Effective: 23 July 2018
EU-U.S. and Swiss-U.S. Privacy Shield Frameworks
GTN is a member of the VeraSafe Privacy Program, meaning that with respect to PII processed in the scope of this privacy notice, VeraSafe has assessed GTN’s data governance and data security for compliance with the VeraSafe Privacy Program Certification Criteria. The certification criteria require that participants maintain a high standard for data privacy and implement specific best practices pertaining to notice, onward transfer, choice, access, data security, data quality, recourse, and enforcement.
Where a privacy complaint or dispute cannot be resolved through GTN’s internal processes, GTN has agreed to participate in the VeraSafe Privacy Shield Dispute Resolution Procedure. Subject to the terms of the VeraSafe Privacy Shield Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe and participate in the VeraSafe Privacy Shield Dispute Resolution Procedure, please submit the required information here: https://www.verasafe.com/privacy-services/dispute-resolution/submit-dispute/
Data We Automatically Collect
When you access our Web Applications, whether by computer, mobile phone or other device, we automatically collect certain data about your use of our Web Applications. This data may include, without limitation:
We do not link such data to your PII, except to your IP address, which may be personally identifying in some circumstances.
In the course of providing Professional Services to you, GTN may also collect PII including your IP address, email address, and name in connection with the digital execution of agreements.
Data You Provide to Us
In some situations, you or Your Agent may provide us with your PII. Such PII may include your:
You, or Your Agent, may provide us with your PII when:
A “cookie” is a small file stored on your hard drive that contains data about your computer. By showing how and when visitors use the Web Applications, cookies help us identify how many unique users visit us, save user preferences and track user trends and patterns. We use session cookies, which are cookies that are deleted when you leave our Web Applications, and persistent cookies, which are cookies that remain after you leave our Web Applications, so that you are recognized when you return.
GTN Will Use Data We Automatically Collect To:
GTN Will Use PII To:
Basis of Processing
In general, we process your PII on the basis of:
Please note that where we process your PII based on your consent, you may withdraw your consent at any time. This will not affect the lawfulness of processing that was conducted based on consent given before the withdrawal, however, nor will it affect processing performed on other lawful grounds.
Where we receive your PII directly from you for the purpose of providing you with our Professional Services, we require such PII to be able to perform our contractual obligations to you. Without the necessary PII, GTN will not be able to provide Professional Services to you.
We may use third parties to perform certain services on our behalf. We may share your PII with these third parties, as necessary, solely to enable them to perform those specific services for us.
Such third parties include those:
We contractually obligate that those third parties only provide access to your PII to persons who have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality. GTN remains liable for the protection of your PII that we transfer to our service providers, except to the extent that we are not responsible for the event giving rise to any unauthorized or improper processing.
We may also share your PII with:
The PII that GTN shares with such third parties is limited to the following:
Where European Union data protection laws are applicable to the processing of your PII, and if we would need to transfer your PII to third countries, as defined in European Union data protection laws, this will be subject to appropriate safeguards and other requirements, as required by applicable law.
We may disclose your PII (i) to the extent required by law or if we have a good-faith belief that such disclosure is necessary in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, or private parties, including but not limited to: in response to subpoenas, search warrants, or court orders, or (ii) if we sell or transfer all or a portion of our company’s business interests, assets, or both, or in connection with a corporate merger, consolidation, restructuring, or other company change, or (iii) to our subsidiaries or affiliates only if necessary to provide Professional Services or Web Applications to you.
We reserve the right to use, transfer, sell, and share aggregated, anonymous data, which does not include any PII, about our Web Applications’ users as a group for any legal business purpose, such as analyzing usage trends and seeking compatible clients and customers.
If we must disclose your PII in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, we may not be able to ensure that such recipients of your PII will maintain the privacy or security of your PII.
We do not engage in automated decision-making activities, such as profiling.
Where we are a joint data controller, we retain your PII for as long as is required by law, professional standards, or professional codes of conduct to which we are subject. Typically, PII relating to U.S. citizens must be retained for at least seven (7) years, in order to comply with Internal Revenue Service requirements.
Where we are a data processor, we retain your PII for as long as is necessary for us to perform under our engagement with the data controller.
Please note that in some cases, data processed in the Web Applications may be archived in backup volumes and it may not be reasonably possible for us to delete data from those locations.
We have implemented commercially reasonable measures to protect against unauthorized access to and unlawful interception or other processing of your PII that we process. All data you or Your Agent submits via our Web Applications is transmitted to us via TLS encryption. Unfortunately, data transmission over the Internet is never 100% secure, so we cannot guarantee the security of any data transmitted to us or from our Web Applications. Therefore, you use our Web Applications at your own risk.
You are responsible for protecting the security of your username and password that you use to access the Portal.
GTN is not responsible for the treatment of your PII or any of your data by these third parties.
You may also make updates or changes to your preferences regarding receiving future promotional messages from us by logging into the Portal and making the desired changes.
Please note that if you opt out of promotional/marketing emails, you may continue to receive certain communications from us, such as messages about your account in the Web Applications, and regarding our provision of Professional Services to you.
Where we act as a data processor, and you wish to review, correct, update, or delete your PII that we process, please contact the data controller who has provided your PII to us.
If you are a data subject whose PII we process, you may have the right, under certain circumstances, to have the processing of your PII limited (restricted), as well as the right to object to the processing of your PII. You may also have the right to ask to have your PII exported in a machine-readable format.
If you are a data subject whose PII we process, you may also have the right to lodge a complaint with a data protection regulator in one or more of the European Union Member States.
GTN has appointed VeraSafe as our representative in the EU for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union (GDPR). VeraSafe may be contacted in addition to GTN only on matters related to the processing of PII. To make such an inquiry, please contact VeraSafe using this contact form: https://www.verasafe.com/privacy-services/contact-article-27-representative
Alternatively, VeraSafe can be contacted as follows:
VeraSafe Ireland Ltd
North Point House
North Point Business Park
New Mallow Road
If you are a resident of the European Union, you may have the right to lodge a complaint with a data protection regulator in one or more of the EU member states.
If you have any questions about this Policy or our processing of your PII, please write to us by email at email@example.com or by postal mail at:
Global Tax Network US, LLC
Attn: COO / Data Privacy & Security Officer
7950 Main Street N, Suite 200
Maple Grove, MN 55369
We will respond to your inquiry within one month or less.
If a privacy dispute or complaint can’t be resolved by us, nor through the dispute resolution program established by VeraSafe, you may have the right to require that we enter into binding arbitration with you, pursuant to the Privacy Shield’s Recourse, Enforcement and Liability Principle and Annex I of the Privacy Shield.
GTN is subject to the investigatory and enforcement powers of the United States Federal Trade Commission.
Learn how GTN can keep you one-step ahead on your mobility tax journey.
Or select an option below:
Thank you for contacting GTN! Your comments are extremely important to us and we will be in touch with you very soon.
If you need to contact us immediately, feel free to reach out to Craig Dexheimer at +1.763.252.0650 or firstname.lastname@example.org