Privacy Policy

PRIVACY NOTICE

Last updated on November 2025

This Privacy Notice describes the information collection, use, retention, and sharing practices of CrossCountry Consulting LLC and its affiliates (“CrossCountry”, “we”, “us”, “our”) when you interact with us through our websites listed below (the “Website[s]”) and when you interact with us offline, such as when you contact us via telephone or by other offline means (collectively, the “Services”).

When we refer to our Website[s], we mean the specific webpages of CrossCountry and to specific webpages with a URL starting with the following:

www.crosscountry-consulting.com

http://www.info.crosscountry-consulting.com

www.jobs.lever.co/crosscountry-consulting

OUR ROLE IN DATA PROCESSING

This Privacy Notice explains how we collect, use, and protect personal information on our website. As used in this Privacy Notice, “personal information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular person. Personal information includes “personal data,” as such term is defined under applicable data protection laws.

In the course of our core business activities, we may also process personal information on behalf of our clients. When we act in that capacity, we do so under and in accordance with contractual agreements with our clients that set out our obligations and the safeguards we apply to that information. In such cases, depending on the processing of the data that we do, we would, in many cases, constitute the “data processor” or “service provider” as such terms are defined under applicable data protection laws and process personal information pursuant to the client’s instructions. In such instances, please contact the client with any inquiries or to exercise your privacy rights (aka “data subject rights”) and we will collaborate with the client to fulfill them pursuant to the client’s instructions.

To the extent the General Data Protection Regulation (“GDPR”), Regulation (EU) 2016/679, and the UK Data Protection Act 2018 (“DPA”) apply (collectively referred to in this Privacy Notice as “EU or UK data protection laws”), the entity responsible for the collection and use (processing) of your personal information is CrossCountry Consulting LLC, the data controller. You can contact CrossCountry Consulting LLC at privacy@crosscountry-consulting.com or by mailing a letter to 1600 Tysons Blvd, Suite 1100, McLean, VA 22102.

PERSONAL INFORMATION WE COLLECT, WHY AND FOR HOW LONG

We collect personal information as you engage with our Website when you:

Contact us. When you contact us, we collect, from you, your personal identifiers (name and email address), professional or employment-related information (company name), and any additional information you choose to include in your message. We use this information to respond to your questions or inquiries and to troubleshoot where necessary. To the extent the EU or UK data protection laws apply, the legal basis for the processing of this information is that it is necessary for the performance of the service requested by you.

Subscribe to our newsletter. When you subscribe to our newsletter, we collect, from you, your personal identifiers (email address). We use this information to send you news and updates about our products and services. To the extent the EU or UK data protection laws apply, the legal basis for this processing is your consent. You may revoke your consent at any time with effect moving forward by clicking the “unsubscribe” link included within each email we send to you. However, we will continue to send you service-related messages. We, through our service provider, use tracking pixels to determine whether you open emails, the time of opening, information about the device you use (including IP address), whether you interacted with the email, the topic of the email, whether it was delivered, sender and recipient addresses. We use this information to:
1. measure the effectiveness of our communications and make them more attractive, particularly by improving email subject lines.
2. limit the frequency of sending or stopping it, ensuring emails continue to reach their recipients.
3. detect and analyze suspected fraud.
4. personalize communications based on your interest in received emails and interaction with them. This personalization includes: adapting message content, adjusting sending frequency or communication channel, optimizing campaigns based on reactions (e.g., adjusting email subject lines); and
5. offer tailored content or advertisements on other websites, applications, or communication channels.
Apply for Employment. When you apply for employment on our Careers website, we collect from you your personal identifiers (name, email address, and phone number), your professional or employment-related information (resume/CV and current place of employment), your protected (and sensitive) classifications (employment eligibility verification and visa status), and other information you wish to share. You may optionally Apply with LinkedIn. If you Apply with LinkedIn, information from your LinkedIn profile will be shared with CrossCountry and will be used in accordance with Linkedin’s Terms and Privacy Policy. For additional information about Apply with LinkedIn see here and see LinkedIn’s Privacy Policy. We use this information to evaluate your candidacy for a role with CrossCountry. To the extent the EU or UK data protection laws apply, the legal basis for this processing is our legal obligations to verify employment eligibility and our legitimate interest in evaluating candidates for employment

Interact with us on social media. When you interact with our social media pages on social networking websites, such as X (formerly Twitter), LinkedIn, Facebook (Meta), Instagram (Meta), and Glassdoor (each a “Social Media Page” and collectively, “Social Media Pages”), we collect basic engagement metrics and use it to tailor content and marketing and use it to improve user experience as set forth in this section. Please note that we do not control the use or storage of the information that you have posted to any social networking websites. This information is collected and processed by the social networking websites for their own purposes, including marketing. For more information on how X, LinkedIn, Facebook, Instagram, and Glassdoor use your personal information, please see X’s Privacy Policy, LinkedIn’s Privacy Policy, Facebook’s Privacy Policy, Instagram’s Privacy Policy, and Glassdoor’s Privacy Policy. X, LinkedIn, Facebook, Instagram, and Glassdoor (the “Social Networks”) process personal information in the USA where the laws may be less protective than in your country of residence. For example, in accordance with U.S. laws, in certain circumstances, courts, law enforcement agencies, regulatory agencies, or security authorities in other countries may be entitled to access your personal information.
- Social Media Pages. When interacting with our Social Media Pages, we collect, from you, your personal identifiers (first and last name) and visual information (photograph (i.e., profile picture)), as well as any information that you provide when interacting with our Social Media Pages (e.g., commenting, sharing, and rating). We use this information to advertise our products, for events and invitations, and to communicate with users via the contribution and comment function. To the extent the EU or UK data protection laws apply, the legal basis for the processing is our legitimate interest in advertising our products via our Social Media Pages and communicating with users, customers, and interested parties. Because our Social Media Pages are publicly accessible, when you use them to interact with other users, for example by posting, leaving comments or liking or sharing posts, any personal information that you post in them or provide when registering can be viewed by others or used by them as they see fit. The content posted on our Social Media Pages or other public areas of social networking websites can be deleted in the same way as other content that you have created. If at any time you want content posted to be deleted, please email your request to us at privacy@crosscountry-consulting.com.
- Community Management. We collect, from you, your contact, including “likes”, shares, messages, and other interactions with the content, in order to analyze and evaluate how our content is perceived, to learn from it, and to improve our public relations efforts. To the extent the EU and UK data protection laws apply, the legal basis for analyzing your content is our legitimate interest in organizing, facilitating, and optimizing communication with our users and the general public. If you object to this processing of your personal information and believe you have an overriding interest, you can submit your objection via email to privacy@crosscountry-consulting.com.
- Page Insights. When you visit our Social Media Page, the applicable Social Network records your IP address and other information about your usage behavior on our Social Media Page. The Social Network collects this information through trackers in the browser of your device or via the advertising ID (IDFA from Apple or GAID from Google), when you open the Social Network app through your mobile device (e.g., smartphone or tablet). The Social Network uses this information to provide us with statistical evaluations of the use of our Social Media Page. We receive this information directly from Social Network, in the form of aggregated data and anonymous statistics regarding certain data points, such as: age; gender; city/country; device; inquiries from fans about other Social Media Pages; region and language settings of the users; proportion of men and women; the number of people reached; clicks on posts, “likes” and reactions; comments and shared content; and total video views. We use this information to analyze and improve the advertising campaigns we conduct through our Social Media Pages. We do not collect or process any other personal information in connection with Social Network “Page Insights” function. To the extent the EU and UK data protection laws apply, we are joint controllers with the Social Network for this processing. For the purpose of the EU and UK data protection laws, the legal basis for this processing is our legitimate interest in statistical evaluation of users on our Social Media Page for the improvement and adjustment of our advertising measures based on the information collected. If you object to this processing of your personal information and believe you have an overriding interest, you can submit your objection via email to privacy@crosscountry-consulting.com. We do not retain this information independently. For information on data protection and the storage period on the Social Network in relation to its Insights function, see the Social Network privacy policy linked above. It has been agreed contractually with the Social Network that the Social Network is responsible for providing you with information about the processing for Page Insights.
- Information Processed Solely by Social Networks. We do not know how the Social Networks use personal information for their own purposes, how long the personal information is stored on the Social Networks or whether the Social Networks’ data is passed on to third parties. If you are currently logged in to a Social Network as a user, the Social Network automatically collects, through trackers on your device, your Social Network ID or a link between the Social Network ID and the advertising ID (IDFA from Apple or GAID from Google) when you open the Social Network app through your mobile device (e.g., smartphone or tablet). This enables the Social Network to understand that you have visited our Social Media Page along with other social media pages that you have clicked on, whether you clicked on Social Network buttons integrated into websites that partner with the Social Network, and other online interactions that report user data to the Social Network. Based on this data, content or advertising tailored to you can be offered. You can find more information about the personal information collected by Social Networks, how it is used and how long it is stored by visiting the Social Network’s privacy policies, linked above.

Interact with the Website. In addition to the personal information you provide directly to us, we also collect information from you automatically as you use our Website via cookies, pixels, web beacons, and similar tracking technologies. However, if you are located in the EU or UK, these trackers will not deploy (i.e., collect your information) unless you provide your consent. To the extent the EU or UK data protection laws apply, the legal basis for the placement and access of strictly necessary cookies is the performance of a contract. These cookies are necessary to provide the Website to you. To the extent the EU or UK data protection laws apply to placement of non-essential cookies on the Website, the legal basis for this processing is your consent. You may withdraw your consent at any time with effect moving forward by visiting Your Privacy Choices. We use essential performance, marketing, and analytics cookies to automatically collect certain internet and other electronic network activity information when you interact with the Website. This includes things like Internet Protocol address (e.g. IP address), location, device type, browser type, browser version, the pages of the Website that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data. We use this information to: (i) track you within the Website; (ii) enhance user experience; (iii) conduct analytics to improve the Website; (iv) prevent fraudulent use of the Website; (v) diagnose and repair Website errors, and, in cases of abuse, track and mitigate the abuse; and (vi) market to you more effectively across different web pages and social media platforms based on your browsing habits and history. If you are located in the EU or UK, these trackers will not deploy (i.e., collect your information) unless you provide your consent. You can withdraw your consent at any time, with effect going forward, by visiting Your Privacy Choices. In the US, such third-party marketing and analytics cookies may be considered sale or sharing (i.e., disclosure for targeted advertising purposes) under state data privacy laws. To opt out, please visit Your Privacy Choices.

Google Analytics. We use Google Analytics to collect information on your use of the Website for its improvement. To collect this information, Google Analytics installs cookies on your browser or reads cookies that are already there (for more information about how Google collects and uses the information see here). Google Analytics also receives information about you from applications you have downloaded or services that you use that partner with Google. Google’s ability to use and share information collected by Google Analytics about your visits to the Website or to another application which partners with Google is restricted by the Google Analytics Terms of Use and Privacy Policy. To prevent your data from being used by Google Analytics, you can download the Google Analytics opt-out browser add-on, which can be accessed here. You can also adjust your Ad Settings or change settings in your Google My Activity if you are signed into your Google Account. To opt out, please visit Your Privacy Choices.
Google reCAPTCHA. We employ Google’s reCAPTCHA to safeguard against automated access and fraudulent activities on the Website. To verify your authenticity as a human when you interact with the Website, reCAPTCHA uses cookies to automatically collect your internet or other electronic network activity information (browsing history, mouse movements, clicks, and time spent completing forms) and your online identifiers (IP address, device information, and operating system). This information is transmitted to Google only to assess whether you are genuinely human or an automated “bot,” to improve its services, and for general security purposes. Such information will not be used for any other purpose, such as personalized advertising by Google. Any cookies installed by Google to verify you are a human are governed by its Privacy Policy and Terms of Use as well as Specific Service Terms. We use this information only to protect the Website from unwanted spam and abusive, automated behavior and do not use it for any other purpose.
Hotjar. We use Hotjar to optimize the user experience on our Website, drive engagement, and to identify usability issues and improve completion rates. Hotjar provides us with interactive heatmaps that show where users click and scroll on our Website, which increases our understanding of our Website visitors’ behaviors. For more information regarding Hotjar’s collection and use of personal data, please see the Hotjar Privacy Policy.
Simplifi. We use Simplifi to optimize our online marketing campaigns and to provide interest-based advertisements to our Website visitors. Please review Simplifi’s Privacy Policy for additional information on how Simplifi uses the information collected. To opt out of interest-based advertising by Simplifi, please visit their Opt-Out page. This opt-out is browser specific and you need to opt-out on any additional browsers that may have Simplifi tracking technology.
Ad Services by LinkedIn. We utilize Ad Services by LinkedIn to optimize our online marketing campaigns and to provide targeted advertisements to our Website visitors. Please review LinkedIn’s Privacy Policy for additional information on how LinkedIn uses the information collected. To opt out of targeted advertising by LinkedIn and this sharing, please visit LinkedIn’s Advertising Preferences page.
HubSpot. We use HubSpot to analyze the data traffic on our Website and your behavior while using our Website, which includes page visits, mouse movements, clicks, text entered, and other details. We use this information to gain insights into user behavior on our Website, to enhance website functionality, and to deliver targeted advertisements.

Aggregate and anonymize data. We deidentify and/or aggregate the data we collect and use and share it, in deidentified and/or aggregated form, for benchmarking purposes, advertising, and internal analytics. We maintain and use this data in deidentified form. We will not attempt to reidentify the data unless it is necessary to determine whether our deidentification processes satisfy applicable data protection laws.

CrossCountry will also use the personal information we collect as described in this section to comply with the law, to efficiently maintain our business, and for other limited circumstances as described in HOW WE SHARE YOUR PERSONAL INFORMATION.

DATA RETENTION

Unless otherwise stated in this Privacy Notice, we retain your personal information (i) until we receive a valid request to delete the information, in which case we will delete or anonymize the information after receiving the request within the applicable legal timeline, (ii) until we no longer need the information to fulfill the purposes for which we collected it, or (iii) until the information is no longer needed for a service provider or contractor’s operational purpose(s).

We use the following criteria to determine whether it remains reasonably necessary to retain your personal information for such purposes or a service provider or contractor’s operational purpose(s): (i) whether there is a retention period required by statute or regulations; (ii) the existence of actual or threatened litigation for which we are required to preserve the information; (iii) the statutes of limitations for potential legal claims; and (iv) generally accepted best practices in our industry, including in relation to the safety and security of our properties and assets. When we determine that it is no longer reasonably necessary to retain your personal information for one or more disclosed operational purposes based on the above criteria, we will delete or anonymize your personal information.

HOW WE SHARE YOUR PERSONAL INFORMATION

A. General Sharing

CrossCountry shares personal information as described in the PERSONAL INFORMATION WE COLLECT, WHY AND FOR HOW LONG section, and generally in the following instances:

Within CrossCountry. We share your personal information within CrossCountry for the legitimate business purposes of efficiently and effectively providing the Services, such as accounting and customer service support. Access to your personal information is limited to those on a need-to-know basis. To the extent the EU or UK data protection laws apply, the legal basis for this is our legitimate interest in providing the Services more efficiently.

In the event of a corporate reorganization. In the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, acquisition, sale, joint venture, assignment, consolidation, transfer, change of control, or other disposition of all or any portion of our business, assets or stock, including without limitation bankruptcy or liquidation, we would share personal information with third parties, including the buyer or target (and their agents and advisors) for the purpose of facilitating and completing the transaction. To the extent the EU or UK data protection laws apply, the legal basis for this is our legitimate interest in carrying out our business operations or, if required by law, consent.

For legal purposes. We share personal information where we are legally required to do so, such as in response to court orders, subpoenas, governmental/regulatory bodies, law enforcement, or legal process, including for national security purposes. We may share your information with our legal advisors or auditors to establish, protect, or exercise our legal rights or as required to enforce our terms of service or other contracts or to defend against legal claims or demands. We also share this information with third parties as necessary to: detect, investigate, prevent, or take action against illegal activities, fraud, or situations involving potential threats to the rights, property, or personal safety of any person; to comply with the requirements of any applicable law; or to comply with our legal obligations. To the extent the EU or UK data protection laws apply, the legal basis for this processing is compliance with the law or our legitimate interest in complying with non-EU data protection laws to which we are subject.

With your consent. Apart from the reasons identified above, we may request your permission to share your personal information for a specific purpose. We will notify you and request consent before you provide the personal information or before the personal information you have already provided is shared for such purpose. You may revoke your consent at any time with effect moving forward and may do so by contacting us via email at privacy@crosscountry-consulting.com.

B. Sharing in the Last Twelve (12) Months

For a business purpose. In the preceding twelve (12) months, CrossCountry has disclosed the following categories of personal information for a business purpose to the following categories of service providers or contractors:

We have disclosed your personal information to service providers that assist us in providing the Services. These service providers assist us with the following: information technology (“IT”) support; website hosting; cloud storage; data analysis; customer service; email delivery; marketing; external auditors; payment processing; identity verification; and similar services.

We have disclosed your internet or other electronic network activity information collected by cookies to our IT support to detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, and to identify and repair Website or Services errors.

We have disclosed your internet or other electronic network activity information collected by cookies to our IT support to update, improve, and maintain the Website.

C. Sharing of Personal Information with Third Parties

Sale/share: In the preceding twelve (12) months, CrossCountry has shared your internet or other electronic network activity information collected via cookies and other tracking technologies with our data analytics providers and ad networks as described in PERSONAL INFORMATION WE COLLECT, WHY AND FOR HOW LONG to provide targeted advertising. Such sharing may be deemed a sale or sharing (i.e., disclosure for targeted advertising purposes) under state data privacy laws. To opt out of the sale/sharing through cookies and targeted advertising, please visit Your Privacy Choices.

CROSS-BORDER TRANSFERS

For information transferred in connection with business services to EU clients:

Some of the service providers that we engage for the provision of our Services (as described above) are located in the United States, which has not been found by the European Union nor the United Kingdom Secretary of State to provide an adequate level of protection of personal information, i.e. a level of protection of fundamental rights and freedoms that is essentially equivalent to that guaranteed within the European Union or United Kingdom. However, we have adopted appropriate safeguards to ensure that your personal information remains protected in accordance with the EU and UK data privacy laws. These include implementing the European Commission’s Standard Contractual Clauses (and UK Addendum) for transfers of personal information with our service providers, which require all of them to protect the personal information they process from the EEA in accordance with the EU and UK data protection laws.

For information collected through the website:

As a US-based entity, we collect personal information directly within the United States and so there is no cross-border transfer of personal information. However, we still apply reasonable safeguards to protect such personal information from unauthorized access or use, such as by implementing technical, administrative, and organizational measures and processing the personal information in compliance with the law and with the provisions of this Privacy Notice.

If you are located in a jurisdiction where the jurisdiction’s data protection law requires acknowledgment or requires “consent” as the primary or most suitable legal basis for processing personal information, your agreement or continued use of the Services, along with your acceptance of our Terms and Conditions will constitute your consent to the collection and processing of personal information for the purposes described in this Privacy Notice. This applies whether the requirement for consent as a legal basis is general, based on the types of personal information you choose to provide through the Services, or due to the nature of the processing itself. If at any point you wish to withdraw your consent, you can do so by contacting us at privacy@crosscountry-consulting.com.

YOUR INFORMATION CHOICES

You have the following choices with respect to your personal information:

Correct or View Your Information. You may request to correct or view certain personal information you have provided to us.

Opt Out of Google Analytics. To prevent your personal information from being used by Google Analytics, you can download the Google Analytics opt-out browser, which can be accessed here.

Opt Out of HubSpot. To prevent your personal information from being used by HubSpot, you may opt out here.

Opt Out of Hotjar. To stop Hotjar from collecting and processing your data, please see their page on how to enable Do Not Track in your browser.

Opt Out of Simplifi. If you would like to stop receiving interest-based advertising from Simplifi, please visit their opt-out page here.

Opt Out of LinkedIn. To opt out of targeted advertising by LinkedIn and this sharing, please visit LinkedIn’s Advertising Preferences page.

Opt Out of Advertising Cookies. All session cookies are temporary and expire after you close your web browser. In addition to opting out of certain trackers in Your Privacy Choices, persistent cookies can be removed by following your web browser’s directions. To find out how to see what cookies have been set on your computer or device, and how to reject and delete the cookies, please visit: www.aboutcookies.org. Please note that each web browser is different. To find information relating to your browser, visit the browser developer’s website and mobile application. If you reset your web browser to refuse all cookies or to indicate when a cookie is being sent, some features of our website may not function properly. If you choose to opt out, we will place an “opt-out cookie” on your device. The “opt-out cookie” is browser specific and device specific and only lasts until cookies are cleared from your browser or device. The opt-out cookie will not work for essential cookies. If the cookie is removed or deleted, if you upgrade your browser or if you visit us from a different computer, you will need to return and update your preferences. By clicking on the “Opt-Out” links below, you will be directed to the respective third-party website where your computer will be scanned to determine who maintains cookies on you. At that time, you can either choose to opt out of all targeted advertising, or you can choose to opt out of targeted advertising by selecting individual companies who maintain a cookie on your machine. Our use of third-party marketing and analytics cookies is considered a sale/sharing under certain state privacy laws and is also considered to be what is known as interest-based advertising (IBA). To opt out of the sale/sharing through cookies and IBA across various platforms, please visit the Digital Advertising Alliance’s YourAdChoices program tools (Your Ad Choices) or visit one of the links below.

Network Advertising Initiative (NAI) Opt-Out: www.networkadvertising.org/managing/opt_out.asp
Digital Advertising Alliance (DAA) Opt-Out: optout.aboutads.info
European Union (EU) / European Economic Area (EEA) Opt-Out: www.youronlinechoices.eu
In general, you can also disable cookies by setting your browser to refuse cookies or indicate when a cookie is being sent.

Opt Out of Email Tracking. You can disable this tracking by blocking automatic loading of images in your email.

Opt Out of Marketing Communications. You may opt out of receiving marketing emails from us by clicking the “unsubscribe” link provided at the bottom of each email we send. Please note that we will continue to send you notifications necessary to the services.

YOUR DATA SUBJECT RIGHTS

Individuals in the European Union and United Kingdom are entitled to certain rights under General Data Protection Regulation (“GDPR”) and the Data Protection Act 2018 (“DPA”), respectively. To the extent these laws apply to our processing of your personal information, you are entitled to the following rights:

Right to access. For any of the processing described above, you have the right to ask us for copies of your personal information. However, this right has some exemptions, which means you may not always receive all the personal information we process. Applicable exemptions may include the management information exemption (data that we process for management forecasting or management planning about a business or other activity), or certain instances of ongoing or prior negotiations with the requestor, among others.
Right to rectification. For any of the processing described above, you have the right to ask us to rectify personal information you think is inaccurate or incomplete.
Right to erasure. When we use cookies and other trackers or send you marketing emails, you have the right to request erasure of your personal information that we are not obligated to keep in some cases (also known as the right to be forgotten). For example, you can request us to delete your personal information if: (i) we no longer need the data for the purpose it was collected for, (ii) we process the data based on your consent and you revoke your consent, (iii) you object to our processing based on legitimate interest (and we do not have an overriding legitimate interest), or (iv) you object to our processing for direct marketing purposes. We may not be able to immediately erase your personal information if we have a lawful reason or a legal or contractual obligation to retain the personal information or continue the processing. This right applies to all our data collection and processing except for when you apply for employment and provide us with your work eligibility information.
Right to restrict processing. For any of the processing described above, if you believe that your personal information is inaccurate, that our processing is unlawful, or that we do not need your personal information for a specific purpose, you have the right to request that we restrict the processing of this personal information. You also have the possibility to request that we stop processing your personal information while we assess your request.
Right to object to processing. You have the right to object to our processing of your personal information when the legal basis for the processing is pursuant to our legitimate interests by referencing your personal circumstances. This may apply, for example to processing in connection with our social media pages. If you object to our processing, you may also request us to restrict processing of your personal information while we make our assessment. This right does not apply where we have a legal obligation to collect and process personal information, such as collecting your employment eligibility information.
Right to data portability. You have the right to ask that we transfer the personal information you gave us from one organization to another or give it to you. However, this right only applies when: (i) you have provided your personal information to us; (ii) the legal basis for the processing is your consent or for the performance of a contract; and (iii) the processing is carried out by automated means. You can invoke this right for the processing of the information we automatically collect from you as you interact with the Website via cookies, pixels, and similar tracking technologies. This right only applies to our collection and processing of your email address when you sign up for our email newsletter.
Right to lodge a complaint. If you are located in the UK, you have the right to lodge a complaint with the Information Commissioner’s Office at: https://ico.org.uk/make-a-complaint/data-protection-complaints/data-protection-complaints/y or accessicoinformation@ico.org.uk at their helpline on 0303 123 1113. If you are located in the EU, you have the right to lodge a complaint with the relevant Supervisory Authority.

To exercise these rights, please email privacy@crosscountry-consulting.com.

US STATE PRIVACY RIGHTS

If you are a resident of California, Connecticut, and Texas, you are entitled to the following rights in accordance with these States’ privacy laws:

Right to Access/Know. You have the right to request what personal information we have collected, used, disclosed, and sold about you, subject to certain exceptions. For example, if providing you with this information reveals any of our trade secrets, we may deny this request.
Right to Deletion. You have the right to request the deletion of your personal information that we collect or maintain, subject to certain exceptions. For example, if we are required by law to retain the information that you are asking to be deleted, we would not be able to delete the information until we are legally permitted.
Right to Correct. You have the right to correct inaccurate personal information that we collect or maintain.
Right to Opt Out. You have the right to opt out of the processing of your personal information for the purposes of: (i) targeted advertising; (ii) profiling through solely automated decision making; and (iii) the sale or sharing of your personal information to third parties. We do not have actual knowledge that we sell, share, profile, or process for purposes of targeted advertising the personal information of individuals under the age of 18 without their affirmative consent. You can opt out of the sale/sharing of your information collected via cookies and other trackers on our website by visiting Your Privacy Choices.
Right to Data Portability. You have the right to request that we transfer your personal information to another organization or give it to you.
Right to Non-Discrimination (in California: Right to not be retaliated against). You have the right to not receive discriminatory treatment (not be retaliated against) in the processing of your personal information if you choose to exercise your privacy rights. Such discriminatory treatment may include but is not limited to: (i) the denial of goods or services, (ii) being charged a different price or rate, or (iii) receiving a different level of quality in goods or services.
Right to Limit Use of Sensitive Personal Information (California residents only). You have the right to limit the use of your sensitive personal information when such use goes beyond that which is necessary for providing the Services or certain other permissible purposes like fraud, customer service or quality control. Sensitive information includes Social Security number, driver’s license number, biometric information, precise geolocation, and racial and ethnic origin. However, CrossCountry does not process personal information in a manner that gives rise to this right.
Right to Appeal. You have the right to appeal our refusal to take action on your request to exercise your other rights. In order to request an appeal to our refusal please email us at privacy@crosscountry-consulting.com, subject line: “Appeal My Consumer Request.” We will review the appeal and notify you of our response. If we still refuse to take action on your request, you have the right to file a complaint with applicable state regulator, as follows:
- For Connecticut residents: If you are concerned with our response as a result of your appeal, you may submit a complaint to the Connecticut Attorney General here.
- For Texas residents: If you are concerned with our response as a result of your appeal, you may submit a complaint to the Texas Attorney General here.

Exercising Your Privacy Rights

If you are a resident of one of the states identified above and wish to exercise your privacy rights, you may submit a request by completing our Contact Us webform or by contacting us via email at privacy@crosscountry-consulting.com. If you are a California resident, you may also submit your request by calling us toll-free at 866-945-4462. To opt out of the sale or sharing of your data through cookies or the processing of your personal information for purposes of targeted advertising, please visit Your Privacy Choices. If the browser or extension that you (or your authorized agent) are using supports Global Privacy Control (GPC) (see here for more information), you may utilize the GPC opt out preference signal to instruct us to not sell or share any of your personal information collected online. The GPC opt out preference signal will apply to the device, platform, or browser in which you utilize it. You can utilize the opt out preference signal by turning on the signal in your device, platform, or browser settings. Please note that you must opt out of each device and each browser.

When submitting a request to know/access, correct, or delete your personal information, you must provide us with sufficient information that allows us to reasonably verify you are the person about whom we collected the personal information and describe your request with sufficient detail to allow us to properly evaluate and respond to it. In doing so, we will take steps to verify your request by matching information provided by you with the information we have in our records. If we are not able to verify your identity for know/access, correction, or deletion requests with the information provided, we may ask you to provide additional information such as your name, email address, phone number, company affiliation, or other details previously provided to us in the course of our professional relationship. We will use such additional information solely for the purpose of verifying your identity and to fulfill your request.

Only you, or a person that you authorize to act on your behalf may make a request related to your personal information. If you are an authorized agent making a request on behalf of another individual, you must provide us with signed documentation that you are authorized to act on behalf of that individual.

NEVADA RESIDENTS

If you are a consumer in the State of Nevada, you may request to opt-out of the current or future sale of your personal information. We do not currently sell any of your personal information under Nevada law, nor do we plan to do so in the future. However, you can submit a request to opt-out of future sales by contacting us at privacy@crosscountry-consulting.com regarding the sale of such information. Please include “Opt-Out Request Under Nevada Law” in the subject line of your message.

DO NOT TRACK

We do not respond to Do Not Track requests. Do Not Track is a preference you can set in your web browser to inform websites and mobile applications that you do not want to be tracked. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.

INFORMATION SECURITY

We implement appropriate technical and organizational security measures, such as access controls and encryption, to protect the personal information that we collect and maintain from unauthorized access, destruction, use, modification, or disclosure. However, no security measure or modality of data transmission is 100% secure, and we are unable to guarantee the absolute security of the personal information we have collected from you.

CHILDREN’S PRIVACY

The Services are not intended for anyone under the age of eighteen (18). We do not knowingly collect the personal information of anyone under the age of eighteen (18). If we learn that we have collected or received personal information from individuals under the age of eighteen (18), we will delete the personal information. If you believe we have personal information on individuals under the age of eighteen (18), please notify us using the contact information below.

CHANGES TO THIS PRIVACY NOTICE

We may amend this Privacy Notice in our sole discretion at any time. If we do, we will post the changes to this page and will indicate the date the changes go into effect. We encourage you to review our Privacy Notice to stay informed. If we make changes that materially affect your privacy rights, we will notify you by prominent posting on the Website and/or via email, and obtain your consent, if required.

CONTACT US

If you have any questions about this Privacy Notice or need to access this Privacy Notice in an alternative format due to having a disability, please contact us by email at privacy@crosscountry-consulting.com (and use “Privacy Inquiry” in the subject line). You may also contact us toll-free at 866-945-4462.