Privacy Policy for GSIS360.com

1. Introduction

At GSIS360.com (“we,” “us,” or “our”), we prioritize your privacy and are committed to protecting and respecting your personal data. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you interact with our website or utilize our services. Our practices are guided by the principles of transparency, accountability, and privacy by design, and we remain compliant with applicable data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Scope of Policy and Data Controller Role

This Privacy Policy applies solely to personal data collected through GSIS360.com, including all associated subdomains and services. As the data controller under GDPR and the business under CCPA, we determine the purposes and means of processing your personal data.

Should you have any inquiries regarding data protection or wish to exercise your rights, please contact us at: [email protected].

3. Categories of Data Processed

We may collect and process the following categories of personal data:

a. Usage Data:

– IP address
– Browser type and version
– Time zone setting and location
– Referring website
– Pages viewed and duration
– Website navigation paths
– Date and time of access
– Session information and interaction data

b. Account Data:

– Full name
– Residential or business address
– Email address
– Telephone number
– Login details or credentials where applicable

c. Profile Data:

– Purchase history and order details
– Behavioral data from browsing and interactions
– User preferences
– Feedback and review submissions

d. Communication Data:

– Inquiries, support tickets, or any customer service interaction
– Records of correspondence via email, chat, or contact forms

e. Technical Data:

– Device information (model, OS, and other specifications)
– System configurations and settings
– Operating system and platform identifiers

f. Transaction Data:

– Billing details
– Payment method identifiers
– Delivery and shipping address
– Service subscription data

g. Preference Data:

– Marketing and communication preferences
– Product or service interests
– Consent records for subscriptions and outreach

4. Legal Bases for Processing

We process your personal data under the following lawful bases:

– Contractual necessity: Processing required to fulfill a contract or to take pre-contractual steps upon your request.
– Consent: Where required by law or as best practice, we rely on your freely given, specific, informed, and unambiguous consent.
– Legitimate interests: Processing necessary for our legitimate business purposes, provided that such interests do not override your fundamental rights and freedoms.
– Legal obligations: Processing necessary for compliance with applicable laws and regulatory frameworks.

5. Your Rights

Under GDPR, and subject to verification and applicable limitations, you have the following rights regarding your personal data:

– Right of Access: Obtain confirmation of whether your data is being processed and access a copy of such data.
– Right to Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure (‘Right to be Forgotten’): Request deletion of your data under specific circumstances.
– Right to Restrict Processing: Request limitation on processing under certain legal grounds.
– Right to Data Portability: Receive your personal data in a structured, commonly used format and transfer it to another controller.

California residents have additional rights under the CCPA, including:

– The right to know what categories and specific pieces of personal data we collect, use, disclose, or sell.
– The right to request deletion of your personal data.
– The right to opt-out of the sale of personal information, if applicable.
– The right to non-discrimination for exercising these rights.

To exercise your rights, please contact us at [email protected]. We will respond in accordance with applicable legal timeframes.

6. Security Measures

We implement robust administrative, technical, and organizational safeguards designed to protect your data:

– End-to-end encryption for sensitive communications and data transmission
– Access controls and role-based access management
– Secure password protocols and two-step authentication where appropriate
– Routine data backups and disaster recovery procedures
– Staff training on data protection responsibilities and cybersecurity best practices

7. International Data Transfers

Personal data we collect may be processed or stored in jurisdictions outside your country of residence. Where such transfers occur, we ensure adequate safeguards are in place in line with GDPR and other applicable laws, such as:

– Use of Standard Contractual Clauses (SCCs) approved by the European Commission
– Transfers to jurisdictions recognized as providing an adequate level of data protection
– Binding corporate rules or other valid mechanisms as permitted by law

8. Data Retention

We retain personal data only for as long as reasonably necessary to fulfill the purposes for which it was collected. Specific retention periods include:

– Usage Data: up to 12 months for analytics and performance evaluation
– Account and Profile Data: retained for the life of the account, and up to 7 years post-termination for legal compliance
– Communication Data: 3 years from final user contact
– Transaction Data: 7 years or as required by financial regulations
– Technical and Preference Data: deleted or anonymized after 12-24 months of inactivity

Upon expiration of these periods, data is securely destroyed or anonymized.

9. Cookie Policy

GSIS360.com utilizes cookies and related tracking technologies to enhance your online experience. These include:

– Essential Cookies: Necessary for website functionality and security (e.g., login, navigation).
– Functional Cookies: Support user preferences such as language or region.
– Analytics Cookies: Gather anonymous statistical data to optimize website performance.
– Performance Cookies: Measure load times and page functionality.

10. Cookie Management and Compliance

Upon visiting our website, you will be presented with a cookie consent banner in accordance with GDPR and CCPA requirements. You can manage your cookie preferences at any time via a cookie control interface accessible on the site or by adjusting your browser settings. We respect Global Privacy Control (GPC) signals and other valid opt-out mechanisms under CCPA.

11. Children’s Privacy

Our services are not designed for or intentionally targeted at children under the age of 13. We do not knowingly collect or solicit personal information from minors. If we become aware that we have inadvertently collected such data, it will be immediately deleted. Parents or guardians who believe their child has submitted personal information may contact us at [email protected].

12. Policy Updates and User Notifications

We may amend this Privacy Policy periodically to reflect changes in legal, regulatory, or operational requirements. Material changes will be notified to users through a prominent notice on the website or by direct communication where appropriate. Your continued use of GSIS360.com constitutes acceptance of the updated Policy.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact our Privacy Team at:

[email protected]

— — —

GSIS360.com is committed to full compliance with data protection regulations. We strive to provide transparency and accountability in all data practices. Please reach out to our team with any privacy concerns or for more information on how your information is protected.