What personal information does GFD collect and why?
The personal information that we may collect about you broadly falls into the following categories:
- Information that you provide voluntarily
We ask you to provide certain information voluntarily, such as your contact details, user credentials, and employment information.
For instance, this can be by way of filling in an online form when you register to use our products and services, when you register to attend an event, when you provide us with your business card information or when you request to receive information from us. The types of information we ask you to provide, and the reasons why we ask you to provide it, include:
|Types of personal information||Why we collect it|
To maintain your account with us.
|Contact details including name, telephone numbers, email address and postal address.||
To respond to correspondence and inquires you send us. In some cases, to gather information needed to provide products and services requested by you or your employer. To obtain your feedback regarding our products and services.
|User credentials including name, email address and personal information you provide to us in a profile.||
To set up and maintain your user account. To monitor and enforce compliance with our contractual terms.
|To set up and maintain your user account. To monitor and enforce compliance with our contractual terms.||To manage your individual user account which is covered by a corporate account of one of GFD’s corporate customers, for instance, the corporate account of your employer.|
- Information that we collect automatically
We may also collect certain information automatically from your computer or device, including information pertaining to your use patterns of our products and services. In some countries, including countries in the European Union, this information may be considered personal information under applicable data protection laws.
Specifically, the information we collect automatically may include information like your IP address, device type, unique device identification numbers, browser-type and version, broad geographic location (e.g. country or city-level location), and other technical information. We also collect information about how your device has interacted with our websites and products, including the pages and products accessed and links clicked. We record and keep data on how and when you’ve accessed a series in our online repositories, including whether or not you’ve clicked on a series, viewed its details, viewed its data sources and methodologies, graphed the series, or downloaded the raw data. We record whether that access was via a standard log-in, via an API or FTP feed, or through the AeonXL or other excel add-on.
Collecting this information enables us to better understand the visitors who come to our website and the users of our products and services, where they come from, and what content on our website and products and services is of interest to them. We use this information:
– for our analytics purposes;
– To monitor compliance with our policies and terms – We monitor for breaches of our terms and conditions and copyright policies. For example, we reserve the right to inform the user if, through the use of a corporate or individual account, you are using our content in breach of the terms and conditions of our websites. We have the right to suspend your account if we detect that your activity on our websites is invalid or fraudulent (such as having multiple accounts).
– to improve the quality and relevance to users, of our websites and products and services;
– to develop and update our websites and products and services;
– for customer services purposes, for instance, reviewing our customers’ training needs in respect of the use of our products;
– to satisfy GFD’s corporate customers’ requests regarding the use of our products and services by the individual users licensed by their corporate account (please note that such information in many instances and jurisdictions will be offered to clients in an aggregated form); note that customers may be required by law to request such information from GFD;
– to send you tailored information on our products and services that we believe may be of interest or value to you and also marketing and promotional e-mails with your consent if and when required by applicable law;
-on rare occasions to identify unauthorized use or unauthorized distribution of our products and services related or unrelated to a security issue;
– where relevant, to review and / or update our pricing model agreed with our corporate customers;
– and for billing purposes, so that we or others (such as content providers) are able to bill for the services provided.
Some of this information may be collected using cookies and similar tracking technology, as explained further under the heading “Cookies and similar tracking technology”.
Who does GFD share my personal information with?
We may disclose your personal information to the following categories of recipients:
– Third party service providers, product content providers, and partners;
– Your employer;
– Competent law enforcement bodies, regulatory, government agency, court or other third parties;
– Any other person with your consent to the disclosure.
Third Party service providers;
We provide personal information to third party service providers who provide data processing services to us. These included:
Commodity Systems Inc.
We provide personal information to your employer, in many instances and jurisdictions in an aggregate form, for purposes such as to fulfil our contract with them, to inform them of potential group training needs, to inform them of product/service use by certain categories of user and for pricing purposes.
Competent law enforcement bodies, regulatory, government agency, court or other third parties;
We provide personal information to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;
Legal basis for processing personal information (EEA visitors / users only)
Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.
As a general rule, we will only collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you (for instance, your subscription to one of our products), or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms (for instance, where we process personal data regarding the usage of our products and services, as described above). In some cases, we may also have a legal obligation to collect personal information from you.
If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).
Similarly, if we collect and use your personal information in reliance on our legitimate interests (or those of any third party), this interest will normally be to provide our products and services and communicating with you as necessary to provide our services to you and for our legitimate commercial interest, for instance, when responding to your queries, improving our products and services, advising you of product features or new releases, informing you of product maintenance, or undertaking marketing activities. We may have other legitimate interests and if appropriate it will be clear to you at the relevant time regarding what those legitimate interests are.
Where we send you communications regarding our products or services from our different divisions and affiliates that may be of interest to you, we do so based on your consent, if and when required by applicable law.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided below.
How does GFD keep my personal information secure?
We use appropriate technical and organizational measures to protect the personal information that we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information.
Specifically, our servers are located in various regions which may be located outside of the jurisdiction where you are located. This means that when we collect your personal information we may transfer it to or process it in a country which you may not reside.
Our third-party service providers, product content providers and partners, with whom we may share personal information as described above, are located in and transfer personal information to various jurisdictions around the world.
We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a product or service you have requested, as set forth in our information governance procedures, or to comply with applicable legal, tax or accounting requirements) up to seven (7) years if you have not envocted your right to be forgotten.
When we have no ongoing legitimate business need to process your personal information, we follow our information governance procedures and either delete or anonymise your personal information, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Your data protection rights
Your rights include the right to access, correct, update or request deletion of your personal information. You also have the right to withdraw the consent you have provided to us.
You have the following data protection rights:
– to access, correct, update or request deletion of your personal information.
– you can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information.
– to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you, by using the contact details below.
– if we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
– to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.
Last Updated August 27, 2018
What are cookies?
Cookies are small data files that are placed on your computer or mobile device when you visit a website. Cookies are widely used by website owners in order to make their websites work, or to work more efficiently, as well as to provide reporting information.
Cookies set by the website owner (in this case, GFD) are called "first party cookies". Cookies set by parties other than the website owner are called "third party cookies". Third party cookies enable third party features or functionality to be provided on or through the website (e.g. like advertising, interactive content and analytics). The parties that set these third party cookies can recognise your computer both when it visits the website in question and also when it visits certain other websites.
We only use first party cookies. Some cookies are required for technical reasons in order for our Websites to operate, and we refer to these as "essential" or "strictly necessary" cookies. This is described in more detail below.
The specific types of cookies served through our Websites and the purposes they perform are described below (please note that the specific cookies served may vary depending on the specific Website you visit):
- “Strictly necessary” cookies, which have to be set to allow us to deliver the site to you and to provide specific services that you request from us. The services offered by this site that require cookies to function include: account log-in and GFD AutoTRAC and workbook features.
What about other tracking technologies, like web beacons?
Cookies are not the only way to recognise or track visitors to a website. We may use other, similar technologies from time to time, like web beacons (sometimes called "tracking pixels" or "clear gifs"). These are tiny graphics files that contain a unique identifier that enable us to recognise when someone has visited our Websites or opened an e-mail that we have sent them. This allows us, for example, to monitor the traffic patterns of users from one page within our Websites to another, to deliver or communicate with cookies, to understand whether you have come to our Websites from an online advertisement displayed on a third-party website, to improve site performance, and to measure the success of e-mail marketing campaigns. In many instances, these technologies are reliant on cookies to function properly, and so declining cookies will impair their functioning.
How often will you update this Cookie Notice?
The date at the top of this Cookie Notice indicates when it was last updated.