This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.
We use Your Personal data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.
Table of Contents
- Interpretation and Definitions
- Collecting and Using Your Personal Data
- Cookies and Tracking Technologies
- User-Generated Content
- Your Privacy Rights
- California Privacy Rights (CCPA/CPRA)
- GDPR Rights (European Users)
- Data Retention and Deletion
- Account Termination
- Data Security and Breach Notification
- International Data Transfers
- Children's Privacy
- Third-Party Services and Links
- Business Changes and Transfers
- Legal Compliance and Enforcement
- Dispute Resolution
- Changes to Privacy Policy
- Contact Information
Interpretation and Definitions
Interpretation
The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
Definitions
For the purposes of this Privacy Policy:
- Account means a unique account created for You to access our Service or parts of our Service.
- Affiliate means an entity that controls, is controlled by or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
- Application refers to GMPS, the software program provided by the Company.
- Business Purpose means the use of personal information for the Company's operational purposes, as defined under applicable privacy laws.
- Commercial Purpose means the use of personal information to advance commercial or economic interests.
- Company (referred to as either "the Company", "We", "Us" or "Our" in this Agreement) refers to PIKA GROUP LTD, Crispins Manor Farm Lane, Michelmersh ROMSEY - SO51 0NT United Kingdom (GB).
- Consumer means a natural person who is a California resident, as defined under CCPA.
- Controller means the entity that determines the purposes and means of processing Personal Data, as defined under GDPR.
- Cookies means small files that are placed on Your computer, mobile device or any other device by a website, containing details of your browsing history.
- Country refers to: United Kingdom
- Data Protection Officer means the individual responsible for data protection compliance within the Company.
- Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.
- Do Not Track refers to a concept that has been promoted by US regulatory authorities for the Internet industry to develop a mechanism allowing internet users to control the tracking of their online activities.
- Personal Data is any information that relates to an identified or identifiable individual.
- Personal Information has the same meaning as Personal Data under this Privacy Policy.
- Processor means a natural or legal person who processes Personal Data on behalf of the Controller.
- Sale means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic means, a Consumer's personal information for monetary or other valuable consideration.
- Service refers to the Application.
- Service Provider means any natural or legal person who processes the data on behalf of the Company.
- Third-party Social Media Service refers to any website or social network website through which a User can log in or create an account to use the Service.
- Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself.
- User-Generated Content means any content, including but not limited to text, images, audio, video, or other materials, that You create, upload, post, or otherwise make available through the Service.
- You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
Collecting and Using Your Personal Data
Types of Data Collected
Personal Data
While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:
- Email address
- First name and last name
- Phone number
- Address, State, Province, ZIP/Postal code, City
- Bank account information (when required for payment processing)
- Usage Data
- Device identifiers and location data
- Biometric data (with explicit consent where legally required)
Usage Data
Usage Data is collected automatically when using the Service.
Usage Data may include information such as Your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers, operating system, and other diagnostic data.
When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.
Information from Third-Party Social Media Services
The Company allows You to create an account and log in to use the Service through the following Third-party Social Media Services:
- Google
- Facebook
- Instagram
- Twitter
- LinkedIn
If You decide to register through or otherwise grant us access to a Third-Party Social Media Service, We may collect Personal data that is already associated with Your Third-Party Social Media Service's account, such as Your name, Your email address, Your activities or Your contact list associated with that account.
Information Collected while Using the Application
While using Our Application, in order to provide features of Our Application, We may collect, with Your prior permission:
- Pictures and other information from your Device's camera and photo library
- Location data (precise or approximate)
- Contacts information
- Microphone access for voice features
- Calendar information
Use of Your Personal Data
The Company may use Personal Data for the following purposes:
- To provide and maintain our Service, including to monitor the usage of our Service.
- To manage Your Account: to manage Your registration as a user of the Service.
- For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or services You have purchased.
- To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication.
- To provide You with news, special offers and general information about other goods, services and events.
- To manage Your requests: To attend and manage Your requests to Us.
- For business transfers: We may use Your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer.
- For fraud prevention and security: To detect, prevent, and address fraud, security breaches, and other potentially harmful or illegal activities.
- For legal compliance: To comply with applicable laws, regulations, and legal processes.
- For analytics and improvement: To analyze usage patterns and improve our Service.
Cookies and Tracking Technologies
What Are Cookies
Cookies are small text files that are placed on Your computer, mobile device or any other device by a website, containing details of your browsing history on that website among its many uses.
How We Use Cookies
We use Cookies and similar tracking technologies to track the activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze Our Service.
The technologies We use may include:
- Cookies or Browser Cookies: A cookie is a small file placed on Your Device.
- Web Beacons: Certain sections of our Service and our emails may contain small electronic files known as web beacons.
- Local Storage: We may use local storage technologies to store information on Your Device.
Types of Cookies We Use
- Necessary/Essential Cookies: These cookies are essential for the proper functioning of our website.
- Analytical/Performance Cookies: These cookies allow us to recognize and count visitors and see how they move around our website.
- Functionality Cookies: These cookies are used to recognize you when you return to our website.
- Targeting/Marketing Cookies: These cookies record your visit to our website and track the content you view and links you follow.
Your Cookie Choices
You have the right to decide whether to accept or reject cookies. You can exercise your cookie rights by setting your preferences in the Cookie Consent Manager. You may also set or amend your web browser controls to accept or refuse cookies.
Do Not Track
We support Do Not Track ("DNT"). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.
User-Generated Content
Content You Provide
Our Service may allow You to post, upload, publish, submit or transmit User-Generated Content. By making available any User-Generated Content on or through the Service, You hereby grant to the Company a worldwide, irrevocable, perpetual, non-exclusive, transferable, royalty-free license, with the right to sublicense, to use, copy, adapt, modify, distribute, license, sell, transfer, publicly display, publicly perform, transmit, stream, broadcast, access, view, and otherwise exploit such User-Generated Content.
Content Standards
You represent and warrant that Your User-Generated Content:
- Will not infringe any third-party's copyrights or other rights
- Will not contain sexually explicit content or pornography
- Will not contain hateful, defamatory, or discriminatory content
- Will not promote violence or illegal activities
- Will not contain spam, advertising, or commercial content without authorization
- Will not violate any applicable laws or regulations
Content Moderation
We reserve the right, but not the obligation, to monitor, review, and remove User-Generated Content that violates this Privacy Policy or our Terms of Service. We may also suspend or terminate accounts that repeatedly violate our content standards.
Content Ownership
You retain ownership of Your User-Generated Content, but You grant Us the rights described above. You are solely responsible for Your User-Generated Content and the consequences of posting it.
Your Privacy Rights
General Rights
Regardless of Your location, You have the following rights regarding Your Personal Data:
- Right to Access: You have the right to request access to Your Personal Data.
- Right to Rectification: You have the right to request correction of inaccurate Personal Data.
- Right to Deletion: You have the right to request deletion of Your Personal Data.
- Right to Data Portability: You have the right to receive Your Personal Data in a structured format.
- Right to Object: You have the right to object to processing of Your Personal Data.
- Right to Withdraw Consent: You have the right to withdraw consent at any time.
How to Exercise Your Rights
To exercise Your privacy rights, please contact us using the information provided in the Contact section. We will respond to Your request within the timeframe required by applicable law.
We may need to verify Your identity before processing Your request. This verification process is designed to protect Your Personal Data from unauthorized access.
California Privacy Rights (CCPA/CPRA)
Scope
This section applies to California residents and supplements the information in this Privacy Policy.
Categories of Personal Information We Collect
We collect the following categories of Personal Information:
- Identifiers: Real name, alias, postal address, unique personal identifier, online identifier, IP address, email address, account name, or other similar identifiers.
- Commercial Information: Records of personal property, products or services purchased, obtained, or considered.
- Internet/Network Activity: Browsing history, search history, information on interaction with a website, application, or advertisement.
- Geolocation Data: Physical location or movements.
- Audio/Visual Information: Audio, electronic, visual, thermal, olfactory, or similar information.
- Biometric Information: Physiological, biological, or behavioral characteristics (with explicit consent).
- Sensitive Personal Information: Account log-in, financial account, debit card, or credit card number in combination with required access code.
Sources of Personal Information
We collect Personal Information from:
- You directly
- Your devices automatically
- Third-party sources
- Business partners
- Data brokers
Business/Commercial Purposes
We use Personal Information for:
- Providing our Service
- Security and fraud prevention
- Debugging and improving our Service
- Marketing and advertising
- Internal research and development
Your California Rights
As a California resident, You have the right to:
- Know: Request information about Personal Information collected, used, disclosed, or sold
- Delete: Request deletion of Personal Information
- Correct: Request correction of inaccurate Personal Information
- Portability: Request Your Personal Information in a portable format
- Opt-Out: Opt-out of the sale or sharing of Personal Information
- Limit: Request limitation of use of Sensitive Personal Information
- Non-Discrimination: Not be discriminated against for exercising Your rights
Sale and Sharing of Personal Information
We do not sell Personal Information to third parties for monetary consideration. However, we may share certain Personal Information for cross-context behavioral advertising, which may be considered "selling" or "sharing" under CCPA.
You have the right to opt-out of such activities by clicking "Do Not Sell or Share My Personal Information" or contacting us directly.
Retention
We retain Personal Information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law.
Authorized Agents
You may designate an authorized agent to make requests on Your behalf. We may require proof of authorization and verify Your identity before processing such requests.
GDPR Rights (European Users)
Legal Basis for Processing
Under GDPR, we process Your Personal Data based on the following legal grounds:
- Consent: You have given clear consent for processing for specific purposes
- Contract: Processing is necessary for contract performance
- Legal Obligation: Processing is necessary for legal compliance
- Vital Interests: Processing is necessary to protect vital interests
- Public Task: Processing is necessary for tasks in the public interest
- Legitimate Interests: Processing is necessary for our legitimate interests
Your GDPR Rights
If You are located in the European Economic Area (EEA) or United Kingdom, You have the following rights:
- Right of Access (Article 15): Right to obtain confirmation and information about processing
- Right to Rectification (Article 16): Right to correct inaccurate Personal Data
- Right to Erasure (Article 17): Right to deletion under certain circumstances
- Right to Restrict Processing (Article 18): Right to limit processing under certain conditions
- Right to Data Portability (Article 20): Right to receive Personal Data in structured format
- Right to Object (Article 21): Right to object to processing based on legitimate interests
- Rights Related to Automated Decision-Making (Article 22): Right not to be subject to automated decision-making
Data Protection Officer
We have appointed a Data Protection Officer (DPO) who is responsible for overseeing our data protection strategy and implementation. You may contact our DPO at: dpo@gmps.be
Supervisory Authority
You have the right to lodge a complaint with a supervisory authority, particularly in the Member State of Your habitual residence, place of work, or place of the alleged infringement.
International Transfers
When We transfer Your Personal Data outside the EEA, We ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.
Data Retention and Deletion
Retention Periods
We retain Personal Data for different periods depending on the purpose:
- Account Information: Retained while Your account is active and for 3 years after account closure
- Transaction Records: Retained for 7 years for financial and legal compliance
- Usage Data: Retained for 2 years unless longer retention is required for security
- Marketing Data: Retained until You opt-out or for 3 years from last engagement
- Legal Hold Data: Retained until legal proceedings are concluded
Automated Deletion
We have implemented automated systems to delete Personal Data when retention periods expire, except where longer retention is required by law or for the establishment, exercise, or defense of legal claims.
Secure Deletion
When Personal Data is deleted, We use industry-standard secure deletion methods to ensure data cannot be recovered.
Account Termination
Voluntary Termination
You may terminate Your account at any time by:
- Using the account deletion feature in Your account settings
- Contacting us directly with a termination request
- Following the termination process outlined in our Terms of Service
Involuntary Termination
We may terminate Your account if:
- You violate our Terms of Service or this Privacy Policy
- You engage in fraudulent or illegal activities
- You repeatedly post prohibited content
- Required by law or court order
- For prolonged account inactivity (after appropriate notice)
Effects of Termination
Upon account termination:
- Your account access will be immediately revoked
- Your Personal Data will be deleted according to our retention schedule
- Some information may be retained for legal compliance, fraud prevention, or security purposes
- User-Generated Content may be retained or deleted at our discretion
- You may still exercise Your privacy rights regarding retained data
Data Export Before Termination
Before terminating Your account, You may request an export of Your Personal Data. We will provide the data in a machine-readable format within 30 days of Your request.
Data Security and Breach Notification
Security Measures
We implement appropriate technical and organizational security measures to protect Your Personal Data, including:
- Encryption: Data is encrypted in transit and at rest using industry-standard encryption
- Access Controls: Strict access controls and authentication requirements
- Network Security: Firewalls, intrusion detection, and monitoring systems
- Regular Audits: Regular security audits and vulnerability assessments
- Employee Training: Ongoing security training for all employees
- Incident Response: Comprehensive incident response procedures
Data Breach Response
In the event of a Personal Data breach, We will:
- Contain the breach and assess the risk to individuals
- Notify relevant supervisory authorities within 72 hours (where required by law)
- Notify affected individuals without undue delay if high risk is involved
- Document the breach and our response measures
- Implement additional safeguards to prevent similar breaches
Notification Content
Breach notifications will include:
- Description of the Personal Data involved
- Likely consequences of the breach
- Measures taken to address the breach
- Contact information for further assistance
- Recommendations for protecting affected individuals
International Data Transfers
Transfer Mechanisms
When transferring Personal Data internationally, We use appropriate safeguards:
- Adequacy Decisions: Transfers to countries with adequate protection levels
- Standard Contractual Clauses: EU Commission-approved contractual clauses
- Binding Corporate Rules: Internal rules for multinational companies
- Certification Schemes: Industry-standard certification programs
Transfer Impact Assessments
We conduct Transfer Impact Assessments to ensure that international transfers provide essentially equivalent protection to that guaranteed by applicable data protection laws.
Children's Privacy
Age Restrictions
Our Service does not address anyone under the age of 16 (or the minimum age in Your jurisdiction, whichever is higher). We do not knowingly collect personally identifiable information from anyone under these age limits.
Parental Consent
If We become aware that We have collected Personal Data from a child without verification of parental consent, We take steps to remove that information from Our servers immediately.
Parental Rights
Parents and legal guardians have the right to:
- Access their child's Personal Data
- Request deletion of their child's Personal Data
- Refuse further collection or use of their child's Personal Data
Third-Party Services and Links
Third-Party Services
Our Service may contain integrations with third-party services. These services have their own privacy policies, and We are not responsible for their practices.
Social Media Features
Our Service may include social media features, such as sharing buttons. These features may collect Your IP address and set cookies to enable proper functioning.
External Links
Our Service may contain links to external websites. We strongly advise You to review the Privacy Policy of every site You visit, as We have no control over external sites.
Third-Party Analytics
We may use third-party analytics services to help understand usage of our Service. These services may collect information sent by Your browser as part of a web page request.
Business Changes and Transfers
Mergers and Acquisitions
If We are involved in a merger, acquisition, or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.
Asset Transfers
In the event of business restructuring, sale of assets, or similar transactions, Personal Data may be transferred as part of the business assets, subject to appropriate safeguards.
Bankruptcy or Insolvency
In case of bankruptcy or insolvency proceedings, Personal Data may be treated as a business asset, but such treatment will comply with applicable privacy laws.
Notification Requirements
We will notify You of any business transfer that affects Your Personal Data through:
- Email notification to Your registered address
- Prominent notice on our website
- In-app notifications (if applicable)
Legal Compliance and Enforcement
Lawful Requests
We may disclose Your Personal Data to comply with:
- Legal obligations under applicable laws
- Valid court orders, subpoenas, or warrants
- Requests from government agencies or regulatory bodies
- Law enforcement investigations
Legitimate Interests
We may process Personal Data based on legitimate interests, such as:
- Fraud prevention and security
- Network and information security
- Internal administrative purposes
- Direct marketing (subject to opt-out rights)
Legal Challenges
We reserve the right to challenge legal requests that We believe are:
- Overly broad or vague
- Not properly authorized
- Inconsistent with applicable privacy laws
- Potentially harmful to user privacy
Dispute Resolution
Internal Complaint Process
If You have concerns about our privacy practices, please contact us first. We will investigate and respond to Your complaint promptly.
Alternative Dispute Resolution
We participate in alternative dispute resolution programs for privacy-related disputes, including:
- Industry arbitration programs
- Independent dispute resolution services
- Privacy shield dispute resolution (where applicable)
Regulatory Complaints
You have the right to lodge complaints with relevant regulatory authorities:
- EU/UK: Data Protection Authorities
- California: California Attorney General
- Other jurisdictions: Relevant privacy regulators
Legal Proceedings
This Privacy Policy shall be governed by the laws of the United Kingdom, without regard to conflict of law principles. Any disputes shall be resolved in the courts of the United Kingdom.
Changes to Privacy Policy
Notification of Changes
We may update Our Privacy Policy from time to time. We will notify You of any material changes by:
- Posting the new Privacy Policy on this page
- Sending an email notification
- Providing in-app notifications
- Posting prominent notices on our website
Effective Date
Changes to this Privacy Policy are effective when they are posted on this page. The "Last updated" date at the top indicates when the policy was last revised.
Continued Use
Your continued use of the Service after any modifications to the Privacy Policy constitutes acceptance of those changes.
Material Changes
For material changes that significantly affect Your privacy rights, we may seek Your explicit consent before implementing such changes.
Contact Information
General Inquiries
If you have any questions about this Privacy Policy, You can contact us:
By email: info@gmps.be
By mail:
PIKA GROUP LTD
Crispins Manor Farm Lane
Michelmersh ROMSEY - SO51 0NT
United Kingdom (GB)
Privacy-Specific Contacts
- Data Protection Officer: dpo@gmps.be
- Privacy Rights Requests: privacy@gmps.be
- Security Incidents: security@gmps.be
Response Timeframes
We will respond to Your inquiries within:
- General inquiries: 5 business days
- Privacy rights requests: 30 days (may be extended to 60 days for complex requests)
- Data breach reports: 72 hours (where legally required)
- GDPR requests: 30 days (may be extended to 60 days)
Effective Date: September 23, 2025
Policy Version: 2.0
This Privacy Policy represents our commitment to protecting Your privacy and Personal Data. We regularly review and update our practices to ensure continued compliance with applicable privacy laws and industry best practices.
