Granicus is committed to protecting the privacy of your personal information. We have written this Privacy Statement to let you know how Granicus uses your personal data. In this statement you will find information about the types of personal data we collect from you, when we collect your personal data and how long we keep it for, how we collect your personal data, our reasons for collecting and using your personal data, and information about how we share your personal data. When we say “we”, “us”, or “our” in this Privacy Statement, we mean Granicus LLC.
This Privacy Notice does not apply to other online services and applications operated by Granicus, nor to any information that we handle as a processor or service provider to our customers. We have also provided below notices related to Granicus employees who are California residents for purposes of the California Consumer Privacy Act of 2018 (“CCPA”).
Please take a moment to review this Privacy Statement in detail to understand our views and practices regarding your personal data and how we will treat it.
The Granicus entities which adhere to this Privacy Notice include but are not limited to the following: Granicus Inc., Granicus-Firmstep Ltd., Granicus Canada Holdings ULC, Granicus Australia Pty Ltd., Granicus Technologies India Pvt Ltd.
Any changes to this Privacy Statement will be communicated on www.granicus.com and, unless stated otherwise, will take effect immediately once posted.
For the purpose of applicable data protection laws, the data controller is Granicus LLC and you can contact us using the following contact information:
Office for Data Protection Compliance
What Personal Data Does Granicus Collect From Me and Use?
We collect, store and use the following categories and types of data which identifies you or which can be used to identify you:
|Your name, business or personal email address, business or personal address, business or personal telephone number.||When you visit any of our websites, or where you use our contact functionality and or chatbot on the websites.||To contact you occasionally regarding our services and products, subject to applicable laws (for example, where required, subject to your consent).|
|Information about your job, such as your position, title, management level, work location, division, department, and position level.||When registering to a webinar or other event on the website; or other ad hoc forms that we may add to the website on occasion.||To process your registration and participation in a webinar or other event to you which you have registered.
To contact you occasionally regarding our services and products, subject to applicable laws (for example, where required, subject to your consent).
|Information about your access to our network and premises.||CCTV images, when visiting our premises, when you swipe a card access, time recording software and internet access usage.||To comply with our business, regulatory and legal obligations.|
To monitor and ensure the orderly and proper operation and development of the website and associated services.
To analyse and provide statistical information to third parties.
To improve and customize your experience and the content that is presented to you on the website.
Why Does Granicus Carry Out These Processing Activities Using My Personal Data?
Some of the laws that apply to us require us to tell you the legal reason for using your personal data. We list these below:
Consent: Where applicable and appropriate, we will ask for your consent to collect and use your personal data. If we need your consent to collect and use your personal data we will make clear to you that the provision of your consent is voluntary. You have the right to withdraw your consent at any time by contacting us using the contact information set out above.
Our core activities: In many cases using your personal data is core to our legitimate business interests. Where we use your personal data for these purposes you will have the right to object to our use of your personal data by contacting us using the contact information set out above.
We use your personal data for our legitimate interests to provide you with information about our products and services and to understand your use of our website, products, and/or services. We use information collected via cookies (electronic text files) that we place on to your machine in order to provide you with the best level of service when using our tools. These analytics tell us whether you had technical difficulties when using our website or to provide you with a service that is tailored to you.
Legal Requirement: At times we may receive requests from regulators or other authorised bodies to use your personal data in order to comply with a legal or regulatory obligation. Where this is the case, we will ensure that the request is legitimate.
Overall, the provision of your personal data is voluntary for you and not required by law. However, in order to provide the website to you, to carry out a contractual relationship with you and/or to offer other products and services to you, your personal data are necessary. Not providing your personal data may result in disadvantages for you – for example, we may not be able to carry out a contractual relationship with you or you may not be able to use certain products and services or may accept limited functionality. However, not providing your information will not result in legal consequences for you.
For How Long Does Granicus Keep My Personal Data?
We keep your personal information for no longer than is necessary for the purpose for which the information is collected and to manage our relationship with you. Where personal information is kept, that period will be determined based on applicable local law. For further information, please contact us as set out above.
Your Rights In Relation To Your Personal Data
We explain here the rights that you may have in relation to personal data if you live in the UK or European Union:
How Can I Find Out What Personal Data Granicus’ Holds About Me?
You may contact us using the contact information above if you would like more detailed information about what personal data we have collected from you, including the categories of personal data processed, the purposes of the processing and the third parties to whom that data is transferred. You may also request a copy of your data. Note that we do have to take into account the interests of others, and certain other legal obligations or restrictions, so this is not an absolute right.
Can I Ask Granicus To Delete or Correct My Personal Data?
You may contact us using the contact information above if you would like us to delete your personal data or to have your personal data corrected and, if required to do so, we will comply with your request.
Can I Ask Granicus To Stop Using My Personal Data?
You may contact us using the contact information above if you would like us to stop using your personal data (either entirely or for some of our Processing Activities) and, if required to do so, we will comply with your request.
Can I Ask Granicus To Transfer My Personal Data to a Third Party?
You may contact us using the contact information above if you would like us to transfer your personal data to a third party in a structured, commonly used and machine readable format and, if required to do so, we will comply with your request.
Does Granicus Securely Store My Personal Data?
We apply strict security standards, controls and processes to protect your personal information from unauthorised access, loss or accidental deletion. These include restricting who can have access to your personal data and protecting your data with security tools appropriate to the type of information e.g. encryption software and secure file transfer tools. We also require that our third party processors who handle your personal data do the same.
Cookies are text files containing small amounts of information which are downloaded to your computer or mobile device when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognizes that cookie. Cookies are useful because they allow a website to recognize a user’s device. Cookies allow you to navigate between pages efficiently, remembering your preferences and generally improving the user experience.
Does Granicus Share My Personal Data With Third Parties?
To help us carry out our Processing Activities, we may need to share your personal data with entities within and outside of Granicus as follows:
Granicus Entities – we may transfer your data to other Granicus entities who may collect, transfer and/or use the personal data we have collected from you for some or all of our Processing Activities. Where we share your personal information with other Granicus entities, they will use your information in a manner consistent with the purposes for which it was originally collected and consistent with this Privacy Statement and applicable data protection and privacy laws.
Our Data Processors – from time to time, we may share your personal data with our third party service providers or with other Granicus entities who provide us with investor relationship, company secretarial, legal, regulatory, corporate advisory, event management, talent management, recruitment, marketing, communication and/or IT support services (“Data Processors”). In order to provide such services, our Data Processors process your personal data on our behalf. Our Data Processors have met our criteria as trusted guardians of personal data and are subject to contractual obligations to implement appropriate security measures to safeguard your personal data and to process personal data only as instructed by us.
Other Third Parties – your personal data may also be transferred to regulators, courts, and other authorities (e.g. tax and law enforcement authorities) and independent external advisors (e.g. lawyers, auditors). We may also share certain personal data with business partners, customers and suppliers to carry out our business activities.
For the full list of the Granicus entities, Data Processors and other third parties that we may share your data with, please contact us as set out above. Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we have no control over how they may use your personal information. You should check the privacy policies of third party websites before you submit any personal information to them.
Granicus may share personal data with its service providers for the purpose of helping Granicus execute certain tasks outsourced to them, or providing capabilities Granicus requires. The service providers to which Granicus provides personal data in connection with the personal data collected through the Website are: (1) email service providers for email campaigns management and to send you emails on our behalf, with the express provision that their use of such information must comply with our instructions; (2) recruiting service providers, in relation to activities on the Website related to submission and processing of CV and job applications through the Website; (3) registration management of users to events through the website; (4) billing, processing payments, marketing automation, Granicus advertisements on social media, CRM platform, analytics tools providers, web page building tools, cloud services, support and maintenance operation tools. Our service providers do not have any right to use your personal data collected from the Website beyond what is necessary for the purpose of facilitating their services for us and are subject to data protection agreements to the extent required under applicable law.
Granicus is also entitled to transfer or share anonymous, statistic or aggregative information with companies or organizations connected to Granicus, and with suppliers, business partners, advertisers, and every third party, according to Granicus’s absolute discretion.
Does Granicus Transfer My Personal Data Overseas?
Some of the Granicus entities, Data Processors and other third parties that we share your personal data with are located outside of the UK or European Economic Area (EEA).
If we transfer your personal data to entities outside of the EEA (which include our IT service providers, recruitment partners and other Granicus entities in the US and India), we will make sure that your data is being protected as required by applicable data protection law. For transfers to other Granicus entities, Granicus will be bound by the EU Standard Data Protection Clauses (see – Article 46(2)(c) of the General Data Protection Regulation). For transfers to third party service providers, we will do this by putting in place the EU Standard Data Protection Clauses (see – Article 46(2)(c) of the General Data Protection Regulation).
You can ask for a copy of the appropriate safeguards by contacting us as set out above.
Granicus implements data security systems and procedures to secure the information stored on Granicus computer servers. Such systems and procedures reduce the risk of security breaches, but they do not provide absolute security. Therefore, Granicus cannot guarantee that the Website is immune to unauthorized access to the information stored therein and to other information security risks.
This section is only applicable to California residents for purposes of compliance with the California Consumer Privacy Act of 2018 (“CCPA”). Defined terms used in this section, including but not limited to “Business Purpose”, “Consumers,” “Personal Information” and “Sale” (or “Sell”) are used as such terms are defined by and interpreted pursuant to the CCPA.
The categories of Personal Information we have collected, for of which we have disclosed for a business purpose, in the preceding 12 months are:
(1) Identifiers, such as name and Social Security number;
(2) Personal information, as defined in the California safeguards law, such as contact information and financial information;
(3) Characteristics of protected classifications under California or federal law, such as sex and marital status;
(4) Commercial information, such as transaction and account information;
(6) Internet or network activity information, such as browsing history and interactions with the Website;
(7) Geolocation data, such as device location;
(8) Audio, electronic, visual, thermal, olfactory, and similar information, such as video, photography and call and video recordings;
(9) Professional or employment-related information, such as work history and prior employer.
(10) Education information, such as school and date of graduation; and
(11) Inferences drawn from any of the Personal Information listed above to create a profile about, for example, an individual’s preferences and characteristics.
The sources we have collected this Personal Information from are: directly from California residents or their representatives.
In the past 12 months, however, we have not “sold” Personal Information relating to California residents within the meaning of the CCPA. For purposes of this Privacy Notice, “sold” means the disclosure of Personal Information for monetary or other valuable consideration.
If you are a California resident, you may request that we disclose to you the following information covering the 12 months preceding your request:
(1) the categories of Personal Information that we collected about you and the categories of sources from which we collected such Information;
(2) the business or commercial purpose for collecting Personal Information about you;
(3) the categories of Personal Information about you that we disclosed to third parties for a business purpose and the categories of third parties to whom we disclosed such Personal Information (if applicable); and
(4) the specific pieces of Personal Information we collected about you.
If you are a California resident, you may also request that we delete Personal Information that we collected from you.
Before Granicus is able to respond to any request, we may ask to verify your identity by providing us with certain information or identification. In some instances, we may decline to honor your request. For example, we may decline to honor your request if we cannot verify your identity or confirm that the Personal Information that we maintain relates to you, or if we cannot verify that you have the authority to make a request on behalf of another individual. In other instances, we may decline to honor your request where an exception applies, such as where the disclosure of Personal Information would adversely affect the rights and freedoms of another consumer or where the Personal Information that we maintain about you is not subject to the CCPA’s access or deletion rights, such as information relating to our employees and contractors that is used for our employment and vendor management purposes.
Nonetheless, you have the right to be free from unlawful discrimination for exercising your rights under the CCPA.
California and Delaware “Do Not Track” Disclosures
California and Delaware law require to indicate whether we honor “Do Not Track” settings in your browser concerning targeted advertising. Granicus adheres to the standards set out in this Privacy Notice and does not monitor or respond to Do Not Track browser requests.
What Should I Do if I Am Not Happy With How My Information Is Being Used?
You can contact us using the contact information above if you are not happy with how we are handling your personal data.
You also have the right to complain to our relevant supervisory authority, which is the Information Commissioner’s Officer (ICO) in the UK, who is responsible for ensuring we correctly follow the General Data Protection Regulations 2016 or to any other competent data protection supervisory authority