CRA International, Inc. and each of its affiliates and subsidiaries (collectively, "CRA") is committed to meeting all of our obligations to our clients worldwide to protect their data and only to collect, use, and disclose it for authorized purposes. CRA is equally committed to abiding by all applicable domestic, national, and international privacy laws. Like most businesses providing services to clients, CRA may acquire personally identifiable information of employees of businesses considering or using CRA services. In general, data collected, used, or disclosed by CRA is processed by CRA on behalf of and as directed by our clients. When CRA does process personally identifiable information on its own behalf, CRA conforms to fair information privacy practices, including notice, choice, consent and control, fairness and integrity, as provided by applicable industry and legal standards.
As an economics, finance, and business consulting firm that works with businesses, law firms, accounting firms, and governments in providing a wide range of services, CRA is not only committed to the privacy of its clients but is equally committed to the privacy of those who visit our website and our privacy statement applies to all CRA activities, including the production of this website. Every computer connected to the Internet has a domain name and a set of numbers that serve as that computer's "internet protocol" (IP) address. When a visitor requests a page from CRA's wesite, our Web servers automatically recognize that visitor's domain name and IP address. The domain name and IP address reveal nothing personal about you other than the IP address from which you have accessed our website. From time to time, we examine our traffic in aggregate to help us improve our website, to maintain quality of the service, and to provide general statistics regarding use of the website, but we do not collect or evaluate this non-personal information (that is, the IP address of individuals accessing our website). Our Web servers do not record e-mail addresses of visitors. Our website requests your e-mail or mailing address for the purpose of providing you with further information, administering online registrations to courses and similar events run by CRA, or in association with other organizations such as universities. Such information is also sought in order to subscribe to and receive CRA's news services and other additional CRA services. Under no circumstances do we sell, rent, or give your e-mail address to a third party for the purpose of that party sending you "spam mail" or otherwise using your e-mail address in any way not directly associated with CRA providing its services to you. Please note that if you link to a third party site from CRA, any information you provide to that site and any use of that information by the third party are not under the control of CRA and are not subject to this privacy statement. You should consult the privacy policies of each site you visit.
Collection and use of personal information
To help us maintain the quality of the services we offer, CRA collects and stores client information. This information may include names, company names, addresses, telephone numbers, facsimile numbers and e-mail addresses. In addition, CRA may ask employees of clients for website addresses, service interests, credit-related information with respect to service retention, and other information. Both our privacy statement and our long-established business principles commit us to keeping your personal information appropriately protected. CRA also makes every effort to keep personal information up-to-date and we welcome our clients and customers to access and update this personal information. Except for disclosure amongst the members of CRA and its subsidiaries, CRA uses the personal information solely to operate this website, to deliver the services you have requested, or for the marketing of our services to our clients. If you do not wish us to use personal information about you in order to inform you about services and courses provided by CRA, news on regulatory and competition developments, or other corporate and industry-related announcements, please contact us using the information in the "Contact Information" section at the bottom of this page. CRA does not sell lists, accept advertising, or generate any third-party revenue from the data that is generated on this website. CRA does not disclose personal information to third parties except where we may make this information available (i) to outside contractors working on client-specific projects bound by obligations of confidentiality and non-disclosure; or (ii) to outside mailing houses bound by obligations of confidentiality and non-disclosure, working under CRA's direction to provide CRA mailings to our clients. In addition, CRA recognizes standard domestic and international legal and public policy exceptions to non-disclosure. Important exceptions to the general rule of non-disclosure without permission have been codified internationally in such privacy laws as the 1995 EU Privacy Directive, Title V of the US Financial Services Modernization Act in 1999, Canada's Personal Information Protection Act (C-6), and Australia's Privacy Act 1988. As such, CRA may therefore collect, use, and disclose personal information necessary for the establishment, exercise, or defense of legal claims, as required by law, or where the collection, use, and disclosure is necessary for the purposes of preventive medicine, medical diagnosis, the provision of care or treatment, or the management of health care services. For example, CRA may maintain such data in our system for a client using CRA to store or process health insurance records for the purposes of the coordination of insurance benefits, in conformity with applicable national privacy and security requirements. As provided by applicable US federal law, CRA may also disclose personal information without the consent of the individual to protect the confidentiality or security of the firm's records pertaining to the customer, the service or product, or the transaction to protect against or prevent actual or potential fraud, for institutional risk control, for the enforcement of contractual obligations, to resolve client disputes or injuries, and for various other purposes provided by law. When processing personal information, CRA adheres to fair information privacy standards, including the following principles: Notice and Communication. We communicate explicitly with clients and visitors to our website about data collection and use and identify the purpose for which personal information is collected and the extent to which it may be shared by clearly posting our privacy statement on our websites. Choice, Consent, and Control. We limit our requests for personal information from clients and visitors to our website to the information necessary for fulfilling the level of service desired by the client or visitor. We obtain informed consent prior to the collection and use of personal information. All of our clients and visitors to our website have the ability to review and when appropriate to correct their respective personal information. Fairness and Integrity. We treat our clients, visitors to this website and their personal information with fairness and integrity. We accurately represent our information practices in a clear and unambiguous manner, use information only for the purpose stated and retain the information only so long as is necessary to ensure that information is accurate, complete and up-to-date, and to provide the means to ensure accountability and provide recourse.
Security of your personal information
CRA secures your personal information from unauthorized access, use, or disclosure. CRA secures personally identifiable information on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. Personal information gathered through our website is transmitted only within the CRA domain and it is protected through the use of encryption and/or other means.
Changes to this statement
CRA will occasionally update this privacy statement to reflect company and user feedback. CRA encourages you to periodically review this privacy statement to be informed of how CRA is protecting your information.
CRA welcomes your comments regarding this privacy statement. If you have any questions relating to this privacy statement, believe that CRA has not adhered to this privacy statement, or if you have any suggestions or problems, please contact:
Charles River Associates
Privacy and Compliance
200 Clarendon Street
Boston, MA 02116-5092
We will use all reasonable efforts to promptly determine and remedy the problem.