Cookie & Privacy Policy

PRIVACY POLICY

This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.

We also provide employment related services which also collect and process ‘Personally Identifiable Information’. If your employer uses our Services, we may receive and process PII that identifies you in relation to the work you do or your use of our Services.

This Personal Data may be transferred from your work location to offices and servers of Grosvenor Technology and/or those third party providers with whom we have a relationship, including Service Providers, employees and contractors located in the United States and other countries.

If you have questions about your employment-related data, please contact your employer.

What personal information do we collect from the people that visit our blog, website or app?

When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number or other details to help you with your experience.

When do we collect information?
We collect information from you when you register on our site, subscribe to a newsletter, respond to a survey, fill out a form, Use Live Chat, provide us with feedback on our products or services or enter information on our site.

How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:

To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
To improve our website in order to better serve you.
To allow us to better service you in responding to your customer service requests.
To administer a contest, promotion, survey or other site feature
To quickly process your transactions and complete a purchase or order
To ask for ratings and reviews of services or products
To follow up with you after correspondence (live chat, email or phone inquiries)
To use the information for the reasons or purposes specified for which you provided your consent.

How do we protect your information?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.

How does our site handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

Does our site allow third-party behavioural tracking?
Yes we allow third-party behavioural tracking

Third-party disclosure
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice.

Third-party links
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

California Online Privacy Protection Act
CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared.

According to CalOPPA, we agree to the following:

Users can visit our site anonymously.
Our Privacy Policy link includes the word ‘Privacy’ and can easily be found on bottom of the page.
You will be notified of any Privacy Policy changes:
On our Privacy Policy Page
You can change your personal information:
By emailing us at privacy@gtclocks.com

COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.

We do not specifically market to children under the age of 13 years old.

Our services are not designed or intended for the use by children under the age of 13 years old.

Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur: We will notify you via email within 7 business days.

CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to:
Send information, respond to inquiries, and/or other requests or questions
Process orders and to send information and updates pertaining to orders
Send you additional information related to your product and/or service
Market to our mailing list or continue to send emails to our clients after the original transaction has occurred

To be in accordance with CANSPAM, we agree to the following:
Not use false or misleading subjects or email addresses.
Identify the message as an advertisement in some reasonable way.
Include the physical address of our business or site headquarters.
Monitor third-party email marketing services for compliance, if one is used.
Honor opt-out/unsubscribe requests quickly.
Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails please follow the unsubscribe instructions at the bottom of each email.

Employment-Related Information
Information about you relating to the context of providing services to your employer may be received or collected by us to enable processing and will only be disclosed to provide such services. As part of the contract(s) your employer has put in place, other parties may be engaged by your employer to provide part or all of the services. We use third parties as Sub processors to support and provide services provided by Grosvenor Technology.

We will also disclose personal data when required to do so by law. We do not sell Personal Information or share it for marketing purposes.
If you have questions about your employment-related data, please contact your employer.

Biometric Information
Grosvenor Technology provides services to employers relating to time and attendance activities. Customers can select to use time clocks with biometric finger or face recognition technologies that collect “Templates” derived from a persons biometric inputs. Templates are a digital representation of geometric measurements rather than a capture of the original face or finger. Some states including Texas & Illinois have governance statutes relating to biometric data. These templates may or may not be deemed to be biometric information under these statutes. Grosvenor Technology has a set of security policies in place to protect and store these templates and comply with applicable data protection requirements.

Storage, Maintenance & Backups
Templates can be stored in time clocks and also on Grosvenor Technologies database. Authorised users can delete data from the clock and the data base following the approved process. Templates are included in the regular production backups.
Customers are responsible for deleting an individuals biometric data once the initial purpose for collecting or obtaining the data has been satisfied or within three years of the last contact with the customer. Grosvenor Technology will action a deletion request once received from a customer and after verification will complete this within the agreed retention period timeframe (usually 35 days) Backups for the next six months may also contain the original data. The customer is still required to verify that the deletion was successful.
Automated incremental backups of customer databases are in place and kept for a period of twelve months. Authorised users may perform additional back ups or copies of the system for testing or diagnostic purposes. These data sets are then deleted when no longer required.

Security
At Grosvenor Technology we design and manufacture our terminals to include a set of security measures for our HCM terminals that work with our GT Cloud Platform. These are a combination of Privacy Enhancing Technologies (PETs) that are implemented by design and are included by default due to the use of Microsoft Azure technologies. We have the ability to update the firmware and applications on the HCM terminals, for example, if security vulnerabilities are identified and updates or patches need to be implemented.
Key to security in this is data minimisation and only processing the data we need to, especially for biometric templates, they are only registered and processed on the HCM terminals on the instructions of the employer, i.e. employees need to have biometric templates transferred across from their HR database, and then be registered on the HCM terminal.
These biometric templates are on a controlled distribution to the HCM terminals that require them, in addition we can restrict distribution to specific terminals that have certain hardware, for example there is no point transferring fingerprint templates to a terminal that only has a camera for facial scans. On the terminals, biometric templates are stored in a separate table with only pseudonymised code. Templates for both face and finger biometrics are generated from initial source images, however these source images are immediately deleted and not retained on the device or transferred to the cloud.
Our Staff only have access to cloud and terminals under identity access management and we have assurance and full audit of all transactions with high fidelity audit trail of all data processing and user access. This is particularly important when we complete diagnostic support and replace, or repair the terminal remotely, i.e. refresh the software.

All data is transmitted using higher security communication protocol currently TLS 1.2. or higher.
As stated HCM terminals can have their firmware and applications updated on distribution where we supply on contract, but where we are reliant on others to perform updates, distribution of personal data can only be to those that have been updated.
Within the cloud platform we use industry standard protocols such as HTTP and AMPQ over TLS1.2 which further secures transmission of data.
The Information in this Policy should not be construed as legal advice. Contact your legal counsel for clarification and/or advice regarding this and other state laws and regulations.

Contacting Us
If there are any questions regarding this privacy policy, you may contact us using the information below.

Grosvenor Technology LLC
12323 Southwest 55th Street
#1007, Cooper City, FL 33330
USA Tel: +1 (800) 989 5197
privacy@gtclocks.com
GT Clocks is a trading name of Grosvenor Technology LLC

US Privacy Policy Updates
If you are resident in the US State of California, Virginia, Colorado, Utah, Connecticut or any other US State with a US Data Protection law, we comply with them all, and adopt a policy of extending the rights in those States across all States.
If you wish to exercise your right of access, rectification, deletion, restriction, and portability, please email privacy@gtclocks.com for further instructions. Employment related requests will be directed to your employer at the first instance.

Timeframe for Responding to Requests
We will respond to requests from your employer within forty-five (45) days of receipt. The period of response may be extended to sixty (60) or ninety (90) days if more time is required. In that event, we will inform your employer of the reason and extension period in writing.

Fee
We do not charge individuals a fee to process or respond to a verified request unless it is excessive, repetitive, or manifestly unfounded.
We do not collect or process sensitive personal identifiable information using our website or have automated decision making, or sell on your personal identifiable information.
However, for employment related services we may collect and process sensitive personal identifiable information as instructed under contract by employers that use our services. Refer to the Employment Related Information section.

Notice to Residents of Countries Outside the United States
Grosvenor Technology LLC is located in the United States of America. Your Personal Information may be accessed by or transferred to the United States or to our affiliates or third parties elsewhere in the world. By providing us with your Personal Information, you consent to this transfer. We use commercial reasonable measures to protect the privacy of your Personal Information, regardless of where it is processed or stored.

COOKIE POLICY

Do we use ‘cookies’?
Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

We use cookies to:
Understand and save user’s preferences for future visits.

Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.

Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.

If users disable cookies in their browser:
If you turn cookies off some of the features that make your site experience more efficient may not function properly.