement, regulatory or other government agencies, or to other third parties, in each case to comply with legal, regulatory, or national security obligations or requests.
Right to Access
An individual has the right to access personal data CrossCountry holds about them as specified in the Privacy Shield Principles. An individual may contact us using the information below to correct, amend, or delete information where it is inaccurate or has been processed in violation of the principles. The individual will need to provide sufficient identifying information, such as name, address, and birth date. We may request additional identifying information as a security precaution such as possibly a national identifier (e.g. a Social Security number). In addition, we may limit or deny access to personal information where providing such access would be unreasonably burdensome or expensive in the circumstances, or where the rights of persons other than the individual would be violated. In some circumstances, we may charge a reasonable fee, where warranted, for access to personal information.
Any questions or complaints concerning our Privacy Shield compliance, or requests to access, correct, amend, delete, or limit the use or disclosure of personal information (opt out) may be directed to:
Chief Operating Officer
1600 Tysons Blvd, Suite 1100
McLean, VA 22102
privacy@crosscountry-consulting.com
Independent Dispute Resolution
CrossCountry will take steps to address questions, issues, or concerns relating to its compliance with the EU-US Privacy Shield Principles. CrossCountry has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.
CrossCountry Consulting has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU in the context of the employment relationship.
Arbitration
If you are located in the EEA and have exhausted all other means to resolve your concern regarding a potential violation of CrossCountry’s obligations under the Privacy Shield Principles, you may seek resolution via binding arbitration. For additional information about the arbitration process please visit the Privacy Shield website at https://www.privacyshield.gov.
Amendments
We may amend this Privacy Shield Notice from time to time by posting a revised policy on this website, or a similar website that replaces this site. If we amend the Privacy Shield Notice, the new Privacy Shield Notice will apply to personal data previously collected only insofar as the rights of the individual affected are not reduced. So long as we adhere to the Privacy Shield Principles, we will not amend our policy in a manner inconsistent with the Privacy Shield Principles.
Contact Us
Please use the contact information above if you have any questions, comments, complaints, or concerns about our Privacy Shield Notice, the EU-US Privacy Shield Principles, or other privacy-related practices. We will attempt to respond promptly to your inquiries.
Last updated January 17, 2020
What are cookies?
Cookies are small text files that are placed on your computer by the websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. The use of cookies is now standard for most websites.
Managing cookies on your device
We use temporary session cookies to maintain the functionality of our online services during your visit to our Site, including permitting you to navigate among our webpages and access content. These temporary cookies contain no information that personally identifies you, they are not stored, we do not combine them with other information that we collect, and they only exist until you exit our Site and close your browser. If you register for a user account with us, we may use permanent cookies to identify you as a registered user and remember you and your preferences when you return to our Site. Any such permanent cookies will be encrypted and will only be functional on this Site. You can refuse to accept permanent cookies and you can also choose to delete such cookies from your computer and/or browser by using any of the widely available methods, but if you do so, you may be unable to experience the full benefits of our Site and of your user account, including some of the interactive features of our Site.
How to control cookies
If you are uncomfortable with the use of cookies, you can manage and control them through your browser, including removing cookies by deleting them from your ‘browser history’ (cache) when you leave the site.
Most browsers allow you to view, manage, delete and block cookies for a website. Be aware that if you delete all cookies then any preferences you have set will be lost, including the ability to opt-out from cookies as this function itself requires placement of an opt out cookie on your device. Guidance on how to control cookies for common browsers is linked below.
Consent
When you visit our website for the first time, we will show you a pop-up with an explanation about cookies.
Third Parties
We have made agreements about the use of cookies with other companies that place cookies. However, we cannot guarantee that these third parties handle your personal data in a reliable or secure manner. Parties such as Google are to be considered as independent data controllers. We recommend that you read the privacy statements of these companies.
Your Rights with Respect to Personal Data
Under current data protection laws and regulations, you have the right to:
- Receive notification of data processing, sharing, or sale of personal information
- Obtain confirmation as to whether or not your personal information exists, and to be informed of its content and source, verify its accuracy and request its completion, update or amendment.
- Request, in a usable format, an electronic copy of your personal information if you would like such a copy for yourself or in order to port your personal information.
- Request the deletion, anonymization or restriction of the processing of your personal information processed in breach of the applicable law.
- Object to the processing of your personal information for legitimate reasons.
- Lodge a complaint with the relevant data protection supervisory authority
- Obtain equal services and pricing
Categories of Cookies We Use
Below is a detailed list of the cookies we use on our website. We classify cookies in the following categories:
- Strictly Necessary: Strictly Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
- Performance: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
- Functionality: These cookies allow the website to remember choices you make (such as your user name, language or the region you are in) and provide enhanced, more personal features.
- Social: We use social buttons to enable our users to share or bookmark web pages. These are buttons for third party social media sites and these sites may log information about your activities on the Internet including on this Website.
- Marketing & Advertising: Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.
- Unclassified: Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
Use of Cookies
STRICTLY NECESSARY COOKIES
| Provider | Cookie Name | Function/Description | Retention |
| HubSpot | __cfduid (.hs-scripts.com) | Cookie associated with sites using CloudFlare used to speed up page load times. According to CloudFlare it is used to override any security restrictions based on the IP address the visitor is coming from. It does not contain any user identification information. | 29 days |
| HubSpot | __cfduid (.hs-analytics.net) | Cookie associated with sites using CloudFlare used to speed up page load times. According to CloudFlare it is used to override any security restrictions based on the IP address the visitor is coming from. It does not contain any user identification information. | 29 days |
| HubSpot | __cfduid (.hsleadflows.net) | Cookie associated with sites using Cloud Flare used to speed up page load times. According to CloudFlare it is used to override any security restrictions based on the IP address the visitor is coming from. It does not contain any user identification information. | 29 days |
| HubSpot | __cfduid(.hubspot.com) | Cookie assoiated with sites using CloudFlare used to speed up page load times. According to CloudFlare it is used to override any security restrictions based on the IP address the visitor is coming from. It does not contain any user identification information. | 29 days |
| Unclassified | PHPSESSID | Cookie generated by applications based on the PHP language. This is a general purpose identifier used to maintain user session variables. It is normally a random generated number, how it is used can be specific to the site, but a good example is maintaining a logged-in status for a user between pages. | Session |
PERFORMANCE
| Provider | Cookie Name | Function/Description | Retention |
| HubSpot | __hssc | This cookie name is associated with websites built on the HubSpot platform. It is reported by them as being used for website analytics. | Session |
| HubSpot | __hssrc | This cookie name is associated with websites built on the HubSpot platform. It is reported by them as being used for website analytics. | Session |
| HubSpot | __hstc | This cookie name is associated with websites built on the HubSpot platform. It is reported by them as being used for website analytics. | 390 days |
| First Party | easy_cookies_policy_check | This cookie informs users that the site uses cookies in compliance with European Cookie law. | Session |
| _gat | This cookie name is associated with Google Universal Analytics according to documentation it is used to throttle the request rate – limiting the collection of data on high traffic sites. It expires after 10 minutes. | 1 Minute | |
| _gid | This cookie name is associated with Google Universal Analytics. This appears to be a new cookie and as of Spring2017 no information is available from Google. It appears to store and update a unique value for each page visited. | 24 hours | |
| _ga | This cookie name is associated with Google Universal Analytics- which is a significant update to Google and more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor although this is customizable by website owners. | 365 days |
FUNCTIONALITY
| Provider | Cookie Name | Function/Description | Retention |
| HubSpot | hubspotutk | This cookie is used to keep track of a visitor’s identity. This cookie is passed to HubSpot on form submission and used when deduplicating contacts. | 390 days |
SOCIAL
| Provider | Cookie Name | Function/Description | Retention |
| ShareThis | __stidv | ShareThis Social Tracking Cookie | 365 days |
| ShareThis | __stid | ShareThis Social Tracking Cookie | 365 days |
MARKETING & ADVERTISING
| Provider | Cookie Name | Function/Description | Retention |
| Samesite | Clinch.co | Third Party Personalized Advertising Cookie | Unclassified |
Selling Data to Third Parties
We do not sell data to third parties.
Contact Details
Chief Operating Officer
1600 Tysons Blvd, Suite 1100
McLean, VA 22102
privacy@crosscountry-consulting.com
(866) 945-4462
