Privacy Policy
The following Privacy Policy governs the online information collection practices of GRCxperts (“Company,” “we” or “us”). It outlines the types of information that we gather about you while you are using our website https://GRCxperts.com/ (the “Site”) and the ways in which we use this information.
Purpose and scope
This notice generally describes the way in which GRCxperts process any personal information about you, that you have made available to us through your interactions with our website. This privacy notice also establishes how you can exercise your right to privacy and the reasonable safeguards GRCxperts takes to protect your personal information.
GRCxperts is responsible for the processing of your personal information as it decides why and how it is processed, thereby acting as the “Data Controller” or “Data Fiduciary” of such personal information as recognized under applicable Data Privacy laws.
If you access any third-party platform from our website, your personal information will be treated in accordance with the privacy notice of that platform. GRCxperts will not be responsible for any processing activities undertaken by platforms owned by third parties.
What personal information do we collect through this website?
We may collect personal information about you and store this information in connection with the provision and fulfilment of our services to you. Personal information may include:
- First name and last name
- Email address
- Organization
- Location
- IP Address
How we use your personal information
The above personal information may be used for the following purposes:
- To provide you with information about our offerings and/or our periodic newsletters
- To respond to your requests
- For creation or development of business intelligence or data analytics in relation to the Offerings provided by us (for this purpose we may share the Personal Information with certain software or tools available online)
- To manage our relationship with you
- For internal record keeping
- To improve our website
- To otherwise be able to provide the services to you and
- To comply with our legal or statutory obligations.
Who has access to your data within our organization?
Within our organization, access to your data is limited to those persons who require access to provide you with the Products and Services, which you purchase from us, to contact you, and to respond to your inquiries, including sales and marketing correspondence. Those staff members may be on teams such as: marketing, events, development, executive, customer support. Employees only have access to data that is relevant to their team, on a ‘need to know’ basis.
Who do we share your data with outside our organization and why?
Processors
We may use service providers & third parties for operating and improving the Sites, to assist with certain functions, such as payment processing, email transmission, conducting surveys or contests, data hosting, managing our ads, third-party solutions for marketing and analytics, and some aspects of our technical and customer support. We take measures to ensure that these service providers access, process, and store information about you only for the purposes we authorize, through the execution of Data Processing Agreements or Addenda.
Authorities
We may access, preserve, and disclose information about you to third parties, including the content of messages if we believe disclosure is in accordance with or required by, applicable law, regulation, legal process, or audits. We may also disclose information about you if we believe that your actions are inconsistent with our Terms of Service or related guidelines and policies, or if necessary to protect the rights, property, or safety of, or prevent fraud or abuse of, Company or others.
Transfer of business
If we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, personal information could be one of the assets transferred to or acquired by a third party.
Why and for how long do we store the information we collect from you?
We retain user data for as long as necessary for the purposes it was collected. This means that we retain different categories of data for different periods of time depending on the type of data, the category of user to whom the data relates to, and the purposes for which we collected the data.
Legal basis for processing your personal information
Legal Basis for processing your Personal Information before processing your personal information, we ask for your consent. Where your consent is not needed, we may rely on any or a combination of the following legal basis to process your personal information:
- the processing is necessary to take steps before entering a contract or to perform our contractual obligations towards you,
- the processing is necessary to comply with our legal or regulatory obligations,
- The processing is necessary for our legitimate interest and does not unduly affect your interests or fundamental rights and freedoms. When processing your personal information on this basis, we strive to maintain a balance between our legitimate interests and your privacy. Examples of data processing performed based on our legitimate interests include:
- Planning and improving our products and business,
- Responding to your queries and handling your requests,
- Managing our systems and networks,
- Protecting our rights and safety and/or that of our affiliates,
- Contacting you in case of misuse or fraudulent behavior on our website.
- The processing is necessary to protect yours or others’ vital interests.
- The process is necessary for reasons of substantial public interest, based on the applicable laws.
How do we protect your personal information?
We have implemented the appropriate technical and organizational measures to ensure your personal information remains protected. These measures have been designed to provide an adequate level of security, maintain confidentiality, and prevent unauthorized access to your personal information. The measures we implement meet industry standards and ensure that they protect your personal information in an appropriate manner that is required depending on the nature of the personal information.
Your rights under the European Union
You have certain rights if you are within the European Union this includes:
- Right to access: This right allows you to obtain a copy of your personal data, as well as other supplementary information.
- Right to restrict processing: You have the right to restrict the processing of your personal data in certain circumstances.
- Right to rectification: You have the right to have any incomplete or inaccurate information we hold about you corrected.
- Right to object to processing: The right to object allows you to stop or prevent us from processing your personal data. This right exists where we are relying on a legitimate interest as the legal basis for processing your Personal Data. You also have the right to object to where we are processing your Personal data for direct marketing purposes.
- Right to erasure: You have the right to ask us to delete or remove Personal data when the personal data is no longer necessary for the purpose which you originally collected or processed.
To exercise your rights, you can contact us at info@grcxperts.com
Your rights under the CCPA
Users who are California residents have certain rights under the California Consumer Privacy Act, (“CCPA”) included in these rights are:
- Right to know: You have the right to request more about the categories and specific pieces of personal information that we have collected about you and access a copy of your personal information.
- Right to deletion: You have the right to request deletion of personal information that we have collected about you.
- Right to non-discrimination: If you choose to exercise any of your rights under CCPA, we will treat you like all other users. In other words, there is no penalty for exercising your rights under CCPA.
- Right to opt-out: You have the right to opt-out of the sale of your personal information. We do not sell personal information. However, the Service Providers we partner with (for example, our advertising partners) may use technology on the Service that “sells” personal information as defined by the CCPA. If you wish to opt out of the use of your personal information for interest-based advertising purposes and these potential sales as defined under CCPA law, you may do so by following the instructions below. Please note that any opt out is specific to the browser you use. You may need to opt out of every browser that you use.
- Right to erasure: You have the right to ask us to delete or remove Personal data when the personal data is no longer necessary for the purpose which you originally collected or processed.
To exercise any of these rights under CCPA, please email info@grcxperts.com. To know more about your rights and how to exercise them visit our Data Subject Request Policy.
Our policy concerning children & their data
Our Sites does not provide services that are directed at children. Through this website, we do not request or knowingly collect or process any personal information of individuals under the age of majority in any country. If you have shared the personal information of anyone who will be considered a minor in your country, please reach out to us with a request for deletion through info@grcxperts.com. We will immediately remove this personal information from our databases.
Links to other websites
Our Sites may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.
Third parties are under no obligation to comply with this Privacy Policy with respect to Personal Data that you provide directly to those third parties or that those third parties collect for themselves. We do not control the third-party sites that may be accessible through our Services. Thus, this Privacy Policy does not apply to information you provide to third-party sites or gathered by the third parties that operate them.
Changes to this policy
Last Updated On: January 2025.
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. If we make any material change/s to the Policy, we will notify you via email, through a notification posted on the Services, or as required by applicable law. You can see when the Policy was last updated by checking the date at the bottom of this page. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective from when they are posted on this page.
Contact us
If you have any questions about this Privacy Policy or grievances relating to personal data processing, you can contact us at info@grcxperts.com