PRIVACY STATEMENT
This privacy statement was last updated on August 31, 2023.
GMTA is committed to protecting your privacy. This privacy statement describes why and how we collect, use and disclose personal information collected from individuals themselves or from other third parties, and provides information about individuals’ rights with respect to their personal information. We may use personal information provided to us for any of the purposes described in the relevant section of this privacy statement or as otherwise stated at the point of collection.
Our goal is to process personal information as necessary for our legitimate business purposes in a transparent manner. If you have any questions regarding our privacy practices, please contact us as set forth in the Contact Us section below.
Please note that we are hosted by Squarespace, which has its own privacy statement and terms and conditions. We encourage you to review Squarespace’s policies before disclosing any personal information: https://www.squarespace.com.
OUR PROCESSING ACTIVITIES
BUSINESS CONTACTS
Information collection: We collect and use business contact details for individuals associated with existing and potential GMTA clients to manage and maintain our relationship with those individuals. Like most businesses, we use a customer relationship management system (the “GMTA CRM”) to store personal information about our business contacts. The collection of personal information about contacts and the addition of that personal information to the GMTA CRM is initiated by GMTA staff and may include name, employer name, title, phone, email and other business contact details. In addition, the GMTA CRM may collect data from GMTA email and calendar systems concerning interactions between GMTA staff and business contacts. When we send you emails, we may use technologies to determine whether the email has been opened and whether the links contained within the message have been clicked on. We may combine information collected through these means with other information we maintain about you to measure interest in our specific offerings and email campaigns, improve our offerings to specific target audiences, and tailor our interactions with you.
Information use: We use this information for the following business purposes:
Administering, managing and developing our business and services - We may process personal information to run our business, including:
§ managing our relationship with clients;
§ providing services and customer support to our clients;
§ developing our business and services, such as identifying client needs and improvements in service delivery and learning more about a client relationship opportunity that we have an interest in;
§ analyzing and evaluating the strength of interactions between GMTA and a contact;
§ performing analytics, including with regard to trends, relationship maps, sales intelligence, and progress against account business goals;
§ maintaining and using IT systems;
§ hosting or facilitating the hosting of events;
§ conducting surveys (e.g. benchmarking); and
§ administering and managing our website, systems, and applications.
Providing information about us and our range of services: Unless we are asked not to, we use client business contact details to provide information that we think will be of interest about GMTA and our services. For example, we may send you industry updates and insights, information about other services that may be relevant to you, and invites to events.
Please review the Individual rights section below for information about how you may unsubscribe from our mailing lists and exercise other rights.
Information retention: Personal information will be retained in the GMTA CRM for as long as we have, or need to keep a record of, a relationship with a business contact. Personal information may be held for longer periods where extended retention periods are required by law, regulation, or professional standards and to establish, exercise or defend our legal rights.
Information disclosure: We may disclose personal information as described in the Information disclosure section below.
Your California privacy rights: If you are a California resident, the following is additional information about our processing of personal information and your California privacy rights:
§ We have collected the following categories of personal information of our business contacts within the last twelve (12) months:
• Identifiers
• Personal information categories listed in the California Customer Records statute
• Professional or employment-related information
CORPORATE CLIENTS AND INDIVIDUALS ASSOCIATED WITH OUR CORPORATE CLIENTS
Our policy is to collect only the personal information necessary for agreed purposes, and we ask our clients only to share personal information with us when it is needed for those purposes. When we need to process personal information to provide our services, we ask our clients to provide the necessary information to the data subjects concerned regarding how GMTA will process that personal information, as our clients are typically in the appropriate position to communicate this information to the data subjects (e.g., our clients’ employees or our clients’ customers).
Information collection: Given the diversity of services we provide to clients, we process many categories of personal information, which may include:
Personal details (e.g., name, age/date of birth, gender, marital status, country of residence);
Contact details (e.g., email address, phone number, postal address);
Login credentials (e.g., email address or username, password);
Financial details (e.g., salary, payroll details and other financial-related details such as income, investments and other financial interests, benefits, tax status);
Survey or quiz responses;
Job details (e.g., role, grade, experience, performance information and other information about management and employees); and
For certain client engagements, we may process sensitive or special categories of personal information (such as government identification documents).
We generally collect such personal information from our clients or from third parties acting on the instructions of the client, but in limited cases may collect information directly from the data subjects or from publicly available sources, in each case on behalf of our clients.
Information use: We use the above personal information for the following business purposes:
Providing professional services and products: We provide a diverse range of professional services and products. Some of our services require us to process personal information to provide advice and deliverables. We may also seek feedback and opinions in surveys (e.g., benchmarking) or quizzes.
Security, quality and risk management activities: Personal information, such as client users’ login credentials, may be processed to administer and manage our websites, applications, and other online services that we make available to clients, including to confirm and authenticate identity and prevent unauthorized access. Please see the “Users of our websites and applications” section of this privacy statement for additional information about how such information may be used. Personal information may be processed as part of the security monitoring that we undertake to detect, investigate and resolve security threats. We monitor the services provided to clients for quality purposes and risk management purposes, which may involve processing personal information stored on the relevant client file. We collect personal information as part of our client engagement and acceptance procedures, including carrying out searches using publicly available and/or third party sources to help identify heightened risk individuals and organizations and check that there are no issues that would prevent us from working with a particular client, such as sanctions, criminal convictions, conduct or other reputational issues, including with respect to company directors.
Complying with any requirement of law, regulation or a professional body of which we are a member. As with any provider of professional services, we are subject to legal, regulatory and professional obligations. Subject to these obligations, and as described in the “Information retention” section, we need to keep certain records to demonstrate that our services are provided in compliance with those obligations, and those records may contain personal information.
We are continually looking for ways to help our clients and improve our business and services. Where agreed with our clients, we may use information that we receive in the course of providing professional services for other lawful purposes, including analysis to better understand a particular issue, industry or sector, provide insights to our clients, improve our business, service delivery and offerings and develop new GMTA offerings and technologies. To the extent that the information we receive in the course of providing professional services contains personal information, we will de-identify the information prior to using it for these purposes.
Information retention: We retain the personal information processed by us in accordance with the terms of our client agreements.
Information disclosure: We may disclose personal information as described in the “Information disclosure” section. In addition, we may disclose personal information to:
Third party organizations that assist us in providing services. On certain client engagements, pursuant to our agreements with such clients, we may engage or otherwise work with other providers to help us provide professional services to our clients.
Where we need to process personal information to provide professional services to our clients, we may include personal information in our deliverables, such as the reports we create.
Your California privacy rights: If you are a California resident, we may have processed the following categories of personal information in connection with such services within the last twelve (12) months:
• Identifiers
• Personal information categories listed in the California Customer Records statute
• Protected classification characteristics under California or federal law
• Commercial information
• Internet or other electronic network activity information
• Geolocation data
• Professional or employment-related information
• Inferences drawn from other personal information
• Sensitive personal information
INDIVIDUAL CLIENTS OF GMTA SERVICES
We may provide a separate privacy statement in connection with certain services provided to individuals, and where we do so, such privacy statement will apply to our processing of personal information in the performance of those services.
Generally, our policy is to collect only the personal information necessary for agreed purposes, and we ask our clients only to share personal information when it is needed for those purposes. When we need to process personal information relating to individuals other than our clients to provide our services, we ask our clients to provide the necessary information to other data subjects concerned, such as family members, regarding its use.
Information collection: Given the diversity of the services we provide to individual clients, we process many categories of personal information, including, as appropriate for the services we are providing:
• contact details (e.g., email address, phone number, postal address);
• business activities (e.g., job details, role, experience);
• family information (e.g., dependents and other household information);
• financial details (e.g., salary, payroll details and other financial-related details such as income, investments and other financial interests, benefits, tax status); and
• survey responses.
For certain services, and when permitted by law, we may also collect sensitive or special categories of personal information. Examples of sensitive or special categories include social security, driver’s license, state or national identification card, or passport numbers; certain financial account details; information revealing racial or ethnic origin, religious or philosophical beliefs, sexual orientation, union membership, or political opinions; health information; genetic data; biometric data; precise geolocation data; and criminal records. Generally, we collect personal information directly from our clients or from a third party acting on the instructions of the client.
Information use: We use personal information for the following business purposes:
Providing professional services – We provide a diverse range of professional services. Some of our services require us to process personal information to provide advice and deliverables.
Administering, managing and developing our businesses and services - We may process personal information to run our business, including: managing our relationship with clients; developing our businesses and services (such as identifying client needs and improvements in service delivery); maintaining and using IT systems; conducting surveys (e.g. benchmarking) or quizzes; hosting or facilitating the hosting of events; and administering and managing our website and systems and applications.
Security, quality and risk management activities – Personal information may be processed as part of the security monitoring that we undertake. We monitor the services provided to clients for quality purposes, which may involve processing personal information stored in the relevant client file. We have policies and procedures in place to monitor the quality of our services and manage risks in relation to client engagements. We collect and hold personal information as part of our client engagement and acceptance procedures, including carrying out searches using publicly available sources and third party sources, such as internet searches and sanctions lists to help identify heightened risk individuals and organizations and checking whether there are issues that should be considered in determining whether to work with a particular client, such as sanctions, criminal convictions, conduct or other reputational issues, including with respect to company directors.
Providing our clients and prospective clients with information about us and our range of services – With consent or otherwise in accordance with applicable law, we use client contact details to provide information that we think will be of interest about us and our services. For example, industry updates and insights, other services that may be relevant and invitations to events.
Complying with any requirement of law, regulation or a professional body of which we are a member – As with any provider of professional services, we are subject to legal, regulatory and professional obligations. Subject to these obligations, as described in the “Information retention” section, we need to keep certain records to demonstrate that our services are provided in compliance with those obligations and those records may contain personal information. We are continually looking for ways to help our clients and improve our business and services. Where agreed with our clients, we may use the information that we receive in the course of providing professional services for other lawful purposes, including analysis to better understand a particular issue, industry or sector, provide insights back to our clients, to improve our business, service delivery and offerings and to develop new GMTA offerings and technologies. To the extent that the information that we receive in the course of providing professional services contains personal information, we will de-identify the information prior to using it for these purposes.
Information retention: We retain the personal information processed by us for as long as is considered necessary for the purpose(s) for which it was collected. Personal information may be held for longer periods where extended retention periods are required by law, regulation, or professional standards and to establish, exercise or defend our legal rights.
Information disclosure: We may disclose personal information as described in the “Information disclosure” section. In addition, we may disclose personal information to:
Third party organizations that assist us in providing services – On certain client engagements, pursuant to our agreements with such clients, we may engage or otherwise work with other providers to help us provide professional services to our clients.
Our clients – Where we need to process personal information to provide professional services to our clients, we may include personal information in our deliverables (such as the reports we create).
Your California privacy rights: If you are a California resident, we may have collected the following categories of personal information of our individual clients within the last twelve (12) months:
• Identifiers
• Personal information categories listed in the California Customer Records statute
• Protected classification characteristics under California or federal law
• Commercial information
• Biometric information
• Internet or other electronic network activity information
• Geolocation data
• Professional or employment-related information
• Inferences drawn from other personal information
• Sensitive personal information
USERS OF OUR WEBSITES AND APPLICATIONS
This section describes our privacy practices with respect to https://www.officialgmta.com and other GMTA websites, applications and online services that link to this privacy statement (together referred to as the “Site”). We may provide a separate privacy statement in connection with certain websites and applications that we offer, and where we do so, such privacy statement will apply to our collection and use of personal information collected through such websites and applications.
For information about our collection and use of information, such as login credentials, that we process in order to provide client users with access to the websites, applications, and other online services that we make available to clients in connection with our professional services, please see the “Corporate clients” section of this privacy statement.
For information about our collection and use of information received as part of an application for employment submitted through our Site, please see the “Sourcing and recruitment of candidates” section of this privacy statement.
Information collection: When you access or otherwise use our Site, we will collect information about you and how you interact with our Site. We may collect information about you through: (1) information you provide; (2) automatic tracking technologies; and (3) third parties.
Information you provide: When you visit our Site, you may choose to provide information about yourself such as your name, address, email address, telephone number, fax number, job title, and company name. By way of example, you may choose to provide your information in the following circumstances: Subscription or ordering newsletters and/or publications; Participation in join our mailing list initiatives; Participation in bulletin boards, discussion, or message forums; Entering surveys (e.g., benchmarking) or quizzes; Registration for events and conferences; Registration for premium online services; Contacting us for further information; and Visiting our Site while logged into a social media platform.
Information use: We use the information we collect as described above for various purposes depending on the context in which we collected the information. For example, it may be necessary for us to process your information in order to process a transaction or provide a service you have requested or otherwise in accordance with a contract between us, or we may process your information in accordance with your prior consent (where you have provided such consent).
We also use the information we collect for the following business purposes:
• Operating and improving the Site;
• Fulfilling your orders and requests;
• Managing your registration preferences;
• Customizing the Site and your interactions with GMTA;
• Understanding how the Site is being used;
• Exploring ways to develop and grow our business;
• Maintaining and improving the safety and security of the Site;
• Preventing and enhancing protection against fraud, spam, harassment, intellectual property infringement, crime and security risks;
• Sending you renewal notifications and/or service notifications;
• Conducting customer satisfaction surveys;
• Improving our products and services;
• Running our operations;
• Complying with law and legal obligations;
• Responding to your inquiries; and
• Sending marketing communications about GMTA products, services, and events.
Information retention: We will retain the personal information collected by us through the Site for as long as is necessary for the purpose(s) for which it was collected as set out above, provided that personal information may be held for longer periods where extended retention periods are required by law, regulation, or professional standards, and in order to establish, exercise or defend our legal rights.
Information disclosure: We may disclose personal information as described in the “Information disclosure” section.
Third party sites: Our Site may link to other websites which do not operate under GMTA’s privacy practices. When you visit other websites, GMTA’s privacy practices no longer apply. We encourage you to review each site’s privacy policy before disclosing any personal information.
Children: GMTA understands the importance of protecting children’s privacy, especially in an online environment. The Site is not intentionally designed for or directed at children under the age of 18 years. It is GMTA’s policy never to knowingly collect or maintain personal information about children under the age of 18 in connection with the Site.
Your choices: Should you wish to unsubscribe from our mailing list or any registrations, we will provide instructions in the appropriate area of the Site or in communications to you. If you are concerned about cookies, most browsers permit individuals to decline cookies. In most cases, you may refuse or delete one or more cookies and still access our Site, but Site functionality may be impaired. After you finish browsing our websites, you may delete Site cookies from your system if you wish. Do not track (“DNT”) is a privacy preference that you can set in your web browser to send a message to the website operator requesting not to be tracked. For more information about DNT, visit https://allaboutdnt.com. For information about other rights you may have under applicable law, please see the “Individual rights” section of this privacy statement.
Your California privacy rights: If you are a California resident, we may have collected the following categories of personal information of our website and application users within the last twelve (12) months:
• Identifiers
• Personal information categories listed in the California Customer Records statute
• Internet or other electronic network activity information
• Professional or employment-related information
SOURCING AND RECRUITMENT OF CANDIDATES
We collect and use personal information in connection with our sourcing activities and recruitment. Should your formal application result in being extended and accepting an opportunity to join the firm, you will also be presented with privacy statements during the onboarding process. Please review those privacy statements for information about how GMTA processes personal information in connection with recruitment and onboarding.
When providing information through the careers webpage on our Site, please see the “Users of our Websites and Applications” section of this privacy statement for additional information about the collection and use of your information.
Information collection: we may collect the following personal information from you:
• Contact details (e.g., name, email, telephone number);
• Education, academic and professional qualifications;
• Employment history;
• Your responses to surveys and quizzes, if you choose to participate;
• Areas of interest and specialized knowledge/subject matter; and
• Other information included on your resume/CV that you choose to submit.
• We may also obtain the following personal information about you from third party sources:
§ Social media profile information, if you choose to provide us with a link to your profile page; and
§ Information from social media sites of which you are a member, specific to your engagement with our recruitment campaigns.
Information use: We use such personal information for the following business purposes:
§ To evaluate you for open positions that match your interests and experience throughout the GMTA network, manage your talent profile, send you email notifications, surveys, quizzes, and other announcements, request additional information or otherwise contact you regarding recruitment, events, thought leadership, or other opportunities we believe may be of interest to you.
§ To conduct statistical analyses and create reports, including regarding use of our careers websites, reports on GMTA recruitment activities, analyses of candidate sourcing channels, and other requirements under US laws and regulations.
§ To administer and manage our careers websites and communicate with you about careers at GMTA.
§ Any other purposes stated when you provide the information to GMTA.
Please review the “Individual rights” section for information about how you may unsubscribe from our mailing lists and exercise other rights.
Information retention: We retain the personal information processed by us for as long as is considered necessary for the purpose(s) for which it was collected. Personal information may be held for longer periods where extended retention periods are required by law, regulation, or professional standards and in order to establish, exercise or defend our legal rights.
Information disclosure: We may disclose personal information as described in the “Information disclosure” section.
Your California privacy rights: If you are a California resident, please refer to the separate privacy statements presented to you during the recruitment and, if applicable, onboarding processes for information on the collection and processing of your personal information.
The following applies to information we collect as part of our sourcing activities. We have collected the following categories of personal information of our candidates and talent contacts within the last twelve (12) months:
• Identifiers
• Personal information categories listed in the California Customer Records statute
• Protected classification characteristics under California or federal law
• Internet or other electronic network activity information
• Professional or employment-related information
• Sensitive personal information (such as social security, driver’s license, state identification card, or passport number, and information that reveals racial or ethnic origin, religious or philosophical beliefs) GMTA does not use or disclose such sensitive personal information for purposes other than those specified in section 7027, subsection (m) of Title 11, Division 6, Chapter 1 of the California Code of Regulations.
SUPPLIERS INCLUDING SUBCONTRACTORS AND INDIVIDUALS ASSOCIATED WITH OUR SUPPLIERS AND SUBCONTRACTORS
Information collection: We collect and process personal information about our suppliers (including subcontractors and individuals associated with our suppliers and subcontractors) in order to manage our relationships with our suppliers, to receive services from our suppliers, and, where relevant, to provide professional services to our clients. The personal information we process about our supplier contacts is generally business card information and includes name, employer, phone number, email and other business contact details, and the communications with us.
Information use: We use such personal information for the following business purposes:
§ Receiving services: We process personal information in relation to our suppliers and their staff as necessary to receive the relevant services. For example, where a supplier is providing us with outsourced services, we will process personal information about those individuals that are providing services to us.
§ Providing professional services to clients: Where a supplier is helping us to deliver professional services to our clients, we process personal information about the individuals involved in providing the services in order to administer and manage our relationship with the supplier and the relevant individuals and to provide such services to our clients (for example, where our supplier is providing people to work with us as part of a GMTA team providing professional services to our clients).
§ Administering, managing and developing our businesses and services: We may process personal information in order to run our business, including: managing our relationships with suppliers; developing our businesses and services (such as identifying client needs and improvements in service delivery); maintaining and using IT systems; conducting surveys; hosting or facilitating the hosting of events; and administering and managing our website and systems and applications.
§ Complying with any requirement of law, regulation or a professional body of which we are a member: As with any provider of professional services, we are subject to legal, regulatory and professional obligations. We need to keep certain records to demonstrate that our services are provided in compliance with those obligations and those records may contain personal information.
Information retention: Personal information will be retained about our contacts at our suppliers for as long as it is necessary for the purposes set out above (e.g., for as long as we have, or need to keep a record of, a relationship with a contact, which is for the duration of our relationship with a contact or their organization). Personal information may be held for longer periods where extended retention periods are required by law, regulation, or professional standards and in order to establish, exercise or defend our legal rights.
Information disclosure: We may disclose personal information as described in the “Information disclosure” section.
Your California privacy rights: If you are a California resident, we have collected the following categories of personal information of our suppliers (including subcontractors and individuals associated with our suppliers and subcontractors) within the last twelve (12) months:
• Identifiers
• Personal information categories listed in the California Customer Records statute
• Professional or employment-related information
ATTENDEES OF GMTA EVENTS
We may collect personal information from attendees and participants of GMTA-sponsored events as described below. Unless separate privacy terms are provided to the attendee or participant at or in connection with the event, any personal information collected will also be treated in accordance with the section of this privacy statement that applies based on the attendee’s or participant’s relationship with GMTA (e.g., business contact, client contact, supplier contact, job applicant). In addition, with respect to virtual events, please see the “Users of our websites and applications” section of this privacy statement.
Information collection and use: When we collect personal information in connection with GMTA-sponsored events, such information is provided directly and voluntarily by or on behalf of the attendee or participant and includes the individual’s business card information and other personal information specific to the event and any accommodations. We use such information to manage registration, attendance and participation at the relevant GMTA-sponsored event. We may also take photographs in public areas at our events and we may use these in our marketing materials.
Information retention: Personal information will be retained about our event attendees and participants for as long as we have, or need to keep a record of, a relationship with such individuals. Personal information may be held for longer periods where extended retention periods are required by law, regulation, or professional standards and in order to establish, exercise or defend our legal rights.
Information disclosure: We may disclose personal information as described in the “Information disclosure” section. In addition, where we are co-sponsoring an event, we may disclose your information to the other organization(s) sponsoring or organizing the event. For certain events we may also circulate participant lists amongst participants or event organizers.
Your California privacy rights: If you are a California resident, we have collected the following categories of personal information of our event attendees within the last twelve (12) months:
§ Identifiers
§ Personal information categories listed in the California Customer Records statute
§ Internet or other electronic network activity information
§ Professional or employment-related information
OTHERS WHO GET IN TOUCH WITH US
We collect personal information (such as name, contact details and contents of the communication) when an individual gets in touch with us with a question, complaint, comment, survey response or other feedback. In these cases, we will only use the information for the purpose of responding to and keeping a record of the communication. We may disclose personal information as described in the “Information disclosure” section.
Your California privacy rights: If you are a California resident, we have collected the following categories of personal information from individuals who have contacted us within the last twelve (12) months:
• Identifiers
• Personal information categories listed in the California Customer Records statute
• Any other category of personal information that an individual chooses to include in a communication to us
SECURITY
GMTA has implemented generally accepted standards of technology and operational security designed to protect personal information from loss, misuse, alteration or destruction. Only authorized GMTA personnel and the third parties described in this privacy statement are provided access to personal information and these employees and third parties have agreed to maintain the confidentiality of this information. Please note that in the unlikely event that we might need to contact you about a matter involving your personal information, we may email you about the matter.
CROSS-BORDER TRANSFER
We are a global firm and we use third parties located in other countries to help us run our business. As a result, personal information may be transferred outside the countries where we and our clients are located. This includes transfers to countries outside the European Economic Area (“EEA”) and to countries that may not have laws that provide the same degree of protection for personal information as your home country. In accordance with applicable legal requirements, we take appropriate measures to facilitate adequate protection for any information so transferred.
INFORMATION DISCLOSURE
We will only disclose personal information to others for a business purpose and when we are legally permitted to do so. When we disclose information to others, we put contractual arrangements and security mechanisms in place as appropriate to protect the information and to comply with our information protection, confidentiality and security standards.
In addition to any information disclosure practices described in the relevant section under “Our processing activities”, we disclose personal information to the following categories of recipients:
• Third party organizations that provide applications/functionality, data processing or IT services to us. We use third parties to support us in providing our services and to help provide, run and manage our internal IT systems. For example, providers of information technology, cloud-based software-as-a-service, identity management, website hosting and management, data analysis, data back-up, security and storage services. The servers powering and facilitating that cloud infrastructure are located in data centers around the world, and personal information may be stored in any one of them.
• Auditors, professional advisors and insurers. We engage auditors and other professional advisors, for example, law firms, as necessary to establish, exercise or defend our legal rights and obtain advice in connection with the running of our business. Personal information may be disclosed to these auditors and other advisors as necessary in connection with the products and services they have been engaged to provide. We may need to disclose personal information to our insurer, for example, in the event of a claim.
• Law enforcement or other government and regulatory agencies or other third parties as required by applicable law or regulation. Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal information, such as to check that we are complying with applicable law and regulation, to investigate an alleged crime, to establish, exercise or defend legal rights. We will only fulfill requests for personal information where we are permitted to do so in accordance with applicable law or regulation.
• Third party organizations in connection with a corporate transaction. We may disclose personal information to a third party as necessary in connection with a corporate reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or capital.
INDIVIDUAL RIGHTS
Unsubscribe: Should you wish to unsubscribe from our mailing list or any registrations, we will provide instructions in the appropriate area of the Site or in communications to you.
Individual privacy rights: In certain circumstances under applicable law, you may have the right to access your personal information, (including in a portable format if so requested), to correct your personal information, to delete your personal information, and/or to opt out of the sale of your personal information. To submit a request relating to any of these rights, please contact us by e-mail or postal mail which details are under the Contact Us section. We will respond to your request within a reasonable timeframe in accordance with applicable law. We hope that you won’t ever need to, but if you do want to complain about our use of personal information, please send us a message with the details of your complaint by e-mail or postal mail which details are under the Contact Us section. Applicable laws may also give you the right to lodge a complaint with the data protection authority in your country.
California privacy rights: If you are a California resident, this section describes the rights of California residents under California law and explains how to exercise those rights.
Right to know: If you are a California resident, under certain circumstances in accordance with applicable law, you have the right to request that we disclose to you specific details about your personal information that we have collected, used, disclosed, sold and/or shared over the past 12 months and/or a copy of your personal information. These details include: (1) the categories of personal information we have collected about you; (2) the categories of sources from which the personal information is collected; (3) the business or commercial purpose(s) for collecting, selling or sharing personal information; (4) the categories of third parties to whom we disclose personal information; and (5) if requested, the specific pieces of personal information we have collected about you.
Right to correct: If you are a California resident, under certain circumstances and in accordance with applicable law, you have the right to request that we correct inaccuracies in your personal information.
Right to delete: If you are a California resident, under certain circumstances in accordance with applicable law, you have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. California consumers who are registered users of our websites and applications and under 18 years of age may request the removal of content or information they posted on the site. We will remove such content or information when we are required to do so by law. To request the removal of content or information you posted on the websites and applications, you may contact us as described below. Please note that even if we remove the content or information that you posted, we cannot prevent further use or disclosure of that content or information by others once you have shared it publicly.
Submitting a request to know, correct, or delete: To exercise the rights described above, you may contact us as described below. You must provide us with the following information: (1) first and last name; (2) email address; and (3) mailing address and zip code. We will take steps to verify your request by matching the information provided by you with the information we have in our records. In some cases, we may request additional information in order to verify your request or, where necessary, to process your request. If we are unable to adequately verify a request, we will notify the requestor.
Once we receive your request, we will acknowledge it and either respond in accordance with law, ask for additional information to verify your identity, clarify the nature of your request, let you know if we need more time, let you know if we need to charge a fee (such as if requests are manifestly unfounded or excessive, in particular because of their repetitive character, taking into account the administrative costs of providing the information or communication or taking the action requested), or we will inform you if we cannot fulfill any part of your request due to an exception under the law.
If we know that your request relates to information we process as a service provider to one of our corporate clients, we will forward your request to the relevant client and cooperate with that client as needed to address your request and/or inform you that your request should be submitted directly to the business on whose behalf we process the information.
Information sale/sharing and the right to opt-out of sale/sharing: Under California law, a “sale” includes disclosing or making available personal information to a third party (other than a service provider or contractor) in exchange for monetary or other valuable consideration, and “sharing” includes disclosing or making available personal information to a third party for cross-context behavioral advertising.
In most cases, GMTA does not sell or share personal information, and in no circumstances do we sell or share personal information we collect from our clients, business contacts, personnel, sourcing and recruitment applicants, independent contractors, website and application users, event attendees, or others who get in touch with us. GMTA does not sell or share the personal information of minors that it knows are under 18 years of age.
GMTA does offer certain services that involve the provision of information to our clients in a manner that may be deemed a “sale” or “sharing” under applicable law. For more information about our processing and sale/sharing of personal information in connection with such offering, please see the following:
§ Information collection: To provide the services, we receive information from data providers and our clients, and we may generate information as well, in each case as described below:
§ Information from data providers - We may receive information about consumers from third party data providers. The information we receive includes: identifiers such as names and addresses; personal information categories listed in the California Customer Records statute such as names, addresses, and similar identifiers; protected characteristics such as age, gender, ethnicity, religion, marital status; commercial information such as purchasing history; internet or other electronic network activity information; geolocation data relating to postal address; professional or employment-related information such as occupation; education information such as education level obtained; inferences about consuming preferences and behaviors; and sensitive personal information, namely ethnicity, religion and political affiliations.
§ Information from our clients - We may receive information from our clients and third parties acting on behalf of our clients regarding individuals’ previous transactions and other interactions with their business, including via their websites and mobile applications. This may include identifiers, such as names, addresses and other contact information; internet and digital activity information, such as browsing history and information regarding a consumer’s interaction with a website or mobile app; commercial information, including information about previous transactions, such as whether a consumer has previously purchased products or services from our client; and other information that our clients maintain in their customer relationship management databases or have otherwise acquired. We may combine the information we receive from our client with other information that we receive from our data providers in order to provide the services to that specific client. Please note that this privacy statement does not apply to the practices of our clients. We encourage individuals to review the privacy notices of the businesses with whom they interact online and offline.
§ Inferences, Audiences and Insights - We may generate inferences about likely consumer behaviors, interests, attitudes, and preferences through data modeling and machine learning and create audiences and insights based on such inferences as well as the information we receive from the relevant client.
§ Information use: We use the information described above for the following purposes:
§ To create audience segments and insights - As part of the services we provide to our clients as described in more detail below, we use the information we receive and collect to create inferences about consumers’ likely commercial preferences through data modeling.
§ To provide the services to our clients - Our clients may then use the information we provide to them to personalize and more effectively tailor their advertising and marketing campaigns to existing and prospective customers as well as to analyze the effectiveness of these advertising and marketing campaigns. While we may use data modeling and from time to time machine learning technologies to create the inferences, audiences, and insights that we provide to our clients as part of the services, our services are not permitted to be used to make any decisions that would have a legal or similarly significant effect on individuals.
§ To improve our services - We are continually looking for ways to help our clients and improve our business and services. Where agreed with our clients and data providers, we may use information that we receive from them for other lawful business purposes, including analysis to better understand a particular issue, industry or sector, provide insights to our clients, improve our business, service delivery and offerings and develop new technologies and offerings. To the extent that the information we collect from or on behalf of our clients in the course of providing professional services contains personal information, we will comply with the terms of our relevant services agreement.
§ To comply with law and legal obligations - As with any provider of professional services, we are subject to legal, regulatory and professional obligations. We may use the information we receive and collect in connection with the services as required by law, regulation, professional obligation, or other similar obligation.
§ Information disclosure: We disclose the information we process in connection with the services as described in the Corporate clients section.
§ Information sale/sharing: as described above, as part of the services, we provide certain personal information to our clients, in a manner that may be deemed a sale or sharing under applicable law. The categories of personal information sold to or shared with such clients in the preceding twelve (12) months are the information categories described under “Information from data providers” and “Inferences, audiences, and insights” above. We provide information to our clients in this manner in order to provide the services to our clients.
In certain circumstances under applicable law, you may have the right to opt out of the sale/sharing of their personal information in connection with the above offering. To exercise such right, please submit a request to us by contacting us at the details under the Contact Us section. We will need the following information about you to process your request: (1) first and last name; (2) email address; and (3) mailing address and zip code.
You may use an authorized agent to submit an opt-out request on your behalf if you have provided the authorized agent signed permission to do so. We may deny an opt-out request from an agent that does not submit proof that they have been authorized to act on your behalf or if we reasonably believe that the request is fraudulent. Otherwise, we will fulfill your request within a reasonable timeframe in accordance with applicable law.
Right to limit the use and disclosure of sensitive personal information: Subject to certain conditions and exceptions, you may have the right to limit the use and disclosure of “sensitive personal information,” as defined under California law. Under California law, “sensitive personal information” includes information that reveals a consumer’s social security, driver’s license, state identification card, or passport number; certain financial account details allowing access to such account; precise geolocation; racial or ethnic origin, religious or philosophical beliefs, or union membership; genetic data; as well as certain processing of biometric information, health information, and sexual life/orientation information.
It is possible that we may process sensitive personal information in our role as a service provider to our clients. In certain circumstances under applicable law, you may have the right to limit the use and disclosure of your sensitive personal information in connection with the above offering. To exercise such right, please submit a request to us by using our contact details found under the Contact Us section. We will need the following information about you to process your request: (1) first and last name; (2) email address; and (3) mailing address and zip code. You may use an authorized agent to submit an opt-out request on your behalf if you have provided the authorized agent signed permission to do so. We may deny an opt-out request from an agent that does not submit proof that they have been authorized to act on your behalf or if we reasonably believe that the request is fraudulent. Otherwise, we will fulfill your request within a reasonable timeframe in accordance with applicable law. As of the date of this notice, with the exception of the above offering, GMTA does not use or disclose sensitive personal information it collects for purposes other than the following:
§ To perform the services or provide the goods reasonably expected by an average consumer who requests our goods or services.
§ To prevent, detect, and investigate security incidents that compromise the availability, authenticity, integrity, or confidentiality of stored or transmitted personal information.
§ To resist malicious, deceptive, fraudulent, or illegal actions directed at the business and to prosecute those responsible for those actions.
§ To ensure the physical safety of natural persons.
§ For short-term, transient use, including, but not limited to, nonpersonalized advertising shown as part of a consumer's current interaction with GMTA.
§ To perform services on behalf of GMTA. For example, for maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services.
§ To verify or maintain the quality or safety of a product, service, or device that is owned, manufactured, manufactured for, or controlled by GMTA, and to improve, upgrade, or enhance the service or device that is owned, manufactured by, manufactured for, or controlled by us.
§ To collect or process sensitive personal information where the collection or processing is not for the purpose of inferring characteristics about a consumer.
Non-discrimination: In accordance with applicable law, we will not discriminate against you for exercising any of your privacy rights.
Authorized agent: You may designate someone as an authorized agent to submit requests and act on your behalf. The authorized agent must provide us with proof that it has your signed permission to act on your behalf.
California consumer request metrics: If you would like information about the number of requests submitted by California consumers, you may send a request to us at the contact details described below.
CHANGES TO THIS PRIVACY STATEMENT
GMTA may update this privacy statement at any time by publishing an updated version here. You can access the most current version of this privacy statement at any time on this site.
TRANSLATION
If this Agreement or any other GMTA content is translated into a language other than English, and if the translated version is different from the English language version, the English language version will take precedence.
CONTACT US
If you have questions about this privacy statement or about our privacy practices, please contact us by e-mail or postal mail.
E-mail: info@officialgmta.com
Postal Mail:
8409 Lee Highway
Unit 2946
Merrifield, VA 22116
United States