Privacy Policy for gsis360.com

1. Introduction

At gsis360.com (“we,” “our,” or “us”), we prioritize your privacy and are committed to protecting your personal data. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information in accordance with applicable data protection laws, including the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We maintain a privacy-first framework and strive to ensure transparency and accountability in our data practices. By using our website or engaging with our services, you acknowledge that you have read and understood the practices described herein.

2. Scope of the Policy and Data Controller Role

This Privacy Policy applies to visitors, users, and customers (“you” or “your”) who access gsis360.com or interact with us via email or other communications. We serve as the data controller for any personal data collected through our website, meaning we determine the purposes and means of processing your personal data. If you have questions regarding this policy or the handling of your data, you may contact us at [email protected].

3. Categories of Data We Process

We collect various categories of personal data to provide and improve our services. The types of data we process include:

a) Usage Data
We collect information relating to your interactions with gsis360.com, including IP address, browser type, device characteristics, pages visited, time spent on pages, and referring URLs.

b) Account Data
When you create or manage an account, we collect personal identifiers such as your full name, email address, phone number, and billing/shipping address.

c) Profile Data
We gather details about your account preferences, purchase history, and behavioral data, including how you interact with content or features on our site.

d) Communication Data
This includes any data you provide when contacting our support team, submitting forms, or interacting with us via email, including the content, date, and method of communication.

e) Technical Data
We collect device-specific data such as your operating system, hardware settings, software configurations, and unique device identifiers to enhance platform performance.

f) Transaction Data
We process payment and delivery-related data, such as billing information, payment methods, order history, and shipping details required for transactional purposes.

g) Preference Data
We collect information regarding your marketing preferences, product interests, and explicit consents granted for specific data uses (e.g., newsletters, promotions).

4. Legal Bases for Processing

We rely on the following lawful bases to process your personal data:

– Consent: Where you have given explicit and informed permission.
– Contractual Necessity: To fulfill contractual obligations or take steps at your request prior to entering into a contract.
– Legitimate Interests: For purposes essential to providing and improving our services while respecting your privacy rights.
– Legal Obligation: To comply with applicable legal requirements or to defend legal claims.

5. Your Rights

Subject to applicable laws, you have the following rights concerning your personal data:

– Right of Access: Request access to the data we hold about you.
– Right to Rectification: Correct inaccurate or incomplete personal data.
– Right to Erasure: Request deletion of your personal data when legally permissible.
– Right to Restriction: Limit the processing of your personal data in certain circumstances.
– Right to Data Portability: Receive your personal data in a commonly used format and transmit it to another controller.
– Right to Object: Object to data processing based on legitimate interests or direct marketing purposes.
– Right to Withdraw Consent: Revoke consent at any time where processing is based on consent.

To exercise any of the above rights, please contact us at [email protected]. We will respond to your request in accordance with applicable legal timelines.

6. Security Measures

We deploy robust security measures to protect your personal data from unauthorized access, disclosure, loss, or alteration. These measures include:

– Encryption of data in transit and at rest
– Role-based access controls and administrative safeguards
– Routine data backups and disaster recovery procedures
– Staff training and internal policies governing data protection

7. International Transfers

Your personal data may be transferred to, and processed in, countries outside the European Economic Area (EEA) or the country in which you reside. Where such transfers occur, we ensure appropriate safeguards are in place, such as the use of Standard Contractual Clauses approved by the European Commission. We also take reasonable steps to ensure data transferred internationally is treated in accordance with this Privacy Policy and applicable laws.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal and regulatory requirements. Specific retention periods include:

– Usage and Technical Data: 12 months
– Account and Profile Data: For the duration of your account and up to 6 years after termination
– Transaction Data: 7 years, in compliance with tax and audit obligations
– Communication Data: 3 years
– Preference Data: Until consent is revoked or account is terminated

When data retention is no longer necessary, your data will be securely deleted or anonymized.

9. Cookie Policy

gsis360.com uses cookies and similar technologies to enhance user experience, analyze traffic, and support site functionality. These cookies may include:

– Essential Cookies: Necessary for site operation, including authentication and session management.
– Functional Cookies: Enable personalization and save user preferences.
– Analytics Cookies: Help us understand user behavior through tracking and reporting (e.g., Google Analytics).
– Performance Cookies: Measure and improve website performance, including page loading speed and responsiveness.

10. Cookie Management and Compliance

In compliance with GDPR and CCPA, we provide users with granular cookie management controls via a cookie consent banner at site entry. You may adjust your cookie preferences at any time using our cookie settings panel. Additionally, you may manage cookies through your web browser settings. Under CCPA, you may also opt-out of the “sale” of personal data, if applicable, via designated links provided on gsis360.com.

11. Children Under 13

We do not knowingly collect or solicit personal data from children under the age of 13. If we become aware that we have inadvertently collected personal data from a child under 13, we will take steps to delete such data promptly. Parents or guardians who believe their child has provided us with personal data may contact us at [email protected].

12. Policy Updates and User Notifications

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in legal, regulatory, or operational requirements. Any material changes will be communicated via our website or directly to you, where appropriate. We recommend reviewing this policy periodically to remain informed about our privacy practices.

13. Contact Us

If you have any questions, concerns, or would like to exercise your rights under this policy, please contact our Data Protection Team at:

Email: [email protected]

We are committed to safeguarding your privacy and ensuring compliance with all applicable data protection laws and regulatory frameworks. Your trust is of the utmost importance to us.