Privacy - Global Rate Set Systems

Scope

This privacy policy explains we, Global Rate Set Systems Ltd and its subsidiaries use any personal information collected about you, in accordance with applicable data protection laws, when you use this website or our wider services. Users can include customers, suppliers, business contacts, employees and other people we have a relationship with or may need to contact.

The privacy policy is designed to assist customers regarding:

what personal information do we collect about you?
on what basis do we collect, store and process your personal information
for what purpose are we using your personal information
how we are processing and holding secure your personal information
how long we are keeping your personal information
your protection rights in relation to your personal information
who is responsible for personal information protection at our company and who you can contact about this policy

We may change this policy from time to time, so it is important that you check here for updates.

What personal information do we collect about you?

We may collect personal information from you during business operations, including through:

your use of our website
when you contact or request information from us
when you contract our services or
as a result of your relationship with one or more of our staff and clients.

The personal information that we may collect from you, as a result of our business interactions with you or in the provision of services, includes information such as your name, the company you work for, your title or position, contact information, such as your postal address, email address and phone number(s).

We may collect from you Information required for billing services or paying invoices, information from your visits to our website or applications or in relation to contents and communications we send to you electronically, and any other information relating to you that you may provide to us.

Not all the information that we hold about you may have been provided by you directly and may have been provided by your employer or some other organisation. In disclosing the above personal information to us, the discloser confirms taht they have informed the natural persons whose information has been disclosed (employees, agents, etc.) of the information they are disclosing to us.

How we obtain your personal information

We collect personal information about you when you fill in a subscription agreement to receive benchmark data services either from one of our subsidiaries or via third parties where we are contracted to provide data subscription services. All subscription agreements signed by customers contain a clause that references this privacy policy.

We collect information about you when you are a user of our calculating agent systems and have agreed to abide by a Code of Conduct. Under such a Code of Conduct, you agree to provide personal information to allow us to provide you with access to the systems and also to contact you in relation to the operation of such systems.

We collect information on our website to process your enquiry and deal with your requests or notifications. If you agree, we may also use this information to share updates with you about our services which we believe may be of interest to you.

We collect information about you when you fill in any of the forms on our website such as when sending an enquiry, complaint, whistleblowing notification or giving feedback. Website usage information is collected using cookies.

cookies are text files put on your computer to collect standard internet log information and visitor behaviour information. This information is then used to track visitor use of the website and to create statistical reports on website activity. For more information visit www.allaboutcookies.org.
you can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. Please note in a few cases some of our website features may not function because of this.
when submitting forms on our website we use a third-party software provider for automated data collection and processing purposes. The third party providers will not use your personal information for any purposes and will only hold the personal information in accordance with our policy on personal information retention.

What is the basis for our using your personal information?

We use your personal information for the following:

to fulfil a contract for service where you have agreed to provide personal information as part of that contract
to meet a Code of Conduct, where personal information is required for meeting that Code of Conduct
to meet and comply with any legal and regulatory requirements
for other legitimate business reasons

How we use your personal information and why?

We use the personal information collected about you for the following purposes to:

provide the services you have requested from us, including the steps taken at your request before entering into any agreement
complete billing and invoice payment processes
improve this website and for monitoring how it is used
manage our interactions with you and our customers
meet any obligations that we have from a legal and regulatory perspective
understand how benchmark data is used and also to consult with users of the benchmarks on future developments
provide to any of our third-party service providers for the purposes of them providing services to you on our behalf. Our third-party service providers are not permitted to share or use personal information we make available to them for any other purpose than to provide services for us
promote our services to you

In all cases, we will only use your personal information subject to your instructions, data protection laws and our duty of confidentiality.

Our website

We use analytical tools to identify how visitors use our website so that we may make improvements and give visitors a better user experience.

Our analytical tools are part of a third-party information storage system that records information about the pages you visit, the length of time you were on specific pages and the website in general, how you arrived at the site and what you clicked on when you were there. These cookies do not store any personal information about you and we do not share this personal information.

An Internet Protocol (IP) address is a unique numerical address assigned to a computer as it logs on to the internet. Your IP address is logged when visiting our site, but our analytical software only uses this information to track how many visitors we have from geographic regions.

Transferring your information outside of Europe

As part of our services delivery the information which you give to us may be transferred to countries outside the European Union (EU). For example, some of our third-party providers may be located outside of the EU. Where this is the case, we will take steps to make sure the appropriate security measures are implemented so that your privacy rights continue to be respected as outlined in this policy. By using or participating in any service or by submitting your personal information, you agree to the possible transfer, storing or processing of your personal information outside the EU.

Security protection for personal information

We use appropriate technologies and organisational procedures to help protect your personal information from unauthorised access, use, disclosure, alteration or destruction consistent with applicable data protection laws.

Our information security policies are aligned with internationally recognised and widely used standards. Our calculating agent systems are compliant with the internationally recognised information security standard ISO27001. GRSS maintains an independently audited certification that we comply with ISO27001 and that our information security is managed in line with international best practice.

All our employees are required to follow our personal information privacy and security policies when handling personal information.

Where we have provided authentication information for you to access services, you are responsible for keeping this information confidential. For example we ask you not to share your password with anyone.

While we take all appropriate steps to protect your personal information it should be noted that no website, device, online application or transmission of personal information, computer system or wireless connection is completely secure from cyber-attack. We therefore cannot fully guarantee the security of your personal information.

Please refer to our Security Statement on this website.

Links to third party websites

This privacy statement only covers websites that we own and control. It does not cover links to other websites and accordingly any information collected by those third parties that own and control those websites or their use of cookies from their domains when you visit their websites.

Links to other websites are provided for information purposes. We will not automatically redirect you to a website that is not under our control for the provision of any of our services.

Additional services and marketing

You may choose to sign up to receive information about the services that we provide, and which may be of interest to you. If you have consented to receive marketing, you may opt out at any point as set out below. You will also be given the opportunity on every e-communication that we send you to indicate that you no longer wish to receive our e-communication.

You have a right at any time to stop us from contacting you for marketing purposes. To opt out please email: privacy@globalrateset.com

Information from children under 16 years of age

We understand the importance of taking extra precautions to protect the privacy and safety of children. Our services are not marketed to a broad group of consumers, however, the website will allow any person to download a subscription form/contact us form/whistleblowing or complaint form and to send this to us for processing. In the case, that a child under the age of 16 sends any such information to us, we will delete it, as soon as we identify it.

How long will we hold your personal information for?

We will retain your personal information for as long as we reasonably require it for legal, regulatory, business or contractual purposes. Your personal information will be retained in accordance with our Record Retention and Destruction Policy. That policy categorises all of the information held by us and specifies the appropriate retention period for each category of personal information.

Retention periods are determined by a number of factors, such as local laws and regulations, contractual agreements and applicable data protection laws.

Where there is no longer a legitimate reason for us to retain data we will delete or destroy any such personal information held by us.

Access to your information, correction, portability and deletion

Under EU General Data Protection Rules you have specific rights in respect to your personal information. These rights are your rights:

to be informed
of access
of rectification
to erasure
to restrict personal information processing
to personal information portability
to object
of automated personal information processing

Objections to processing of personal information

It is your right to lodge an objection to the processing of your personal information. The only reasons we will be able to deny your request is if we can show compelling legitimate grounds for the processing, which override your interests and rights, or the processing is for the establishment, exercise or defence of a legal claims.

Subject access

You have the right to request details of the personal information that we hold about you and copies of such personal information. To do this contact our Data Protection Officer using the details provided below.

Your right to be forgotten

You have the right to request to withdraw consent from us to holding personal information about you. This could mean that we are unable to continue to provide you with services. Should you wish for us to completely delete all information that we hold about you please be aware that your personal information may be required to be maintained under regulation and legislative requirements, and that we will be obliged under these circumstance to continue to hold that information.

Keeping accurate personal information

As a Personal Information Controller and Processor, we are bound by legislative and regulatory requirements and a best practice doctrine to ensure that any personal information we keep about you is accurate and up to date.

To advise us in any change to the personal information that we hold on you please email privacy@globalrateset.com

Enforcing your rights

If you wish to enforce any of your rights under applicable Personal Information Protection Laws, them please contact our Personal Information Protection Officer, as detailed below.

We will respond to your request within forty days from any such request, or sooner if possible.

Complaints

If you are concerned that we have not complied with your legal rights under applicable data protection laws, you may contact a relevant supervisory authority.

Personal Information Protection Officer

If you have any questions about this policy and your rights, please contact our Data Protection Officer by emailing privacy@globalrateset.com