Privacy and Data Protection Agreement
1. Introduction
This Privacy and Data Protection Agreement ("Agreement") governs the collection, use, storage, and protection of personal data by CNR Consulting Services, Inc. ("Company", "we", "us", or "our") through our website ("Website").
2. Definitions
- Personal Data: Any information relating to an identified or identifiable natural person.
- User: Any individual accessing or using our Website.
- Data Controller: CNR Consulting Services, Inc., responsible for determining the purposes and means of processing personal data.
3. Types of Data Collected
We may collect the following types of personal data:
a) Personal Identification Information
- Name
- Email address
- Phone number
- Postal address
b) Technical Information
- IP address
- Browser type
- Device information
- Browsing behavior
- Cookies and tracking technologies
c) Usage Data
- Pages visited
- Time spent on site
- Interactions with website content
4. Purposes of Data Collection
We collect and process personal data for the following purposes:
- Providing and maintaining Website services
- Personalization of user experience
- Improving Website functionality
- Customer support
- Communication with users
- Fraud prevention
- Compliance with legal obligations
5. Legal Basis for Processing
We process personal data based on the following legal grounds:
- Explicit user consent
- Fulfillment of contractual obligations
- Compliance with legal requirements
- Legitimate business interests
6. Data Storage and Security
a) Storage Duration
- Personal data is stored only for the period necessary for the purposes of processing
- Data will be securely deleted or anonymized when no longer required
b) Security Measures
- Encryption of sensitive data
- Secure server infrastructure
- Regular security audits
- Access controls and authentication
- Protection against unauthorized access, alteration, disclosure, or destruction
7. User Rights
Users have the following rights regarding their personal data:
- Right to access personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Right to withdraw consent
8. Data Sharing and Disclosure
We may share personal data with:
- Service providers and business partners
- Legal authorities when required by law
- Third-party service providers (e.g., analytics, payment processors)
We ensure that all third parties maintain appropriate data protection standards.
9. Cookies and Tracking Technologies
a) Cookie Usage
- We use cookies to enhance user experience
- Users can manage cookie preferences through browser settings
b) Types of Cookies
- Strictly necessary cookies
- Performance cookies
- Functional cookies
- Targeting/advertising cookies
10. Children's Privacy
Our Website is not intended for children under 13. We do not knowingly collect personal data from children.
11. International Data Transfers
Personal data may be transferred and processed in countries outside the user's residence. We ensure appropriate safeguards are in place.
12. Data Breach Notification
In the event of a data breach, we will:
- Investigate the incident
- Notify affected users within 72 hours
- Take corrective actions
- Comply with relevant data protection regulations
13. Updates to Privacy Agreement
We reserve the right to update this Agreement periodically. Users will be notified of significant changes.
14. Acceptance of Terms
By accessing or using our Website, users agree to the terms of this Privacy and Data Protection Agreement.