Privacy Policy

The General Data Protection regulation (GDPR) is a set of laws enacted in the EU in 2018 regarding use of personal information obtained by companies about individuals. Privacy Shield is an agreement between the EU and US allowing for the transfer of personal data from the EU to US.

The GDPR has specific requirements regarding the transfer of data out of the EU. One of these requirements is that the transfer must only happen to countries deemed as having adequate data protection laws. In general the EU does not list the US as one of the countries that meets this requirement.

Privacy Shield is designed to create an program whereby participating companies are deemed as having adequate protection, and therefore facilitate the transfer of information. In short, Privacy Shield allows US companies, or EU companies working with US companies, to meet this requirement of the GDPR.

For more information regarding how Privacy Shield relates to the GDPR visit this link: GDPR and Privacy Shield.

  

Privacy Policy

Introduction

Chromatography Research Supplies, Inc. (CRS), sells products intended for laboratory use to end users and distributors throughout the world. Protecting user privacy is important to CRS.

CRS complies with the EU-U.S. Privacy Shield Framework and the

Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, retention, and transfer of personal information data from the European Union (“EU”) member countries and Switzerland to the United States of America, respectively.

CRS has certified to the Department of Commerce that we adhere to the Privacy Shield principles including:  notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, and recourse, enforcement and liability.

If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification page, please visit http://www.privacyshield.gov.

 

This privacy pol­icy outlines our general policy and practices for implementing the Principles, including the types of information we gather, how we use it and the notice and choice affected individuals have regarding our use of and their ability to correct that information. This privacy policy applies to all personal information received by CRS whether in electronic, paper or verbal format.

 

 Definitions

“Personal Information” or “Information” means information that (1) is recorded in any form; (2) is about, or pertains to a specific individual; and (3) can be linked to that individual.

“Sensitive Personal Information” means personal information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosoph­ical beliefs, trade union membership or that concerns an individual’s health. 

Principles

1. Notice

CRS shall inform an individual of the purpose for which it collects and uses the Personal Information and the types of non-agent third parties to which CRS discloses or may disclose that Information. CRS shall provide the individual with the opportunity and means for limiting the use and disclosure of their Personal Information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Per­sonal Information to CRS, or as soon as practicable thereafter, and in any event before CRS uses or discloses the Information for a pur­pose other than for which it was originally collected.

2. Choice

CRS will offer individuals the opportunity to choose (opt out) whether their Personal Information is (1) to be disclosed to a third party or (2) to be used for a purpose other than the purpose for which it was origi­nally collected or subsequently authorized by the individual. For Sensitive Personal Information, CRS will give individuals the opportunity to affirmatively or explicitly (opt out) consent to the disclosure of the informa­tion for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.

3. Accountability for Onward Transfers

Prior to disclosing Personal Information to a third party, CRS shall notify the individual of such disclosure and allow the individual the choice (opt out) of such disclosure. CRS shall ensure that any third party for which Per­sonal Information may be disclosed subscribes to the Principles or are subject to law providing the same level of privacy protection as is required by the Prin­ciples and agree in writing to provide an adequate level of privacy protection. CRS acknowledges liability in cases of appropriate onward transfer to third parties.

 

4. Data Security

CRS shall take reasonable steps to protect the Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. CRS has put in place appropriate physical, electronic and manage­rial procedures to safeguard and secure the Information from loss, misuse, unauthorized access or disclosure, alteration or destruction. CRS cannot guarantee the security of Information on or transmitted via the Internet. CRS may be required to disclose personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.

5. Data Integrity and Purpose Limitation

CRS shall only process Personal Information in a way that is compatible with and relevant for the purpose for which it was collected or authorized by the individual. To the extent necessary for those purposes, CRS shall take reasonable steps to ensure that Personal Information is accurate, com­plete, current and reliable for its intended use.

6. Access

CRS shall allow an individual access to their Personal Information and al­low the individual to correct, amend or delete inaccurate information.

7. Recourse, Enforcement and Liability

CRS uses a self-assessment approach to assure compliance with this privacy policy and periodically verifies that the policy is accurate, compre­hensive for the information intended to be covered, prominently displayed, completely implemented and accessible and in conformity with the Princi­ples. We encourage interested persons to raise any concerns using the con­tact information provided below and we will investigate and attempt to resolve any complaints and disputes regarding use and disclosure of Personal Informa­tion in accordance with the Principles.

 

In compliance with the EU-US and Swiss-US Privacy Shield Principles, CRS commits to resolve complaints about your privacy and our collection or use of your personal information.  European Union or Swiss individuals with inquiries or complaints regarding this privacy policy should first contact CRS at:


Chromatography Research Supplies, Inc.
2601 Technology Drive
Louisville, KY 40299       USA
tel. +1 502 491 6300


CRS has further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by CRS, please visit the BBB EU-US Privacy Shield web site at www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

The Federal Trade Commission has jurisdiction over CRS compliance with the Privacy Shield. Under certain limited conditions, it is possible for individuals to invoke binding arbitration before the Privacy Shield Panel, a binding arbitration mechanism.

 

Further information on Data Protection and use of Cookies

 

What are Cookies?

A cookie is a small piece of data that a website asks your browser to store on your computer or mobile device. The cookie allows the website to "remember" your actions or preferences over time. Some cookies are necessary to site function, for example, to track the state of the user session during checkout, some are used to track the user’s preferences on the website, for example, for automatic login or to identify the most significant site features.

CRS does not use cookies for third parties or share user information with 3rd parties.

It is possible to disable the placement of cookies on your computer by setting your browser to disable cookies in the browser configuration settings. You will still be able to access the CRS website, but some functionality will be lost. 

 

What information is gathered and how is it used? 

Business, Navigational and Analytical Information

CRS operates solely as a business-to-business entity, and any collection of personal data is inadvertent. Business data, such as order history, shipping addresses are maintained by CRS as is required for accounting, engineering and safety regulations.

We use web metrics services including Google Analytics, Act-On Marketing Services, and Zendesk/Zopim Live Chat features to track activity on Chromres.com. All information collected from CRS, unless full consent in compliance with this privacy policy is given, is anonymous and solely related to navigation of the website and the ability to keep the user experience running smoothly. Personal Business information collected from cookies on this website includes IP addresses, geographical locations, browser types being used, referral sources, length of visits, and pages viewed. This information is only used to improve the user experience through internal reporting and to provide more useful information to our customers. It is never sold or provided to any third party companies. It cannot be used to identify any person individually, unless you have willingly submitted your name and email address on a contact form or through online chat services. Occasionally we may use personal information provided such as your interest in a product, industry you work in, or areas of study or research to send you personalized marketing material on products, as long as consent has been given.

Every user has the option to deny the use of cookies when visiting the CRS website, and to be left anonymous during online chat. Contact forms require a name and email address simply so that we may fulfill your request to receive an answer to a question. This does not in any way subscribe you to any services that you have not previously consented to receive.   

Personal Information

Personal information such as a name, company, address, phone, or email address will only be collected if the user willingly submits it to a contact form where they are asking for someone from CRS to contact them back, in an email subscription request, which we will use to provide updates to blogs and newsletter information, or when you are creating a registration on the website. Sensitive Personal Information is never obtained or stored at CRS. Credit Card information is never stored on this site or anywhere within CRS. Credit Card services are processed through PayPal and are subject to the privacy and data protection regulations of PayPal. Before any information is processed the user is asked to read and accept the terms of this privacy policy and how CRS handles data.

External Links to Social Media Sites

CRS maintains links to many websites created and maintained by other public and/or private organizations such as Social Media sites. If you click a link to an outside website, such as Twitter or YouTube, you will leave the ChromRes.com site and are subject to the privacy and security policies of the owners/sponsors of the outside website.

CRS manages a presence on several social media sites (e.g., Twitter, YouTube, Google Plus, and Linked In) in order to share CRS marketing information and engage with the public, we do not collect any Personally Identifiable Information through those sites. We also do not provide personal information made available by the user to these third-party sites.

 

Right to be forgotten, Data Deletion Requests, Opt-Outs, Unsubscribes

A user may unsubscribe from CRS communications at any time by clicking the unsubscribe option at the bottom of any newsletter communication, or by contacting CRS. Any personal information gathered including name, company, address, phone, or email address can be fully deleted at any time upon request, within a reasonable and legal manner.

Information about Children

This website is not intended for or targeted at children or any person under the age of 18. We do not knowingly or intentionally collect information about children or any person under the age of 18. If you believe we have mistakenly collected information about a child, please contact CRS to start the data deletion process.

Additional Examples of Data Use:

- To Improve browsing experience on the website. For example, keeping a user logged in throughout their browsing visit and the ability to "remember" what is in their cart.

- Cookie a user so that we do not ask you to accept the privacy terms or complete a survey every single time you visit the website. 

- When full consent is given, we will periodically contact you via phone, mail, or email to send out newsletters or other information we think our customers may find useful.

How Long Information is Retained

We will retain information for a reasonable period of time to ensure that we can fulfill legitimate business needs to contact a user. For Example, if a user continues to order products, we must retain their information and contact them with routine communications such as order acknowledgements, invoices, and receipts, etc., for as long as legally needed. Information for marketing materials and navigational purposes will be reviewed on an annual basis for a user to reconfirm receipt of information and retention of data.

 

 

Amendments

This privacy policy may be amended from time to time consistent with the re­quirements of Privacy Shield. We will post any revised policy on this website.

 

Information Subject to Other Policies

CRS is committed to following the Principles for all Personal Infor­mation within the scope of the Privacy Shield. However, certain information is subject to policies of CRS that may differ in some respects from the general policies set forth in this privacy policy. 

 

Contact Information

Questions, comments or complaints regarding the CRS Privacy Shield Poli­cy or data collection and processing practices can be emailed to sales@chromres.com or mailed to:

 

Chromatography Research Supplies, Inc.
2601 Technology Drive
Louisville, KY 40299
USA

Effective Date: 6/13/2018

View Cart