We take your privacy and protection of personal data very seriously.
Last updated: December 12, 2024
Welcome to GLAPI! We hope you will enjoy and appreciate visiting or using our Website or using our Services. This Privacy Policy (the "Policy") tells you about who we are, what personal data we collect, and what we do with it while you visit the Website, use the Services, or otherwise interact with us. The Policy also explains your privacy and data rights under the law.
Please read this Policy carefully. By using our Website or Services, you agree to be bound by this Policy.
References to "you" or "your" are to you as an individual using our website or otherwise contacting us.
Other terms may be found in our Terms of Service.
GLAPI refers to GLAPI, LLC, a US-based company, and any relevant subsidiaries or affiliates within the GLAPI group responsible for processing your data. GLAPI, LLC is the primary controller responsible for this Website.
Under GDPR and POPIA, GLAPI acts as a "data controller" or "responsible party," meaning we collect personal data and determine how it's processed. When we process data because you use our services through one of our customers (e.g., as their employee or client), we act as a "data processor" on their behalf. In such cases, refer to our customer's privacy policy.
For privacy-related questions or to exercise your rights, contact:
GLAPI Privacy Contact
Email: privacy@glapi.com
Mailing Address:
GLAPI
Privacy Department
United States
For questions about the Website or Services, email support@glapi.com.
Depending on your location and applicable Data Protection Laws (like GDPR, CCPA, etc.), you may have rights including:
To exercise these rights, please contact us. We generally do not charge a fee, but may charge for unfounded, repetitive, or excessive requests. We aim to respond within one month, potentially longer for complex requests. We may need to verify your identity.
We may collect, use, store, and transfer:
When you visit our site, online partners may associate your activity with other information (like your email) for targeted communications. Opt-out options are available (e.g., via https://app.retention.com/optout).
We use your data only when legally permitted, primarily:
Specific uses include:
Failure to provide necessary data may prevent us from fulfilling contracts (e.g., providing services).
Financial Data for billing is handled by secure Payment Processors (e.g., Stripe) and not stored on GLAPI servers.
We only use your data for the purposes collected, unless we reasonably consider a need for another compatible reason. We will notify you and explain the legal basis if using data for an unrelated purpose. We may process data without knowledge or consent where required/permitted by law.
We may use aggregated, anonymized data (which doesn't identify you) for statistical purposes indefinitely (e.g., calculating usage percentages).
We do not intentionally collect sensitive data (race, religion, health, etc.) or criminal conviction information. Please do not provide this. If you voluntarily provide it, you explicitly consent to its processing as permitted by law.
We may share data with:
We require third parties to respect data security and process it only for specified purposes under our instruction. We do not sell your personal data.
Subprocessors include:
Sharing data within GLAPI or with third parties may involve transferring data internationally (e.g., outside the EEA, UK, South Africa). We ensure similar protection by using safeguards like:
Our primary operations and data hosting are in the US. Transfers to partners in other regions (like Canada, Australia) are done ensuring compliance with Data Protection Laws. You can request not to have data transferred internationally, but this may limit service usability.
We may send marketing communications if you've requested information, purchased services, or opted in. We use your data to personalize relevant offers.
You can opt-out of marketing messages at any time by contacting us or using unsubscribe links. Opting out of marketing does not opt you out of essential service-related communications.
Text messaging opt-in data and consent are not shared with third parties.
We do not share your personal data with third parties for their marketing purposes without your explicit opt-in consent.
We may use advertising networks (e.g., Google Ads, LinkedIn Ads - specify if used) to show you relevant ads based on your interaction with our site. Opt-out options are available via ad settings on those platforms or tools like WebChoices. See our Cookie Policy.
You can ask us or third parties to stop marketing communications at any time. This doesn't affect processing before withdrawal or essential service communications.
We use cookies and similar tech. You can manage browser settings to refuse cookies, but some site parts may not function. See our Cookie Policy for details.
We use analytics tools (Google Analytics, PostHog) to understand usage patterns and improve services. Technical Data collected may also be used for security purposes (fraud detection, violation investigation).
We use email service providers (e.g., Postmark, HubSpot - specify if used) to manage lists and send communications. Data is transferred securely for these purposes. You can unsubscribe from marketing emails via links provided. Transactional emails are necessary for service use.
Our email practices comply with anti-spam laws (CAN-SPAM, CASL, etc.). Contact us if you believe you received spam.
We may send email notifications related to service functions or support (e.g., via integrated tools). Manage notification preferences where available (e.g., device settings for push, account settings for email).
We implement strict technical and organizational measures to protect your data from loss, unauthorized access, or misuse. Access is limited to those with a business need-to-know, bound by confidentiality.
We have procedures for suspected data breaches and will notify you and authorities as legally required.
We use industry best practices (encryption like SSL/TLS) and secure third-party vendors (AWS, Vercel, Stripe for PCI-DSS compliant payments). See our Security page for more details.
You have the right to complain to a data protection supervisory authority in your jurisdiction (e.g., ICO in the UK, FTC in the US, or relevant EU DPA). We appreciate the chance to address concerns first, so please contact us initially.
We keep personal data only as long as necessary for the purposes collected, including legal, accounting, or reporting requirements. Retention periods consider data amount, nature, sensitivity, potential harm risk, processing purposes, and legal requirements.
We may retain data longer if there's a complaint or potential litigation. You can request deletion (see 'Your legal rights'). We may anonymize data for research/statistical use indefinitely.
We generally do not use automated decision-making that has significant legal effects. If we implement such processes (e.g., for personalized offers), we will update this policy. You typically have rights to obtain explanations, challenge decisions, and request human intervention in such cases.
This Policy was last updated on the date at the top. We review and update it at least annually. Find the latest version here. Significant changes will be notified via the Website/Services and email (if you have an account).
It's important your data is accurate. Please inform us of changes during our relationship.
Our Website and Services are not intended for children under 18. We do not knowingly collect data from children under 18. If we learn we have, we will delete it.
Our website may link to third-party sites. We don't control them and aren't responsible for their privacy practices. Read their policies when leaving our site.