ȺP has regional privacy policies where appropriate – please click for APAC, Australia and New Zealand and US. All Privacy Resources, which includes ȺP's approach to privacy, are available here.
We have offices across multiple locations, and our registered head office is located within the United Kingdom.
GB Group Plc
The Foundation
Herons Way
Chester Business Park
Chester United Kingdom
CH4 9GB
ȺP Registration Number: 02415211
This policy was last updated on the 1st of October, 2024.
This Privacy Policy explains to you how ȺP ('ȺP') together with its subsidiaries and affiliates (collectively, “us,” “we,” or “our”) is committed to the responsible management, use, and protection of personal information.
ȺP use and secure your personal data whilst you are using the ȺP website www.gbgplc.com or , when you enter into a contract with ȺP to provide services to your organisation, you visit one of our offices, or you apply for a job at ȺP. If you are interested in how we collect and process personal information about you through our products and services, please see our Products & Services Privacy Notice.
ȺP take the protection and security of your personal data very seriously and this policy sets out our responsibilities under the General Data Protection Regulation 2016 (‘GDPR’) and other applicable laws in England and Wales relating to the processing and security of personal data.
We have offices across multiple locations, and our registered head office is located within the United Kingdom.
GB Group Plc
The Foundation
Herons Way
Chester Business Park
Chester
CH4 9GB
United Kingdom
ȺP Registration Number: 02415211
If you have any questions about how your personal data is used by ȺP, please contact our Data Protection Officer using this form write to us at the address mentioned above, or call 0161 909 6713.
Our EEA representative is located in Spain at the following address
ȺP
WeWork Passeig de Gracia
Pg. de Gràcia, 17,
08007 Barcelona
Spain
ȺP review our Privacy Policy on an annual basis, sooner if changes to regulation require it or ȺP change the way we process personal data.
What personal data do ȺP collect and why?
Browsing our website: When you browse our website www.gbgplc.com, we will collect the Internet Protocol (IP) address of the device you are using, but will be unable to identify you at this point. We collect this data so that we can identify where customers are dropping out of the website and to identify areas of improvement to make the experience more engaging for our customers.
We use cookies on our website, so please see our Cookie Policy for more information.
Requesting a brochure: When you request a brochure from us, we will collect the following information from you:
Requesting a call back: when you request a call back from us, we will collect the following information from you:
Sales calls:Where you have been invited to attend a call with a member of ȺP’s sales team, we will collect the following information:
When a sales related appointment is made with you, if relevant, you will receive an email prior to the call advising we would like to record our interaction.
Upon joining the call, you will further be presented with the option to decline the recording of the call, should you wish to do so. The call recording can be stopped at any point and any data held deleted.
Subscribing to our marketing lists: Where you have asked to receive marketing from ȺP, we will collect the following information from you:
When you receive an email from ȺP, it will include an unsubscribe link, which you can click on if you wish to unsubscribe from our marketing lists. We will then add your email address to our suppression list, which will ensure you do not receive any further marketing from ȺP.
Please be assured we do not sell your personal data to third parties for marketing purposes.
Contests: Information you provide in regard to contests, sweepstakes, or other inquiries or forms you submit to us.
Requesting further information from us: Where you request further information from us by completing a form on our website in relation to our products and services, your details will be added to our marketing database to receive marketing from ȺP relevant to the products and services you have an interest in. We will collect the following data from you:
Email pixels: ȺP usespixels in some of our HTML email messages. Pixels are hyperlinks in remote images that are embedded in the email. The technology provides ȺP with analytical information about the user experience and help us customise our marketing activities by monitoring ‘clicks’. No additional personal data is collected. For the avoidance of doubt, this does not include any sharing or selling of any data or any cross context behavioural advertising under US privacy laws.
Conferences and events: As a global organisation, ȺP attends worldwide events and have marketing team members located around the world. ȺP will obtain from the event organiser a delegate list of all attendees who will have been informed that their personal data will be shared with ȺP.
Entering into an agreement with ȺP: When your organisation enters into an agreement with ȺP to provide products and services, we will collect additional information, which is necessary for: The performance of the contract we have with your organisation, such as billing information; and
Providing service messages related to general enhancements, and product update messages related to optional product purchase items to your organisation’s main contacts and product users, for the products and services ȺP are providing to you. When you receive an email from ȺP it will include an unsubscribe link, which you can click on if you wish to unsubscribe from our marketing lists. We will then add your email address to our suppression list, which will ensure you do not receive any further marketing from ȺP.
All personal data we collect is held electronically within our Customer Relationship Management systems (CRM) and email marketing solution HubSpot which are hosted in the United Kingdom and United States respectively.
Purpose and legal basis for processing
We process the information mentioned in this section in order to send you the brochure you requested, call you back, subscribe you to our marketing database or enter into an agreement with your organisation, as applicable. The legal basis we rely on to process this personal data is Article 6(1)(f) of the GDPR, which allows us to process personal data when it is necessary for the purposes of our legitimate interests subject to a balancing test to ensure our interests are not overridden by yours.
Who will we share your personal data with and why?
ȺP will share your information with third party service partners who are acting on behalf of ȺP as our data processor. Below are the details of whom ȺP will share your personal data with and why:
HubSpot Inc.: provides ȺP with an email marketing solution, which delivers marketing emails on our behalf. HubSpot is headquartered in the US and their product infrastructure is hosted on Amazon Web Services in the United States, with some services being routed through the Google Cloud Platform in Germany. We share the following personal data with HubSpot:
Price Waterhouse Coopers: supports ȺP with our CRM systems and, as a result, their teams located in Poland may access the live system for technical support.
Microsoft: our Dynamics 365 CRM system is cloud-based and hosted by Microsoft in the UK. In addition, when you visit our website you will be directed to the Microsoft Azure instance in the region nearest to you (Ireland, Hong Kong, California, or London) and the data will be stored in Ireland.
CustomerSure: carries out our Voice of the Customer surveys and is based in the UK. In order to determine customers’ level of satisfaction following their interaction with ȺP at various pre-defined trigger points, CustomerSure will receive personal information from ȺP's CRM systems. This is used to facilitate the sending of an email requesting completion of a survey and, following that, analysis of and appropriate reaction to the feedback received. The data is processed by CustomerSure in the UK with the exception of the disaster recovery backups, which are hosted in Ireland.
ȺP can assure you that we have taken all reasonable technical and organisational measures necessary to protect the personal information that our third party service partners may access.
Gong: records sales related voice and video calls. Email notification will be sent via email prior to the call if there is an intention by ȺP to record it. Your consent is collected upon you joining that call. If consent is declined, we will not proceed with the recording and the call will take place without it.
Recording is used to provide training and coaching opportunities and to monitor activity of ȺP’s sales teams. Calls recorded using Gong will be retained for 12 months.
Data will be processed and stored by Gong on its servers based in the USA.
SafeBase: provide ȺP's Secure and Trusted centre where you provide your corporate email address to access information required when conducting due diligence on ȺP. Your corporate email address is held in the US.
Accuracy of your personal data
As part of the account management process, ȺP will on a regular basis enquire if the personal data we hold about you is correct. You can also ensure your personal data is correct by using this form.
Alternatively, if your organisation has an agreement with ȺP for the provision of services, you can contact your ȺP account manager, who will ensure they update your record on our CRM system.
How long do we retain your personal data for and why?
Where we have collected your personal data for marketing purposes, we will retain your personal data for as long as you remain subscribed to our mailing lists or until you inform us that you no longer wish to receive marketing from us.
ȺP will retain the contact details for leads for up to 6 months, after which they will be deleted.
For account management purposes, we will retain the personal data for as long as we have the relationship with your organisation. If ȺP no longer has a relationship with your organisation, then we will only keep the relevant information, such as invoices, for audit purposes for 6 years after the relationship with ȺP has ended.
Once ȺP is informed you are no longer the contact we need to liaise with or you leave your organisation, we will remove your details from our system.
ȺP is able to transfer data to our processors located in the United States (i.e. HubSpot and Microsoft). We have taken appropriate safeguards to require that your personal information will remain protected in accordance with this privacy notice by implementing the European Commission’s Standard Contractual Clauses for transfers of personal information.
In addition, as a global organisation, we have sales teams located all over the world. It will be necessary for your personal data to be transferred to them for account management activities or, where you have requested it, for marketing purposes. ȺP will ensure the transfer of any personal data outside of the EEA is subject to appropriate safeguards.
Social media
If you contact us through one of our ȺP social media accounts by either a publicly visible message or a private direct message, this will be handled by our Communications Team. You will be asked to send your enquiry to the relevant team and provided with their email address. Messages received on social media containing personal data are deleted within one week.
We do not track individuals and the analytics data we receive is not at a granular level. We do not scrape data from LinkedIn. ȺP uses Sales Navigator to process personal data within LinkedIn. Obtaining personal data from LinkedIn by any other method is against the terms and conditions of LinkedIn and against ȺP policy.
Emails
We use Office 365 encryption (TLS/SSL, IPSec, AES) and Mimecast to encrypt and protect email traffic.
Purpose and legal basis for processing
We process the information mentioned in this section in order to be able to reply to any queries we receive and enhance the services we provide, which we believe also benefits our customers. The legal basis we rely on to process your personal data is Article 6(1)(f) of the GDPR, which allows us to process personal data when it is necessary for the purposes of our legitimate interests, subject to a balancing test to ensure our interests are not overridden by yours.
Analytics
We use Google Analytics to measure how users interact with our website in order to understand which parts of our sites are doing well, how people arrive at our site and so on. We use this information to improve our website. Google will not associate your IP address with any other data held by it. You can learn more about Google Analytics or opt out if you wish .
Cookies
We use various types of cookies in order to identify and track users and to store information about your preferences. Users may disable cookies; however, please keep in mind that if you decide not to accept all of the cookies, some parts of the site might not work properly. You can read more about how we use cookies in our Cookie Policy.
Search facility
The search facility on our website does notcollect any personal data. Search queries and results are logged anonymously to help us improve the website and search functionality, but we do not have the ability to identify any individuals.
Security and performance
We keep a record of traffic data, which is logged automatically by our server, such as your IP address and any error messages visitors may encounter. Any traffic data we process in order to monitor our website is anonymised when required for analytics.
Purpose and legal basis for processing
We process the information mentioned above for carefully considered and specific purposes mentioned in each section, which are in our legitimate interests to enable us to enhance the services we provide, which we believe also benefits our customers. This is in accordance with Article 6(1)(f) of the GDPR, subject to a balancing test to ensure our interests are not overridden by yours.
Visitor book
We meet visitors at our offices, including:
Our visitors are asked to sign in and out at reception. The information collected will be name, company, who you’re visiting, time in/time out, vehicle licence plate number (if applicable), and date. This information will be contained in the visitor’s badge, which you will be required to wear throughout your visit.
At the end of each working week, the visitor forms are securely destroyed.
If your visit is planned, we will send your name and visit information to reception prior to your visit so they are expecting you.
Purpose and legal basis for processing
It is important ȺP capture the details of visitors to our offices for various reasons, including but not limited to health and safety, fire safety, building security, and safety of our team members. To process visitor information, we rely on Article 6(1)(f) of the GDPR, which allows for processing on the basis of legitimate interests, subject to a balancing test to ensure our interests are not overridden by yours.
Digital sign-in system
To book your visit to ȺP’s office, you will be asked to use our App to register. The App that is used to collect this information is supplied by Proxyclick, who is based in the EEA and as part of the processing may transfer the data outside of the EEA for the purpose of software support.
The personal data we collect as part of this process is your name, email address and mobile number. We retain your data for 90 days to maintain an audit trail of visitor activity. At the end of this period your personal data will be automatically deleted.
If your visit is planned, we will send your name and visit information to reception prior to your visit so they are expecting you. A visitor badge will be given on arrival, which you will be required to wear throughout your visit.
If you have questions about or need further information concerning how long we keep your personal data for, please contact us using the contact details provided below.
Purpose and legal basis for processing
We use this system to make signing in visitors more efficient and as a way of recording any invoice data necessary to handle our payments to suppliers related to use of our facilities. We rely on legitimate interests as the lawful basis for processing such data under Article 6(1)(f) of the GDPR, subject to a balancing test to ensure our interests are not overridden by yours.
Wi-Fi
In order to access our on-site guest Wi-Fi, you will need to be on the list of authorised users to access the network. When connecting to the ȺP GUEST WI-FI network, you will be asked to enter in the email address of a ȺP nominee, who will authorise your request for internet access. Once the ȺP nominee has granted you permission, you will have access to the network. We monitor access to our internet, and log traffic information such as the IP address, sites visited, times and dates, log on times and log off times. This data is held for 12 months.
Our purpose for processing this information is to provide you with access to the internet while visiting our office and ensuring it is accessed in accordance with our policies. We are able to process this data on the basis of our legitimate interests in accordance with Article 6(1)(f) of the GDPR, subject to a balancing test to ensure our interests are not overridden by yours.
Purpose and legal basis for processing
The purpose for processing this information is to provide you with access to the internet while visiting our office. We are able to process this data on the basis of our legitimate interests in accordance with Article 6(1)(f) of the GDPR, subject to a balancing test to ensure our interests are not overridden by yours.
CCTV
Closed-circuit television (CCTV) operates both inside and outside our Chester, Kuala Lumpur, London, Melbourne, Turkey, and Worcester offices.
Generally, recordings will be retained for up to 30 calendar days, after which they will be deleted. Imagery required for investigative or evidential purposes may be retained beyond 30 days and is securely disposed of upon completion/conclusion of the purpose for which it was retained. Offices within a PCI DSS scope must retain CCTV footage for 90 days in order to comply with PCIDSS requirements.
Recordings are retained in a secure environment and are only accessible by authorised personnel who have a legitimate reason to do so.
Any CCTV used in our German, Beijing or New York offices is not operated by us, so we are not the data controller. It will be under the control of the relevant building landlord.
Purpose and legal basis for processing
ȺP uses CCTV imagery for the purposes of maintaining the safety and security of our building and team members, and for investigative purposes as evidence to support the effective management of any incidents. We rely on legitimate interests as the lawful basis for processing such data under Article 6(1)(f) of the GDPR, subject to a balancing test to ensure our interests are not overridden by yours.
When you apply online for a position with ȺP we will use the information you provide to assist in the recruitment and selection process. There is information we require in order to process your application, which within the software is depicted as mandatory fields. ȺP may also seek additional information from other sources, for example, by using your references in the final stages of the recruitment process.
You have the opportunity to provide information in relation to additional adjustments required for the recruitment process to assist you. This is to ensure we enable all individuals to compete on equal terms.You may choose to provide some special category data here, such as ethnicity, religious beliefs or medical conditions, but it is not required and can be provided at a later date.
Purpose and legal basis for processing
Our purpose for processing your data in the event of a job application is to assess your suitability for the role. We rely on Article 6(1)(a) of the GDPR, whereby you will provide your consent for the processing of your personal data for the purpose of potential employment.
With regard to any special category data you provide, we collect this information to monitor equality and diversity to ensure we comply with legislation such as the Equality Act 2010. We therefore rely on Article 9(2)(a) of the GDPR which will require explicit consent, since we collect such special category data for the purposes of carrying out our obligations in the field of employment and progressing our inclusion and diversity agenda.
Data retention
Information provided on the application form and any information obtained from other sources will be retained in all cases in hard copy format and/or electronically only for as long as is required for the purposes of:
Your data is retained for 12 months within Workable, our applicant tracking system, then it is automatically deleted. If you would like your data deleted sooner, please fill out this form or email compliance@gbgplc.com or write to: Privacy and Data Compliance, ȺP, The Foundation, Chester Business Park, Chester, CH4 9GB so we can raise this as a request for Workable Technology Limited to complete on our behalf.
If your recruitment process goes beyond 12 months, you will be aware of this, with your personal data then held by ȺP for the duration of the recruitment process.
If you are successful with your application, the personal data you have supplied to us will form part of your employment record.
Use of data processors
ȺP will share your information with third party service partners, who are acting on behalf of ȺP as our data processor:
Workable Technology Limited: provides ȺP with the software which controls the recruitment process. This is hosted in the UK. ȺP is unable to change the questions which have been asked or the process within the system you are taken through. Whilst Workable Technology Limited controls the “how” from a software perspective and hosts this platform, your personal data is gathered by ȺP as the data controller, so we decide on why this is processed, who it is shared with, etc. Workable Technology Limited support and maintenance purposes only.
SHL: provides ȺP with a global talent assessment platform which is hosted in the UK. As part of your application you may be requested to complete this assessment via a separate link. To generate this link, ȺP will need to have shared your name and email address. The data entered is then determined by you.
Other third parties
Where you have engaged with an external recruitment agency, they will have shared your details with ȺP for a role they have notified you about. The recruitment agency also acts as a data controller.
We are unable to be more explicit in this statement as to who they are as we work with a large number of agencies globally. If you would like more information regarding your personal data, please contact us using this form, or by writing to: Privacy and Data Compliance, ȺP, The Foundation, Chester Business Park, Chester, CH4 9GB.
We may also contact the named referee(s) you have supplied in order to provide a reference on you. Or once your application has been successful, your details may be shared with other third parties, such as a payroll provider. You will be notified of any further processing at the appropriate time.
Accuracy of your personal data
You enter your own information, so please ensure it is correct. If this needs to be updated, please contact talentattractionteam@gbgplc.com who will be able to facilitate your request.
International data transfers
Your personal information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country. However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this privacy notice and local data protection laws. For example, this includes implementing Standard Contractual Clauses for transfers of personal information between our group companies, which require all group companies to protect personal information they process from the EEA and UK in accordance with UK and European Union data protection laws. Our Standard Contractual Clauses can be provided on request. We have implemented similar appropriate safeguards with our data suppliers, third party service providers and partners, and further details can be provided upon request.
ISO 27001 Certification
ȺP are a global specialist in identity data intelligence for some of the largest organisations in the world, which is why ȺP aim to set the highest standards of information security and in doing so, have developed an Information Security Management System (ISMS) to meet the requirements of the ISO 27001:2013 standard. Its aim is to protect the confidentiality, integrity, and availability of ȺP and client held information resources and assets, thus safeguarding ȺP and its clients from unauthorised access, compromise and/or disclosure of data.
PCI-DSS Certification
Some of the services we provide are compliant with the Payment Card Industry Data Security Standard (PCI DSS). Being compliant with PCI DSS means that we are doing our very best to keep our customers’ valuable information safe and secure and out of the hands of people who could use that data in a fraudulent way. PCI ensure technical and operational strengths to raise the bar on our security.
Cyber Essentials Certification
In addition to the above, we have services that are Cyber Essentials accredited, this helps prevent the vast majority of cyber-attacks. Having a Cyber Essentials badge enables us to:
As an individual, you have rights under the GDPR regarding the use of your personal data, these are:
Please keep in mind that some of these rights are subject to an internal assessment that one of the grounds under the GDPR is satisfied.
You can send these requests using this form,or by post to:
Privacy & Data Compliance Team
GB Group Plc
The Foundation
Herons Way
Chester Business Park
Chester
CH4 9GB
United Kingdom
Or you can call 0161 909 6713.
You are not required to pay any charge for exercising your rights. We have one calendar month to respond to you. If ȺP are unable to comply with your request, we will provide you with an explanation.
We appreciate that at ȺP we may not always get things right and it is regrettable for us as an organisation when we receive a complaint. We take all complaints seriously and can assure you we will do our best to deliver a satisfactory outcome. If you do wish to complain about how your personal data is used by ȺP then please use this form, alternatively please write to us at:
Privacy & Data Compliance Team
GB Group Plc
The foundation
Herons Way
Chester Business Park
Chester
CH4 9GB
United Kingdom
ȺP will investigate and respond within 10 working days, this allows us time to investigate your complaint thoroughly.
Where you believe that ȺP has not taken our responsibilities with your personal data seriously, you have the right to complain to a Supervisory Authority. In the UK, ȺP's regulator is:
The Information Commissioner's office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone number: 0303 123 113 or 01625 545 745
Email:casework@ico.org.uk
This section describes how we collect, use, disclose, and otherwise process personal information of individual residents of the States of California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, and Montana in accordance with their corresponding privacy laws and regulations (each a “US Privacy Law” and collectively, the "US Privacy Laws"). For the purpose of this Privacy Policy “Personal Data” includes “personal information” as defined under the California Privacy Rights Act. All privacy rights requests will be actioned in accordance with its corresponding US Privacy Law.
California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon and Montana residents may exercise the following rights below, as applicable to them, via:
Sensitive Personal Data: We will not use or discloses your sensitive personal information for purposes other than those specified in section 7027 of the California Consumer Privacy Act regulations, subsection (m).
Verification: In order to exercise your rights, we will need to obtain information to locate you in our records and verify your identity depending on the nature of the request. If you are submitting a request on behalf of a household, we will need to verify each member of the household in the manner set forth in this section.
For Right to Know, Right to Correct, and Right to Delete, we may request an ID Document, as well as information on your First Name, Last Name, Email Address, Phone, Postal Address, and Date of Birth to verify your identity and ask that you declare, under penalty of perjury, that you are who you say you are.
Authorized Agents: You may use an authorized agent to exercise your rights on your behalf, in accordance with your applicable US Privacy Law. If you are making any of the requests above through an authorized agent, we will request written authorization from you and will seek to verify you as described above or (in regards to California residents) we will accept a legal Power of Attorney under the California Probate Code to the authorized agent. To make a request using an authorized agent, use dzܰ webform and upload documentation demonstrating you have authorized the agent to exercise rights on your behalf.
Appeal: If you are a resident of a US State that allows you to appeal a decision we have made in connection with your attempt to assert a right under applicable US Privacy Law, you may file an appeal of our decision by contacting us at compliance@gbgplc.com. Please ensure you provide us with the postal address in which you reside, accompanied with details for the basis of your appeal.
Your jurisdiction may allow you to file a complaint regarding any concerns with the result of your appeal request. US residents whose states have enacted an applicable privacy law may file a complaint with their corresponding state’s Attorney General or dedicated Agency if they have concerns about the result of the appeal.
Description of Personal Information Practices
Personal Data Categories |
Sources of Personal Data |
Business or Commercial Purpose for Collection |
Have we Sold the Personal Data |
With Whom We Share Personal Data |
Identifiers and information protected by Cal. Civ. Code 1798.80(e), such as real name, address, telephone number, email address, date of birth, |
You or ȺP customers to whom you provide it to. |
To enable use of our Sites, Services, products, to communicate with you, to understand how our users interact with our Sites, to improve our offerings, to market our products or services, to secure our Services, to fulfil our legal compliance obligations, in connection with a business merger or transaction, and otherwise for internal business purposes and to comply with applicable legal requirements |
No |
We share this information with our service providers, and with business customers partners and affiliates, in order to enable our Services and products to function. |
Financial information, such as credit or debit card information (solely in relation to our B2B transactions with our customers). |
You |
To transact with you if you use our products or services, to enable transactions you’ve requested, and otherwise for our own internal business purposes |
No |
We share this information with our service providers and business partners and affiliates, in order to enable our Services and products to function |
Commercial information and preferences, such as product purchase history, and contact information (name, job, title, work email, phone, and address) (solely in relation to our B2B transactions). |
You |
To transact with you, in your capacity as a B2B employee, if you use our Sites, products, or services, to enable transactions you’ve requested as a B2B employee, to market our products or services, and for our own internal business purposes such as record-keeping |
No |
We share this information with our service providers, third party advertising and analytics partners, and business partners and affiliates, in order to enable our Services and products to function |
Internet or other electronic network activity information, such as system version, browser type, internet service provider, browsing history, websites visited prior to our Sites, cookie IDs, device type, details about how you use our Site, the referring web page and pages visited, and other similar activity information |
Your device |
To enable use of our Sites, to communicate with you, to understand how you interact with our Sites, to secure our Services, to market our products or Services, and to improve our offerings |
No |
We share this information with our service providers, third party advertising and analytics partners, and business partners and affiliates, in order to enable our Services and products to function |
Image: Photo on a passport, driving license, or other identification document, (including the personal information contained therein), self-taken photos |
You or ȺP customers to whom you provide it to. |
To enable use of our services and products. |
No |
We share this information with our service providers, and business customers partners and affiliates |
Sensitive Personal Information: your driver’s license, passport, social security numbers, and any citizenship/immigration status contained in your passport; Biometric Information, meaning facial algorithms match scores for the purpose of authenticating ID documents |
You or ȺP customers to whom you provide it to. |
To enable use of our services and products. For employees, we would collect this for standard and/or legally mandated hiring and HR purposes only. |
No |
We share this information with our service providers and business customers and partners and affiliates, in order to enable our Services and products to function |
Professional or employment-related information, such as job title, employment history, background checks, and organizational affiliation |
You, or any third party to whom you have granted permission to provide us with the relevant personal information |
To provide services or products you’ve requested, to comply with applicable legal obligations, and for internal business purposes. For employees, we would collect this for standard and/or legally mandated hiring and HR purposes |
No |
We share this information with our service providers and business partners and affiliates, in order to enable our Services and products to function |
Timing: We will respond to rights requests, in compliance with the applicable US Privacy Law, usually within 45 days, unless we need more time in which case we will notify you and may take up to 90 days total to respond to your request if allowed to do so under applicable US Privacy Law.
Minors under 16: Please note that we do not knowingly collect or disclose personal information in relation to minors under the age of 16.
Your Nevada Notice
If you are a resident of the State of Nevada, you may opt out of future sales of certain covered information that a website operator has collected or will collect about the resident. We do not currently sell covered information thereunder, but should you have any questions as a Nevada resident please email us at compliace@gbgplc.com.
Pursuant to US Privacy Law requirements, below is a summary of the Personal Data we collect and process:
Personal Data Collected/Processed.
For any questions or concerns about our privacy policies and Information Practices please contact our US Data Protection Team using the following email: compliance@gbgplc.com.