Privacy Policy

CRSS, LLC and its subsidiaries and affiliates (collectively, “CRSS,” “We,” “Our,” and/or “Us”) value the privacy of individuals who use our websites, features, functions, and applications (collectively, the “Expertise”). This page informs you of our Privacy Policy and provides details regarding the collection, use, and disclosure of personal data when you access our sites and use our Expertise, as well as the choices you have associated with that data.

We use your data to provide and improve the Expertise. By using the Expertise, you agree to the collection and use of information in accordance with this policy.

Personally Identifiable Information (“PII”) is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. When you, the user (the “User”), use the Expertise, your PII will be processed subject to the terms of our Privacy Policy. Please read our Privacy Policy carefully to understand how we collect, use, protect, or otherwise handle your PII in accordance with our Expertise.

You are not legally required to provide PII; however, to enable you to access and use some or all of the Expertise, we may require that you provide PII pursuant to this Privacy Policy. By using the Expertise, you consent to this Privacy Policy and the terms described herein.

If you have any questions about this Privacy Policy, please contact us at: info@crss.io

1. Information Collection and Use

Personal Data: While using our Expertise, we may ask you to provide certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:

  • Email address
  • First and last name
  • Phone number
  • Address, State, Province, ZIP/Postal code, City
  • Cookies and Usage Data

Usage Data: We may also collect information on how the Expertise is accessed and used (“Usage Data”). This may include information such as your computer’s Internet Protocol (IP) address, browser type and version, the pages of our Expertise you visit, the time and date of your visit, time spent on those pages, unique device identifiers, and other diagnostic data.

Tracking & Cookies Data: We use cookies and similar tracking technologies to monitor activity on our Expertise and store certain information. Cookies are small files containing data, which may include an anonymous unique identifier. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent; however, some parts of our Expertise may not function properly if you do so.

Examples of Cookies we use:

  • Session Cookies: To operate our Expertise.
  • Preference Cookies: To remember your preferences and settings.
  • Security Cookies: For security purposes.

2. Use of Data

We use the collected data for various purposes, including:

  • To provide and maintain our Expertise.
  • To notify you about changes to our Expertise.
  • To allow you to participate in interactive features when you choose to do so.
  • To provide customer support.
  • To gather analysis or valuable information to improve our Expertise.
  • To monitor usage of our Expertise.
  • To detect, prevent, and address technical issues.

We also collect information when you register on our site, subscribe to a newsletter or blog, fill out a form, use chat, request help, or enter information on our site.

3. Data Transfer

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside your jurisdiction where data protection laws may differ. By submitting your information, you consent to this transfer.

We will take all reasonably necessary steps to ensure your data is treated securely and in accordance with this Privacy Policy. No transfer of Personal Data will occur unless adequate controls are in place.

4. Disclosure of PII Data

We may disclose PII to:

  • Members of our group of companies as reasonably necessary.
  • Professional advisers for insurance, risk management, legal, or compliance purposes.
  • Third-party service providers, vendors, and subcontractors necessary to provide the Expertise.

We may also disclose PII:

  • To comply with legal obligations or court orders.
  • To protect and defend our rights or the safety of our users.
  • In connection with a merger, acquisition, or sale of assets.

All third parties with whom we share data are required to provide sufficient guarantees of data protection compliance.

5. Data Security

We use commercially reasonable and industry-standard safeguards to preserve the integrity and security of your Personal Data.

Our site is regularly scanned for vulnerabilities. Your information is stored in secure networks accessible only to authorized personnel. Sensitive data is encrypted via SSL (Secure Socket Layer) technology.

We do not sell, trade, or otherwise transfer your PII to outside parties, except to trusted service providers who agree to keep this information confidential.

We will notify you within the time required by law — no later than three business days — if a data breach compromises your information.

6. International Transmission of Data

You acknowledge that PII submitted through the Expertise may be transmitted globally via the Internet to perform our obligations under this Privacy Policy.

7. Retaining and Deleting PII

PII will be retained for the duration of the term during which the Expertise is rendered to you, after which it will be deleted unless required by law.

We may retain PII as necessary to comply with legal obligations or protect vital interests.

8. Third-Party Direct Collectors

Certain third-party providers have their own privacy policies regarding information we provide to them for your use. Please review their privacy policies to understand how your PII will be handled.

Once you leave our site or are redirected to a third-party website or application, this Privacy Policy and our Terms of Use no longer apply.

9. Third-Party Links

We may occasionally include or offer third-party services on our website. These sites have independent privacy policies, and we bear no responsibility for their content or activities.

10. Your Rights

Depending on applicable privacy laws, you may have the following rights:

  • Right to access
  • Right to rectification
  • Right to erasure
  • Right to restrict processing
  • Right to object to processing
  • Right to data portability
  • Right to withdraw consent
  • Right to complain to a supervisory authority

11. Opt-In

By agreeing to this Privacy Policy, you consent to receive marketing materials from CRSS.

All communications include an opt-out option, and you may withdraw your consent anytime by contacting us at info@crss.io.

12. California Privacy Rights (CAOPPA, CCPA, CPRA)

In accordance to CAOPPA, CCPA and CPRA, we adhere to the following:

  • Post Privacy policy on the main homepage or a link including the work Privacy which takes users to the Privacy Policy.
  • The Privacy policy needs to be easy to read, using easy to read font and plain English, avoiding technical jargon where possible.
  • Ensure that the policy contains a section explaining your websites stance on online tracking and ensure it is clearly labelled. Explain how you respond to Do Not Track signals and whether or not you disclose personal information to any third parties.
  • Disclose all of the ways personal data is collected and used and provide links, where possible, to any third parties that personal data may be shared.
  • Disclose in the policy, any choices users have in relation to the collection, use and sharing of their personal information.
  • Ensure accountable by providing clear contact details so that users can contact the CRSS with any questions or concerns they may have.
  • A list of the categories of personally identifiable information the operator collects.
  • A list of the categories of third parties with whom the operator may share such personally identifiable information.
  • A description of the process (if any) by which the consumer can review and request changes to his or her personally identifiable information as collected by the operator.
  • A description of the process by which the operator notifies consumers of material changes to the operator’s privacy policy.
  • The effective date of the privacy policy.
  • The Right to Notice. Inform users at or before the point of collection what types of personal information you will collect from them and why.
  • The Right to Access: users should be able to request a business to disclose the categories of personal information collected about them, as well as the categories of third parties with which the business shares user information.
  • The Right to Deletion: Users should be able to request the deletion of any personal information collected on them by a business.
  • The Right to Opt-Out: Users should have the authority to stop the sale of their personal information to third parties. Minors aged 13-16 also have the right to opt-in to the sale of their data, while those aged under 13 require the prior consent of a parent or guardian.
  • The Right to Equal Services and Prices: If a user chooses to exercise any of these rights, a business must not treat them any differently.
  • The Right to Initiate Cause of Action: In cases of data breaches have rights to legal action.
  • Right to correct:  Correct inaccurate personal information.
  • Right to limit use and disclosure: Can request limit of use and disclosure of sensitive personal information (social security, driver’s license, state identification card, or passport number, account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account, precise geolocation, racial or ethnic origin, religious or philosophical beliefs, or union membership, the contents of a consumer’s mail, email and text messages, unless the business is the intended recipient of the communication, or a consumer’s genetic data).

13. COPPA (Children’s Online Privacy Protection Act)

We do not market to children under 13. By using our site, you confirm that you are of legal age in your jurisdiction or have consent from a parent or guardian.

14. Fair Information Practice Principles

We adhere to the internationally recognized Fair Information Practice Principles, including collection limitation, data quality, purpose specification, use limitation, security safeguards, openness, individual participation, and accountability.

15. Changes to the Privacy Policy

We reserve the right to modify this Privacy Policy at any time. Changes will take effect immediately upon posting. If material changes occur, we will notify you by email or a prominent notice on our website.

If CRSS is acquired or merged, your information may be transferred to the new entity to continue providing our Expertise.

16. Contacting Us

If you have any questions regarding this Privacy Policy, please contact us at: info@crss.io

© 2025 Costa Rica Software Services.  Privacy Policy