Privacy Policy

Last revision: March 2, 2022

We value your privacy. This policy explains how GridMatrix processes the personal data of individuals who contact us, use our websites or services, or otherwise interact with us. If you do not agree with this policy, do not access or use our website or services without speaking with us.

Changes to this policy will be posted from time to time on our website. Your continued use of our website or services after we post such changes will amount to your acknowledgement of the amended policy.

As described below, your personal data may be collected and used by GridMatrix, and certain third parties.

What is personal data?

“Personal data” means any information relating to a directly or indirectly identified or identifiable natural person, known as ‘data subject’ and may include name, address, email address, phone number, IP address, location data, cookies, call recording and similar information. It may also include “special categories of personal data” such as racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a data subject, data concerning health or data concerning a natural person’s sexual orientation.

What personal data do we process?

We may process the following personal data:

Information provided by you. You may give us information about you by filling in forms such as the contact form on our website or applications for employment, or corresponding with us by e-mail, phone or otherwise. This information may include your name, mailing address, email address, employer, job title and department, telephone number, the content of any email you send to us and other personal identifying information.

Information about others. You may also provide to us personal data relating to third parties, such as people who you work with, industry partners, and other individuals. Information about third parties should only be provided if you have permission to do so or if the information is publicly-available.

Information about your device. With regard to each of your visits to our website we may collect technical information about your device. This information is compiled and analyzed on both a personal and an aggregated basis. This information may include the Web site’s Uniform Resource Locator (“URL”) that you just came from, which URL you go to next, what browser you are using, and your Internet Protocol (“IP”) address. A URL is the global address of documents and other resources on the World Wide Web. An IP address is an identifier for a computer or device on a Transmission Control Protocol/ Internet Protocol (“TCP/IP”) network, such as the World Wide Web. Networks like the World Wide Web use the TCP/IP protocol to route information based on the IP address of the destination. In other words, an IP address is a number that is automatically assigned to your computer whenever you are surfing the web, allowing web servers to locate and identify your computer. Computers require IP addresses in order for users to communicate on the Internet.

Information from third party sources This may include information received from our service providers and other third parties providing us with your information which is publicly available or collected by them. Generally, you are under no obligation to provide this information, but without it, we may be unable to provide you with some of our services. Some personal data will be mandatory in order for us to comply with mandatory client due diligence processes before we are able to provide services. We do NOT collect sensitive personal data of website users such as physical, physiological and mental health condition, sexual orientation, medical records and history and biometric information. We will rely on the information provided by you as accurate, complete and up to date and you agree to ensure that this will be the case. You must be at least 18 years old to have our permission to use this site. We do not knowingly collect, use or disclose Personal data about visitors that are under 18 years of age.

Payment Information We collect payment and billing information when you register for certain paid services. For example, we ask you to designate a billing representative, including name and contact information, upon registration. You might also provide payment information, such as payment card details, which we collect via secure payment processing services.

How do we use your personal data?

We will only process personal data, in accordance with applicable law, for the following purposes:

- Responding to your queries, requests and other communications

- Providing services (including our website) and related features.

- Resolving disputes, troubleshooting problems and enforcing our agreements with you.

- Enabling suppliers and service providers to carry out certain functions on our behalf in order to provide the services. These third party service providers have access to personal data needed to perform their functions but may not use it for other purposes. We do not sell, rent, share, or otherwise disclose personal data from customers for commercial purposes.

- Providing newsletters to which you subscribe

- Participating in discussion forums

- Diagnosing problems with our servers, software, to administer our site, to gather demographic information and to track visitors to our website

- Sending you opt-in personalized marketing communications

- Serving personalized advertising to your devices, based on your interests in accordance with our Cookie Statement. You have the right to disable cookies as set out in Cookie statement.

- Complying with applicable law, including in response to a lawful request from a court or regulatory body.

The legal basis for our processing of personal data for the purposes described above will typically include:

- processing necessary for our or a third party’s legitimate interests to ensure that services are provided properly,

- your consent,

- processing necessary for compliance with a legal obligation to which we are subject, and

- any other applicable legal grounds.

Disclosure of personal data
There are circumstances where we may wish to disclose or are compelled to disclose your personal data to third parties. These scenarios include disclosure to:

  • our affiliates and subsidiaries;
  • our service providers who capture and store data collected through the forms that are filled by visitors to our website;
  • subject to appropriate legal basis such as consent, our advertising and marketing teams who enable us, for example, to deliver personalized ads to your devices or who may contact you by email, telephone, SMS or by other means;
  • our service partners to operate our website and better serve the visitors to our website:
  • payer, such as your employer, who pays for our products and services;
  • public authorities where we are required by law to do so; and
  • other third parties where you have provided your consent.

The service providers are contractually bound not to share Personal data collected from visitors to our website with anyone else.

Security Practices

At our site you can be assured that your Personal data is secure and consistent with current industry standards. The importance of security for all Personal data associated with our user is of utmost concern to us. We do not do any transmission of the Personal data collected through our website. Our service partners, who assist us in capturing and storing Personal data, are contractually bound not to share that information with any other party. Our company has a requisite information security policy in place with appropriate managerial, technical, operational and physical security control measures to protect the personal and non-personal information that is collected from website users.

Unfortunately, no data transmission over the Internet or any wireless network can be guaranteed to be 100% secure. As a result, while we strive to protect your Personal data, you acknowledge that:

  • there are security and privacy limitations of the Internet which are beyond our control;
  • the security, integrity and privacy of any and all information and data exchanged between you and us through this site cannot be guaranteed; and
  • any such information and data may be viewed or tampered with in transit by a third party.

Retention of personal data

We retain personal data for as long as is necessary for the purposes listed above or longer as may be required by the law or as per the client requirement. Please contact us for further details of applicable retention periods.

The California Consumer Privacy Act

Under the California Consumer Privacy Act (‘CCPA’), California residents have certain rights regarding the personal information that businesses have about them. This includes the rights to request access or deletion of your personal information, as well as the right to direct a business to stop selling your personal information.

How We Collect Your Personal Information

We collect identifiers and commercial information directly from you. We collect Internet or other electronic network activity from your usage of the GridMatrix website and its services.

With Whom We Share and Sell Your Personal Information

GridMatrix shares personal information as necessary for certain “business purposes,” as defined by the CCPA (Cal. Civ. Code 1798.140(d)). This includes sharing identifiers, commercial information and internet or other electronic network activity with providers of service to customer relationship management, consulting, email, product feedback and helpdesk services. While GridMatrix does not sell personal information in exchange for any monetary consideration, we do share personal information for other benefits that could be deemed a “sale,” as defined by the CCPA (Cal. Civ. Code 1798.140(t)(1)). This includes sharing identifiers, commercial information and internet or other electronic network activity with advertising networks, website analytics companies.

Data subject rights

Data subjects may have numerous rights in relation to their personal data.

Right to make a subject access request (SAR):  Data subjects may request in writing copies of their personal data. However, compliance with such requests is subject to certain limitations and exemptions and the rights of other individuals. Each request should make clear that a SAR is being made. You may also be required to submit a proof of your identity and any payment permitted by law, where applicable.

Right to make a subject access request (SAR):  Data subjects may request in writing copies of their personal data. However, compliance with such requests is subject to certain limitations and exemptions and the rights of other individuals. Each request should make clear that a SAR is being made. You may also be required to submit a proof of your identity and any payment permitted by law, where applicable.

Right to rectification:   Data subjects may request that we rectify any inaccurate or incomplete personal data.

Right to withdraw consent:  Data subjects may at any time withdraw their consent to the processing of their personal data carried out by us on the basis of their previous consent. Such withdrawal will not affect the lawfulness of processing based on such previous consent.

Right to object to processing including automated processing and profiling:   We do not make automated decisions about data subjects. However, we may rely on information provided by third parties such as credit reference agencies which may score data subjects on the basis of automated decisions. Profiling may be carried out for business administration purposes, such as monitoring trends in User visits of our website and in order to deliver relevant ads to Users’ devices. We will comply with valid objection requests unless we have a compelling overriding legitimate ground for the continuation of our processing or we have another lawful reason to refuse such request. We will comply with each valid opt-out request in relation to marketing communications.

Right to erasure:   Data subjects may request that we erase their personal data. We will comply, unless there is a lawful reason for not doing so. For example, there may be an overriding legitimate ground for keeping the personal data, such as, our business record retention obligations that we have to comply with.

Restriction:   Data subjects may request that we restrict our processing of their personal data in various circumstances. We will comply, unless there is a lawful reason for not doing so, such as, a legal obligation to continue processing your personal data in a certain way.

Right to data portability:   In certain circumstances, data subjects may request the controller to provide a copy of their personal data in a structured, commonly used and machine-readable format and have it transferred to another provider of the same or similar services. We do not consider that this right applies to our Services. However, to the extent it does, we will comply with such transfer request. Please note that a transfer to another provider does not imply erasure of the data subject’s personal data which may still be retained for legitimate and lawful purposes.

Right to lodge a complaint with the supervisory authority:   We suggest that data subjects contact us about any questions or complaints in relation to how we process their personal data. However, each data subject has the right to contact the relevant supervisory authority directly.

Right to Non-Discrimination –   GridMatrix will not discriminate against you (e.g., through denying goods or services, or providing a different level or quality of goods or services) for exercising any of the rights afforded to you.

Right to Opt-out of Sale –   While GridMatrix does not sell personal information in exchange for any monetary consideration, we do share personal information for other benefits that could be deemed a “sale,” as defined by the CCPA (Cal. Civ. Code 1798.140(t)(1)). We support the CCPA and wish to provide you with control over how your personal information is collected and shared.

You have the right to direct GridMatrix to not sell your personal information. You may reach out to info@gridmatrix.com to exercise any of these rights.

With respect to cookies, you can always customize your settings at any time.

Please note that we may still use aggregated and de-identified personal information that does not identify you or any individual; we may also retain information as needed in order to comply with legal obligations, enforce agreements, and resolve disputes.

California and Delaware “Do Not Track” Disclosures

California and Delaware law require GridMatrix to indicate whether it honors “Do Not Track” settings in your browser concerning targeted advertising. GridMatrix adheres to the standards set out in this Privacy Notice and does not monitor or respond to Do Not Track browser requests.

Children

We do not knowingly collect or solicit personal information from anyone under the age of 13. If you are under 13, please do not attempt to register for the Services or send any Personal Information about yourself to us. If we learn that we have collected Personal Information from a child under age 13, we will delete that information as quickly as possible. If you believe that a child under 13 may have provided us Personal Information, please contact us at info@gridmatrix.com.

Changes to the Privacy Policy

We’re constantly trying to improve our Websites and Services, so we may need to change this Privacy Policy from time to time as well. We will alert you to material changes by, for example, placing a notice on our Websites and/or by sending you an email (if you have registered your e-mail details with us) when we are required to do so by applicable law. You can see when this Privacy Policy was last updated by checking the date at the top of this page. You are responsible for periodically reviewing this Privacy Policy.