This policy applies across all websites that we own and operate, all apps and other platforms we use and all services we provide (“Services”). Our websites include,,,,,, and (“Websites”).

This policy applies to identifiable information about you like your name, email, address, phone number, bank account details, payment information and so on (“Personal Data”). If you can’t be identified (for example, when Personal Data has been aggregated and anonymised) then this policy doesn’t apply.

We may need to update this policy from time to time as we undertake new Personal Data practices or adopt new privacy policies. We reserve the right to amend this Privacy Policy and Terms of Use at any time, for any reason, without notice to you, other than the posting of the amended Privacy Policy and Terms of Use at our Websites. You should check our Websites frequently to see the current Privacy Policy and Terms of Use that are in effect and any changes that may have been made to them.

Who are ‘we’?

When we refer to ‘we’ (or ‘our’ or ‘us’), that means Crimson Consulting Limited and our subsidiaries. We may also refer to ourselves as ‘Crimson’. Our headquarters are in New Zealand but we operate and have offices all over the world. Address details for all Crimson locations are available on the Our Locations page.

How we collect your data

When you visit our Websites or use our Services, we collect Personal Data. The ways we collect it can be broadly categorised into the following:

Information you provide to us directly: When you visit or use some parts of our Websites and use our Services we might ask you to provide Personal Data to us. For example, we ask for your contact information when you register for one of our events, fill out any forms on our Websites, participate in seminars or webinars with us, apply for a job with us or contact us with questions/ request support. If you don’t want to provide us with Personal Data, you don’t have to, but it might mean you cant use some parts of our Websites or Services.

Information we collect automatically: We collect some information about you automatically when you visit our Websites or use our Services, which may include your internet protocol (IP) address, region, or general location where your computer or device is accessing the internet, browser type, operating system and device type. We also collect information when you navigate through our Websites and Services, including what pages you looked at and what links you clicked on. This information is useful for us as it helps us get a better understanding of how you’re using our Websites and Services so that we can continue to provide the best experience possible (for example, by personalising the content you see). Some of this information is collected using cookies, web beacons and similar tracking technologies.

Crimson may keep a record of third party websites accessed when a user is on a Website and clicks on a hyperlink. We do not track users when they cross to third-party websites or provide targeted advertising to Crimson, and therefore Do Not Track (DNT) signals do not apply to Crimson.

Information we get from third parties: The majority of information we collect, we collect directly from you. Sometimes we might collect Personal Data about you from other sources, such as publicly available materials or trusted third parties like our marketing and research partners. We use this information to supplement the Personal Data we already hold about you, in order to better inform, personalise and improve our Services, and to validate the Personal Data you provide. Where we collect Personal Data, we’ll only process it:

  • to perform a contract with you, or
  • where we have legitimate interests to process the Personal Data and they’re not overridden by your rights, or
  • in accordance with a legal obligation, or
  • where we have your consent.

How we use your data

We may use your Personal Data to:

  1. Operate our Websites;
  2. Help diagnose problems with our server and to administer our Websites, analyse trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences and designing our Websites to better suit our users’ needs;
  3. Help Crimson understand our students and their guardians needs and interests to better tailor our Services to meet your needs;
  4. Provide you with information about our events, information or Crimson-related Services;
  5. Populate your Google Calendar data in your Crimson App calendar;
  6. Keep your Google Calendar in sync with your Crimson App calendar and vice versa; and
  7. Manage our relationship with you;
  8. Detect and prevent fraudulent activity and make sure everyone is using our Websites and Services fairly and in accordance with our Terms of Use
  9. Send you text messages (message and data rates may apply, message frequency varies); and
  10. Carry out any other legitimate purpose.

How we can share your data

Crimson may enter into arrangements with third parties in which such third parties will promote Crimson’s Services on their websites. If you are interested in such Services, you will be asked to share Personal Data to receive more information about the Services. In some cases, the third party will collect Personal Data and provide it to Crimson at your direction. In other cases, Crimson will collect Personal Data from you directly and provide it to such third party, in which case the third party may use your Personal Data in accordance with their privacy policy as though you had provided it directly to such third party. Your Personal Data will be subject to such third party’s privacy policy as well as Crimson’s privacy policy.

Crimson’s Websites use interfaces with social media sites such as Facebook, Instagram, Twitter and others. If you choose to "like" or share information from Crimson’s Websites through these services, you should review the privacy policy of that service. If you are a member of a social media site, the interfaces may allow the social media site to connect your site visit to your Personal Data.

Additional to the above, we will only disclose information to third parties in the following cases:

  • as required by law, such as to comply with a subpoena or similar legal process
  • when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, to investigate fraud, or to respond to a government request
  • if we are involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice through our app of any change in ownership or uses of your Personal Data, as well as any choices you may have regarding your Personal Data
  • to any other third party with your prior consent to do so.


When we share data, it may be transferred to, and processed in, countries other than the country you live in – such as any country where our offices are located. These countries may have laws different to what you’re used to. Rest assured, where we disclose Personal Data to a third party in another country, we put safeguards in place to ensure your Personal Data remains protected.


To help protect the privacy of data and personally identifiable information you transmit through use of our Websites, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your Personal Data to those employees who need to know that information to provide benefits or Services to you. In addition, our employees are aware of the importance of confidentiality and maintaining the privacy and security of your information. We commit to taking appropriate disciplinary measures to enforce our employees' privacy responsibilities.

The security of your Google Calendar's Personal Data is important to us. We take commercially reasonable measures and follow generally accepted standards to protect the information you provide us, both during transmission and once we receive it. For example, the information you provide is transmitted via encryption using technologies such as secure socket layer technology (SSL).

No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee the absolute security of your information.


Your Personal Data is stored by Crimson on its servers, and on the servers of the cloud-based database management services Crimson engages, these services are stored across the globe and are managed and maintained by their professional teams. Crimson retains data for the duration of your relationship with Crimson and for a period of time thereafter to allow you to recommence your relationship with Crimson, to analyse the data for Crimson’s own operations, and for historical and archiving purposes (for example, to comply with applicable legal, tax and accounting requirements). For more information on where and how long your Personal Data is stored, and for more information on your rights of erasure and portability, please contact us at the address below.

Your rights

It’s your Personal Data and you have certain rights relating to it. Crimson, from time-to-time, may send you marketing communications using the Personal Data you provide to us. You can ask us not to send you marketing communications at any time by following the unsubscribe button at the bottom of the marketing communication, or by making a request by emailing

You also have rights to:

  • know what Personal Data we hold about you, and to make sure it’s correct and up to date;
  • request a copy of your Personal Data, or ask us to restrict processing your Personal Data or delete it; and
  • object to our continued processing of your Personal Data.

You can exercise these rights at any time by contacting us at the address below. Crimson will answer your request within a reasonable timeframe. If the request cannot be met within a reasonable time frame, Crimson will provide you with a date when the information will be provided. If for some reason the request is denied, Crimson will provide an explanation as to why it has been denied.

How to contact us

If you would like to find out about what Personal Data we hold about you, exercise your rights, or you have a question or feedback for us on this policy, our Websites or Services, please get in touch via

Crimson Education is not affiliated or associated with any university, college, or education institution mentioned on this website.