Privacy Policy Statement

Last revised: August 31, 2024

 

Introduction

This Privacy Policy Statement explains (i) what personal data we (GR8 Entity and its affiliates operating in their offices (collectively referred to below as “GR8 Entity”, “we”)) process about you, (ii) how we process it and for what purposes. It also gives (iii) information on the rights you have in relation to the processing of your personal data and (iv) an overview of the main processing activities we do in relation to your personal data that may be processed by GR8 Entity.

Arising a conflict between the English and other language versions of this Privacy Notice, the English version shall prevail.

This Privacy Notice may be amended from time to time to take into account changes in applicable laws or in the way we handle your personal data.

The General Data Protection Regulation (“GDPR”) is considered to be the global leading standard where it comes to privacy regulation. GR8 Entity has decided to abide by the GDPR standard in all the countries where it carries business with possible additional measures depending on applicable local laws, such as the UK Data Protection Act 2018 (“UK DPA”), the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020 (“CCPA”), and the Canadian Privacy Act and the Quebec Act Respecting the Protection of Personal Information in the Private Sector (the two latter hereinafter referred to as the “Canadian Laws”; and all collectively, the “Other Applicable Laws”).

 

Information about GR8 Entity

GR8 Entity is registered in England & Wales, under the UK Companies House Registration  number 07240785, having its registered office at Brookfield Court, Selby Road, Leeds, LS25 1NB, England. Any contact or notices shall be addressed as described in the “Contact us” section below.

 

Scope

This Privacy Policy Statement applies to personal information processed by us in our business, including on our websites, mobile applications, and our related online and offline offerings (collectively, the “Services”).

 

How we may collect your Personal Data

We may collect or obtain your personal data:

• When you interact with GR8 Entity website(s)
• When you visit our offices
• When undertaking “Know Your Customer” and/or sanction checks
• From contractors, shareholders, affiliates, subsidiaries and newly acquired businesses, members of the board of directors, public authorities, previous employers, and educational/membership institutions.
• Account Information– When you create an account with us, whether as a Client or an Agent, we may collect personal information including your name, physical and email address, date of birth, phone number, username, and password.
• Client Information– If you are a Client, we may also collect information from you including the name and address of your business, your title at the business, and the industry associated with your business. We may further collect information about Authorized Users who you authorize to use the Services on behalf of your business.
• Agent Information– If you are an Agent, we may also collect information about your background, including your educational background, employment history, personal references, and CV to assess your suitability, aptitude, skills, and qualifications for acting as an Agent. We may also collect information in order to validate your identity, such as a taxpayer identification number or a copy of a government-issued identification.
• Project Information– We will additionally collect information from you about Projects such as the type of Project to be performed for a Client and the work product produced by an Agent.
• Payment Information– When you create an account on the Services, we may receive payment information allowing you to pay us and/or us to pay you. Except for a few limited instances, we use third-party payment providers to process payments on the Services. We may receive information associated with your payment information, such as billing address and transaction information, but we do not directly store payment information on the Services except for the few instances referenced above.
• Your Communications with Us– As part of email and other digital correspondence or subscriptions. We collect personal information from you such as email address, phone number, or mailing address when you request information about our Services or buy products or services from us or register for our newsletter or loyalty program, request customer or technical support, or otherwise communicate with us when you provide products or services to us
• Surveys– We may contact you to participate in surveys. If you decide to participate, you may be asked to provide certain information which may include personal information.
• Interactive Features– We may offer interactive features such as collaboration tools, forums, blogs, chat and messaging services, and social media pages. We and others who use our Services may collect the information you submit or make available through these interactive features. Any content you provide via the public sections of these features will be considered “public” and is not subject to the privacy protections referenced herein. By using these interactive features, you assume the risk that the personal information provided by you may be viewed and used by third parties for their own purposes. ‍
• Registration for Sweepstakes or Contests– We may run sweepstakes and contests. Contact information you provide may be used to inform you about the sweepstakes or contest and for other promotional, marketing and business purposes, if permitted by law. In some jurisdictions, we are required to publicly share information of winners. ‍
• Customer Service and Support– If you call or otherwise interact with our customer service and support, we may collect the information you provide to our representatives. In addition, we may record telephone calls between you and our representatives for training and quality assurance purposes. ‍
• Conferences, Trade Shows, and Other Events– We may attend conferences, trade shows, and other events where we collect personal information from individuals who interact with or express an interest in the Services. If you provide us with any information at one of these events, we will use it for the purposes for which it was collected. ‍
• Business Development and Strategic Partnerships–  We may collect personal information from individuals and third parties to assess and pursue potential business opportunities. ‍
• Job Applications– We may post job openings and opportunities on the Services. If you reply to one of these postings by submitting your application, CV and/or cover letter to us, we will collect and process the information contained therein to assess your suitability, aptitude, skills, and qualifications for employment.

The provision of personal data may be required to access whitepapers, participate to events, or enter in contracts. The refusal to provide personal data may result in you being unable to access services, information or events.

 

What Personal Data we may collect

We may collect and process the following categories of personal data about you:

• Contact information, such as first name, last name, email address, home address, telephone number and other contact information,
• Professional information, such as job title and/or seniority levels, company name, industry sector, country of location, information relevant to the work, service or other relationship we may have with you, business contact details, bank and financial details, communication and correspondence,
• Technical data, i.e., information generated by you visiting our website or engaging with us on social media (including, but not limited to, IP addresses, interactions with emails/website, social handles or usernames),
• Your thoughts and opinions when you offer feedback on our business or service or when you take part in forums or other,
• Audio and visual recordings or photographs when you take part in recorded meetings, events or forums, and
• Details relating to sanction or Know Your Customer checks.

We typically do not seek sensitive information (e.g., data relating to race or ethnic origin, religious beliefs, criminal record, physical or mental health or sexual orientation) from you, and you are prohibited from posting or sending such data, except:

•  if such sensitive information is requested by local law, or
•  from time to time, in specific circumstances, for dietary or accessibility requirements when attending events, forums or meetings.

Data/Information collected automatically

Agent Training– In order to enhance Agent training by our Clients or for other purposes, we may facilitate the recording of audio and/or video during online meetings conducted between Clients and Agents. The online meetings are conducted using third party services (e.g., Zoom) and Clients may choose to enable the functionality on these services to record online meetings with Agents. A visual and/or audio notification that recording is taking place will be presented during the recording. An Agent may deny a Client’s request to record the meeting, but such denial may lead to the Client not working with the Agent. Our Clients may store recordings of online meetings within their accounts on the Services. A Client may at its own discretion share a recorded online meeting with Agents or other individuals for training purposes or other reasons. ‍

Agent Work Information– We may collect information describing an Agent’s work for a Project on behalf of a Client (“Work Information”). Our service includes software which Agents may download and install. This software collects Work Information provided by the Agent, such a textual description of work performed by the Agent for a Project. The software also automatically collects Work Information about the Agent’s work for the Client, such as keystrokes, mouse clicks, screenshots, and webcam pictures of the Agent. Agents are informed when the software is collecting such Work Information. An Agent may decline collection of Work Information, although doing so may prevent the Agent from working on a Project for a Client. The software mentioned above sends the collected Work Information to us, and we may share some or all of the Work Information with the Client. We may also use the Work Information for fraud detection, statistical analyses, or other purposes. ‍

Automatic Data Collection– We may collect certain information automatically when you use the Services. This information may include your Internet protocol (IP) address, user settings, MAC address, cookie identifiers, mobile carrier, mobile advertising and other unique identifiers, details about your browser, operating system or device, location information (including inferred location based off of your IP address), Internet service provider, pages that you visit before, during and after using the Services, information about the links you click, information about how you interact with the Services, including the frequency and duration of your activities, and other information about how you use the Services. Information we collect may be associated with accounts and other devices. ‍

Cookies, Pixel Tags/Web Beacons, and Analytics Information– We, as well as third parties that provide content, advertising, or other functionality on the Services, may use cookies, pixel tags, local storage, and other technologies (“Technologies”) to automatically collect information through the Services. Technologies are essentially small data files placed on your devices that allow us and our partners to record certain pieces of information whenever you visit or interact with our Services. Cookies. Cookies are small text files placed in device browsers to store their preferences. Most browsers allow you to block and delete cookies. However, if you do that, the Services may not work properly.

Pixel Tags/Web Beacons– A pixel tag (also known as a web beacon) is a piece of code embedded in the Services that collects information about engagement on the Services. The use of a pixel tag allows us to record, for example, that a user has visited a particular web page or clicked on a particular advertisement. We may also include web beacons in e-mails to understand whether messages have been opened, acted on, or forwarded. ‍

Analytics– We may also use Google Analytics and other service providers to collect and process analytics information on our Services. For more information about Google Analytics, please visit www.google.com/policies/privacy/partners/. You can opt out of Google’s collection and processing of data generated by your use of the Services by going to http://tools.google.com/dlpage/gaoptout. ‍

Information from Other Sources– We may obtain information about you from other sources, including through third party services and organizations. For example, if you access our Services through a third-party application, such as a social networking site or a third-party login service, we may collect information about you from that third-party that you have made available via your privacy settings. We may also collect information about Agents, including information about Agents’ work experiences, from third-party references provided by the Agents and from reviews of Agents’ previous work made available by third-party online services.

 

How we may use your Personal Data

In compliance with GDPR and Other Applicable Laws, we may process your personal data:

• because you have given your consent to the processing of your personal data;
• to perform a contract to which you or your employer are party or in order to take steps at your request prior to entering into a contract;
• to comply with a legal obligation to which we are subject;
• when the processing is necessary for the purposes of the legitimate interests pursued by us or a third party (e.g. partners, service providers), except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data, unless the country law does not accept legitimate interest as a legal ground; Our legitimate interests include but aren’t limited to administration, growth and promotion of our business.

Please note that GR8 Entity does not sell personal information.

 

Why we may need your Personal Data

Depending on how you interact with us, we may process your personal data in connection with our services or for other business purposes to:

• Manage our relationship and administer our business as a part of an agreement with you or your organisation,
• administer any accounts or profiles related to you or your organisation, which may include registration, subscription, purchase, billing events, and/or payments,
• answer your questions and requests or comply with your instructions or to fulfil other, specified purposes for which you have given your consent,
• enable you to access to certain restricted part of our websites,
• enable you to download specific documentation (e.g. Whitepapers),
• enable you to attend a live or hosted event or a webinar,
• enable us to manage and secure our website or service including compile aggregate statistics regarding the use of the websites,
• for marketing or research purposes and development purposes for new content, services and/or products aiming at improving, testing, and enhancing features of current services,
• send you offers and promotional materials or communications regarding our services that we feel may be of interest to you,
• perform matched audience with third-party social media (i.e., LinkedIn, Facebook and Instagram) to share our content with you through them,
• provide you with personalized advertising,
• manage the forums to which you may take part,
• conduct satisfaction surveys and gather feedback on our services,
• comply with the law and legal obligations,
• respond to a request or order from a court, regulator, or authority when required by law,
• exercise our rights and protect our own and others’ rights and/or property;

 

How we may share or disclose your Personal Data

Your data may be shared with the following categories of recipients:

• other GR8 Entity entities
• business partners (e.g. to provide, sell or improve products/services or to host events),
• service providers (e.g. to pass your requests to them or for data security and storage services),
• social media or other markets/advertising providers,
• any organisation who seeks to invest in or purchase our businesses, and/or
• third parties where we believe that such disclosure is reasonably necessary to comply with an applicable law or regulation or if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is lawful, necessary or appropriate.

 

International Data Transfers

GR8 Entity is a global organisation having separate legal entities in many parts of the world and relying on an international infrastructure which usually results in global data flows. These flows may include countries around the world in which we have offices, access or host systems or where we conduct business, including countries located outside the European Economic Area.

Accordingly, we may share your personal data with other GR8 Entity entities, for which we have appropriate legal documentation in place, including safeguards.

On a case-by-case basis, we may also share your personal data with third parties. When relying on such third parties located outside the European Economic Area, we make sure to enter into the appropriate safeguards, such as:

• EU Standard Contractual Clauses,
• UK International Data Transfer Agreement or Addendum to the EU Standard Contractual Clauses,
• Ensuring the third party is certified to the Data Transfer Framework, and/or
• Similar clauses as may be required under Other Applicable Laws.

 

Cookies

Cookies are small text files that can be used by websites to make a user’s experience more efficient.  The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission. This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages. You can at any time change or withdraw your consent from the Cookie Declaration on our website.

 

Cookies on GR8 Entity website

This Website collects standard Internet log information including your IP address, browser type and language, geolocation, access times and referring website addresses. To ensure that our website is well managed and to facilitate improved navigation, we or our service provider(s) may also use cookies (small text files stored in a user’s browser) or Web beacons (electronic images that allow the website to count visitors who have accessed a particular page and to access certain cookies) to collect aggregate data.  Additional information on how we use cookies and other tracking technologies and how you can control these can be found in our cookie notice.

 

Your Choices

General– You may have the right to object to or opt out of certain uses of your personal information. ‍

Email Communications– If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. Note that you will continue to receive transaction-related emails regarding products or Services you have requested. We may also send you certain non-promotional communications regarding us and our Services, and you will not be able to opt out of those communications (e.g., communications regarding the Services or updates to our Terms of Service or this Privacy Policy). ‍

Mobile Devices– We may send you push notifications through our mobile application. You may at any time opt-out from receiving these types of communications by changing the settings on your mobile device. With your consent, we may also collect precise location information if you use our mobile applications. You may opt-out of this collection by changing the settings on your mobile device. ‍“Do Not Track” ‍Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers. ‍

Cookies and Interest-Based Advertising– You may stop or restrict the placement of Technologies on your device or remove them by adjusting your preferences as your browser or device permits. Please note that cookie-based opt-outs are not effective on mobile applications. However, you may opt-out of personalized advertisements on some mobile applications by following the instructions for Android and iOS. The online advertising industry also provides websites from which you may opt out of receiving targeted ads from data partners and other advertising partners that participate in self-regulatory programs. You can access these websites and learn more about targeted advertising and consumer choice and privacy, at www.networkadvertising.org/managing/opt_out.asp, http://www.youronlinechoices.eu/, https://youradchoices.ca/choices/, and www.aboutads.info/choices/. Please note you must separately opt out in each browser and on each device. ‍

 

Security of Personal Data

The security of your personal data is our priority. Taking into account the nature, scope, context, and purposes of each data processing, as well as the risks of varying likelihood and severity for your rights and freedoms, we implement all appropriate technical and organisational measures and policies to ensure the protection of your personal data and prevent any accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed by GR8 Entity.

Unfortunately, no system is 100% secure, and we cannot ensure or warrant the security of any information you provide to us. To the fullest extent permitted by applicable law, we do not accept liability for unauthorized disclosure.

By using the Services or providing personal information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Services. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on the Services, by mail or by sending an email to you.

Rights on your Personal Data

Data privacy laws around the globe may give you rights regarding your personal data. These rights may vary according to location and applicable law. However, they generally include the following:

• The right of access which allows you to access and receive a copy of the personal data we hold on you,
• the right to rectification which allows you to correct information we hold on you,
• the right to request erasure of your personal data,
• the right to restrict or object to the processing of your personal data in certain circumstances,
• where available, the right to data portability which allows you to obtain and reuse your personal data for your own purposes across different services,
• the right to limit the disclosure of data, request deindexation, opt out of sales or cross context behavioural advertising,
• the right to withdraw your consent at any time when the processing of your personal data is based on the collection of your consent, notably by clicking on the un-subscription link contained in communications sent by GR8 Entity and generated in response to your registration on GR8 Entity websites.

You can exercise these rights at any time by writing to GR8 Entity’s relevant local Data Protection Manager and/or to the Data Protection Officer as listed in the “Contact us” section below.

Please note that GR8 Entity does not sell personal information. However, if you wish to formally exercise your right to opt-out, please follow the process described below.

There can be circumstances whereby GR8 Entity has grounds to refuse your request, such as a right not being in your local legislation or the right being requested is not an absolute one. Should this occur, we will explain the reasons why your request was refused.

In accordance with applicable data protection regulation, if you have any concerns about our use of your personal data, you also have the right to lodge a complaint with a supervisory authority. However, we request that you contact us in the first instance so we can discuss and find a prompt resolution to any potential concerns you may have in relation to GR8 Entity’s privacy and data protection practices.

Supervisory Authority

If you are located in the European Economic Area or the United Kingdom, you have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal information violates applicable law. ‍

 

Retention of Personal Data

Your personal data are retained by us for the time strictly necessary to fulfil the purposes it was collected for and in accordance with the applicable data protection regulation or timelines recommended by supervisory authorities and/or to comply with our legal or contractual obligations.

Criteria we use to determine our retention periods include:

• Your last interaction with us, especially in relation to marketing,
• Whether the Personal Data is relevant and useful to the provision of our services,
• To satisfy financial or auditing requirements, limitation statues and relevant regulations or standards, and
• In accordance with country or sector specific laws.

When the relevant above criteria are met, your personal information will be permanently deleted, unless the personal data is being archived for research purposes or for the sole purpose of allowing their provision to the judicial authorities. In addition, we may anonymise your data for the purpose of producing statistical studies.

Changes to our Privacy Notice

We may modify or amend this Privacy Notice from time to time at our discretion. When we make changes to this Notice, we will amend the revision date at the top of this page. We encourage you to refer to this Privacy Notice often to get the latest information about our personal information practices.

Children’s Privacy Protection

We understand the importance of protecting children’s privacy in the interactive online world. This Website is not designed for or intentionally targeted at children 16 years of age or younger. It is not our policy to intentionally collect or maintain information about anyone under the age of 16. Therefore, if you are under 16, please do not attempt to register for the Services or send any personal data about yourself to us.

 

Contact Us