In all cases, we will only use your personal information subject to your instructions, data protection laws and our duty of confidentiality.
We use analytical tools to identify how visitors use our website so that we may make improvements and give visitors a better user experience.
Our analytical tools are part of a third-party information storage system that records information about the pages you visit, the length of time you were on specific pages and the website in general, how you arrived at the site and what you clicked on when you were there. These cookies do not store any personal information about you and we do not share this personal information.
An Internet Protocol (IP) address is a unique numerical address assigned to a computer as it logs on to the internet. Your IP address is logged when visiting our site, but our analytical software only uses this information to track how many visitors we have from geographic regions.
Transferring your information outside of Europe
As part of our services delivery the information which you give to us may be transferred to countries outside the European Union (EU). For example, some of our third-party providers may be located outside of the EU. Where this is the case, we will take steps to make sure the appropriate security measures are implemented so that your privacy rights continue to be respected as outlined in this policy. By using or participating in any service or by submitting your personal information, you agree to the possible transfer, storing or processing of your personal information outside the EU.
Security protection for personal information
We use appropriate technologies and organisational procedures to help protect your personal information from unauthorised access, use, disclosure, alteration or destruction consistent with applicable data protection laws.
Our information security policies are aligned with internationally recognised and widely used standards. Our calculating agent systems are compliant with the internationally recognised information security standard ISO27001. GRSS maintains an independently audited certification that we comply with ISO27001 and that our information security is managed in line with international best practice.
All our employees are required to follow our personal information privacy and security policies when handling personal information.
Where we have provided authentication information for you to access services, you are responsible for keeping this information confidential. For example we ask you not to share your password with anyone.
While we take all appropriate steps to protect your personal information it should be noted that no website, device, online application or transmission of personal information, computer system or wireless connection is completely secure from cyber-attack. We therefore cannot fully guarantee the security of your personal information.
Please refer to our Security Statement on this website.
Links to third party websites
Links to other websites are provided for information purposes. We will not automatically redirect you to a website that is not under our control for the provision of any of our services.
Additional services and marketing
You may choose to sign up to receive information about the services that we provide, and which may be of interest to you. If you have consented to receive marketing, you may opt out at any point as set out below. You will also be given the opportunity on every e-communication that we send you to indicate that you no longer wish to receive our e-communication.
You have a right at any time to stop us from contacting you for marketing purposes. To opt out please email: firstname.lastname@example.org
Information from children under 16 years of age
We understand the importance of taking extra precautions to protect the privacy and safety of children. Our services are not marketed to a broad group of consumers, however, the website will allow any person to download a subscription form/contact us form/whistleblowing or complaint form and to send this to us for processing. In the case, that a child under the age of 16 sends any such information to us, we will delete it, as soon as we identify it.
How long will we hold your personal information for?
We will retain your personal information for as long as we reasonably require it for legal, regulatory, business or contractual purposes. Your personal information will be retained in accordance with our Record Retention and Destruction Policy. That policy categorises all of the information held by us and specifies the appropriate retention period for each category of personal information.
Retention periods are determined by a number of factors, such as local laws and regulations, contractual agreements and applicable data protection laws.
Where there is no longer a legitimate reason for us to retain data we will delete or destroy any such personal information held by us.
Access to your information, correction, portability and deletion
Under EU General Data Protection Rules you have specific rights in respect to your personal information. These rights are your rights: