Address
304 North Cardinal St.
Dorchester Center, MA 02124
Work Hours
Monday to Friday: 7AM - 7PM
Weekend: 10AM - 5PM
GRC Group
Protecting people, assets and information
Privacy Policy
Who we are
Our website address is: https://grcgroup.co.nz
When we refer to ‘we’ (or ‘our’ or ‘us’), that means SecIntel and all its wholly owned subsidiaries. Address details for all SecIntel offices are available on our Contact us page ( not yet operational – deploying shortly ).
We provide an easy-to-use online platform for businesses and their advisors. At the core of our platform is our spatial infometrics solution. If you want to find out more about what we do, see the SecIntel website page.
Comments
This notice applies across all websites that we own and operate and all services we provide, and any other apps or services we may offer (for example, notification alerts). For the purpose of this notice, we refer to them as our ‘services’. If you are a Global Risk Consulting Group technology systems user, this notice applies to you.
When we say ‘personal data’ we are referring to identifiable information about you, such as your name, email, address, your business appointment (role), telephone number, bank account details, payment information, support queries, community comments and so on. If you can’t be identified (for example, when personal data has been aggregated and anonymised) then this notice doesn’t apply. Refer to our terms of use for more information on how we treat your other data.
We may need to update this notice from time to time. Where a change is significant, we’ll make sure we let you know – usually by sending you an email.
Last updated: 30 October 2023
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Our principles of data protection
Our approach to data protection is built around four key principles. They’re at the heart of everything we do relating to personal data:
Transparency: We take a human approach to how we process personal data by being open, honest and transparent.
Enablement: We enable connections and efficient use of personal data to empower productivity and quality outcomes.
Security: We adhere to industry leading approaches to securing the personal data entrusted to us.
Stewardship: We accept the responsibility that comes with processing personal data.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
How we collect your data
When you visit our websites or use our services, we collect personal data. The ways we collect it can be broadly categorised into the following:
Information you provide to us directly: When you visit or use some parts of our websites and/or services we might ask you to provide personal data to us. For example, we ask for your contact information when you sign up for a free trial, respond to a job application or an email offer, join us on social media, take part in training and events, contact us with questions or request support. If you don’t want to provide us with personal data, you don’t have to, but it might mean you can’t use some parts of our website or services.
Information we collect automatically: We collect some information about you automatically when you visit our websites or use our services, like your IP address and device type. We also collect information when you navigate through our websites and services, including what pages you looked at and what links you clicked on. This information is useful for us as it helps us get a better understanding of how you’re using our websites and services so that we can continue to provide the best experience possible.
Information we get from third parties: The majority of information we collect, we collect directly from you. Sometimes we might collect personal data about you from other sources, such as publicly available materials or trusted third parties like research partners. We use this information to supplement the personal data we already hold about you, in order to better inform and improve our services, and to validate the personal data you provide.
Where we collect personal data, we’ll only process it: (i) to perform a contract with you, or (ii) where we have legitimate interests to process the personal data and they’re not overridden by your rights, or (iii) in accordance with a legal obligation, or (iv) where we have your consent.
If we don’t collect your personal data, we may be unable to provide you with all our services, and some functions and features on our websites may not be available to you.
If you’re someone who doesn’t have a relationship with us, but believe that a SecIntel subscriber has entered your personal data into our websites or services, you’ll need to contact that SecIntel subscriber for any questions you have about your personal data (including where you want to access, correct, amend, or request that the user delete, your personal data).
How we use your data
First and foremost, we use your personal data to operate our websites and provide you with any services you’ve requested, and to manage our relationship with you. We also use your personal data for other purposes, which may include the following:
To communicate with you. This may include: (i) providing you with information you’ve requested from us (like training or education materials) or information we are required to send to you; (ii) operational communications, like changes to our websites and services, security updates, or assistance with using our websites and services; (iii) marketing communications (about SecIntel or another product or service we think you might be interested in) in accordance with your marketing preferences; or (iv) asking you for feedback or to take part in any research we are conducting (which we may engage a third party to assist with).
To support you: This may include assisting with the resolution of technical support issues or other issues relating to the websites or services, whether by email, in-app support or otherwise.
To enhance our websites and services and develop new ones: For example, by tracking and monitoring your use of our websites and services so we can keep improving, or by carrying out technical analysis of our websites and services so that we can optimise your user experience and provide you with more efficient tools.
To protect: So that we can detect and prevent any fraudulent or malicious activity, and make sure that everyone is using our websites and services fairly and in accordance with our terms of use.
To analyse, aggregate and report: We may use the personal data we collect about you and other users of our websites and services (whether obtained directly or from third parties) to produce aggregated and anonymised analytics and reports, which we may share publicly or with third parties.
How we can share your data
There will be times when we need to share your personal data with third parties. We will only disclose your personal data to: (i) other companies in the SecIntel and Global Risk Consulting Group of companies; (ii) third party service providers and partners who assist and enable us to use the personal data to, for example, support delivery of or provide functionality on the website or services, or to market or promote our goods and services to you; (iii) regulators, law enforcement bodies, government agencies, courts or other third parties where we think it’s necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights. Where possible and appropriate, we will notify you of this type of disclosure; (iv) an actual or potential buyer (and its agents and advisors) in connection with an actual or proposed purchase, merger or acquisition of any part of our business; or (v) other people where we have your consent.
Security
Security is a priority for us when it comes to your personal data. We’re committed to protecting your personal data and have appropriate technical and organisational measures in place to make sure that happens. For more information about security, check out SecIntel’s security pages.
To keep up to date on known phishing and other scams targeting our community, and for information on how to protect yourself from them, sign up to our security noticeboard (deploying shortly).
Retention
The length of time we keep your personal data depends on what it is and whether we have an ongoing business need to retain it (for example, to provide you with a service you’ve requested or to comply with applicable legal, security requirements).
We’ll retain your personal data for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. Following that period, we’ll make sure it’s deleted or anonymised.
Your rights
It’s your personal data and you have certain rights relating to it. When it comes to marketing communications, you can ask us not to send you these at any time – just follow the unsubscribe instructions contained in the marketing communication, or make your request from the Privacy and security page (deploying shortly).
You also have rights to: (i) know what personal data we hold about you, and to make sure it’s correct and up to date; (ii) request a copy of your personal data, or ask us to restrict processing your personal data or delete it; and (iii) object to our continued processing of your personal data. You can exercise these rights at any time by making a request from the Privacy page (deploying shortly).
If you’re not happy with how we are processing your personal data, please let us know by getting in touch from the Privacy page (deploying shortly). We will review and investigate your complaint, and try to get back to you within a reasonable time frame. You can also complain to your local data protection authority. They will be able to advise you how to submit a complaint.
How to contact us
If you’re curious about what personal data we hold about you or you have a question or feedback for us on this notice, our websites or services, please get in touch.
We prefer to communicate with you by email – this ensures that you’re put in contact with the right person, in the right location, and in accordance with any regulatory time frames.
Our contact email: info@grcgroup.co.nz
Visit our contact page to get in touch.