Effective date: September 16th, 2019

Global Risk Profile (GRP, “We“, “Our“, “Us“) is an independent company specializing in third-party risk management related services.

Our headquarters are located in Geneva, Switzerland. GLOBAL RISK PROFILE SARL is registered with the Commercial Register of Geneva under the number CHE-115.880.517.

This privacy policy applies to

GRP is committed to protecting the privacy and security of your Personal Data. GRP provides this Privacy Policy to describe and explain our information practices, and the measures we take to protect your privacy and comply with applicable law and obligations. It describes how we collect, use, share and secure the Personal Data you provide. It also describes your choices regarding use, access and correction of your Personal Data.




The EU General Data Protection Regulation 2016/679 (GDPR) and the Data Protection Act 2018 (which supplements the GDPR) came into force on May 25th 2018.  We refer to these as “data protection law”. Data protection law regulates the processing of “Personal Data” relating to individuals by organisations.

On this page, we have used some words and phrases, and these are explained below :

  • “Personal Data” means any information which relates to a living, identifiable person.  It can include names, addresses, telephone numbers, email addresses etc but it is wider than that and includes any other information relating to that person or a combination of information which, if put together, means that the person can be identified.

  • “Processing” covers all activities relating to the use of Personal Data by an organisation, from its collection through to its storage and disposal and everything in between.

  • “Data subject” means the person whose Personal Data is being processed.



Our principles for processing personal data are:

  • Fairness and lawfulness. When we process Personal Data, the individual rights of the Data Subjects must be protected. All Personal Data must be collected and processed in a legal and fair manner.

  • Restricted to a specific purpose. The Personal Data of Data Subject must be processed only for specific purposes.

  • Transparency. The Data Subject must be informed of how his/her data is being collected, processed and used.



We collect information about you in two ways: directly from your input and through automated technologies.

  • Data You Provide to Us

The types of personal information that we collect directly from you depend on how you interact with us and the Service, which may include: Contact details, such as your name, email address, postal address, and phone number.

  •  Data From Service Use, including Cookies

The Service may automatically collect information about how you and your device interact with the Service, including:

Computer, device and connection information, such as IP address, browser type and version, operating system and other software installed on your device, mobile platform and unique device identifier and other technical identifiers, error reports and performance data;

Usage data, such as the features you used, the settings you selected, your URL click stream data, including date and time stamp and referring and exit pages, search terms you used, and pages you visited or searched for on the Service;

We collect this data through our servers and the use of cookies and other technologies. Cookies are small text files that can be read by a web server in the domain that put the cookie on your hard drive. We may use cookies and other technologies to store your preferences and settings, help you with signing in, provide targeted ads and analyse site operations. You can control cookies through your browser’s settings and other tools. However, if you block certain cookies, you may not be able to access certain parts or make full use of the Service. 



GRP uses the collected Personal Data for various purposes:

  • To provide you with services

  • To notify you about changes to our services and/or products

  • To provide customer support

  • To gather analysis or valuable information so that we can improve our services

  • To detect, prevent and address technical issues



We endeavor to collect, use and retain Personal Data only for appropriate purposes. We limit the collection, use and retention of Personal Data to what we reasonably believe will help us deliver superior service, to administer our business, manage our risks, market our services and products, and meet applicable laws and regulations. We commit ourselves to never use information for any purpose other than what is strictly related to the service requested.



Your Personal Data may be stored and processed in your region or another country where GRP, maintain servers and facilities. We take steps, including through contracts, intended to ensure that the information continues to be protected wherever it is located in a manner consistent with the standards of protection required under applicable law.



We implement technical and organisational measures to seek to ensure a level of security appropriate to the risk to the personal information we process. These measures are aimed at ensuring the integrity, confidentiality, and availability of personal information.



We reserve the right to modify this Privacy Policy at any time. Any changes will be posted on this page with an updated revision date. 



The GDPR establishes certain rights of individuals in relation to their Personal Data. These rights (as limited under law) include: 

  • the right to request access to the Personal Data that we hold about you; 

  • the right to have us correct and update your Personal Data where it is inaccurate or incomplete; 

  • the right to have us delete your Personal Data; 

  • the right to object to our processing of your Personal Data; 

  • the right to ask us to restrict the processing of your Personal Data; 

  • the right to ask that we transfer your Personal Data; and

  • the right to withdraw consent to our processing of your Personal Data. 

To find out more, and to exercise your rights under the GDPR, please contact us at



Should you have comments or questions about this statement, you may contact our Data Protection Officer by email at:



While Global Risk Profile is committed to ensure the highest standard of security on our systems, you as the end-user also play an important role to ensure you are adequately protected when you use the Internet. The following security practices are recommended:

  •  Install anti-virus, anti-spyware and other internet security software on your PC. Use it regularly and keep it up-to-date.

  • Take advantage of your PC’s security features. Make sure your browser uses the strongest encryption available and be aware of the encryption levels of the sites and applications you use.

  • Regularly update your PC’s operating system and Web browser software with the vendor’s software patches and updates to protect your PC against known vulnerabilities.

  • Do what you can to prevent unauthorized people from using your PC.

  • Change your passwords often. Be sure to choose passwords that are hard for others to guess.

  • If you notice suspicious activity in your accounts, report it immediately to the appropriate parties.

  • Do not download or open any attachments sent to you by unsolicited email. Once opened, these programs may contain malicious programs that can compromise your PC’s security.

Be on the alert for phishing scams. Access Web sites by typing the Web addresses directly into your Web browser or by using Web addresses you have bookmarked, instead of via embedded links in unsolicited emails.