Privacy Policy

Effective July 1st, 2024.

Introduction

The Website at www.gri.co (the "GRI Website" or the "Website") is owned and operated by Growth Resources Inc. ("GRI"). GRI is committed to protecting the privacy of your personal information while using our Website, our hosted application service, and related support services. GRI has therefore established this Privacy Policy to assist you in understanding how GRI collects and uses personally identifiable information. By using our Website or our hosted application service or related support services, you are agreeing to the collection and use of personal information in the manner described in this Privacy Policy.

The GRI Website may provide links to third-party Websites for your convenience and information. If you access those links, you will leave the GRI Website. GRI does not control these third-party sites or their privacy practices, which may differ from GRI's. We do not endorse or make any representations about third-party Websites. The personal data you choose to give to unrelated third parties is not covered by this Privacy Policy.

Commitment to Data Privacy

GRI is committed to protecting your privacy and complying with all applicable data privacy regulations, including the General Data Protection Regulation (GDPR) for users in the European Economic Area (EEA) and the UK.

Data Privacy Framework Certification

Your personal information may be transferred abroad (including outside the EU, UK, and Switzerland for our users in the EU, UK, and Switzerland) in connection with our providing our hosted application service and related support services.

Please note that the Privacy Shield Framework is no longer in effect. We have updated this policy to reflect the current Data Privacy Framework (DPF).

With respect to personal data received or transferred pursuant to the EU-U.S. DPF, the UK extension to the EU-U.S. DPF, and the Swiss-U.S. DPF as set forth by the U.S. Department of Commerce, GRI is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (the “FTC”). GRI complies with the EU-U.S. DPF, the UK Extension to the EU-U.S DPF, and the Swiss-U.S. DPF as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information and human resources (HR) data transferred from the European Union and the United Kingdom and/or Switzerland to the United States in reliance on the DPF. This information and data include the email address, gender but only for the production of reports, first and last name of the person, and their answers to the GRI, PBI, and satisfaction surveys, in order to deploy the GRI tools and methods at a company. The information and data are not shared with any third party.

GRI has certified to the Department of Commerce that it adheres to the DPF Principles with respect to such information. If there is any conflict between the terms in this Privacy Policy and the DPF Principles, the DPF Principles shall govern. To learn more about the DPF program, and to view our certification, please visit https://www.dataprivacyframework.gov/

In compliance with the DPF Principles, GRI commits to resolve complaints about our collection or use of your personal information. EU, UK, and Swiss individuals with inquiries or complaints regarding our Privacy Policy should first contact GRI at privacy@gri.co.

GRI has further committed to cooperate with the EU data protection authorities (EU DPAs), the UK Information Commissioner’s Office (ICO), the Gibraltar Regulatory Authority (GRA), and the Swiss Federal Data Protection and Information Commissioner (FDPIC), and comply with the advice given by such authorities with regard to HR data transferred from the EU, UK, and Switzerland in the context of the employment relationship.

To find the contact information for your local data protection authority, please visit:http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.

Under certain conditions, more fully described on the Data Privacy Framework website https://www.dataprivacyframework.gov/, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

California Resident Privacy Rights

California Civil Code Section §1798.83 permits users of our products and services who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to privacy@gri.co.

Website Data Collection Overview

For each visitor to the GRI Website, our Web server automatically recognizes the visitor's domain name, browser type, operating system, referring domains, entry page, exit page, and average time on the Website. This information is used for internal purposes only, to help us improve our Website and better understand our visitors' needs.

Data Collected When Ordering or Requesting Information

When you order access to our products or services, GRI requires you to provide certain information. GRI requests information regarding a client's name, address, contact information, the names of certain designated employees, and the number of employees within the organization who will be using the product or services. GRI uses this information to perform the services requested and to provide access to the product.

If you request additional information about our products or services through our Website, GRI requires you to provide personal contact information such as your name, company name, address, phone number, and email address, as well as other information to help us determine and respond to your needs. All information provided by the visitor is voluntary and is used to provide the information requested.

GRI may also use data collected from orders or from information requests for marketing purposes. For example, GRI may use the information you provide to contact you to further discuss your interest in our products and services and to send you information about additional services offered by GRI or its partners, including promotional or event-related information. In addition, we also use any demographic information you may provide in connection with studies and reports regarding our Website, such as Website usage patterns, in order to better understand the needs of visitors to our Website. We will not, however, associate any personally identifiable information that you provide with the information in these studies and reports.

E-mail Addresses

We do not collect e-mail addresses without the site visitor voluntarily providing us with this information (typically via our order forms or our online information request form). We will periodically use your e-mail information and may share it with third parties for service, sales, support, and marketing purposes. If you do not wish to receive marketing e-mail from us or our partners in the future, you may opt-out as described below.

Cookies Information

When you visit gri.co, we may send one or more cookies - a small text file containing a string of alphanumeric characters - to your computer that uniquely identifies your browser and lets GRI help you log in faster and enhance your navigation through the GRI Website. A cookie may also convey anonymous information about how you browse the GRI Website to us. A cookie does not collect personal information about you. GRI may use both session cookies and persistent cookies. A persistent cookie remains on your hard drive after you close your browser. Persistent cookies may be used by your browser on subsequent visits to the site. Persistent cookies can be removed by following your web browser’s directions. A session cookie is temporary and disappears after you close your browser. You can reset your web browser to refuse all cookies or to indicate when a cookie is being sent. However, some features of the Website may not function properly if the ability to accept cookies is disabled.

Web Beacons

GRI uses Web beacons to compile information about visitors’ usage of GRI's Website and their interaction with the Company via email. Web beacons are clear electronic images that can recognize certain types of information on your computer when you viewed a particular Website tied to the Web beacon and a description of a Website tied to the Web beacon. For example, GRI may place Web beacons in marketing emails that notify GRI when you click on a link in the email that directs you to the Website. GRI uses Web beacons to operate and improve the Website and email communications.

GRI may use information from Web beacons in combination with the data collected when ordering or requesting information to provide you with information about GRI's products and services. We will periodically use this information and may share it with third parties, for service, sales, support, and marketing purposes.

Client Data

Clients use our hosted application service to host data about their personnel and candidates. We do not use or disclose such data except as provided in our License Agreements with our clients, as may be required by law or as necessary to protect the rights, property, or safety of GRI, our visitors, or others. Clients are responsible for maintaining the security of their data and passwords.

Data Security

We use various security measures and employ appropriate physical, administrative, and technical safeguards to protect against the loss, unauthorized use, alteration, disclosure, or unauthorized access to the personal information under our control. We store this information in a secure environment at one or more of our service providers.

GRI personnel with access to this information have been trained and advised of the importance of maintaining the security and confidentiality of such information and of using it only for the purposes described in this Privacy Policy.

Other than as expressly described in this Privacy Policy, we will not share personally identifiable information with anyone outside of GRI without your prior permission unless we believe in good faith that such release is reasonably necessary to (i) comply with applicable law, (ii) enforce the terms of any of our License Agreements with our clients, or (iii) protect the rights, property or safety of GRI, our visitors, or others.

Upon request submitted to privacy@gri.co, , GRI will provide Website visitors at no cost with access to their personal information that we have on record and the ability to complete, update or remove such information. Access to personal data collected by our clients may be obtained by contacting them directly.

In certain situations, GRI may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In certain situations, GRI may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Notification of Privacy Policy Changes

GRI may amend this Privacy Policy from time to time. If GRI decides to make material changes in the way we use your personal information, we will post the changes on this page so that you always will know what information we collect, how it is used, and when and how it will be disclosed. Your use of the GRI Website following notice of such change will be deemed acceptance of the revised Privacy Policy, which may include the application of the new policy to information provided prior to the date of such change.

Choice/Opt-Out and Updating Information

If you receive marketing or similar e-mail messages from us and wish to opt-out of receiving such messages, you may simply follow the opt-out procedure specified in such e-mail. In addition, if you have registered on our site, you may opt-out of receiving any future marketing or similar messages by unsubscribing here: privacy@gri.co. You may also contact us by regular mail addressed to Growth Resources, Inc., Privacy Officer, 1390 Market Street, Suite 200, San Francisco, CA 94107, USA.

If you are an individual whose personal information is collected by your employer or prospective employer that is one of our clients and you wish to limit the use or disclosure of your personal information, you will need to contact that client directly.

Liability

In the context of an onward transfer GRI has responsibility for the processing of personal information it receives under the Data Privacy Framework and subsequently transfers to a third party acting as an agent on its behalf. GRI shall remain liable under the Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless the organization proves that it is not responsible for the event giving rise to the damage.

Contacting Us

If you have any questions about this Privacy Policy or this Website, please contact us directly at: privacy@gri.co.  

Written inquiries may be addressed to Growth Resources, Inc., Privacy Officer, 1390 Market Street, Suite 200, San Francisco, CA 94102, USA.