1. Introduction
Global GCP Limited (“we”, “our”, or “us”) processes personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (GDPR – Regulation (EU) 2016/679).
This Privacy Policy explains how we collect, use, store, and protect personal data of users located in the United Kingdom and the European Union, and outlines your rights under applicable data protection laws.
By using our website or services, you agree to the processing of your personal data as described in this policy.
2. Data Controller
The data controller responsible for processing your personal data is:
Global GCP LIMITED
Hillier Commercial Building, Flat A, 15/F
65–67 Bonham Strand
Sheung Wan, Hong Kong, 999077
📧 Email: info@gcplimited.com
🕘 Support hours: Monday–Friday, 9:00–17:00 CET
3. Lawful Basis for Processing
We process personal data only where at least one lawful basis applies under UK GDPR and EU GDPR:
Contract – processing is necessary to provide our services
Legal obligation – compliance with legal and accounting requirements
Legitimate interests – improving services, security, and business operations
Consent – marketing communications and non-essential cookies
You may withdraw your consent at any time.
4. Personal Data We Collect
Personal Data
name and surname
email address
phone number
billing and payment information
purchase and transaction details
Technical Data
IP address
browser and device information
cookies and website usage data
We do not knowingly collect data from individuals under the age of 16.
5. How We Collect Personal Data
We collect data through:
website forms and registrations
online purchases and payments
email subscriptions and direct communication
cookies and similar technologies (subject to consent)
6. How We Use Personal Data
We use personal data to:
deliver and manage our services
process payments and contracts
communicate service-related information
improve our website, offers, and user experience
send marketing communications (only where consent is given)
We do not carry out automated decision-making or profiling.
7. Data Retention
Personal data is retained only for as long as necessary for the purposes for which it was collected.
Contractual and transaction data may be retained for up to 6 years, in line with legal obligations
Marketing data is retained until consent is withdrawn
After the retention period, data is securely deleted or anonymized.
8. Data Sharing & International Transfers
We do not sell personal data.
We may share data with trusted third-party processors (e.g. hosting, payment providers, analytics) solely to operate our services. All processors are contractually required to comply with UK GDPR and EU GDPR.
Where personal data is transferred outside the UK or EU, we apply appropriate safeguards, including Standard Contractual Clauses (SCCs) or other lawful transfer mechanisms.
9. Your Rights (UK & EU)
You have the right to:
access your personal data
rectify inaccurate or incomplete data
request erasure (“right to be forgotten”)
restrict processing
object to processing
data portability
withdraw consent at any time
You also have the right to lodge a complaint with your local supervisory authority:
UK: Information Commissioner’s Office (ICO)
EU: Your local Data Protection Authority (DPA)
10. Data Security
We apply appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, or disclosure.
11. Cookies
We use cookies to ensure proper website functionality and performance.
Non-essential cookies are used only with your explicit consent. You may manage or withdraw cookie consent at any time via your browser settings.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be published on this page and become effective immediately upon publication.
13. Contact
For any questions or requests related to this Privacy Policy or your personal data, please contact Us.