Privacy Policy

Data Controllers for the collection, processing and use of personal information are listed in the table below. If you have questions about how we protect or use your data, please send an email to contact@granbell.uk

Personal data, or personal information, is any information about an identified or identifiable individual. It does not include anonymised data, which cannot be linked to the individual. We will collect and process your personal data as follows:

2.1 Information you provide to us.

• You may provide us with information about you when you register to use our Services, such as when you provide us with personal details such as your name and email address. This also includes information you provide through your continued use of our Services; your participation in panel discussions or other social media functions on our Website or Mobile Application; by participating in a competition, promotion or survey; and when reporting problems with our Services. Additional information you provide to us for security, identification and verification purposes may include your address, telephone number, financial information (including credit card, debit card or bank account information), reason for payment, geographic location, INSS, CPF, personal description, photograph, passport and/or identification card. If you do not provide any of this information, it may affect our ability to provide the Services to you.
  
  • For Brazil:The information also includes the Individual Taxpayer Registration number of the Ministry of Economy - CPF/CNPJ.
• The content of your communications with us, which we collect through recorded phone calls, online chat, emails, direct messages and other means.
• In some cases, such as when you send or receive high-value or high-volume transactions, or when we need to comply with anti-money laundering regulations, we may also need more identifying information from you, such as a copy of your bank account statements. .
  
  • For New Zealand:  When we request more information from you in order to fulfill our anti-money laundering obligations, we do so in accordance with the Anti-Money Laundering and Financing of Terrorism Act 2009. Provide this information, for us, it's mandatory.
• You have the right to request access to and correction of the personal information we hold about you. If you would like to make a request, send it to us in writing at contact@granbell.uk
• By providing personal data of anyone other than yourself, including connected persons, you confirm that you have obtained consent from such individuals to disclose their personal data or have the right to provide us with such information. You also confirm that you have made this Policy known to them, if legally required, and that you have received their consent to our collection, use and disclosure of their personal data for the purposes set out in this Policy. the term"connected person"means an individual connected to GranBell through the use of our Services and may be an account holder, payee, designated payee, guarantor, director, shareholder, partners or members of a partnership, fiduciary, authorised signatory of a designated account, a friend you have referred, individuals on your contact list or anyone else who has a relevant relationship with GranBell.
• If you enable your discovery feature for some of our Services, we will generate a link and nickname on your behalf to share. This link may include your name, company name, account details, nickname and, at your option, your avatar or photograph.
• Please ensure that your personal details are up-to-date, complete and accurate by logging into your account and updating as necessary.

2.2 Information We Collect About You. When you use our Services, we may collect the following information:

• details of transactions you carry out using our Services, including the geographic location from which the transaction originates;
• technical information, including the internet protocol (IP) address used to connect your device to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
• information about your visit, including total Uniform Resource Locators (URL) clickstreams to, through, and from our Site or Web Application (including date and time), products you viewed or searched for, page response time , download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouseovers), methods used to leave the page, and any phone number used to call our Customer Support service .
• information about your marketing and communication preferences.

2.3 Information We Receive From Other Sources. We may receive your information if you use any of the other websites we operate or other services we provide. We also work closely with third parties and may receive information about you from them. This can include:

• the payment service providers you use to transfer money to us will provide us with your personal information, including your name, address and financial information such as bank details;
• the bank whose account you link to your GranBell account for the purpose of complying with regulatory verification may provide us with your name, address and financial information such as source of income and bank statement;
• if you are a "connected person" for a GranBell customer, that GBS customer may provide us with your personal information:
• Payment recipients: name, account details, email and additional verification information if requested by the recipient bank.
• Directors and main beneficiaries: name, date of birth and country of residence.
• business partners may provide us with your name, address and financial information, such as card payment information;
• advertising networks, analytics and search engine providers may provide us with pseudonymized information about you, including confirmation of how you found our Site;
• in some jurisdictions, we may check the information you provide to us against government or private identity record databases or credit reference agencies to confirm your identity and combat fraud.

2.4 Information from social networks.

• If you log in to our Services using a social media account (such as Apple ID, Facebook or Google), we will receive relevant information necessary to allow our Services to authenticate your access. The social network will provide us with access to certain information that you have provided, such as your name, profile picture and email address, in accordance with the privacy policy of the social network service provider. We use this information, along with other information you provide to us directly when registering or using our Services, to create your account and communicate with you about information, products and services you request. You can also specifically request that we have access to your social media account contacts.

2.5 Sensitive personal data.

As part of our identity verification process, we collect, use and store biometric data, namely:

• We extract facial reading information from photos and videos to compare your photos on ID documents with each other and with a selfie provided by you to verify your identity, perform anti-fraud checks and improve these processes. We may ask you to specifically consent to the collection, use and storage of your biometric data during the verification process, where privacy regulations so require in your jurisdiction. If you do not consent, we offer alternative methods to verify your identity, which may take longer. We will not disclose or disseminate biometric data to anyone other than our identity verification providers, unless required by applicable laws and regulations or pursuant to a valid court order. We never sell, lease, trade or otherwise leverage your biometric data. We will keep biometric data for as long as necessary to complete the identity verification process, and in any case no longer than 1 year after collection, unless required by law or legal process to keep it longer.
  • To the USA:See our US Face Reading Privacy Notice for more information about how we process this data;
• We monitor the way you log in and interact with our website or application to validate your identity and help detect fraudulent and suspicious attempts to access your GBS Account;
• If you consent to link your bank account to your GBS account for the purpose of satisfying regulatory verification, we may also process a limited amount of sensitive data when verifying your financial documents.
• Your jurisdiction may have rules that classify other information described in section 2 as confidential. All confidential information is subject to appropriate levels of protection;
  • For India:We may collect Aadhaar-related data from you, including your demographic details, for the purpose of verifying your identity for the use of our Services. We collect your data from Aadhaar based on your voluntary and informed consent. Please note that providing your Aadhaar related details is voluntary and you may choose to provide us with other officially valid documents notified by financial regulators such as passport, voter registration card and driver's license for such purposes. You will not be refused Services if you choose not to provide us with your Aadhaar-related data.

2.6 Data from children. Our products and services are aimed at adults and are not intended for children. Therefore, we do not knowingly collect data from children. Any data collected from a child prior to determining their age will be deleted.

3.1 We take the protection of your information very seriously. The transmission of information over the Internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee security during transmission, which is done at your own risk. Once we receive your information, we use strict procedures and security features to ensure it remains secure, including:

• Internet communications between you and the GBS systems are encrypted using strong asymmetric cryptography. This makes them indecipherable to anyone who might be listening;
• We update and patch our servers in a timely manner;
• We run a Responsible Disclosure and bug bounty program to identify any security issues in the GranBell services;
• Our technical security team proactively monitors abnormal and malicious activity on our servers and services;
• When the information you provide to us is not in active use, it will be encrypted at rest.

Learn more in our Security Page.

3.2 We are regularly audited to confirm that we remain in compliance with our security certifications, including SOC 2 and PCI-DSS. As part of these audits, our security is validated by external auditors.

3.3 We restrict access to your personal information to GranBell employees who have a business reason to know such information and third party service providers processing data on our behalf. All GranBell employees who have access to your personal data must adhere to this Policy, and all third-party service providers are requested by GranBell to ensure that appropriate safeguards are in place. Furthermore, there are contracts with third party service providers who have access to your personal data, to ensure that the level of security and protection measures required in your jurisdiction are in place and that your personal data is only processed as instructed by GranBell.

3.4 We continually teach and train our employees on the importance of confidentiality and privacy of customers' personal information. We maintain physical, technical and organisational safeguards in compliance with applicable laws and regulations to protect your personal information from unauthorised access.

4.1 Legal basis: We will only use your personal data when the law allows us to. Depending on the country you are in, we have the following legal bases to process your personal data:

• When you give us consent to process your data - please note that when we process your personal data based on consent, local regulations apply;
• When it is necessary for our legitimate interests (or those of third parties) and that your interests and fundamental rights do not override these interests;
• When we have a legal obligation to process your personal data to comply with laws, regulations or court orders;
• When it is necessary to perform our obligations under a contract with you;
• When it is necessary to protect your own vital interests or those of others.

​

• 4.2 Purposes for which we will use your personal data: The ways in which we plan to use your personal data are set out below, including the legal bases we rely on to do so in the UK, EU, Turkey and Brazil (*included only as legal basis under the terms of the LGPD). We also identify what our legitimate interests are, where appropriate.

​

• fulfill our obligations relating to your contract with us, to provide payment services and multi-currency accounts
  
  • Legal basefor processing, including on the basis of legitimate interest: Necessary to fulfill our obligations under a contract

​

• provide you with information, products and services
  
  • Legal basefor processing, including on the basis of legitimate interest:
    
    • Legitimate interest (to keep our records up to date, to choose which of our products and services may be of interest to you, to obtain information about them and to receive them). When you consent to the processing of your personal data in a certain way

​

• to comply with applicable legal and/or regulatory requirements, including to respond to requests from public and governmental authorities, including public and governmental authorities outside your country of residence, upon demonstration of legal authority, and to comply with court orders in the relevant jurisdiction.
  
  • Legal basefor processing, including on the basis of legitimate interest:
    
    • legal obligation
    • Necessary to perform our obligations under a contract
    • Legitimate interest (to be efficient about how we fulfill our legal obligations and to comply with regulations that apply to us)
    • Credit protection, including provisions of applicable law*
    • Regular exercise of rights in judicial, administrative or arbitration proceedings*

​

• prevent and detect crimes, including fraud and financial crimes
  
  • Legal basefor processing, including on the basis of legitimate interest:
    
    • legal obligation
    • Legitimate interest (to detect and prevent criminal activity in connection with our Services and to improve how we manage suspected financial crime)
    • Credit protection, including provisions of applicable law*

​

• notify you of changes to our Services and send you other administrative information
  
  • Legal basefor processing, including on the basis of legitimate interest:
    
    • legal obligation
    • Legitimate interest (to provide you with good customer service and keep you up to date on new developments)
    • Necessary to perform our obligations under a contract

​

• as part of our efforts to keep the Services safe and secure
  
  • Legal basefor processing, including on the basis of legitimate interest:
    
    • legal obligation
    • Legitimate interest (protecting our customers and ourselves against loss or damage)
    • Necessary to perform our obligations under a contract

​

• administer our Services and for internal operational, planning, auditing, troubleshooting, data analysis, testing, research, statistical and research purposes
  
  • Legal base for processing, including on the basis of legitimate interest:
    
    • Legitimate interest (to keep our records up to date, efficiently fulfill our legal and contractual duties, carry out our administrative operations, and develop new and existing products and services)

​

• carry out systems or product development, including helping third-party providers improve the services they provide to us, improve our Services and ensure that they are presented in the most effective manner possible
  
  • Legal basefor processing, including on the basis of legitimate interest:
    
    • Legitimate interest (to develop new and existing products and services and efficiently meet our legal and contractual obligations)

​

• to enable other GBS customers to request or send money to you through our services by providing information that matches your phone number or email address
  
  • Legal basefor processing, including on the basis of legitimate interest:
    
    • Legitimate interest (to provide an efficient and innovative service to our customers)
    • Necessary to perform our obligations under a contract

​

• to measure or understand the effectiveness of the advertising we serve and to provide you with relevant advertising
  
  • Legal basefor processing, including on the basis of legitimate interest:
    
    • Legitimate interest (to market our products and services in the most efficient manner)
    • When you have consented to us processing your personal data in a certain way.

​

• to allow you to participate in interactive features of our Services, when you choose to do so
  
  • Legal basefor processing, including on the basis of legitimate interest:
    
    • Legitimate interest (to provide an efficient and innovative service to our customers)
    • When you have consented to the processing of your personal data in a certain way.

​

• to use your email address to provide you with information about other similar goods and services we offer
  
  • Legal basefor processing, including on the basis of legitimate interest:
    
    • Legitimate interest (to market our products and services)
    • When you consent to us treating your personal data in a certain way

​

• to provide you, or allow selected third parties to provide you, with information about goods or services that may be of interest to you.
  
  • Legal basefor processing, including on the basis of legitimate interest:
    
    • When you have consented to us treating your personal data in a certain way.

​

• to take steps to recover amounts owed to us, included via insurance claims, and to enable us to pursue available remedies or limit the damages we may suffer
  
  • Legal base for processing, including on the basis of legitimate interest:
    
    • Legitimate interest (to protect our assets)
    • Credit protection, including provisions of applicable law*

​

• allow a third party or a financial institution that sent money to recover the amount received by you, due to deceit or fraud
  
  • Legal base for processing, including on the basis of legitimate interest:
    
    • legal obligation
    • Statutory interest (to allow third parties to recover funds)

​

• to enforce our Customer Agreement with you
  
  • Legal base for processing, including on the basis of legitimate interest:
    
    • Legitimate interest (to protect our assets)

​

• on rare occasions, help protect our customers, employees or others by notifying emergency services
  
  • Legal basefor processing, including on the basis of legitimate interest:
    
    • vital interest

​

• For the UK:fulfill our obligations relating to your contract with us for the provision of Company Formation Services
  
  • Legal basefor processing, including on the basis of legitimate interest:
    
    • Necessary to perform our obligations under a contract

5.1 We may share your personal data with the following third parties:

• affiliates, business partners, suppliers and subcontractors for the performance and performance of any contract we enter into with them or you, and to help them improve the services they provide to us;
• advertisers and advertising networks to select and deliver advertisements that are relevant to you and others;
• analytics and search engine providers who help us improve and optimize our website;
• entities and subsidiaries of our group, which can be found by clicking here;
• in the event that we sell any of our business or assets or merge with another company, in which case we may disclose your personal data to the potential buyer of such business or assets or the potential organisation with which our business or assets may be associated;
• limited information is sent to payees when you initiate a payment transaction;
• if we are under a duty to disclose or share your personal data in order to comply with any legal obligations, or to enforce or apply our Customer Agreement and other applicable agreements, or to protect the rights, property or safety of GranBell, our customers, our employees or others;
• prevent and detect fraud or crime and assist us in conducting or cooperating with investigations of fraud or other illegal activities where we believe it reasonable and appropriate to do so. Please note that if we, or a fraud prevention agency, determine that there is a risk of fraud or money laundering, we may refuse a customer to provide requested services or stop providing existing products and services. A record of any risk of fraud or money laundering will be retained by fraud prevention agencies, and may result in others being refused to provide services;
• in response to a properly constituted subpoena, warrant, court order, police request or as required by law;
• assess financial and insurance risks;
• recover the debt or in connection with your insolvency or allow a party or financial institution that sent money to recover the amount received by you, by mistake or due to fraud;
• develop customer relationships, services and systems; It is
• if you agree, share your data when using our Services
• 5.2 If your Availability and Access feature is enabled, GranBell customers can search for you via your nickname, email or phone registered to your GranBell account. You can manage this discovery feature in your account settings. You can also generate a link to share with any users and make it easy to send and receive money.

​

5.3 If you would like more information about who we share your data with or to receive a list specifically for you, please ask in writing to contact@granbell.uk

If you are a Belgian resident who has a balance with us (Multi-currency Account), we are legally obliged to disclose the following personal data to the Central Contact Point of the National Bank of Belgium ("CPC")

• Continuously:
  • Belgian bank and payment accounts and powers of attorney on these accounts. For each account, the number, capacity of the customer (account owner or his representative) and start or end date of the account must be reported;
  • the existence of certain financial contracts concluded in Belgium: start or end date of the contractual relationship with the customer and type of contract;
  • the existence of certain financial transactions involving cash: the type of transaction, the capacity of the customer (the customer or his authorised representative) and the date of the transaction.​
• Periodically:
  • the amount relative to the credit of the respective cash accounts, on June 30 and December 31, of each calendar year;
  • the "added value" of these investment services contracts, ie the value of the assets in our custody and our liability to clients under these contracts, as of June 30 and December 31 of each calendar year.

​

To enable identification of the persons behind these accounts, financial contracts and transactions involving cash, we also need to report the following information:

• for natural persons: National Registry Number (or BIS number) or, failing that, name and surname, date of birth, place of birth (optional) and nationality;
• for legal entities: number under which they are registered with Crossroads Bank for Enterprises or, failing that, full name, legal form, if any, and country of establishment.

​

This data is recorded by the CPC and kept for a period of 10 years. The CPC maintains a list of requests for information received for five years.

Under strict conditions, the CPC may disclose this data to the Belgian tax authorities, other authorities and persons legally authorised to request information from the CPC. The data may be used in the context of (i) tax inquiries, (ii) investigation of crimes, (iii) combating money laundering, terrorist financing and serious crimes, and (iv) for any other purpose authorised by Belgian law.

You have the right to consult the data linked to your name by the CPC at the National Bank of Belgium(Boulevard de Berlaimont 14, 1000 Brussels).You also have the right to request, preferably with us, that any inaccurate data recorded by the CPC and linked to your name be corrected or deleted. You can do this by accessing the NBB website and following the stipulated process.

In Section 7, "we" refers to GranBell UK as Escrow & Payments agent in Japan

We do not disclose your personal data to third parties unless you authorise it or are permitted by applicable law.

We may entrust your personal data to third party service providers, in which case we execute a service agreement with the third party and supervise them to protect your personal data.

We use your personal data described in Section 2 of the Privacy Policy in conjunction with GBS Payments Limited (registered in England and Wales - company number 07209813 - having its registered office at TEA Building 56 Shoreditch High Street London E16JJ), a provider of payments services registered as a financial services business by Her Majesty's Revenue and Customs (HMRC) and under the supervision of the UK Financial Conduct Authority (FCA), for the purposes described in Section 4 of our Privacy Policy. The party responsible for this joint use is GBS Payment Japan KK, registered at 1-6-1 Otemachi, Chiyoda-ku, Tokyo 100-0004. Please contact us at contact@granbell.uk for details on the Representative Director.

8.1 Although our main processing centres are in the UK and the EU, we may transfer your data and store it in countries outside your jurisdiction which do not offer an equivalent level of protection as in your country. They may also be handled by employees operating outside their jurisdiction. These employees may be involved in activities such as fulfilling your payment order, processing your payment details and providing support services. We will take all necessary steps to ensure that your data is handled securely and in accordance with this Policy.

8.2 In the above cases, we ensure that appropriate safeguards, including Standard Contractual Clauses and/or International Data Transfer Agreements, are in place. A copy of these documents can be provided by sending a request to contact@granbell.uk.

8.3 In Switzerland, we ensure that these safeguards are in place, unless we can rely on an exception. An exception may apply, for example, in the case of legal proceedings abroad, and also in the case of overriding public interest or if the performance of a contract requires disclosure, if you have consented or made the data generally available and you have not contested the treatment.

9.1 We may use some elements of your data to customize our Services and the information we provide to you to meet your needs, such as your country of residence and transaction history. For example, if you frequently send funds from one currency to another, we may use this data to let you know about updates or new product features that may be useful to you. When we do, we take all necessary steps to ensure that your privacy and security are protected - and we use pseudonymized data wherever possible. This activity has no legal effect on you.

9.2 We use automated processes to verify that your application to access the GranBell services and your use of the GranBell services meet our required standard, including verifying your identity, and to help prevent fraud or other illegal activities. These processes may make an automated decision to reject your application or a proposed transaction, block a suspicious attempt to log into your GBS account, or close your account. If this happens, you will be notified and given the opportunity to provide further information and challenge the decision through an appeal mechanism, which includes a manual review. In any case, if you think that an automated process may have affected you, please contact GranBell Customer Support.

We use small files known as cookies to differentiate you from other users and to see how you use our website and products and to provide you with the best experience. They also allow us to improve our services. For detailed information about cookies and other technologies we employ, and the purposes for which they are used, please see our Cookie Policy.

11.1 We will only keep your personal data for as long as necessary to fulfil the purposes for which we collect it. As a regulated financial institution, GBGranBell is required by law to store some of your personal and transactional data after closing your account with us. We only access your data internally on a need-to-know basis, and we will only access or process it if absolutely necessary.

11.2 We will always delete data that is no longer required by relevant law or the jurisdiction in which we operate. We do this automatically, so you don't have to contact us to request the deletion of your data. Deletion methods include shredding, destroying, and securely disposing of hardware and paper records, and deleting or overwriting digital data.

11.3 Learn more about retention periods for your data.

12.1 GranBell participates in theAmazon Payment Service Provider Program(the program"). If your GranBell account details are entered into the Amazon Seller Center, Amazon may ask us to send you data about you, your accounts, payments from those accounts since January 1, 2015, and external accounts linked to your GranBell account. All payment service providers participating in the Program provide the same information to Amazon.

12.2 The processing purposes and interests are i) required by Amazon to help it to prevent and detect crimes, maintaining the standards of conduct required by it and ii) to assist GranBell in the prevention and detection of crimes.

12.3 In the UK, EEA, Indonesia, Turkey and Brazil, the legal basis for processing is legitimate interest. The interests and purposes of the treatment are as described in section 12.2.

12.4 In jurisdictions outside the UK, EEA, Indonesia, Turkey and Brazil, you consent to this data sharing by continuing to use your GranBell Account.

12.5 If you do not want GranBell to provide the above information to Amazon, you must not provide your GranBell account details to Amazon and you may not use your GBS account to receive money from your Amazon store.

12.6 This program does not apply to GranBell customers who only buy and do not sell products on Amazon.

13.1 Applicable laws in your jurisdiction may give you certain rights in relation to the information we hold about you. If you have any questions regarding our use of your personal information, please contact us at contact@ganbell.uk.

13.2 Your exercise of these rights may be subject to certain exceptions, including protecting the public interest (such as the prevention or detection of crime), when it is in our interest (such as maintaining legal privilege) and where the rights of others are involved (including where your request relates to information about others).

13.3 We may need to retain certain information for record keeping purposes and to comply with our obligations under applicable laws and regulations, including but not limited to our obligations to combat money laundering and/or to complete transactions that you have begun before to request a change or deletion.

13.4 Normally, you will not have to pay a fee to access your personal data or exercise any of your other rights. However, we may charge a reasonable fee where permitted by local law or if your request is clearly unfounded, repetitive or excessive. Alternatively, in these circumstances, we may refuse to fulfil your request.

13.5 We may need to ask you for specific information to help us confirm your identity and your right to access your personal data, or to exercise your other rights. This is a security measure to ensure that personal data is not disclosed to anyone who is not entitled to receive it. We may also contact you to request more information in relation to your request, in order to expedite our response.

13.6 If you no longer wish to receive marketing-related emails from us, you can unsubscribe by following the instructions contained in any such email. We will try to respond to your request as soon as possible. Please note that if you opt-out, we may still send you important administrative messages from which you will not be able to opt-out.

13.7 If you would like to make a request, the best way to do so is to contact us using the contact details set out in the Appendix.

13.8 Subject to certain country-specific variations, you have the right to:

• Request a copy of the personal data we hold about you and verify that we handle it lawfully;
• Request correction of the personal data we hold about you. We may need to verify the accuracy of the new data you provide to us;
• Ask us to delete personal data when there is no reason for us to continue to process it. You may also have the right to request deletion of your personal data where (i) you have successfully exercised your right to object to processing (see below), (ii) where we may have processed your personal data unlawfully or (iii) where we are required to delete your personal data to comply with local law. We are not always able to honor your deletion request, for specific legal reasons which will be notified to you, if applicable, in our response to your request, including financial regulations which may require us to retain your personal data for a period after closing your account;
• Withdraw your consent for us to process the data, when our legal basis for the treatment is based on this consent. Please note that the withdrawal of consent does not affect the legality of the treatment that may have taken place before such withdrawal. If you withdraw your consent, we may not be able to provide you with certain products or services;
• Ask us to stop direct marketing to you or create your profile for direct marketing purposes by contacting us or setting your notification preferences in your account settings section;
• When we use fully automated decision-making processes, ask us to provide you with information about the decision-making methodology and to verify that an automated decision, which results in a legal impact on you, has been correctly made. We may reject the request as permitted by applicable law, including where providing the information would result in the disclosure of a trade secret or interfere with the prevention or detection of fraud or other crime. However, in general, in these circumstances we will verify that the algorithm and source data are working as intended, without error or bias or, if required by law, to adjust processing;
• Oppose any treatment based on legitimate and reasoned interests, when there is something in your specific situation that makes you think that treatment for this reason will affect your fundamental rights and freedoms;
• Ask us to suspend the processing of your personal data in the following situations:(i) by wanting us to determine the accuracy of the data; (ii) when our processing of data is illegal, but you do not want it to be deleted at the moment; (iii) when you want us to keep the data even if it is no longer needed as you need it to establish, exercise or defend legal claims; or (iv) you have objected to the use of your data, but we need to confirm whether or not we have legitimate reasons to continue using it;
• Request the transfer of your personal data to third parties or yourself.We will provide you or your chosen third party with the personal data you have provided to us in a structured, commonly used, machine-readable format. This right only applies to data where we use the information to perform a contract with you, or where you initially consented to us using it.

If you are a California resident:

• You may have certain rights under the California Consumer Privacy Act ("CCPA") regarding your personal data, including:
  
  • The right to be informed about the personal data we collect, use and treat for the purposes indicated in section 4. More details on:
    
    • the categories of personal data collected,
    • the sources from which we collect them,
    • the commercial or business purposes of the collection,
    • as well as the categories of third parties to whom we disclose personal data, are described in this Privacy Policy as supplemented by the GranBell Consumer Privacy Notice.
  • The right to request the specific personal data we have collected about you in the twelve (12) months prior to your request;
  • The right to request the deletion of your personal data that we have collected;
  • The right to correct any inaccurate information we hold about you;
  • The right to limit the use of your confidential personal information to only what is necessary to provide you with products or services;
  • The right to opt out of the sale or sharing of personal information; however, please note that GranBell does not engage in the sale of personal information as contemplated by the CCPA. As detailed in this Privacy Policy, we share personal information with other companies for a variety of reasons. While we often benefit from these exchanges, we do not share personal information for the sole purpose of receiving compensation for that information; It is
  • The right not to be discriminated against for exercising any of these rights.
• You should be aware that this section does not apply to:
  
  • Personal information covered by certain industry-specific privacy laws, such as the Gramm-Leach-Bliley Act and its implementing regulations, the California Financial Information Privacy Act and the Driver's Privacy Protection Act of 1994; or
  • Other information subject to a CCPA exception.
• "Shine the Light" and "Eraser" Laws: You may request a list of all third parties to whom we have disclosed certain information during the past year for those third parties' direct marketing purposes.
• If you wish to make a request, please send it in writing to contact@granbell.uk or contact us by phone. It is our obligation to verify your identity and whether you are authorised to receive this information before fulfilling your request.

You may also have certain rights to your information that we hold under other data protection and privacy laws. Please contact us at contact@granbell.uk for more information.

Our Services may, from time to time, contain links to the websites of our partner networks, advertisers and affiliates. Please note that these sites have their own privacy policies and we accept no responsibility for them; therefore, if you follow a link, please check their policies before submitting any personal data to these sites.

To keep up with changes in legislation, best practices and the way we handle personal information, we may revise this Policy at any time by posting a revised version on this website. To stay up to date on any changes, please check the website periodically.

18.1 Please send any questions, comments or requests regarding this Policy to our privacy team at contact@granbell.uk, where you can also contact our Data Protection Officer (DPO). You can also write to us or the Data Protection Officer at our registered office that applies to you, as indicated in the Appendix.

18.2 If you feel that we have not adequately addressed your queries or concerns, or believe that your data protection or privacy rights have been breached, you can make a complaint to any supervisory authority or other public body that has a responsibility to enforce the privacy laws as indicated in the Appendix.