GMSS understands the importance of respecting privacy and is committed to protecting the privacy and accuracy of confidential information to the extent possible, subject to provisions of local and international law including but not limited to Article 22 of the Transitional Constitution of South Sudan and the General Data Protection Regulation (GDPR).
This policy is designed to inform you as to how we treat your personal data when you visit our Website, regardless of where you visit it from, as well as to inform you about your privacy rights.
- DATA COLLECTION
We may collect, use, store, and transfer different types of personal data, which generally fall in the following groups:
- Identity Data, such as first and last name;
- Contact Data, such as email address and billing address;
- Financial Data, such as payment card details;
- Transaction Data, such as details about purchased products and services;
- Profile Data, such as your username and password; and
- Technical Data, such as login data.
We do not collect any special category data such as details about race or ethnicity, as well as any information about criminal offenses or convictions.
Where we are legally compelled to collect your personal data and you fail to provide that data when requested, we may not be able to perform the contract we are trying to enter or have with you.
Additionally, GMSS collects anonymous data. Examples of the analytics our servers collect include:
- Internet Protocol (IP) address of computer being used;
- Web pages requested;
- Referring web page; and
- Data and time.
We do not associate this data to individual user identities.
GMSS’ site may use “cookies” in order to deliver web content specific to individual users’ interests or to keep track of online purchasing transactions. Sensitive personal information is not stored within cookies.
- USE OF COLLECTED INFORMATION
GMSS will only use your personal data when permissible by applicable laws and regulations. Generally, we use your personal data to enter contracts, perform contractual obligations, and comply with applicable legal obligations. It is important that the personal data we hold about you is accurate and current. Please notify us if your personal data changes at any point throughout the duration of your relationship with us.
Examples of the purpose for which we use personal data in relation to our Website may include:
- New customer registration;
- Order processing and delivery;
- Customer relationship management;
- Business and Website administration and protection; and
- Data analytics to improve our Website, products and services.
- DISTRIBUTION OF COLLECTED INFORMATION
Other than as required by laws that guarantee public access to certain types of information, or in response to subpoenas or other legal instruments that authorize access, personal information is not actively shared. In particular, we do not distribute or sell personal information to third-party organizations.
GMSS may have to share personal data for the purposes described above with the following parties:
- Internal, comprising of other companies in the RSLS family of companies that may be acting as joint processors and that are based in various international locations.
- External, including but not limited to service providers, professional advisers, and regulators.
- INFORMATION SECURITY
Information security activity in GMSS is guided by three main principles:
- Data Confidentiality – Protection of the data from use by unauthorized personnel.
- Data Integrity – The accuracy and consistency of data stored in a database, data warehouse, data mart or other construct.
- Data Availability – The capability of accessing data whenever it is needed.
We have put in place appropriate technological and operational information security measures to prevent any damage to the confidentiality, integrity, and availability of information by authorized or unauthorized individuals. All employees and contractors have a responsibility for ensuring the security of customers’ information held and managed by GMSS. Additionally, we do not allow access to personal data to employees, agents, contractors and other third parties that do not have a business need to know.
GMSS has put in place procedures to deal with any suspected personal data breach. Clients and regulatory bodies will be notified of a breach as mandated by contractual provisions and extant laws and regulations respectively.
- DATA RETENTION
GMSS retains personal information for as long as it is necessary to fulfill the purpose for which it was collected. Data may be retained for longer periods of time where it is mandated by legal requirements. In some circumstances, we may anonymize personal data so that it can no longer be associated with the individual for research or statistical purposes in which case we may use this information indefinitely without further notice.
- RIGHTS OF USERS
In accordance with applicable data protection laws, users have the right to:
- Access their personal data by requesting a copy of the personal information GMSS holds and details of how we use that information;
- Have personal data rectified if it is inaccurate or incomplete;
- Require us to erase their personal data, stop processing or restrict the processing of their personal data, right of portability of their personal information, and/or to withdraw consent to processing so long as there are no other legal justifications to continue processing; and
- Make a complaint with a relevant regulatory authority.
Please contact us if you wish to exercise any of your rights.
- CHILDREN’S PRIVACY
GMSS understands the importance of protecting children’s privacy, especially online. Our Website is not designed for and does not intentionally target or solicit to children. We do not knowingly collect data relating to children.
- EXTERNAL SITES
The GMSS Website may contain links to other websites, some of which may be operated by third parties. We provide the links for your convenience, but we do not review, control, or monitor the privacy practices of websites operated by others.
We are not responsible for the performance of websites operated by third parties or for your business dealings with them. Therefore, whenever you leave our Website we recommend that you review each website’s privacy practices and make your own conclusions regarding the adequacy of these practices.
- CONTACT US