2. Privacy of member information
GEP's primary goal in collecting member information is to provide you and other members with a secure, efficient and customized venue for electronic sourcing of products and services. In addition to maintaining accurate information on and records of communications with its members, GEP may use this member information for its internal business operations, including research and analysis in order to optimize the website and the services provided thereby and better serve its members' needs.
Because GEP understands the importance of protecting the privacy of its members and maintaining the security of the member information, GEP pledges that no member information specifically attributable to registered members will be disclosed, distributed, published, disseminated, sold, traded, or shared with any third party, including advertisers, business or governmental organizations, or other members, provided, however, that GEP shall be entitled to disclose member information to third parties in the following situations:
- When such disclosure is necessary to facilitate communications with members or transactions between members in accordance with the normal operation of the website.
- When such disclosure is so ordered by any court, administrative body, governmental agency or regulatory agency, or when GEP in good faith determines that it is legally required to make such disclosure, or when such disclosure is requested by law enforcement authorities in connection with their investigations, or in the event of an emergency.
- When communicating with a member outside of the context of the website.
- When GEP in good faith determines that such disclosure is necessary to correct what GEP believes to be false or misleading information or to address activities that GEP believes to be manipulative or deceptive.
- GEP may aggregate and publish member information relating to activity on the website, but such aggregated member information shall not include any member information that could be used to personally identify you.
3. IP address information
When you register as a member on the website, GEP may obtain the IP address and host name (if available) of your originating server. This information identifies the computer that you are using, but no personal information about you is disclosed to GEP. This information helps GEP to diagnose problems with its server, administer the website and gather broad demographic information about general patterns of member use of the website.
GEP has instituted security measures which are intended to prevent the loss, misuse, or alteration of the information under GEP's control. Nevertheless, such measures may not prevent loss, misuse or alteration of information in all cases. GEP urges all members to exercise caution when using the website.
6. Termination of membership
As a supplier, you may terminate your login and password at any time by sending an email to support [at] gep.com and writing "cancel" in the subject line. Your termination will be subject to the terms set forth in the agreement.
General Data Protection Regulation (GDPR) Compliance
GEP is committed to ensuring compliance with the EU’s legal requirements for data protection. We have been consistent in our approach to data protection as part of our broader product standards, and this will now also encompass the new requirements of the GDPR. To learn more about GEP’s position and policies regarding GDPR compliance, click here.
U.S. – EU Safe Harbor privacy statement
GEP believes in protecting your privacy. When we collect personal data from you on our website, we follow the privacy principles of the American Arbitration Association (an independent resource mechanism) and comply with the U.S. - EU Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data from the European Union. These are our promises to you:
1. Notice. When we collect your personal data, we'll give you timely and appropriate notice describing what personal data we’re collecting, how we'll use it, and the types of third parties with whom we may share it.
2. Choice. We’ll give you choices about the ways we use and share your personal Data, and we'll respect the choices you make.
3. Relevance. We’ll collect only as much personal data as we need for specific, identified purposes, and we won’t use it for other purposes without obtaining your consent.
4. Retention.We’ll keep your personal data only as long as we need it for the purposes for which we collected it, or as permitted by law.
5. Accuracy. We'll take appropriate steps to make sure the personal Data in our records is accurate.
6. Access. We'll provide ways for you to access your personal Data, as required by law, so you can correct inaccuracies.
7. Security. We'll take appropriate physical, technical, and organizational measures to protect your personal data from loss, misuse, unauthorized access or disclosure, alteration, and destruction.
8. Sharing. Except as described in this policy, we won’t share your personal Data with third parties without your consent.
9. International Transfer. If we transfer your personal data to another country, we’ll take appropriate measures to protect your privacy and the personal data we transfer.
10. Enforcement. We'll regularly review how we're meeting these privacy promises, and we'll provide an independent way to resolve complaints about our privacy practices.
We participate in the EU privacy Safe Harbor framework as established by the U.S. Department of Commerce and as it relates to the transfer of personal data from the European Union to the United States. As part of our participation in the EU Privacy Safe Harbor framework, we have partnered with American Arbitration Association in order to address and resolve potential disputes regarding our compliance with this Safe Harbor framework.
This dispute resolution program covers both offline data collection (e.g. personal information collected through telephone calls or postal mail) and online data collection (e.g. personal information collected via the Internet). If you have any complaints regarding our compliance with relevant aspects of the EU Privacy Safe Harbor framework, you should first contact us at:
GEPAttn: Legal Department
100 Walnut Ave
Clark, NJ 07066
Office (732) 382-6565
Please allow at least 10 business days for us to respond to your complaint.
If you are unable to resolve your complaint by contacting us directly, you may submit your complaint to the American Arbitration Association’s International Centre for Dispute Resolution. The American Arbitration Association will serve as a liaison to resolve your concerns.
To learn more about the Safe Harbor program, and to view GEP's certification, please visit http://www.export.gov/safeharbor.