Privacy Policy

CRO Advisors, LLC. (“CRO Advisors,” “we,” “our,” or “us”) is committed to transparency with respect to our data collection and use practices. Please read this Privacy Policy carefully. It provides important information about your personal information and tells you about your rights under applicable privacy laws. If you have any questions, comments, or concerns regarding this Privacy Policy and/or our data practices, please contact us.

This Privacy Policy applies to CRO Advisor’s corporate-facing website located at, and its domains, and any other websites that include a link and/or reference to this Privacy Policy (all of the foregoing, collectively, our “Websites”).


Information We Collect

Usage Information
We, or our authorized third-party service providers, automatically collect technical and/or analytics information about how you use and/or interact with our Websites, including, but not limited to, the log data and device data collected below (collectively, “Usage Information”). Usage Information allows CRO Advisors to understand how users are interacting with and using our Websites, and other actions taken in connection with the use of our Websites. We use this information for our internal purposes, specifically to operate, maintain, secure and improve our Websites.

Typically, all Usage Information is collected in anonymous form and does not identify you personally. To the extent any Usage Information is linked or tied to personally identifiable information, such information is deemed “personal data” and we will use it and protect it in accordance with this Privacy Policy.

Log Data
When you visit our Website(s), our servers may automatically log the standard data provided by your web browser. It may include your computer’s Internet Protocol (IP) address, your browser type and version, the pages you visit, the time and date of your visit, the time spent on each page, and other details.

Device Data
We may also collect data about the device you’re using to access our Websites. This data may include the device type, operating system, unique device identifiers, device settings, and geo-location data. What we collect can depend on the individual settings of your device and software. We recommend checking the policies of your device manufacturer or software provider to learn what information they make available to us.

Personal Information CRO Advisors Collects Directly From Users
When you contact us through the Websites and/or sign up to receive marketing communications from us, we may ask for personal information, such as your:

  • Name
  • Email
  • Social Media Profiles
  • Date of Birth
  • Phone/Mobile Number
  • Work Address

Social Media Interactions
If you interact with us through our social media pages and/or accounts through third party social networking sites (e.g., LinkedIn, Facebook, Instagram, or Twitter), we will collect data and/or information related to such interactions.

Aggregated Data
With the personal information and other data (including, Usage Information) collected by us, we process “Aggregated Data”, such as statistical or demographic data. Aggregated Data may be derived from personal information, but is not considered personal information under the law if it does not directly or indirectly reveal your identity. If we combine or connect Aggregated Data with your personal information so that it can directly or indirectly identify you, we treat the combined data as personal information, which will be processed in accordance with this Privacy Policy.

Legal Bases for Processing
We will process your personal information lawfully, fairly and in a transparent manner. We collect and process information about you only where we have legal bases for doing so.

We process your personal data for the following legal bases:

  • it’s necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract (for example, when we provide a service you request from us);
  • it satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote our services, and to protect our legal rights and interests;
  • you give us consent to do so for a specific purpose (for example, you might consent to us sending you our newsletter); or
  • we need to process your data to comply with a legal obligation.

Data Retention and Security

Personal information is processed for the period necessary to fulfill the purposes for which it is collected, to comply with legal and regulatory obligations and for the duration of any period necessary to establish, exercise or defend any legal rights. In order to determine the most appropriate retention periods for your personal information, we consider the amount, nature and sensitivity of your information, the reasons for which we collect and process your personal information, and applicable legal requirements.

In some instances, we may choose to anonymize personal information instead of deleting it, for statistical use, for instance. When we choose to anonymize, we make sure that there is no way that the personal information can be linked back to any specific individual.

While we retain this information, we will protect it within commercially acceptable means to prevent loss and theft, as well as unauthorized access, disclosure, copying, use or modification. That said, please note that no method of electronic transmission or storage is 100% secure and we cannot guarantee absolute data security.

Collection and Use of Information

We may collect, hold, use and disclose information for the following purposes and personal information will not be further processed in a manner that is incompatible with these purposes:

  • to enable you to customize or personalize your experience of our Websites;
  • to host and provide our Websites;
  • to deliver direct marketing communications to you regarding products and services of ours that we may think are of interest to you;
  • to respond to your queries and requests, or otherwise communicate directly with you;
  • to provide customized advertisements, content, and information (provided that, where required under applicable law, we will only provide you with tailored content with your opt-in consent);
  • where we need to process your data to comply with a legal obligation.

Disclosure of Personal Information to Third Parties

We may disclose personal information to:

Third party service providers that help us in the operation, provision, administration and management of our Websites, and to otherwise operate our business. Depending on how you use our Websites, the following categories of third party service providers collect data on our behalf or receive personal information: IT service providers, data storage, hosting and server providers, ad networks, analytics, error loggers, debt collectors, maintenance or problem-solving providers, marketing or advertising providers, professional advisors, and payment systems operators; and our employees, contractors and/or related entities.

To successors and/or acquires of our business and/or assets. If we or our assets are acquired, or in the unlikely event that we go out of business or enter bankruptcy, we would include data among the assets transferred to any parties who acquire us. You acknowledge that such transfers may occur, and that any parties who acquire us may continue to use your personal information according to this policy. law enforcement and/or other government agencies if we are required to disclose personal information by law, such as pursuant to a subpoena, warrant or other judicial or administrative order, our policy is to respond to requests that are properly issued by law enforcement within the United States or other agencies with proper jurisdiction. Under such circumstances, unless prohibited by applicable law, we will attempt to provide you with prior notice that a request for your information has been made in order to give you an opportunity to object to the disclosure. We will attempt to provide this notice by email, if you have given us an email address. However, government requests may include a court-granted non-disclosure order, which prohibits us from giving notice to the affected individual. In cases where we receive a non-disclosure order, we will notify you when it has expired or once we are authorized to do so. Note that if we receive information that provides us with a good faith belief that there is an exigent emergency involving the danger of death or serious physical injury to a person, we may provide information to law enforcement trying to prevent or mitigate the danger (if we have it), to be determined on a case-by-case basis.

To other third parties with your consent. There may be situations where you are asked to consent to share personal information with third parties for additional reasons not included in this Privacy Policy. In such event, we will only share such personal information if we have received your prior consent and only for the purposes as listed in the request to share such information.

International Transfers of Personal Information

CRO Advisors is based in the United States. The personal information that we collect is sent to and stored on servers located in the United States. Such storage is necessary in order to process the information. CRO Advisors operates globally and may transfer the personal data that we collect from you to our other offices and/or to the third parties mentioned in the circumstances described throughout this Privacy Policy, which may be situated outside of your country or regional area, and may be processed by staff operating outside of your country or regional area. In particular, information provided to us or collected by us likely will be transferred to and processed in the United States by us or our affiliates and our respective agents and contractors. The data protection laws of the United States or other countries may not be as comprehensive or equivalent to those in your country of residence.

The European Union’s General Data Protection Regulation (“GDPR”) allows for transfer of personal data from the European Union to a third country in certain situations. We rely on legally-provided mechanisms to lawfully transfer personal information across borders. For example, we may enter into the EU Standard Contractual Clauses adopted by the EU Commission. More information about the Standard Contractual Clauses is available here.

Your Rights and Controlling Your Personal Information

The right to be informed: You have the right to be information, which is an obligation on us to inform you how we use your personal data (and that’s what we’re doing in this Privacy Policy).

The right to erasure (also known as the ‘right to be forgotten’): You have the right in certain circumstances to ask us to delete the personal data we have about you (unless there’s an overriding legal reason we need to keep it).

Withdrawing Consent: You have the right to revoke any consent you may have previously given us at any time, if we have collected and processed your personal information with your consent. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.

The right to object: You have the right to object to us processing your personal data (for example, if you object to us processing your data for direct marketing).

Restrict: You may choose to restrict the collection or use of your personal information. If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us using the details below. If you ask us to restrict or limit how we process your personal information, we will let you know how the restriction affects your use of our Websites.

Access and data portability: You may request details of the personal information that we hold about you. You may request a copy of the personal information we hold about you. Where possible, we will provide this information in CSV format or other easily readable machine format. You may request that we erase the personal information we hold about you at any time. You may also request that we transfer this personal information to another third party.

Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading or out of date.

Notification of data breaches: We will comply laws applicable to us in respect of any data breach.

Rights in relation to automated decision-making and profiling: You have the right for us to be transparent about any profiling we do, or any automated decision-making.

Complaints: If you believe that we have breached a relevant data protection law and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You also have the right to contact a regulatory body or data protection authority in relation to your complaint.

Unsubscribe: To unsubscribe from our e-mail database or opt-out of marketing communications, please contact us using the details below or opt-out using the opt-out facilities provided in the communication. We will use commercially reasonable efforts to process such requests in a timely manner. Note that you cannot opt out of receiving service-related communications relating to your use of the Websites (for e.g., updates regarding changes to this Privacy Policy).

Exercising your Rights

These rights are subject to certain rules around when and to what extent you can exercise them.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights) unless your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

We will respond to all legitimate requests within the time periods required by law. Occasionally it may take us longer than the minimum timeframes under applicable law if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated as required by law.

Finally, if you are located in the European Economic Area, you have the right to make a complaint at any time to the supervisory authority for data protection issues in your country of residence. We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority, so please contact us first.

Cookies & Targeted Advertising

We or authorized third parties may collect certain information (including, without limitation, Usage Information) by automated means using technologies such as cookies, web beacons, embedded scripts, pixels, browser analysis tools, server logs, and mobile identifiers; however, even though we use these technologies to track the use of our Websites, CRO Advisors does not directly track users across third party websites, provided that, certain targeting & advertising partners (as described below) may track you across websites. 

We may use third party advertising partners (e.g., Google, Inc.) who use targeting/advertising cookies and similar technologies to deliver advertisements that are more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaigns. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website and this information is shared with other organizations such as advertisers. 

Sensitive Data

CRO Advisors does not require you to provide any sensitive data about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, health and genetics, or biometric data to use the Websites.


CRO Advisors does not target the Websites, or any of our products and/or services, to persons under the age of 18, nor does CRO Advisors knowingly collect personal information of, persons under the age of 13 or the equivalent age as specified by law in the applicable jurisdiction (e.g., 16 years of age if you are located in the EEA). Therefore, we ask you not to provide us with personal information of persons under the age of 13 or the equivalent age as specified by law in your jurisdiction. If we learn that personal information of persons under the age of 13 or the equivalent age as specified by law in the applicable jurisdiction, has been collected on or through the Websites, then we may deactivate the account or otherwise terminate access to the Websites and/or make the user content inaccessible.

Third Party Social Media Plug-ins

On or through the Websites, we may provide third-party “share” buttons which enable you to share certain content via social media sites (e.g., Facebook, Twitter, Instagram, YouTube, and LinkedIn). These “share” buttons may function as web beacons when you interact with the button. Please note that when you “share” using the buttons, you may send to the third party provider of the “share” button the information that you are viewing. If you are not logged into your account with the third party provider, then the third party may not know your identity. If you are logged in to your account with the third party, then the third party may be able to link information or actions about your interactions with the Websites to your account with the applicable third party provider. Please refer to each third party’s privacy policies to learn more about its data practices.

External Websites

On or through the Websites we may provide or make available, for informational purposes only, links to other websites or resources with which we do not have a contractual relationship and over which we do not have control (“External Websites”). Such links do not constitute an endorsement by CRO Advisors of those External Websites, and are provided to you only as a convenience. By clicking on links to External Websites, the operators of the External Websites may collect your personal information. We are not responsible for the content or data collection practices of those External Websites, and your use of External Websites is subject to their respective terms of use and privacy policies.

Changes to this Policy

CRO Advisors reserves the right to update or modify this Privacy Policy at any time. Except for material changes as described below in this Section, all updates and modifications to this Privacy Policy will be effective from the day they are posted online at If we make any material changes to this Privacy Policy, we will provide you with reasonable notice prior to such change taking effect by posting a prominent notice of any such changes on our Websites and, if we have an email address for you on file, sending a notification to you via email. Material changes to this Privacy Policy will become effective on the date set forth in the notice, and all other changes will become effective from the day they are posted on online. It is your responsibility to regularly visit and review this Privacy Policy.

If you do not agree to any updates or modifications to the Privacy Policy, cease all use of our Websites. Your continued use of our Websites after the applicable effective date of the revised Privacy Policy, signifies to us that you acknowledge and agree to be bound by the revised Privacy Policy.

How to Contact Us

If you have any questions about this Privacy Policy or Terms or Service, including any requests to exercise your legal rights, please contact us as follows:

Via our Contact us page

332 S. Michigan Ave.
Suite 121 # 5379
Chicago, IL 60604