This privacy notice will provide you with information about how we look after your personal data when you visit our website (regardless of where you see it) or use one of our services and to inform you about your privacy rights and how the law protects you.
Should we ask you to provide information by which you can be identified when using this website or any of our services or products, you can be assured that it will only be used in accordance with this privacy notice.
It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when collecting or processing personal data about you so that you are fully aware of how and why we are using your personal information data. This privacy notice supplements those other notices and is not intended to override them.
This notice additionally covers all aspects of the following country-specific privacy acts, about your rights, and gives you full transparency of how we collect and use your data.
- Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) which came into effect on 13 April 2000
- PIPEDA defines “personal information” as “information about an identifiable individual.”
- EU General Data Protection Regulation (GDPR) – which came into effect on May 25, 2018
- The California Consumer Privacy Act (CCPA) – which came into effect on January 1st, 2020
- The Virginia Consumer Data Protection Act (CDPA) – which comes into effect on 1st January 2023
In addition, please see our country-specific list at the bottom of this page. We aim to comply with all global laws and regulations, assuring you of our commitment to protecting your personal information.
Personal data we may collect
Personal data means any information about an individual from which that person can be identified (Personal Information). It does not include data where your identity has been removed or not associated with or linked to your personal data (anonymous data).
We may collect, use, store and transfer the following kinds of personal data about you:
- Identity data – this includes your first name, last name, title, preferred language and gender
- Contact data – this includes your address (home, postal or other physical address), email address and telephone numbers
- Transaction data – this includes details about payments to and from you and other details of services you have purchased from us and our fulfilment of your order
- Profile data – this includes details of your interests, preferences, feedback, and survey responses concerning your customer account
- Marketing and communications data – this includes your preferences in receiving marketing from our third parties and us and your communication preferences
- Technical data – which could include any of the following
- IP Addresses both internal and public
- Media Access Control (MAC) addresses
- Traffic data,
- Location data
- Web server log
- RADIUS logs
- Other communication data – whether this is required for our own billing purposes or otherwise. Including the resources that you access via an Internet Protocol (IP) address, browser type and version or any application used, time zone setting and location, operating system and platform and other technology on the devices you use to access our website or services
- Usage data – including information about how you use our website
Additionally, please note that where we need to collect personal data by law or under the terms of a contract, if you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with services that you are requesting). In this case, we may have to cancel a service you have requested, but we will notify you if this is the case at the time, depending on how you contacted us will determine how we let you know of this.
How we collect personal data
We use different methods to collect data from and about you including through:
- Direct interactions
You may give us your identity and contact data by filling in forms, by corresponding with us via our website or by email, post, phone or otherwise, when you register with us, subscribe to any services we offer, download information posted on our website, requesting information or further services from us, or when you enter into a contract with us.
- Automated technologies or interactions
We may automatically collect technical data about your device, including your IP address, operating system and browser type or application used to interact with any of our services, including this website, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and usage patterns and does not identify any individual equipment, browsing actions and patterns.
The purposes for which we use personal data
We will only use your personal data where the law allows us to. We may collect and process the following personal data about you for the purposes specified:
- Registration – The identity and contact data that you provide when registering to use our website or subscribing to our services will be used to provide you with the services you have subscribed to.
- Enquiries – If you contact us, we will use the identity and contact data that you supply in order to deal with and/or respond to your request or as is necessary for the performance of a contract with you or in order to take a step at your request prior to entering into a contract and/or where such processing is in our legitimate interests. We may also retain a record of that correspondence.
- Performance of a contract – We will process your identity, contact, and transaction data where it is necessary for the performance of a contract we are about to enter into or have entered into with you.
- Advertising, marketing and public relations – We may use your identity, contact and profile data to form a view on what we think you may want or need or what may be of interest to you as our customer, and in doing so, we may periodically send promotional emails about new services, special offers and other information that is deemed relevant to your use of our services. This is necessary for our legitimate interests in growing and developing our business, including our services. In addition, you will receive marketing communications from us if you have requested information from us or purchased services from us and, in each case, have not opted out of receiving that marketing. However, we will ask for express consent before we share your personal data with any third party for marketing purposes. You can ask us to stop sending marketing communications by contacting us.
- Surveys – If you choose to complete a survey that we use for research purposes, we will retain the information that you provide in response to that survey. This is necessary for our legitimate interest in understanding our customers, developing our business, and informing our marketing strategy.
- Administration – We may use your identity, contact, and technical data to protect our business and our website, including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data. This is necessary for our legitimate interest in running our business, the provision of administration and IT services, and network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise, and for compliance with our legal obligations.
- Website analytics – Technical and usage data may be collected as you navigate our website. We do this to find out things such as the number of visitors to the various parts of the website and to help us improve the website’s content and customise the content or layout of the website for you, in accordance with our legitimate interests. This is necessary for our legitimate interest in defining types of customers for our services, keeping our website updated and relevant, developing our business and informing our marketing strategy.
- Casting analytics – Technical and usage data may be collected automatically. We do this to find out what content providers are consumed and to help us improve the quality of the streaming service. This is necessary for our legitimate interest in defining the types of providers and content for our services, providing our patterns with reports, developing our business and informing our marketing strategy.
- Fault reporting – Suppose you contact us to report a fault with our website. In that case, we will use the identity and contact data provided to rectify that fault in accordance with our legitimate interests.
- Recruitment – Personal data provided for an employment opportunity will be processed to allow us to process and evaluate the merits of that application in accordance with our legitimate interests.
We may also use personal data which you provide to us, where the law allows us to do so, as follows:
- To deal with and/or respond to any enquiry or request made by you before entering into any contract or agreement with us or as a result of such contract or agreement
- Where we need to perform the contract, we are about to enter into or have entered into with you
- Where we need to comply with a legal or regulatory obligation, including the prevention of crime
- Where it is necessary for our legitimate interests (or those of a third party), your interests and fundamental rights do not override those interests
We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
We will only use your personal data for the purposes we collected unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is consistent with the original purpose, please contact our DPO. If we need to use your personal data for an unrelated purpose, we will notify you, and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Disclosure of personal data to third parties
Your personal data will only be disclosed to those of our employees or workers that have a need for such access for the purpose for which it was collected. Your personal data will not be disclosed to any other individuals or other entities except in the following circumstances:
- On occasion, we need to hire other companies to help us to serve you better and in some of these cases, we may need to share personal data that is necessary to perform tasks for us, such as market research companies
- Where it is necessary for the performance of our contract with you, including where you have asked us to do so or where we need to take steps to enforce any contract which may be entered into between us
- Where we are under a legal duty to do so in order to comply with any legal obligation
- To protect the rights, property or safety of our business, our employees and workers, customers, suppliers and others. This includes exchanging information with other companies and organisations for fraud prevention and credit risk reduction
We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as such terms are defined in section 1159 of the UK Companies Act 2006 (as amended from time to time).
If a third party acquires us or substantially all of our assets, personal data that we hold about our customers will be one of the transferred assets.
We require all third parties that process personal data on our behalf to respect the security of your personal data and to treat it in accordance with the law. Accordingly, we do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk.
Once we have received your personal data, we will use strict procedures and security features to prevent unauthorised access. Therefore, we urge you to take every precaution to protect your personal data on the internet.
You may review our Security Policy
Our Cyber Essentials Certificate
Our ISO27001 Certificate
Most of our employees and our group companies are based outside the European Economic Area (EEA), so their processing of your personal data will involve a transfer of data inside and outside the EEA.
Whenever we transfer your personal data out of or into the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- Where we use certain service providers, we may use specific contracts approved by the European Commission, which give personal data the same protection it has in Europe.
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield, which requires them to provide similar protection to personal data shared between Europe and the US.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data in or out of the EEA.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances, we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
Other websites and links
Our website may contain links to other websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control third-party websites and are not responsible for their privacy policies or for the content, accuracy or opinions expressed in such websites. We do not investigate, monitor or check third party websites for accuracy or completeness and the inclusion of any linked website on or through our website does not imply approval or endorsement by us of the linked website.
We may, from time to time, send push notifications. “Push notification” means a message which is delivered directly by GlobalReach Technology to your device during the course of providing the services to you. You can change your push notifications preferences to opt-out (or to request and enable push notifications) at any time by modifying the settings within your device’s notification settings.
We may insert a tracking pixel into marketing emails that you have signed up for or requested, and these are used to gauge feedback from our marketing interactions. This data is never sold or passed on to third parties. You may opt out of our marketing notifications at any time. Your email application should allow you to block such tracking pixels.
Third-Party Privacy Policies
You can choose to disable cookies through your individual browser options. To know more detailed information about cookie management with specific web browsers, it can be found on the browsers’ respective websites.
We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
The right to access – You have the right to request copies of your personal data. You will not have to pay a fee to access your personal data or to exercise any of your other rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.
The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that we transfer the data that we have collected to another organisation, or directly to you, under certain conditions.
- CCPA (California Consumer Privacy Act)
- CDPA (Virginia Consumer Data Protection Act)
Under these policies and acts, among other rights, consumers have the right to:
- Request that a business that collects a consumer’s personal data disclose the categories and specific pieces of personal data that a business has collected about consumers
- Request that a business deletes any personal data about the consumer that a business has collected
- Request that a business that sells a consumer’s personal data, not sell the consumer’s personal data
Additionally, CDPA surpasses the CCPA in its imposition upon companies of security and assessment requirements. – Please see our Information Security Policy about our commitment to securing your personal data within our platforms.
Data Subject Access Requests (DSARs)
You will not have to pay a fee to access your personal data or to exercise any of your other rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.
GlobalReach Technology does not knowingly collect any Personal Identifiable Information (PII) from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.
At GlobalReach Technology we aim to give every assurance we treat your privacy and data with the utmost respect and aim to adhere to and go above and beyond the following country-specific data privacy laws, offering full transparency and have in this privacy notice highlighted how your personal data may be collected, used and stored.
Personal Data Protection Act 2000 (Law No. 25,326)
Australia’s Privacy Act 1988
The Privacy Act is based on 13 APPs (Australian Privacy Principles) that cover transparency and anonymity; the collection, use and disclosure of data; maintaining the quality of data; and the data subject’s rights.
Article 5 of Brazil’s Federal Constitution 1988 includes general provisions relating to a person’s right to privacy. The Consumer Protection Code 1990 contains legislation regarding the collection, storage, processing and use of personal data. As well, the Brazilian Internet Act 2014 regulates the protection of privacy and personal data online.
Personal Information Protection and Electronic Documents Act (PIPEDA) 2000
The Information Technology – Personal Information Security Specification (GB/T 35273-2017)
Data privacy rights and protection are governed by Law 1581/12, Decree 1377/13, Law 1266/08 and Law 1273/09.
Data Protection 2018 Act (Law No. 502 of 23 May 2018), formerly the Danish Act on Processing of Personal Data Law (Act No. 429 of 31 May 2000).
Data Protection Act 2018 (HE 9/2018 VP)
Data Protection Act 2 (Law No. 2016-1321)
Federal Data Protection Act 2017 (Bundesdatenschutzgesetz – BDSG)
Law 2472/1997 (Data Protection Law)
Data Protection and the Processing of Personal Data (Act No. 90/2018)
Information Technology Act (No. 21 of 2000) and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules (Privacy Rules 2011)
Electronic Information and Transactions (EIT) Law (Law No. 11 of 2008) and its Amendment (Law No. 19 of 2016), Regulation No. 82 of 2012 (Reg. 82) and Regulation No. 20 of 2016 (the MOCI Regulation).
The Basic Law: Human Dignity and Liberty (5752-1992), and the Privacy Protection Law (5741-1981).
The APPI Amendment 2017 outlines data protection policies.
Personal Data Protection Act 2010 (Act 709).
Protection of Personal Data held by Private Properties 2010.
- NEW ZEALAND
Privacy Act 1993
Republic Act No. 10173 (also called the Data Privacy Act 2012)
Personal Data 2006 (Act No. 152 FZ) and the Information, Information Technologies and Information Protection Act 2006 (Act No. 149 FZ).
- SOUTH AFRICA
Protection of Personal Information (PoPI) Act 2013.
The Spanish Data Protection Act 1999 (Organic Law 15/1999).
The Swedish Data Protection Act (2018:218) and the Swedish Data Protection Regulation (2018:219) governs alongside the EU’s GDPR.
Federal Act on Data Protection (FADP) 2007.
The Personal Data Protection Bill
- UNITED KINGDOM
The Data Protection Act 2018 which incorporates the EU GDPR and supplements its provisions.
- UNITED STATES
No single law covers the entire USA
California Consumer Privacy Act (CCPA)
Virginia Consumer Data Protection Act (CDPA) – which comes into effect on 1st January 2023
The Uruguay Data Protection Act.
Article 28 of the Constitution of the Bolivarian Republic of Venezuela 200
Controlling your personal information
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.
The information you provide to us will be held securely on our systems and may be accessed by any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries from time to time (if any). We may also use your information to send you offers, and news about our services or those of other carefully selected companies which we think may be of interest to you. We may contact you by post, email, or telephone for these purposes.
You have the right to ask us not to process your personal data for marketing purposes. If you do not wish to be contacted by us with information about our services or those of other companies or you, want to limit the way in which we may contact you, please email email@example.com
We may also use and disclose information in aggregate (so that no individual customers are identified) for marketing and strategic purposes.
Finally, should our business enter into a joint venture with or be sold to or merged with another business entity. In that case, your information may be disclosed to our new business partners or owners.
If you believe that any information we are holding about you is incorrect or incomplete, please write to or email us as soon as possible at the above address. We will promptly correct any information found to be incorrect.
The personal data we hold about you must be accurate and current. Please keep us informed if your personal data changes during your relationship with us.
GlobalReach Technology EMEA Limited is a company incorporated and registered in England and Wales with company number 11104294 with its registered office at 51 Eastcheap, London, EC3M 1DT.
GlobalReach Technology Inc. is a company incorporated and registered in Delaware, USA with company number 6621093 with its registered office at 21600 Oxnard St, 19th Floor Woodland Hills, CA 91367.
Our GDPR statement is located here – https://globalreachtech.com/gdpr
Information on our ISO27001 accreditation – https://globalreachtech.com/iso-27001
Cyber Essentials accreditation – https://globalreachtech.com/cyber-essentials-certified
Contact us electronically here – https://globalreachtech.com/contact