Privacy Policy

This Privacy Notice for Global Source Data Solutions, Inc., a Florida Corporation ("we," "our," or "us"), describes how and why we might access, collect, store, use, and/or share ("process") your personal information when you use our services ("Services"), including when you visit our website at https://gsdsi.com, or any website of ours that links to this Privacy Notice, engage with us in other related ways, including any sales, marketing, or events; or when our partners transfer data to us. 

​

Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. We are responsible for making decisions about how your personal information is processed. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at privacy@gsdsi.com.

You may provide your name, contact details, information about your job (like your title or the name of your employer), content you post in our community forums or over social media, and other personal information directly to Demandbase when you interact with us or our services. 

​

We also may collect personal information about you through your device or browser while you are using or visiting our sites or services or when you engage or interact with us, such as by opening an email. This personal information may include your IP address, device identifier, geographic location, or usage information such as authentication, analytics, and other information that allows us to provide you with a

more personalized experience. Please see the section on Cookies and Tracking below for more details.

In addition to personal information we collect from you, we may receive personal information about you from other sources and through our own research. We may receive your personal information from Demandbase customers. We may also receive your personal information from third party partners, email campaigns, and marketing partners. Such third party data may include professional/business contact details (including mobile phone numbers), personal email addresses, company information, employment history and salary information, professional identifiers (for example, license numbers, professional registration numbers, or professional membership IDs), and demographic information.

• company websites 

• company blogs 

• non-confidential corporate records or reports (for example, government filings and commercial registers) 

• government publications 

• press releases 

• news articles 

• magazines 

• social media 

• the digital advertising bidstream 

• our customers 

• data brokers 

• other content published by or on behalf of a company by third parties.

​

From these sources we obtain many categories of personal information. We do not intentionally collect from third parties sensitive personal information like health information, biometric data, or credit card information of non-customers. 

​

We may also generate or receive predictive data or inferences about consumers such as account characteristics, interests or buying behavior.

We use personal information in the following ways:

​

• For providing and improving our services. We use personal information to operate, improve and personalize our business and services. This use includes collecting data through integrations with customer relationship management (CRM) or marketing automation (MAS), email, or other systems, troubleshooting or improving our services, making inferences, and deriving insights, trends, use, and analytics, whether actual or predicted, from personal information collected. We use personal information to augment, create, validate, enrich, or enhance existing data sets. We may work with third parties to receive data or insights and combine that information with the data and insights we already have. 

• Advertising and marketing for Demandbase and our customers. We use personal information for advertising and marketing, such as analyzing and predicting business buying behavior or business interests and delivering interest-based advertising and content to your device, such as ads, widgets, or website content tailored to you on behalf of advertisers, across websites and devices, and over time. We use personal information to communicate with you about offers, events, services or products by us and our partners and to track engagement. We may combine the personal information we have with third party data, including data that may directly or indirectly identify you, for improving the personalization of ads and content. 

• As required by applicable law, legal process or regulation. We may use all personal information we collect or receive as required under contract, law, legal or financial processes (like audits), and to protect Demandbase’s legal and contractual rights. 

• To provide reporting and analytics. We may use personal information to create reports (such as performance analytics, statistics, metrics and other details) for our company and for Demandbase customers about the companies that visit our or their websites, as well as actual or predicted interests for those visitors. We may also use personal information to measure and report on engagement with Demandbase or our current and prospective customers, by measuring which communications and content are received or viewed through which channels. We may also use personal information to carry out actions requested by our customers, such as combining data with additional data in our possession or provided by customers or using data to retarget specific companies’ users with personalized advertising. 

• For running our business. We use personal information for billing, account management, invoicing, maintaining security and privacy, as well as other legitimate business interests.

Some browsers have incorporated “Do Not Track” (DNT) features. We do not respond to DNT signals.

We may share personal information with third parties as described below: 

• Sharing with customers and partners. We share personal information with our customers and partners in order to provide services to our customers. Demandbase customers and partners may combine the personal information we share with additional data they have for their own marketing and sales purposes. 

• Sharing to improve ad personalization. We share personal information to create targeting segments to enable organizations to better personalize advertising. 

•  Sharing for business purposes. We share personal information for our legitimate business needs. For example, we share information with third party vendors 

• (such as marketing, billing, or service providers), consultants, and other service providers who work on our behalf and need access to personal information to perform their work for us. 

• Sharing for security. We may share personal information for security, fraud prevention, law and policy enforcement purposes, or enforcing our policies and terms, protecting rights, property and safety of individuals or other third parties. 

• Sharing for marketing. Any information you provide for marketing purposes, registering for an event, or otherwise volunteer, may be shared with the other third party(ies) or partner(s) who are mentioned when you provide such information for their own marketing purposes. 

• Disclosures required by law. In certain situations, we may be requested or required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Demandbase will disclose personal information where required to do so. 

• Transfer to acquirer or successor entity. If Demandbase sells a substantial portion of its assets or is acquired, reorganized, merged into another entity, goes out of business, or enters bankruptcy, it is likely that personal information will be one of the business assets transferred in connection with such activity. 

• Sharing with your consent. We may share your personal information for any other purpose with your consent. If you have consented to a specific use of your personal information, you may revoke your consent for future use of your personal information for that purpose by contacting us through this privacy rights request form.

The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on in order to process your personal information. As such, we may rely on the following legal bases to process your personal information:

• Consent. We may process your information if you have given us permission (i.e., consent) to use your personal information for a specific purpose. You can withdraw your consent at any time. Learn more about withdrawing your consent. 

• Performance of a Contract. We may process your personal information when we believe it is necessary to fulfil our contractual obligations to you, including providing our Services or at your request prior to entering into a contract with you. 

• Legal Obligations. We may process your information where we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved. 

• Vital Interests. We may process your information where we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.

We may process your information if you have given us specific permission (i.e., express consent) to use your personal information for a specific purpose, or in situations where your permission can be inferred (i.e., implied consent). You can withdraw your consent at any time. 

In some exceptional cases, we may be legally permitted under applicable law to process your information without your consent, including, for example: 

• If collection is clearly in the interests of an individual and consent cannot be obtained in a timely way 

• For investigations and fraud detection and prevention 

• For business transactions provided certain conditions are met 

• If it is contained in a witness statement and the collection is necessary to assess, process, or settle an insurance claim 

• For identifying injured, ill, or deceased persons and communicating with next of kin 

• If we have reasonable grounds to believe an individual has been, is, or may be victim of financial abuse 

• If it is reasonable to expect collection and use with consent would compromise the availability or the accuracy of the information and the collection is reasonable

• for purposes related to investigating a breach of an agreement or a contravention of the laws of Canada or a province 

• If disclosure is required to comply with a subpoena, warrant, court order, or rules of the court relating to the production of records If it was produced by an individual in the course of their employment, business, or profession and the collection is consistent with the purposes for which the information was produced 

• If the collection is solely for journalistic, artistic, or literary purposes

• If the information is publicly available and is specified by the regulations

We take reasonable and appropriate technical and organizational measures designed to protect and secure personal information and prevent its loss, misuse and unauthorized access, disclosure, alteration, or destruction.

Unfortunately, the transmission of information via the internet is not always secure. Although we do our best to protect information, we cannot guarantee the security of your personal information.

Demandbase retains personal information for as long as necessary to provide its products and services, comply with our legal obligations, resolve disputes, and enforce our agreements.

We may transfer, store, or process your personal information to the United States The United States and other countries may not have data protection laws that are as comprehensive or protective as those in your country; however, our collection, storage and use of your personal information will at all times be in accordance with this Privacy Notice.

When Demandbase transfers personal information from the European Economic Area (“EEA”), Switzerland, or the United Kingdom (“UK”) to another country, we implement an appropriate data transfer mechanism, like entering into standard contractual clauses approved by European data protection regulators, or take other measures to provide an adequate level of protection under EEA, Swiss, or UK law.

GSDSI complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF  as set forth by the U.S. Department of Commerce.   GSDSI has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Global Source Data Solutions Inc has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

​

If you communicate with GSDSI, we may collect personally identifiable information from you and about you, including the e-mail addresses of those who communicate with us via e-mail, information volunteered by you, such as survey information and/or site registrations, name, address, and email address. Any such transfer and processing by us will be in accordance with our Privacy Policy and the DPF Principles.

​

EU and UK individuals have rights to access personal data about them and to limit use and disclosure of their personal data. With our DPF certification, GSDSI has committed to respect those rights. If you would like to request that we not continue to use information we collect about you for the marketing purposes described herein, please contact us at privacy@gsdsi.com.

​

To the extent that GSDSI acts solely as a data processor when processing personal data on behalf of its business customers (EU or UK data controllers) GSDSI acts only on the instructions of such controllers and does not control or share such personal data without direction from the relevant data controller.  In those instances, and to the extent provided for by applicable law, GSDSI may rely on its data controllers to satisfy the notice and consent principles under relevant and applicable data protection law, and will only act on the instructions of that controller.

GSDSI uses a limited number of third party service providers to assist us in providing services to our customers such as, helping with certain technical operations, transmission of data, and data storage services. These third parties may process or store personal data in the course of providing their services. GSDSI maintains contracts with these third parties restricting their access, use, and disclosure of personal data in compliance with our DPF obligations. To the extent provided by the DPF  principles, GSDSI remains responsible and liable under the DPF if a third party that GSDSI engages to process personal information on its behalf does so in a manner inconsistent with the DPF Principles, unless GSDSI proves it is not responsible for the matter giving rise to the damage.

GSDSI Handles EU and UK citizens’ personal data with appropriate care and safeguards. GSDSI has security measures in place to help protect personal data from loss, misuse, unauthorized access, disclosure, alteration, and destruction. 

​

In addition, any data processing will be carried out with reasonable and appropriate security measures specified in the processing agreement between GSDSI and its customers.  GSDSI will not disclose to third parties the personal data processed, except as permitted or required by the agreement between GSDSI and the third party, the EU DPF (and UK Extension), or other applicable data protection law.

GSDSI may be required to disclose personal information collected at its website site or processed for GSDSI business purposes in response to legal process, for example, in response to a court order or a subpoena.  We also may disclose such information in response to a law enforcement or other government agency’s request, or where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our terms of use, to comply with legal requirements, or as otherwise required by or law.

In addition, we may share information in the event of a bankruptcy, or a merger, acquisition, joint venture, or other business combination involving us.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Global Source Data Solutions Inc commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF in the context of the employment relationship.

The U.S. Federal Trade Commission has jurisdiction over UATP’s compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

GSDSI makes a specific commitment to remedy any problems that may arise from an alleged failure of compliance with the above Principals and to resolve complaints about our collection of or use of your personal information. EU, UK, and/or Swiss individuals with inquiries or complaints regarding GSDSI compliance with the EU – U.S. DPF, the UK Extension to the EU-U.S, the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), or this policy should first contact our company Data Protection Officer by mail or email at:

Global Source Data Solutions Inc

3410 Galt Ocean Dr. 

2103N  

Fort Lauderdale, FL 33308

privacy@gsdsi.com

GSDSI will respond within 45 days. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed such complaint to your satisfaction, you may, under certain conditions, invoke binding arbitration. You may contact JAMS, an independent third-party dispute resolution body based in the United States. In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, UATP commits to refer to JAMS any unresolved complaints concerning our handling of personal data received in reliance on the DPF. You may visit https://www.jamsadr.com/DPF-Dispute-Resolution for more information or to file a complaint. JAMS has committed to provide recourse services at no cost to you.

To exercise your privacy rights, please use this privacy rights request form: https://trustsuperset.com/dsrs?orgId=cf72da3d-e829-46e5-a71e-6d15b95c06ad 

We will verify your identity when needed to comply with your request, which may include reviewing government identification, and may be unable to proceed with your request if we are not able to verify your identity.

You have the right to request that we correct or otherwise amend your personal information. If we process your personal information on behalf of one of our customers, we may ask that you work with the customer to amend your personal information. We may ask for adequate proof of the amended personal information before we make a requested change.

When you participate in a call or online meeting that is being recorded, you have the right to request that we not record that call or meeting. Please make those requests to the call organizer before or during the call. During webinars or other events that must be recorded, please do not share personal information that you do not want other attendees to view in the chats, Q&A, or similar features.

If we send direct marketing emails to you, we will rely on the legitimate interests basis of processing and include an “unsubscribe” link at the bottom of all of our emails to allow you to object to our use of your personal information for direct marketing. Click the link to unsubscribe and Demandbase will remove you from future emails within a reasonable amount of time.

If you are a California resident: 

If you are a California resident, the rights described in the “For Everyone” section above apply, and you may exercise the additional rights described in this section or designate an authorized agent to exercise these rights on your behalf. 

​

Once per calendar year, you may request that we disclose to you what “Personal Information” as defined in the California Consumer Privacy Act as amended by the California Privacy Rights Act (referred to in a consolidated way as “CCPA”) we collect, use, disclose and sell, and the specific Personal Information we have collected about you in the prior 12 months.

​

You have the right to request to know more details about the categories or specific pieces of Personal Information we collect (including how we use and disclose this Personal Information), to delete your Personal Information, to opt out of any “sales” (as defined in the CCPA) that may be occurring, and to not be discriminated against for exercising these rights. To exercise these rights please use this privacy rights request form (https://trustsuperset.com/dsrs?orgId=cf72da3d-e829-46e5-a71e-6d15b95c06ad) or email privacy@gsdsi.com. 

​

GSDSI will not sell (as such term is defined in the CCPA) the Personal Information we collect under the CCPA without providing a right to opt out. Please note that we use cookies for advertising and analytics purposes as further described in our Cookie Policy. 

For the period between 01 January 2024 and 31 December 2024: 

Number of CA requests to know: 

Received: 0 

Complied with in whole or in part: 0 

Denied due to lack of verification: 0 

Mean number of days within which we substantively responded: 0 

Median number of days within which we substantively responded: 0

Number of CA requests to delete: 

Received: 0 

Complied with in whole or in part: 0 

Denied due to lack of verification: 0 

Mean number of days within which we substantively responded: 0 

Median number of days within which we substantively responded: 0

Number of CA requests to opt out of sale: 

Received: 0 

Complied with in whole or in part: 0 

Denied due to lack of verification: 0 

Mean number of days within which we substantively responded: 0 

Median number of days within which we substantively responded: 0

If you are in Europe:

​

The rights described in this section apply, in addition to the rights described in the “For Everyone” section above, if you are located in the EEA, Switzerland or the UK. This section does not apply to you if you are located in another country in Europe, and in that case your rights are described in the “For Everyone” section above. 

​

Subject to the exemptions under law, you may have the right to request access or delete your personal information. Under certain circumstances, you have the right to receive personal information that we process about you and transmit that information to another organization, i.e., a right to data portability. You may also request that we restrict or block future processing of your personal information.

Where we previously obtained your consent in order to process your personal information, you have the right to withdraw that consent.

If you would like to exercise any of your privacy rights, please use this privacy rights request form. We will validate these requests and carry out valid requests. If the request is not deemed valid, then we will share the reasons why it is not valid and your options for seeking resolution through a supervisory authority and through judicial remedy. 

​

You have the right to lodge a complaint against us. To do so, contact the data protection authority in the country where you are located. 

We do not direct services to children under age 18. We do not knowingly collect information from children under 18. If you believe that we may have collected personal information from someone under 18 without required consent, please contact us at privacy@gsdsi.com.

This Privacy Policy is to be governed by and construed in accordance with the internal laws of the State of Florida, without regard for principles of conflicts of laws. Any civil action, claim, dispute or proceeding arising out of, or relating to, this Privacy Policy shall be referred to final and binding arbitration, before a single arbitrator, under the commercial arbitration rules of the American Arbitration Association in Dade County, Florida.

You and we shall select the arbitrator, and if you and we are unable to reach agreement on selection of the arbitrator within thirty (30) days after the notice of arbitration is served, then the American Arbitration Association shall select the arbitrator. Arbitration shall not commence until the party requesting it has deposited One Thousand Dollars ($1,000.00) with the arbitrator as a retainer for the arbitrator's fees and costs. The party requesting arbitration shall advance such sums as are required from time to time by the arbitrator to pay the arbitrator's fees and costs until the prevailing party is determined or the parties have agreed in writing to an alternate allocation of fees and costs.

Judgment upon any award rendered by the arbitrator shall be final, binding and conclusive upon you and us, and your and our respective administrators, executors, legal representatives, successors and assigns, and may be entered in any court of competent jurisdiction. Notwithstanding the previous sentence, in no event shall either you or we be entitled to punitive, special, indirect or consequential damages, and both you and we hereby waive your rights to any punitive, special, indirect or consequential damages, including, but not limited to, damages for any loss of profit, revenue or business. You agree that, subject to the previous sentence, such an award by the arbitrator shall be your sole and exclusive remedy pursuant to this Privacy Policy.

If any portion of this Privacy Policy is deemed unlawful, void or unenforceable by any arbitrator, this Privacy Policy as a whole shall not be deemed unlawful, void or unenforceable, but only that portion of this Privacy Policy that is unlawful, void or unenforceable shall be stricken from this Privacy Policy. The headings contained in this Privacy Policy are for convenience of reference only, are not to be considered a part of this Privacy Policy, and shall not limit or otherwise affect in any way the meaning or interpretation of this Privacy Policy.

​

All covenants, agreements, representations and warranties made in this Privacy Policy, as may be amended by us from time to time, shall survive your acceptance of this Privacy Policy.

This Privacy Policy represents the entire understanding and agreement between you and us regarding the subject matter of the same, and supersede all other previous agreements, understandings and/or representations regarding the same.

If you would like to exercise your privacy rights, please use this privacy rights request form. If you have questions about our privacy practices or this Privacy Notice you may write to us at: 

​

Attention: Privacy & Compliance Department 

Global Source Data Solutions, Inc 

3410 Galt Ocean Dr. 

2103N 

Fort Lauderdale, FL 33308 

USA 

privacy@gsdsi.com

If you raise a concern regarding your personal information, we will take reasonable steps to investigate and attempt to resolve any complaints or disputes.

To contact our Data Protection Officer, please email privacy@gsdsi.com.

We have also appointed Superset as our representative in the European Union for data protection matters, pursuant to Article 27 of the General Data Protection Regulation. If you are in the European Economic Area, Superset can be contacted in addition at gsdsi.com@supersetreps.com on matters related to the processing of personal data.

To make an inquiry, please contact Superset using this email address: gsdsi.com@supersetreps.com

or by mail at the following address:

Superset Representatives SASU 

39 Rue des Belles Feuilles 

75016 Paris 

France

When we change this Privacy Notice, the updated terms will be available on this page and effective as of the date posted. We encourage you to periodically review this page for the latest information on our privacy practices. Past versions of the policy will be archived and available here.