DATA PROTECTION POLICY
How Data is sent to GP
Firstly, some clients require a Non-Disclosure Agreement (“NDA”), in which GP will provide a copy of their NDA, where both parties will execute.
- Some clients wish to send their data directly to their GP sales representative via email.
- If client desires to send GP their suppression file or Data via a secure FTP site, the below steps transpire:
- GP has a proprietary dashboard available only to its employees, where the client’s sales representative will log in to, and they will click the “upload link” function.
- The sales representative will then fill out the form and a link will be sent to their client’s email address.
- This link is a private upload page that is available for only 24 hours.
- Once the client sends the information via the link provided, GP’s processing team will get a notification that the Client has sent their data.
- One of the data processors will then send an email to the client’s sales representative notifying them that GP is in possession of the Data. Once the sales representative has given instructions on how the processing team needs to fulfill the order, processing then goes into Amazon S3 and download the Data to a secure server.
What happens when Data is downloaded by GP
Once the data processor has downloaded Data onto the secure server, the data processor will at this point, add any appends needed for the client’s Data. The Data is then address standardized.
After address standardization, the Data either:
- Used to suppress out any data from GP’s database goes to either, OR
- Used to model a lookalike audience for the client.
After the results are achieved using the client’s Data, and upon client’s request, GP can either store that data in-house on a secure server, or GP can destroy the file and supply the client with a notarized “Certificate of Data Destruction” that assures client that the Data sent by client has been destroyed. A sample copy of the “Certificate of Data Destruction” is below: