img

Privacy Policy

Welcome to the GRC Gulf's privacy policy (“Privacy Policy”).

 

GRC Gulf respects your privacy and is committed to protecting your personal data. This Privacy Policy will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.

 

GRC Gulf treats the privacy of our users with the highest importance. This policy details the measures that we take to preserve and safeguard your privacy when you use our website, our products, the Ecosystem, or communicate with our personnel. It also demonstrates how we may process data in accordance with the EU General Data Protection Regulation and UK General Data Protection Regulation (“GDPR”).  

 

IMPORTANT INFORMATION AND WHO WE ARE:

Full name of legal entity: Roshcomm Co. WLL

Postal address: P. O. Box 20256, Manama, Kingdom of Bahrain


Purpose of this Privacy Policy

 

This Privacy Policy aims to give you information on how GRC Gulf collects and processes your personal data through your use of this website, including any data you may provide through this website, when you submit a web form OR engage with our live chat function OR login in the GRC Gulf Platform or service. The Identity service is the entry point form that registers users to use both the website and the Ecosystem.

 

This website is not intended for children and we do not knowingly collect data relating to children.

 

It is important that you read this Privacy Policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Privacy Policy supplements other notices and privacy policies and is not intended to override them.

 

OUR DETAILS


If you have any questions about this Privacy Policy or our privacy practices, please contact us in the following ways:

 

CONTACT DETAILS

Full name of legal entity: Roshcomm Co. WLL

Postal address: P. O. Box 20256, Manama, Kingdom of Bahrain

For any questions, please email info (at) roshcomm . com with the subject title FAO: Data Protection.

Our Registration number with Bahrain Ministry of Commerce is: 71118.

CHANGES TO THE PRIVACY POLICY AND YOUR DUTY TO INFORM US OF CHANGES

We keep our Privacy Policy under regular review.

 

This version was last updated in July 2024

 

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

 

Third-party links

 

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

 

INFORMATION COLLECTION

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

 

This includes information about you that you give us when you:

 

  • Fill in a form on the website
  • Register on our website or with the Ecosystem
  • Correspond with us by phone, live web chat, email or otherwise
  • Log support tickets

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

 

  • Identity Data includes: first name, last name, job title,
  • Contact Data includes: company name, industry and country of the employer company, work email address and telephone numbers.
  • Technical Data includes: internet protocol (IP) address, your login data, and other technology on the devices you use to access this website. This information is not collected as to be personally identifiable. This is collected by Google Analytics & Microsoft Azure anonymously.
  • Profile Data includes: your username and password, purchases or orders made by you, your interests, preferences, feedback, and survey responses. 
  • Usage Data includes: information about how you use our website, products and services.
  • Marketing and Communications Data includes: your preferences in receiving marketing from us and our third parties and your communication preferences.
  • We do not collect or process any special categories of Personal Data.

YOUR INFORMATION AND HOW WE USE IT

We collect your data, including Personal Data, for certain legitimate business interests of ours. Processing under this basis may occur in the following circumstances:

  • When you download resources that relate specifically to our products, such as trial software, starter packs, product brochures or case studies, we will contact you by telephone to ensure that the resources were successfully downloaded and help you get the most out of them.
  • When you make a request for further information on our website, either through a demo form, live web chat, contact form or similar transmission, we will use the data you provide to fulfil your request for information. We will also store this information on our database and use it to follow up with you, either by telephone or through an electronic communication.
  • When you register on our website, we will use the data provided to give you access to selected resources on the website that provide general information, with less focus on our specific products.
  • When you have purchased our products, we will use the details you provide us at registration in order to provide you with access to our products and to the Ecosystem and all its resources. We will also use these details to let you know about our products and services which we think you will find interesting and may send you relevant email notifications based on your interests.
  • When you use the Ecosystem as part of a proof of concept, we will use the details you provide us at registration in order to provide you with access to our products and to the Ecosystem and all its resources. If you do not continue using the Ecosystem after a proof of concept, then we may use your details to let you know about similar products and services which we think you will find interesting. You can opt-out of this at any time.
  • We may store Personal Data including your account ID, contact ID, and registered email address for reporting purposes and to better track your usage of the Ecosystem.
  • Where you have provided us with your details, we may contact you to notify you of changes to our services.

We also want you to be aware of the additional processing activities that may take place on our website:

 

  • When you register on our website or download resources, you are also given the opportunity to provide us with your consent. Where you provide your consent, we will use Personal Data provided with your registration to contact you about our products and services which we think you will find interesting. You will be able to access resources on the website and will be sent relevant email notifications based on your interests. Where appropriate, we may also contact you by telephone.
  • You can subsequently withdraw your consent at any time by a) contacting us; b) letting us know over the telephone; or c) following the ‘unsubscribe’ link that is provided in emails from GRC Gulf.
  • When you interact with our website, we use Google Analytics to better understand your journey and help us provide improvements. Google Analytics may record your geographical location, device type, internet browser and operating system, none of which would be classified as Personal Data.. The information collected for this scope is completely anonymous, without the ability to personally identify an individual.
  • We also want you to be aware of the following activities that also take place in the Ecosystem:
  • When you use the Ecosystem, we use Google Analytics to better understand your journey and help us provide improvements. Google Analytics may record your geographical location, device, internet browser and operating system, none of which would be classified as Personal Data. The information collected for this scope is completely anonymous, without the ability to personally identify an individual.
  • We utilize our own Case Management Platform within our GRC Gulf Technology Ecosystem to manage our community interactions and case management needs. In doing so, certain Personal Data is processed under legitimate business interests to enable seamless user experience, such as your name and email address. This is in compliance with the European Union's General Data Protection Regulation (GDPR).
  • Any information that we process, including Personal Data, will be stored on a secure server behind a firewall. We will not retain your Personal Data for longer than is necessary for the processing. Where you have registered and provided your consent to receive communications from us, then we will retain your Personal Data for this purpose until your consent is withdrawn

 

 

 

WHERE WILL YOUR INFORMATION BE SHARED?

We use third party processors to assist us in storing your data safely and securely. These third parties are carefully screened so we can ensure that there are adequate controls in place and, where relevant, that such third parties are GDPR compliant. Additionally, where this would result in the transfer of Personal Data outside the EEA, we have confirmed that there are appropriate transfer mechanisms in place.

 

If you are an EU citizen, then your personal data may be shared among other GRC Gulf entities based in the US and Australia as part of our providing support services to you. We transfer personal data according to the following transfer mechanisms:

YOUR RIGHTS

You generally have the following rights, which you can usually exercise free of charge:

 

Access to a copy of your personal data

The right to be provided with a copy of your personal data

 

Correction (also known as rectification)

The right to require us to correct any mistakes in your personal data

 

Erasure (also known as the right to be forgotten)

The right to require us to delete your personal data—in certain situations

 

Restriction of use

The right to require us to restrict use of your personal data in certain circumstances, eg if you contest the accuracy of the data

 

Data portability

The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations

 

To object to use

The right to object:
—at any time to your personal data being used for direct marketing (including profiling)
—in certain other situations to our continued use of your personal data, eg where we use your personal data for our legitimate interests.

 

Not to be subject to decisions without human involvement

The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you
We do not make any such decisions based on data collected by our website.

 

Where you have provided us with consent, you have the right to withdraw this consent at any time. To reiterate, you can do this at any time by contacting us directly or following the ‘unsubscribe’ link provided in any electronic communications you receive from us. For further information on each of those rights, including the circumstances in which they do and do not apply, please contact us at the email provided earlier. When contacting us please:

 

  • Provide enough information to identify yourself [(eg your full name, address and customer or matter reference number)] and any additional identity information we may reasonably request from you, and let us know which right(s) you want to exercise and the information to which your request relates You also have the right to complain to a supervisory authority where you feel that our processing of your Personal Data has infringed your rights.

 

ACCESSING YOUR INFORMATION

If you wish to exercise your right of access, then you may make a subject access request by contacting us as per the below. In most cases, we will not charge you a fee and will respond within one month. Fees may be charged for repeated or vexatious requests and we may take two months to provide all information in response to particularly complex requests. We will let you know if this is the case.

 

COOKIES

Our site uses cookies to distinguish you from other users. This helps us to provide you with a good experience when you browse the Ecosystem.

 

Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your web browser. They enable the site or service provider systems to recognise your browser and capture and remember certain information, such as items saved in your online shopping basket.

 

The information contained in a cookie can be used to track the visitor’s surfing on websites that make use of the same types of cookies and thus, for example, offers shown can be adapted to the specific visitor. For example, cookies are used to store the source (previous website address) of visits. When a user completes a form we record that source data in Pardot and Salesforce

 

You may choose to decline all cookies on your computer. Your browser has an option to disable the use of cookies. If you do choose to decline cookies, then you may be limited to certain areas of our website.

 

THIRD PARTY LINKS

We may sometimes include or offer third party products or services on the Ecosystem. The websites of these third parties will have separate and independent privacy policies, with which you should familiarise yourself with. We bear no responsibility or liability for the content and activities of these third party sites. Nonetheless, we seek to protect the integrity of our services and welcome any feedback regarding these third party websites.

 

This Privacy Policy was last updated in July 2024.