This privacy notice will provide you with information about how we look after your personal data when you visit our website (regardless of where you see it) or use one of our services. It will also inform you about your privacy rights and how the law protects you.
Should we ask you to provide information by which you can be identified when using this website or any of our services or products, you can be assured that it will only be used in accordance with this privacy notice.
It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when collecting or processing personal data about you so that you are fully aware of how and why we are using your personal information data. This privacy notice supplements those other notices and is not intended to override them.
We have appointed a Data Protection Officer (DPO) responsible for overseeing questions concerning this privacy policy. If you have any questions, including any requests to exercise your legal rights, please contact the DPO using the details set out at the bottom of this privacy notice.
This notice additionally covers all aspects of the following country-specific privacy acts about your rights and gives you full transparency of how we collect and use your data.
- Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), which came into effect on 13 April 2000
- PIPEDA defines “personal information” as “information about an identifiable individual.”
- EU General Data Protection Regulation (GDPR) – which came into effect on May 25, 2018
- The California Consumer Privacy Act (CCPA) – which came into effect on January 1st, 2020
- The Virginia Consumer Data Protection Act (CDPA) – which came into effect on 1st January 2023
- The CPA (Colorado) Colorado Privacy Act – which came into effect on July 1st, 2023
- The Utah Consumer Privacy Act (UCPA) – which came into effect in December 2023
In addition, please see our country-specific list at the bottom of this page. We aim to comply with all global laws and regulations, assuring you of our commitment to protecting your personal information.
Personal data we may collect
Personal data means any information about an individual from which that person can be identified (Personal Information). It does not include data where your identity has been removed or not associated with or linked to your personal data (anonymous data).
We may collect, use, store, and transfer the following kinds of personal data about you:
- Identity data – this includes your first name, last name, title, preferred language, and gender
- Contact data – this includes your address (home, postal, or other physical address), email address, and telephone numbers
- Transaction data – this includes details about payments to and from you and other details of services you have purchased from us and our fulfillment of your order.
- Profile data – this includes details of your interests, preferences, feedback, and survey responses concerning your customer account.
- Marketing and communications data – this includes your preferences in receiving marketing from our third parties and us and your communication preferences.
- Technical data – which could include any of the following
- IP Addresses both internal and public
- Media Access Control (MAC) addresses
- Traffic data,
- Location data
- Web server log
- CDRs
- RADIUS logs
- Other communication data – whether this is required for our own billing purposes or otherwise. Including the resources that you access via an Internet Protocol (IP) address, browser type, and version or any application used, time zone setting and location, operating system and platform, and other technology on the devices you use to access our website or services
- Usage data – including information about how you use our website
Additionally, please note that where we need to collect personal data by law or under the terms of a contract, if you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with services that you are requesting). In this case, we may have to cancel a service you have requested, but we will notify you if this is the case at the time; depending on how you contact us will determine how we will let you know of this.
How we collect personal data
We use different methods to collect data from and about you, including through:
- Direct interactions – You may give us your identity and contact data by filling in forms, by corresponding with us via our website or by email, post, phone or otherwise when you register with us, subscribe to any services we offer, download information posted on our website, requesting information or further services from us, or when you enter into a contract with us.
- Automated technologies or interactions – We may automatically collect technical data about your device, including your IP address, operating system, and browser type or application used to interact with any of our services, including this website, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and usage patterns and does not identify any individual equipment, browsing actions, or patterns.
The purposes for which we use personal data
We will only use your personal data where the law allows us to. We may collect and process the following personal data about you for the purposes specified:
- Registration – The identity and contact data that you provide when registering to use our website or subscribing to our services will be used to provide you with the services you have subscribed to.
- Enquiries – If you contact us, we will use the identity and contact data that you supply in order to deal with and/or respond to your request or as is necessary for the performance of a contract with you or in order to take a step at your request prior to entering into a contract and/or where such processing is in our legitimate interests. We may also retain a record of that correspondence.
- Performance of a contract – We will process your identity, contact, and transaction data where it is necessary for the performance of a contract we are about to enter into or have entered into with you.
- Advertising, marketing, and public relations – We may use your identity, contact and profile data to form a view on what we think you may want or need or what may be of interest to you as our customer, and in doing so, we may periodically send promotional emails about new services, special offers and other information that is deemed relevant to your use of our services. This is necessary for our legitimate interests in growing and developing our business, including our services. In addition, you will receive marketing communications from us if you have requested information from us or purchased services from us and, in each case, have not opted out of receiving that marketing. However, we will ask for express consent before we share your personal data with any third party for marketing purposes. You can ask us to stop sending marketing communications by contacting us.
- Surveys – If you choose to complete a survey that we use for research purposes, we will retain the information that you provide in response to that survey. This is necessary for our legitimate interest in understanding our customers, developing our business, and informing our marketing strategy.
- Administration – We may use your identity, contact, and technical data to protect our business and our website, including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data. This is necessary for our legitimate interest in running our business, the provision of administration and IT services, and network security to prevent fraud in the context of a business reorganization or group restructuring exercise and for compliance with our legal obligations.
- Website analytics – Technical and usage data may be collected as you navigate our website. We do this to find out things such as the number of visitors to the various parts of the website and to help us improve the website’s content and customize the content or layout of the website for you in accordance with our legitimate interests. This is necessary for our legitimate interest in defining types of customers for our services, keeping our website updated and relevant, developing our business, and informing our marketing strategy.
- Casting analytics – Technical and usage data may be collected automatically. We do this to find out what content providers are consuming and to help us improve the quality of the streaming service. This is necessary for our legitimate interest in defining the types of providers and content for our services, providing our patterns with reports, developing our business, and informing our marketing strategy.
- Fault reporting – Suppose you contact us to report a fault with our website. In that case, we will use the identity and contact data provided to rectify that fault in accordance with our legitimate interests.
- Recruitment – Personal data provided for an employment opportunity will be processed to allow us to process and evaluate the merits of that application in accordance with our legitimate interests.
We may also use personal data which you provide to us, where the law allows us to do so, as follows:
- To deal with and/or respond to any enquiry or request made by you before entering into any contract or agreement with us or as a result of such contract or agreement
- Where we need to perform the contract we are about to enter into or have entered into with you
- Where we need to comply with a legal or regulatory obligation, including the prevention of crime
- Where it is necessary for our legitimate interests (or those of a third party), your interests and fundamental rights do not override those interests.
Where we process personal data based on legitimate interest, as set out in this privacy policy, legitimate interest means the interest of our business in conducting and managing our business to enable us to give you the best service and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before processing your personal data for our legitimate interests.
We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
We will only use your personal data for the purposes we collect unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is consistent with the original purpose, please contact our DPO. If we need to use your personal data for an unrelated purpose, we will notify you, and we will explain the legal basis that allows us to do so.
Please note that we may process your personal data without your knowledge or consent in compliance with the above rules where this is required or permitted by law.
Disclosure of personal data to third parties
Your personal data will only be disclosed to those of our employees or workers who have a need for such access for the purpose for which it was collected. Your personal data will not be disclosed to any other individuals or other entities except in the following circumstances:
- On occasion, we need to hire other companies to help us to serve you better and in some of these cases, we may need to share personal data that is necessary to perform tasks for us, such as market research companies
- Where it is necessary for the performance of our contract with you, including where you have asked us to do so or where we need to take steps to enforce any contract which may be entered into between us
- Where we are under a legal duty to do so in order to comply with any legal obligation
- To protect the rights, property, or safety of our business, our employees and workers, customers, suppliers, and others. This includes exchanging information with other companies and organizations for fraud prevention and credit risk reduction.
We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company, and its subsidiaries, as such terms are defined in section 1159 of the UK Companies Act 2006 (as amended from time to time).
If a third party acquires us or substantially all of our assets, personal data that we hold about our customers will be one of the transferred assets.
We require all third parties that process personal data on our behalf to respect the security of your personal data and to treat it in accordance with the law. Accordingly, we do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Security
We are committed to ensuring that your personal data is secure. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure the personal data we collect. In addition, the access to and use of the personal data that we collect is restricted to our employees who need the personal data to perform a specific job role or activity. Where personal data is shared with third parties in line with this privacy policy, responsible measures are used to protect your personal data.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to prevent unauthorized access. Therefore, we urge you to take every precaution to protect your personal data on the internet.
You may review our Security Policy
https://globalreachtech.com/information-security-policy
Our Cyber Essentials Certificate
https://globalreachtech.com/cyber-essentials-certified
Our ISO27001 Certificate
https://globalreachtech.com/iso-27001
International transfers
Most of our employees and our group companies are based outside the European Economic Area (EEA), so their processing of your personal data will involve a transfer of data inside and outside the EEA.
Whenever we transfer your personal data out of or into the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- Where we use certain service providers, we may use specific contracts approved by the European Commission, which give personal data the same protection it has in Europe.
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield, which requires them to provide similar protection to personal data shared between Europe and the US.
Please contact us if you want further information on the specific mechanism we use when transferring your personal data in or out of the EEA.
Data retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances, we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
Other websites and links
Our website may contain links to other websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control third-party websites and are not responsible for their privacy policies or for the content, accuracy, or opinions expressed in such websites. We do not investigate, monitor, or check third-party websites for accuracy or completeness, and the inclusion of any linked website on or through our website does not imply approval or endorsement by us of the linked website.
Suppose you decide to leave this website and access these third-party websites, plug-ins, and/or applications; you do so at your own risk. We encourage you to read the privacy policy of every website you visit.
Push notifications
We may, from time to time, send push notifications. “Push notification” means a message that is delivered directly by GlobalReach Technology to your device during the course of providing the services to you. You can change your push notifications preferences to opt-out (or to request and enable push notifications) at any time by modifying the settings within your device’s notification settings.
Email “Pixel”
We may insert a tracking pixel into marketing emails that you have signed up for or requested, and these are used to gauge feedback from our marketing interactions. This data is never sold or passed on to third parties. You may opt out of our marketing notifications at any time. Your email application should allow you to block such tracking pixels.
Third-Party Privacy Policies
This Privacy Policy does not apply to other advertisers or websites. Thus, we are advising you to consult the respective Privacy Policies of these third-party ad servers for more detailed information. It may include their practices and instructions about how to opt out of certain options.
You can choose to disable cookies through your individual browser options. More detailed information about cookie management with specific web browsers can be found on the browsers’ respective websites.
GDPR Privacy Policy (Data Protection Rights) & UK Data Protection Act
We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
The right to access – You have the right to request copies of your personal data. You will not have to pay a fee to access your personal data or to exercise any of your other rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.
The right to erasure – You have the right to request that we erase your personal data under certain conditions.
The right to restrict processing – You have the right to request that we restrict the processing of your personal data under certain conditions.
The right to object to processing – You have the right to object to our processing of your personal data under certain conditions.
The right to data portability – You have the right to request that we transfer the data that we have collected to another organization or directly to you under certain conditions.
CCPA & CDPA Privacy Policy
- CCPA (California Consumer Privacy Act)
- CDPA (Virginia Consumer Data Protection Act)
Under these policies and acts, among other rights, consumers have the right to:
- Request that a business that collects a consumer’s personal data disclose the categories and specific pieces of personal data that a business has collected about consumers
- Request that a business delete any personal data about the consumer that a business has collected
- Request that a business that sells a consumer’s personal data not sell the consumer’s personal data
Additionally, the CDPA surpasses the CCPA in its imposition of security and assessment requirements upon companies. – Please see our Information Security Policy about our commitment to securing your personal data within our platforms.
Data Subject Access Requests (DSARs)
You will not have to pay a fee to access your personal data or to exercise any of your other rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Children’s Information
Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.
GlobalReach Technology does not knowingly collect any Personal Identifiable Information (PII) from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately, and we will do our best to promptly remove such information from our records.
Country-Specific
At GlobalReach Technology, we aim to give every assurance we treat your privacy and data with the utmost respect and aim to adhere to and go above and beyond the following country-specific data privacy laws, offering full transparency and have in this privacy notice highlighted how your personal data may be collected, used and stored.
- ARGENTINA – Personal Data Protection Act 2000 (Law No. 25,326)
- AUSTRALIA – Australia’s Privacy Act 1988The Privacy Act is based on 13 APPs (Australian Privacy Principles) that cover transparency and anonymity; the collection, use, and disclosure of data; maintaining the quality of data; and the data subject’s rights.
- BRAZIL – Article 5 of Brazil’s Federal Constitution 1988 includes general provisions relating to a person’s right to privacy. The Consumer Protection Code 1990 contains legislation regarding the collection, storage, processing and use of personal data. As well, the Brazilian Internet Act 2014 regulates the protection of privacy and personal data online.
- CANADA – Personal Information Protection and Electronic Documents Act (PIPEDA) 2000
- CHINA – The Information Technology – Personal Information Security Specification (GB/T 35273-2017)
- COLOMBIA – Data privacy rights and protection are governed by Law 1581/12, Decree 1377/13, Law 1266/08 and Law 1273/09.
- DENMARK – Data Protection 2018 Act (Law No. 502 of 23 May 2018), formerly the Danish Act on Processing of Personal Data Law (Act No. 429 of 31 May 2000).
- FINLAND – Data Protection Act 2018 (HE 9/2018 VP)
- FRANCE – Data Protection Act 2 (Law No. 2016-1321)
- GERMANY – Federal Data Protection Act 2017 (Bundesdatenschutzgesetz – BDSG)
- GREECE – Law 2472/1997 (Data Protection Law)
- ICELAND – Data Protection and the Processing of Personal Data (Act No. 90/2018)
- INDIA – Information Technology Act (No. 21 of 2000) and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules (Privacy Rules 2011)
- INDONESIA – Electronic Information and Transactions (EIT) Law (Law No. 11 of 2008) and its Amendment (Law No. 19 of 2016), Regulation No. 82 of 2012 (Reg. 82) and Regulation No. 20 of 2016 (the MOCI Regulation).
- ISRAEL – The Basic Law: Human Dignity and Liberty (5752-1992), and the Privacy Protection Law (5741-1981).
- JAPAN – The APPI Amendment 2017 outlines data protection policies.
- MALAYSIA – Personal Data Protection Act 2010 (Act 709).
- MEXICO – Protection of Personal Data held by Private Properties 2010.
- NEW ZEALAND – Privacy Act 1993
- PHILIPPINES – Republic Act No. 10173 (also called the Data Privacy Act 2012)
- RUSSIA – Personal Data 2006 (Act No. 152 FZ) and the Information, Information Technologies and Information Protection Act 2006 (Act No. 149 FZ).
- SOUTH AFRICA – Protection of Personal Information (PoPI) Act 2013.
- SPAIN – The Spanish Data Protection Act 1999 (Organic Law 15/1999).
- SWEDEN – The Swedish Data Protection Act (2018:218) and the Swedish Data Protection Regulation (2018:219) governs alongside the EU’s GDPR.
- SWITZERLAND – Federal Act on Data Protection (FADP) 2007.
- THAILAND – The Personal Data Protection Bill
- UNITED KINGDOM – The Data Protection Act 2018 which incorporates the EU GDPR and supplements its provisions.
- UNITED STATES – No single law covers the entire USA
- The California Consumer Privacy Act (CCPA)
- The Virginia Consumer Data Protection Act (CDPA)
- The Colorado Privacy Act (CPA)
- The Utah Consumer Privacy Act (UCPA)
- URUGUAY – The Uruguay Data Protection Act.
- VENEZUELA – Article 28 of the Constitution of the Bolivarian Republic of Venezuela 200
Controlling your personal information
We will not sell, distribute, or lease your personal information to third parties unless we have your permission or are required by law to do so.
The information you provide to us will be held securely on our systems and may be accessed by any member of our group, which means our subsidiaries, our ultimate holding company, and its subsidiaries from time to time (if any). We may also use your information to send you offers and news about our services or those of other carefully selected companies which we think may be of interest to you. We may contact you by post, email, or telephone for these purposes.
You have the right to ask us not to process your personal data for marketing purposes. If you do not wish to be contacted by us with information about our services or those of other companies or you, want to limit the way in which we may contact you, please email dpo@globalreachtech.com
We may also use and disclose information in aggregate (so that no individual customers are identified) for marketing and strategic purposes.
Finally, should our business enter into a joint venture with or be sold to or merged with another business entity. In that case, your information may be disclosed to our new business partners or owners.
If you believe that any information we are holding about you is incorrect or incomplete, please write to or email us as soon as possible at the above address. We will promptly correct any information found to be incorrect.
Changes to this privacy policy
This version was last updated on 2nd January 2024. Any changes that we make to our privacy policy in the future will be posted on this page.
The personal data we hold about you must be accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Other information
GlobalReach Technology EMEA Limited is a company incorporated and registered in England and Wales with company number 11104294 and its registered office at 51 Eastcheap, London, EC3M 1DT.
GlobalReach Technology Inc. is a company incorporated and registered in Delaware, USA, with company number 6621093 and a registered office at 21600 Oxnard St, 19th Floor Woodland Hills, CA 91367.
Our cookie policy is located here – https://globalreachtech.com/cookie
Information on our ISO27001 accreditation – https://globalreachtech.com/iso-27001
Cyber Essentials accreditation – https://globalreachtech.com/cyber-essentials-certified
Contact us electronically here – https://globalreachtech.com/contact