Effective date: September 16th, 2019
Global Risk Profile (GRP, “We“, “Our“, “Us“) is an independent company specializing in third-party risk management related services.
Our headquarters are located in Geneva, Switzerland. GLOBAL RISK PROFILE SARL is registered with the Commercial Register of Geneva under the number CHE-115.880.517.
DATA PROTECTION LAW
The EU General Data Protection Regulation 2016/679 (GDPR) and the Data Protection Act 2018 (which supplements the GDPR) came into force on May 25th 2018. We refer to these as “data protection law”. Data protection law regulates the processing of “Personal Data” relating to individuals by organisations.
On this page, we have used some words and phrases, and these are explained below :
“Personal Data” means any information which relates to a living, identifiable person. It can include names, addresses, telephone numbers, email addresses etc but it is wider than that and includes any other information relating to that person or a combination of information which, if put together, means that the person can be identified.
“Processing” covers all activities relating to the use of Personal Data by an organisation, from its collection through to its storage and disposal and everything in between.
“Data subject” means the person whose Personal Data is being processed.
PRINCIPLES FOR PROCESSING PERSONAL DATA
Our principles for processing personal data are:
Fairness and lawfulness. When we process Personal Data, the individual rights of the Data Subjects must be protected. All Personal Data must be collected and processed in a legal and fair manner.
Restricted to a specific purpose. The Personal Data of Data Subject must be processed only for specific purposes.
Transparency. The Data Subject must be informed of how his/her data is being collected, processed and used.
INFORMATION WE COLLECT
We collect information about you in two ways: directly from your input and through automated technologies.
Data You Provide to Us
The types of personal information that we collect directly from you depend on how you interact with us and the Service, which may include: Contact details, such as your name, email address, postal address, and phone number.
Data From Service Use, including Cookies
The Service may automatically collect information about how you and your device interact with the Service, including:
Computer, device and connection information, such as IP address, browser type and version, operating system and other software installed on your device, mobile platform and unique device identifier and other technical identifiers, error reports and performance data;
Usage data, such as the features you used, the settings you selected, your URL click stream data, including date and time stamp and referring and exit pages, search terms you used, and pages you visited or searched for on the Service;
HOW WE USE YOUR PERSONAL DATA
GRP uses the collected Personal Data for various purposes:
To provide you with services
To notify you about changes to our services and/or products
To provide customer support
To gather analysis or valuable information so that we can improve our services
To detect, prevent and address technical issues
We endeavor to collect, use and retain Personal Data only for appropriate purposes. We limit the collection, use and retention of Personal Data to what we reasonably believe will help us deliver superior service, to administer our business, manage our risks, market our services and products, and meet applicable laws and regulations. We commit ourselves to never use information for any purpose other than what is strictly related to the service requested.
LOCATIONS OF PROCESSING
Your Personal Data may be stored and processed in your region or another country where GRP, maintain servers and facilities. We take steps, including through contracts, intended to ensure that the information continues to be protected wherever it is located in a manner consistent with the standards of protection required under applicable law.
We implement technical and organisational measures to seek to ensure a level of security appropriate to the risk to the personal information we process. These measures are aimed at ensuring the integrity, confidentiality, and availability of personal information.
The GDPR establishes certain rights of individuals in relation to their Personal Data. These rights (as limited under law) include:
the right to request access to the Personal Data that we hold about you;
the right to have us correct and update your Personal Data where it is inaccurate or incomplete;
the right to have us delete your Personal Data;
the right to object to our processing of your Personal Data;
the right to ask us to restrict the processing of your Personal Data;
the right to ask that we transfer your Personal Data; and
the right to withdraw consent to our processing of your Personal Data.
To find out more, and to exercise your rights under the GDPR, please contact us at email@example.com.
DATA PROTECTION OFFICER
Should you have comments or questions about this statement, you may contact our Data Protection Officer by email at: firstname.lastname@example.org.
ONLINE SECURITY TIPS
While Global Risk Profile is committed to ensure the highest standard of security on our systems, you as the end-user also play an important role to ensure you are adequately protected when you use the Internet. The following security practices are recommended:
Install anti-virus, anti-spyware and other internet security software on your PC. Use it regularly and keep it up-to-date.
Take advantage of your PC’s security features. Make sure your browser uses the strongest encryption available and be aware of the encryption levels of the sites and applications you use.
Regularly update your PC’s operating system and Web browser software with the vendor’s software patches and updates to protect your PC against known vulnerabilities.
Do what you can to prevent unauthorized people from using your PC.
Change your passwords often. Be sure to choose passwords that are hard for others to guess.
If you notice suspicious activity in your accounts, report it immediately to the appropriate parties.
Do not download or open any attachments sent to you by unsolicited email. Once opened, these programs may contain malicious programs that can compromise your PC’s security.
Be on the alert for phishing scams. Access Web sites by typing the Web addresses directly into your Web browser or by using Web addresses you have bookmarked, instead of via embedded links in unsolicited emails.