Announcements > GPP B2B Privacy Statement
Policy
GPP B2B Privacy Statement
GPP Global
  2022-10-27

 

Protecting the individual's privacy on the Internet is crucial to the future of Internet-based business. We have created this Privacy Statement to demonstrate our firm commitment to the individual’s right to data protection and privacy in the context of the GPP B2B cloud services. It outlines how we handle information that can be used to directly or indirectly identify an individual (“Personal Data”).

 

When does this statement NOT apply?

 

         Personal Data submitted by designated supports contacts in their use of the GPP B2B customer support systems (e.g. GPP B2B Customer Service and GPP B2B Intelligent Robot customer service) is subject to the terms of use and privacy terms presented to users of such services; and

 

         Personal data provided to GPP B2B for sales or general product information requests through GPP B2B sales and marketing channels (e.g. gpp2019.com website, GPP B2B marketing campaigns, webinars and similar activities)  governed by GPP B2B’s Privacy Statement.

 

 

A.Overview for this GPP B2B Privacy Statement

 

GPP B2B customers may be referred to as "Buyer" or "Seller" throughout this document. Individual users of the service (whether employees of the Buyer or Seller organizations) collectively and individually may be referred to as "you" and "your" throughout this document.

 

“Trading Partner" means an entity with which a Buyer or Seller transacts using the Platform.

 

How does this Statement Apply to My Company?

- This statement describes GPP B2B's practices as a data processor of Personal Data submitted to the GPP B2B cloud services specifically and is complimentary and works in conjunction with the subscription agreement and data processing agreement between GPP B2B and each user by offering further detail regarding such data processing activities.

- This statement is also referenced from within some of the B2B platform, and from emails sent by the B2B platform, to provide transparency to individual users and organizations.

 

Data Controller versus Data Processor

GPP B2B collects information about an individual as we are providing the service and acting as a data processor for our customers, acting on the instructions of our customers within the scope of the services we offer. Except in limited cases identified above under “When does this Statement NOT apply?” our customers have the role of the “data controller.” Our customers are responsible for making sure that the user’s privacy rights are respected and that required consents are obtained before entering Personal Data into the B2B platfrom, including ensuring appropriate disclosures about third party data collection and use.

 

B.General Information

 

What Personal Data is Involved?

This Privacy Statement applies to Personal Data that customers provide to GPP B2B when using the B2B platform (including email notifications sent to and from the B2B platform) or that customers provide to GPP B2B service personnel for importation into the B2B platform, such as a list of Sellers to invite to use the B2B platform.

 

The B2B platform enables customers to submit Personal Data to create users of the B2B platform, to store transaction documents (may include some Personal Data of signatories or business contacts), and to store contact information associated with Trading Partners. Thus the general scope of Personal Data being processed is a person’s name, business email address, and business phone number.

 

Personal Data submitted to the B2B platform may not include Sensitive Personal Information unless, as the B2B platforms are enhanced, some type of Sensitive Personal Information is expressly allowed by us regarding a specific aspect of the B2B platform and is submitted by a customer only in accordance with the documentation. Business tax identifier and company credit card or other payment identifiers should only be placed in the specific fields designated for such use.

 

- "Sensitive Personal Information" for the purposes of the GPP B2B platforms and this policy, means (i) government identification numbers or financial account numbers associated with individual persons (e.g. Social Security numbers, driver's license numbers, or personal credit card or banking account numbers), (ii) medical records or health care claim information associated with individuals, including claims for payment or reimbursement for any type of medical care for an individual and (iii) data designated as “Sensitive” or “Special Category” or the like requiring extra protective measures under the applicable Data Protection Law (as defined in the Data Processing Agreement between your organization and GPP)

 

Am I Required to Provide My Personal Data?

As a general principle, your provision of any Personal Data to the B2B platforms may be required for conducting business for your employer or with a Trading Partner. The data is generally only related to your role at your company, and is not related to you as a private person or as an individual consumer. If you object to providing personal data to the GPP B2B platform, please contact your own company for alternatives.

 

Buyers may use the custom field and form features in the B2B platform to gather various type of information about Suppliers and some Suppliers are sole proprietors. If you are a sole-proprietor or individual contractor and object to the types of Personal Data being requested from a Buyer, please contact the Buyer directly to investigate options.

 

Where will my Personal Data be processed?

GPP B2B directs the operation of the B2B platform using data centers located mainly in China. Certain B2B platforms are offered to customers utilizing data centers located in other countries or regions upon request, such as the European Union. As GPP B2B adds data centers in more regions, these terms shall apply to GPP B2B's provision of services in such data centers. Personal data will not be transferred to or from other  Services Platform locations.

 

Data Subjects’ Rights.

Individuals have the right to access, modify and delete Personal Data about them although this may require approvals by the individual’s employer. To exercise these rights,  GPP B2B has procedures to allow updates to Personal Data in a timely manner. In most B2B platforms, the administrative contact for your company can directly change Personal Data by logging on to the B2B platform and managing your account profile directly. In some B2B platforms, each individual user can self-administer his/her own user account details or changes may be requested by calling GPP B2B customer support.

 

 

Deletion of your Personal Data may require approval by your employer. Depending on the B2B platform, requests to delete or anonymize Personal Data must be made to the administrative contact for your company and such steps may require GPP B2B assistance. If you are unable to correct, update, or delete your Personal Data because you are no longer an employee of the business that is the account holder, or your account has been terminated, you may contact the GPP B2B support. In each case, GPP B2B will take reasonable measures to contact the business that is responsible for the account and accommodate your request or respond in writing with the legal basis for denying the request within thirty (30) days.

 

Disclosure to Third Parties.

GPP B2B does not provide your Personal Data to third parties, except as described in our contracts with our customers, unless

         you (or your account administrator acting on your behalf) request or authorize it;

         such disclosure is necessary to process transactions or provide services which you have requested (e.g., PCARD processing with credit card companies);

         GPP B2B is compelled to do so by a governmental authority, regulatory body, or under subpoena or similar governmental request or to establish or defend a legal claim;

         the third party is acting as our agent or sub-contractor in performing services or legal compliance activities (e.g., GPP B2B's use of a third-party e-signature provider); or

         you designate your Personal Data to be publicly viewable in the B2B platform.

 

 

C.Where GPP uses Personal Data

 

Providing the B2B platform to Your Organization.

GPP B2B will use Personal Data for the following limited purposes in relation to the B2B platform, to:

         facilitate operation of the B2B platform and its related services;

         enhance use of the B2B platform and its related web pages;

         perform internal tracking and B2B platform improvement;

         Enable GPP B2B to contact you;

         process requested transactions through the B2B platform including the use of templates, document creation and transmission of messages;

         and analyze the volume and history of a company's B2B platform usage.

 

GPP B2B will treat Personal Data as confidential, unless you or your account administrator submits it for public view using features of the B2B platform, and will process the data according to the lawful and technically feasible instructions of the Buyer or Supplier. The B2B platform documentation is considered part of such instructions.

 

Tracking Technologies including Cookies. GPP B2B gathers certain information automatically and stores it in log files. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. Some of our B2B platforms utilize cookies or similar technology. If you configure your browser to reject cookies from the B2B platform, you will not be able to access the B2B platform. Personal Data you submit while using the B2B platform is not stored in cookies except where necessary to perform web site security, service functionality and usage analytics. GPP B2B does not place any third-party advertising tracking cookies on your computer during your use of the B2B platforms. The web pages you access when using the B2B platforms do not respond to "do not track" signals sent by your browser. In relation to emails generated by the B2B platform, we may track the open-rate, click-through rate and/or bounce rate of the messages at the individual level.

 

Protecting GPP’s Legitimate Interest.

Each of the use cases below constitutes a legitimate interest of GPP to process or use your Personal Data. If you do not agree with this approach, you may object against GPP’s processing or use of your Personal Data as set out below.

- Sending system and administrative notices to administrative contacts

- Investigating security incidents, disruptions of service or legal disputes

 

 

D.Duration of processing of Personal Data.

 

GPP B2B will retain Personal Data in active databases for varying lengths of time depending upon the specific B2B platform, type of data, choices of the account administrator and applicable law in accordance with the agreement between GPP B2B and your organization. Customers are provided with user administration features with which they can remove or update elements of User’s Personal Data. Personal data being processed by GPP B2B for Buyers in the B2B platform is deleted or obfuscated after expiration or termination of the Buyer’s agreement for all integrated B2B platforms with some time delay to confirm termination and allow for log files to be overwritten, unless there is a legal obligation for GPP B2B to retain the information, retention is required for some time necessary to resolve a dispute, or an alternate approach has been mutually agreed with the Customer. Personal Data stored on GPP B2B for Sellers is retained longer due to the requirements for account administration and billing by GPP B2B, but GPP B2B will work with the Seller to remove or anonymize Personal Data associated with users if there is no longer a legitimate need for retention. The approaches available to customer for purging and archiving data during a subscription term and the features available for anonymization or deletion of Personal Data are set forth in the documentation for the B2B platform.

 

E.Changes to this Statement

 

From time to time GPP B2B will need to make changes to this policy. Some of the changes will be in response to changes in applicable laws and regulations. Changes may also be required if GPP B2B adds new features and new services to a B2B platform. If we seek to make a material change to this statement, GPP B2B will document the change, note the date of the last update at the end of the policy, and send a notice to the administrative contacts on file with GPP B2B for each Buyer and Supplier.

 

This document is the  GPP B2B Privacy Statement targeted at individuals who are users of specific  GPP B2B customer products and services.  GPP B2B has a separate Privacy Policy for other sites and services. Certain of  GPP B2B subsidiaries and GPP affiliates also have separate privacy policies related to the services they offer. These other policies are separate and distinct from the activities governed by this statement.

 

Further Information

If you have questions or concerns regarding this policy, you should first contact your company's administrator for the use of the B2B platform. If you do not receive acknowledgment of your inquiry or your inquiry has not been satisfactorily addressed or you do not have an active customer relationship with GPP, you should then raise your complaint to GPP B2B's Privacy Coordinator.  

 

 

About Radisson Help Centre GPP Policy SharePoint Links

Contact Us: cs@gpp-global.com

Copyright 2019-2024, GPP, Inc