Privacy policy

Privacy policy


We (hereinafter referred to as GP-group) are extremely serious about the personal data security. This personal data privacy statement considers the purposes and methods of personal data collecting and using, and is also provides the information on the rights of individuals. We may use the personal data provided to us for any purpose as described in this information message, or for other purposes specified upon receipt of the data.

Personal data is any information that identifies or allows the identification of an individual. GP-group processes personal data for numerous purposes, for each of which different means of data collection, legal basis for their processing, using, disclosure and archival life may be applied.

Our policy on the collection and use of personal data provides for the transparent disclosure of information about the personal data processing purposes and procedures.

Personal data collection

GP-group processes personal data about contact persons (GP-group’s existing and potential clients and/or related individuals) in the customer relationship management system (hereinafter referred to as GP-group CRM system).

The collection of contact persons’ personal data and their upload to the GP-group CRM system is initiated by a GP-group employee. This data includes the contact person’s full name, place of work, position, phone number, e-mail address and other working contact details. An additional point is that GP-group CRM system can collect data from GP-group e-mail (sender’s name, recipient’s name, date and time) and electronic calendar (event organizer’s name, event attendee’s name, date and time of the event), that concerns to the interaction of GP-group users with contact persons or third parties.

Personal data using

The personal data of contact persons may be available for viewing and using by GP-group users to obtain information about a potential or current customer, or a commercial opportunity, that may be interesting to them, and may be used for the following purposes:

  • development of our business, products and services
  • providing you with information about us and the range of our products and services
  • providing GP-group employees with access to your personal data in order to provide information about our products and services
  • identification of customers with identical needs
  • preparation of analytics, for example, on market trends, characteristics of relations or business conditions.

In addition, the GP-group CRM system uses an algorithm to assess the quality of interaction between the GP-group user and the contact person. The assessment includes, first of all, the frequency of interaction, its duration, relevance and response time.

We process the personal data of our contact persons on the basis of our legitimate business interests or given consent, if such consent has been requested from the data subject. We are interested in promoting our products and services on the market or providing information messages that we think may be interesting to recipients.

Data storage

Personal data will be stored in the GP-group CRM system for the time required for the abovementioned purposes (i.e. for the period while we have a relationship with the contact person or while we need to keep records of such relationships).

Legal grounds for data processing

The legal grounds for data processing in each case are indicated in the relevant sections above. When processing the personal data on the basis of our legitimate interests, we take into account its potential impact on the data subject (both positive and negative) and the rights of the data subject under a data protection law and strive to ensure their best configuration. Our legitimate business interests do not automatically take precedence over the interests of data subjects – we will not process personal data in situations when the consequences for the data subject outweigh the effects on it (unless we have obtained consent or otherwise such processing is required or permitted by law).

When and how we use personal data jointly with others and the place where they are processed

We will use personal data together with other parties only in cases permitted by law. When we use data jointly with other parties, we apply contractual arrangements and security mechanisms to protect personal data and adhere to our standards of security, privacy and data sefety.

Personal data, that are available to us, may be transferred:

  • Third-party organizations that provide us with applications, services for their operation, data processing or IT services
  • We contact third parties in the process of providing our services and to assist in the supply, operational use and management of our internal IT systems. For example, these are organizations that provide information technology services, cloud software services, identity management, site hosting and operational use, analytics, backuping, security, and data storing. The servers, on which this cloud infrastructure is operating or servicing, are located in secure data processing centers across the world, one of which can store personal data.
  • Third-party organizations that provide us with other assistance in the supply of goods, services or information
  • Auditors and other professional advisors
  • Law-enforcement or other public and regulatory authorities or other third parties pursuant the requirements and in the manner stipulated by current legislation or regulatory requirements
  • Depending on individual cases, we may receive requests from third parties who have the authority to obtain an access to the personal data, for example, to verify our compliance with current laws and regulatory requirements, to investigate an assumption of wrongful acts, to establish, enforce or protect legal rights. We comply with requests for personal data provision only in those instances where it is permitted in accordance with current legislation or regulatory requirements.

Data operator and his contact information

The data operator is GP-group, which is a party to the contract for the purposes of providing or receiving services, or the legal entity to which you have applied.

If you have any questions about this data privacy statement or the purposes and methods of personal data processing made by us, please feel free to reach us:

Rights of individuals and ways to enforce them

Individuals have certain rights regarding their personal data, concerning assurance of enforcement of which the data operator is responsible. In circumstances where we take the decision on the purposes and methods of personal data processing, we act as a data operator and provide additional information about the rights of individuals and ways of their enforcement.

Acquaintance with personal data

You have the right to become acquainted with personal data that we have at our disposal as a data operator. To exercise this right, contact us by e-mail at

Making changes to personal data

To edit the personal data provided to us, please contact us by e-mail at or, if possible, by the means of the appropriate login page on the website or edit your data in the applications or forms in which you have registered.

Whenever possible, we will correct (if necessary) the personal data we process as soon as we receive information about its inaccuracy, in order to bring it into line with the information you have provided.

Withdrawal of consent

In case that we process personal data in accordance with the consent given to us, individuals have the right to withdraw consent at any time. To withdraw your consent to the processing of your personal data, please send us an e-mail at If you wish to stop receiving e-mails from the GP-group marketing catalog, please follow the link to unsubscribe from the mailing in the e-mail you have received from us.

The right to restrict or deny the personal data processing by us

You have the right to restrict or deny the processing of your personal data at any time for reasonable reasons relating to your particular situation, except in cases where the processing is required by law.

In such case, we will not process or restrict the processing of personal data, except in cases where we can prove a reasonable legal basis for the processing or for the establishment, implementation or protection of legitimate claims.

Other rights of data subjects

This information message is intended to inform you about what personal data we collect about you and how it is used. In addition to the abovementioned rights of access, change and restriction or denial of processing, individuals may have other rights with respect to personal data that we store, such as the right to delete the data and the right to data transfer.

If you wish to exercise these rights, please send an e-mail at


We hope that you shall not have to complain, however, if you wish to make a complaint about our use of personal data, you can send an e-mail providing detailed information on your complaint at We will review and reply to any complaints we receive.

Limitation of legal liability

The information contained on this website is strictly intended to familiarize you with the general aspects of the issues interesting to the reader, for personal purposes. The user is fully responsible for the consequences of its use
Although we use our best efforts to ensure the reliability of the sources of receiving the information contained on this website, GP-group assumes no responsibility for any mistakes or inaccuracies made here, as well as for the possible consequences of using this information.