Privacy Policy

Privacy Policy

Introduction.  The purpose of this Privacy Policy is to describe how Coleman Research Group, Inc. and its affiliated companies (“Coleman” or “we” or “us”) collects, uses, and shares information about you generally, including through Coleman’s online interfaces (e.g., websites and online portals) owned and controlled by us, including www.colemanrg.com (collectively referred to herein as the “Site”; all such data “Personal Data”). 

We may modify this Privacy Policy and if any material changes are made to it, we will provide notice through our services or by other means to provide you the opportunity to review the changes before they become effective.
You acknowledge that your continued use of the Site after we publish or send a notice about our changes to this Privacy Policy means that the collection, use, and sharing of your Personal Data is subject to the updated Privacy Policy.
Data this Privacy Policy Covers.  This Privacy Policy covers Personal Data, including through our Site.  Some of our Site’s functionality can be used without revealing any Personal Data, though for some features, Personal Data is required.  In order to access certain features on our Site, you may need to submit or we may collect, Personal Data.  Personal Data does not include information that is anonymized.
Personal Data We Collect Related to Your Use of Our Website.  We may track, collect, and aggregate information from your use of the Site, through the use of cookies or otherwise, indicating, among other things, which pages of our Site were visited, the order in which they were visited, when they were visited, and which hyperlinks were clicked. We also collect your IP address and standard log information, such as your browser type and operating system.

Personal Data We Collect Provided Directly by You or by Third Parties. We collect Personal Data that you provide to us when you register for an account, update or change information on your account, use our services, send e-mail messages, and / or participate in other services on our Site. During registration and later on our platform, we may collect Personal Data such as your real name, alias, e-mail address, phone number, postal address, current or past job history, unique personal identifier, online identifier, Internet Protocol address, account name, payment account information, Social Security number, driver’s license number, or other similar information. We may also create Personal Data about you, such as records of your interactions with us, our clients, or our Experts, or from third parties that provide us with it or access to it.

How We Use Your Personal Data.  We may use your Personal Data for various purposes, subject to applicable law, including to:
  • Allow you to access and use the Site and to provide or facilitate your participation in certain information, products, or services that you request from us;
  • Operate, manage, and communicate with you via our Site;
  • Notify you of changes to our Site or services;
  • Monitor, improve, and develop our services;
  • Facilitate communications or transactions with you;
  • Share it with other parties as necessary in order for us to facilitate your participation in our services (e.g., cloud service providers, payment processors, etc.).
Allow you to access and use the Site and to provide or facilitate your participation in certain information, products, or services that you request from us; Operate, manage, and communicate with you via our Site; Notify you of changes to our Site or services; Monitor, improve, and develop our services; Facilitate communications or transactions with you; Share it with other parties as necessary in order for us to facilitate your participation in our services (e.g., cloud service providers, payment processors, etc.).

How We May Share Personal Data. We may, for legitimate business purposes, disclose your Personal Data to other parties, including:

  • Your appointed representatives;
  • Other Coleman entities;
  • Professional advisors to Coleman, such as accountants, auditors, and lawyers, and
  • Other parties as necessary in order for us to provide you with our services (e.g., cloud service providers, payment processors, etc.).
We may disclose your personal data to a third party if we believe in good faith that such disclosure is necessary or desirable (i) to comply with lawful requests, subpoenas, search warrants, or orders by public authorities, including to meet national security or law enforcement requirements, (ii) to address a violation of the law, (iii) to protect the rights, property, or safety of Coleman, its users or the public, or (iv) to allow Coleman to exercise its legal rights or respond to a legal claim.
If we engage a third party to process your Personal Data, that party will (i) only process the Personal Data in accordance with our prior written instructions; and (ii) use measures to protect the confidentiality and security of the Personal Data, together with any additional requirements under applicable law.
*************************************************************************************

For Residents of the European Economic Area (EEA) and United Kingdom (UK) Only:

This Privacy Notice for EEA and UK Residents supplements and should be read in conjunction with the information contained in Coleman’s Privacy Policy and applies solely to Site visitors, users of or participants in our services, and others who reside in the EEA. Coleman is the data controller with respect to your Personal Data (“Controller”). The Controller is the entity that determines how and why Personal Data are processed. Coleman retains your Personal Data until either it is no longer necessary for the purpose for which it was collected, you withdraw consent to process your data, or no other legal basis for processing exists. Coleman’s address is 100 Park Ave, Suite 1600 New York, New York 10017, and you can contact Coleman via e-mail at [email protected]

Legal Basis for Data Processing. As explained above, we use your Personal Data in various ways depending on your use of the Site and/or participation in Coleman’s services. We may process your Personal Data in reliance upon one or more of the following legal bases, depending on the circumstances: (1) with your consent; (2) as necessary to perform our agreement to provide services; (3) where required by applicable law; (4) where necessary to protect the vital interests of any individuals; or (5) where we have a legitimate interest.

Transfers of Personal Data. Personal Data we collect may be transferred to, and stored and processed in, the United States or any other country in which we, our affiliates, or third parties with whom we engage in order to provide our services maintain facilities. We will ensure that transfers of Personal Data to a third country or an international organization are subject to appropriate safeguard as described in Article 46 of the General Data Protection Regulation.

Right to Access and Correct Personal Data. You can access your Personal Data and confirm that it remains correct and current by logging into the Site. You have the right to request access to your Personal Data and to receive a copy of your Personal Data, as well as certain information about our processing activities with respect to your Personal Data. You have the right to request correction or completion of your Personal Data if it is inaccurate or incomplete. You have the right to restrict our processing if you contest the accuracy of the data we hold about you, for as long as it takes to verify its accuracy. If you are a current Coleman client or a current member of our expert network and would like a copy of your Personal Data, please log in to the Site and click on the ‘Personal Data’ link at the bottom of the page and follow the instructions (if you are not a current Coleman client or a current member of Coleman’s expert network and would like a copy of your Personal Data, please send an e-mail to: [email protected]).

Right to Personal Data Portability. Where technically feasible, you can request that your Personal Data be transmitted directly from Coleman to another data controller in a structured, commonly used, and machine-readable format. If you would like to request your Personal Data to be ported, please log in to the Site and click on the ‘Personal Data’ link at the bottom of the page and follow the instructions. If you are not a current Coleman client or a current member of Coleman’s expert network and would like a copy of your Personal Data, please send an e-mail to: [email protected]

Right to Request Data Erasure. You have the right to have your data erased from our Site if (i) the data is no longer necessary for the purpose for which it was collected, (ii) you withdraw consent and no other legal basis for processing exists, or (iii) you believe your fundamental rights to data privacy and protection outweigh our legitimate interest in continuing the processing. Your Personal Data will generally be erased from the Site without undue delay and will be anonymized in order to be able, if necessary, to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, enforce our Terms and Conditions or agreements, or fulfill your request to “unsubscribe” from further messages from us. If you would like to request the erasure of your Personal Data from our Site, please log in to the Site, and click on the ‘Personal Data’ link at the bottom of the page and follow the instructions.

Right to Withdraw Consent. Where we process your Personal Data on the basis of your consent, you have the right to withdraw consent. If you would like to withdraw your consent to the processing of your Personal Data, please send an e-mail to: [email protected]

Right to Lodge Complaint. You have the right to lodge a complaint with the appropriate relevant data protection supervisory authority in your EEA country of residence, found here: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm .

*************************************************************************************

For Residents of the State of California Only:

Effective January 1, 2020

This Privacy Notice for California Residents supplements the information contained in Coleman’s Privacy Policy and applies solely to Site visitors, users of or participants in our services, and others who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA will have the same meaning when used in this notice.

Information We Collect. Our Site collects information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information“). Coleman’s Site has collected the following categories of personal information from its consumers within the last twelve (12) months:
CategoryExamples
Identifiers 

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, or other similar identifiers.

Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, signature, Social Security number, address, telephone number, passport number, driver’s license or state identification card number, employment, employment history, and bank account number. Some personal information included in this category may overlap with other categories.
Commercial Information Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Internet or other similar network activity 

Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.

Professional or employment-related information. Current or past job history.

Coleman obtains the categories of personal information listed above from the following categories of sources:

  • Public websites,
  • Information collected directly from consumers through use or participation in Coleman’s services,
  • Subscription databases and information vendors.

Personal information does not include:

  • Publicly available information from government records.
  • Deidentified or aggregated consumer information.
  • Information excluded from the CCPA’s scope, like:
    • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
    • personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

Use of Personal Information. In addition to the stated uses set forth above, we may use, or disclose the personal information we collect for any purpose described to you when collecting your personal information or as otherwise set forth in the CCPA.

Sharing of Personal Information. Coleman may disclose your personal information to third parties for purposes consistent with the business purpose for which it was collected. In the preceding twelve (12) months, Coleman has disclosed the following categories of personal information for a business purpose:

  • Identifiers
  • California Customer Records personal information categories.
  • Commercial information.
  • Professional or employment-related information.

Sale of Personal Information.  In the preceding rolling twelve (12) months, Coleman has not sold personal information.

Your Rights and Choices Related to Personal Information.  The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Access to Specific Information and Data Portability Rights.  You have the right to request that Coleman disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you (also called a data portability request).
  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
    • sales, identifying the personal information categories that each category of recipient purchased; and
    • sharings for a business purpose, identifying the personal information categories that each category of recipient obtained.

Deletion Request Rights for Personal Information.  You have the right to request that Coleman delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), we will delete your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

  1. Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  3. Debug products to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546  seq.).
  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  8. Comply with a legal obligation.
  9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it
Exercising Access, Data Portability, and Deletion Rights.  To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:

Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account.

We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Request Response Timing and Format.  We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Non-Discrimination.  We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  1. Deny you goods or services.
  2. Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  3. Provide you a different level or quality of goods or services.
  4. Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
  5. However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.

*************************************************************************************

For Residents of Japan Only:

This Privacy Notice for Residents of Japan supplements the information contained in Coleman’s Privacy Policy and applies solely to Site visitors, users of or participants in our services, and others who reside in Japan (“consumers” or “you”). We adopt this notice to comply with the Act on the Protection of Personal Information, Act No. 57 of 2003, Japan (the “Personal Information Protection Act”) and any terms defined in the Personal Information Protection Act will have the same meaning when used in this notice.

Handling of Personal Information

1.       Collection of Personal Information

We may collect the following Personal Information.

i.         Personal Information about members of our expert network (“Experts”) and visitors to our Site:

(a)    Name

(b)    E-mail address

(c)     Telephone number

(d)    Education and career history

(e)    Address

(f)      User ID of SNS etc.

(g)    Date of birth

(h)    Passport number, driver’s license number, other individual identification number

(i)      Facial image information

(j)      Bank account

(k)     Usage history for services we provide (the “Services”)

(l)      Output of questionnaires and surveys that Experts answered

(m)  Behavioral history for our websites

We do not collect “credit card number, etc.” (Article 35-16, Paragraph 1, main paragraph of the Japanese Installment Sales Act).

ii.       Personal Information about officers or employees of our clients and their authorized users, including potential clients (“Clients”), and employees and officers of vendor corporations we have a business relationship with:

(a)    Name

(b)    E-mail address

(c)     Telephone number

(d)    User ID of SNS etc.

(e)    Usage history for the Services

(f)      Behavioral history for our websites

iii.     Personal Information about our shareholders:

(a)    Name

(b)    Address

iv.      Personal Information about applicants for employment or internships:

(a)    Name

(b)    E-mail address

(c)     Telephone number

(d)    Education and career history

(e)    Date of birth

(f)      Address

(g)    User ID of SNS etc.

v.       Personal Information about retirees:

(a)    Name

(b)    E-mail address

(c)     Telephone number

(d)    Education and career history

(e)    Date of birth

(f)      Address

(g)    User ID of SNS etc.

2.       Purposes

We identify purposes of the collected Personal Information as follows.

i.         Personal Information about Experts and officers or employees of Clients (1. i-ii)

(a)    Deliver the Services (including responses to inquiries regarding the Services and responses to matters required under the Terms & Conditions applicable to the Services) in relation to you

(b)    Analyze and assess improvements, expansions, other changes to the Services

(c)     Distribute notifications, e-mail newsletters, and other notices regarding the Services

(d)    Develop and analyze statistical data and other marketing

(e)    Develop and assess new services

(f)      Advertise products and services of ours or a third party’s

(g)    Deliver campaigns, questionnaires, monitors, interviews, etc.

ii.       Personal Information about officers or employees of vendor corporations (excluding Clients) (1. ii)

(a)      Communication regarding transactions with us, performance of contracts, management of transactions, and management of revenues and expenditures

iii.     Personal Information about shareholders (1. iii)

(a)    Exercise rights and perform obligations under the Japanese Companies Act

(b)    Operate and record general meetings of shareholders

(c)     Offer benefits to shareholders

(d)    Deliver measures to facilitate relations with shareholders

(e)    Manage shareholders such as preparing data pursuant to laws and regulations

iv.      Personal Information about participants and applicants for recruitment activities, and participants and applicants for internships (1. iv)

(a)    Deliver information to participants and applicants for recruitment activities and internships, and other recruitment related use

v.       Personal Information about retirees (1. v)

(a)    Administrative matters and communication after retirement

3.       Engagement for processing of Personal Data

We are not contracted for the purpose of processing Personal Data.

4.       Engagement for processing of Personal Data

We may engage third party service providers to process Personal Data to the extent necessary to achieve any of the purposes above on our behalf and in accordance with our instructions and supervision in order to ensure Personal Data is safely and properly processed and managed.

5.       Disclosure to third parties in or out of Japan

We will not disclose Personal Data to any third party in or out of Japan without your prior consent except as follows:

i.     When we provide information about Experts to Clients or affiliated companies for the purpose of providing or facilitating performance of the Services.

ii.        When we provide information about Clients and their authorized users to our Experts.

iii.       When pursuant to laws and regulations

iv.      Cases in which provision of Personal Data is necessary to protect your life, body, or property and in which it is difficult to collect your consent

v.  Cases in which provision of Personal Data is especially necessary to improve public health or promote sound growth of
children and in which it is difficult to collect your consent

vi.  Cases in which state or local governments, or those contracted by them need to cooperate in performing duties prescribed by laws and regulations and in which collecting consent of the person is likely to impede such performance

vii.   Cases in which Personal Data is disclosed in relation to engagement of third party service providers to the extent necessary to achieve any of the purposes above.

viii. Cases in which Personal Data is disclosed in relation to succession of business in a merger or   otherwise.

ix.       Cases in which personal data is shared in accordance with “6. Shared use of private information”

 

x.         Otherwise permitted by laws and regulations

 

 

 

 

In addition, we may disclose information in a state where it is impossible to identify individuals such as statistical data.

6.        Joint use of Personal Data

We jointly use Personal Data as follows:

i.          Items of Personal Data that may be used jointly: data described in 1. i, 1. ii, and 1. iii above

ii.        Scope of joint users: our affiliate companies (click here for details)

iii.       Purpose of use for joint users: purpose described in 2. i and 2. ii above

iv.       Person responsible for managing such Personal Data: [email protected]

        Please refer to this page for the representative and address: https://colemanrg.com/

7.         Security management of Personal Data

We will keep Personal Data accurate and up-to-date to the extent necessary to achieve any of the purposes above, and will strive to delete Personal Data without delay which we no longer need to use.

 

In addition, in order to prevent unauthorized access to Personal Data, loss, damage, falsification, and leakage of Personal Data, we will implement necessary measures such as maintenance of security systems, development of management systems, and thorough employee education, and safety measures to strictly control Personal Data.

 

Details of safety management measures are as follows.

 

(Formulation of Basic Policies)

In order to ensure the proper handling of personal data, “Handling of personal information” was formulated as a basic policy for “compliance with relevant laws and guidelines” and “consultation and complaint inquiries regarding personal information.”

 

(Development of Disciplines on the Handling of Personal Data)

Formulation of Personal Information Handling Regulations and Safety Management Regulations that stipulate handling methods, persons in charge, and their duties at each stage of acquisition, use, storage, provision, deletion, disposal, etc. of personal data.

 

(Organizational Safety Management Measures)

(a) Establish a person in charge of the handling of personal data, clarify the scope of personal data handled by employees handling personal data, and establish a communication system for reporting in emergencies, etc.

(b) In addition to conducting periodic self-inspections of the status of personal data handled by other departments.

 

Conducting audits by certification bodies

(Measures for Human Security Management)

(a)Periodic training for employees on matters to be noted regarding the handling of personal data

(b)Matters concerning the confidentiality of personal data are described in the Work Rules.

 

(Physical Safety Management Measures)

(a)In areas where personal data is handled, restrictions are imposed on equipment used for employee access control and work, and measures are taken to prevent unauthorized persons from viewing personal data.

(b)Measures shall be taken to prevent theft or loss of equipment, electronic media, documents, etc. handling personal data, and measures shall be taken to prevent personal data from being easily identified when such equipment, electronic media, etc. are carried.

 

(Technical Safety Management Measures)

(a)Implement access control to limit the scope of persons in charge and personal information databases handled

(b)Introduced a mechanism to protect information systems that handle personal data from unauthorized access from outside sources or from unauthorized software.

 

(Understanding of External Environments)

 

Implementation of security control measures after understanding the system for the protection of personal information in the United States where personal data is stored

8.       Deletion or Correction of Personal Data in our Possession

To request correction, addition, or deletion of your Personal Data pursuant to applicable laws and regulations, please log in to the Site, and click on the ‘Personal Data’ link at the bottom of the page and follow the instructions, or by either:

9.       Cookies

We may track, collect, and aggregate information from your use of the Site, through the use of cookies or otherwise, indicating, among other things, which pages of our Site were visited, the order in which they were visited, when they were visited, and which hyperlinks were clicked. We also collect your IP address and standard log information, such as your browser type and operating system. Cookie Information may be tied to the above-mentioned Personal Information. The purpose of using Cookie Information when tied to Personal Information is handled in accordance with the above-mentioned purpose in addition to the use described in Cookie Policy.

10.       Changes to this Privacy Policy

We may modify this Privacy Policy and if any material changes are made to it, we will provide notice through our services or by other means to provide you the opportunity to review the changes before they become effective.

You acknowledge that your continued use of the Site after we publish or send a notice about our changes to this Privacy Policy means that the collection, use, and sharing of your Personal Data is subject to the updated Privacy Policy.

11.   Scope of this Privacy Policy

This Privacy Policy applies to collection, use or sharing of Personal Information in the Services. This Privacy Policy does not apply to collection, use or sharing of Personal Information on third party websites and services which are linked from the Services. We are not responsible or liable for collection, use or sharing of Personal Information on third party websites and services.

12.   Personal Information Controller

Coleman Research Group, Inc.

Please refer to this page for the representative and address: https://colemanrg.com/

13.   Contact information

Please see Section 7 above  for contact information regarding where you may submit questions or other inquiries regarding this Policy.

14.   Governing Law

The governing law of this Privacy Notice for Residents of Japan is Japanese law.  With respect to Personal Information about residents out of Japan, in addition to the Personal Information Act of Japan, we will comply with such applicable laws and regulations on protection of Personal Information as equivalent to the Personal Information Act of Japan.