MENU menu

Close close menu

Privacy Notice

Privacy Notice

This Privacy Notice (the Notice”) sets out how we, Global Regulatory Services Limited (GRS”, we”, us”, our”) process the personal data of individuals (you”, your”) who contact us or who use our websites and services. If you have any questions about this Notice, please contact us by email


Identity of the Data Controller and Contact Details

Data controllers” are the people or organisations that determine the purposes for which, and the manner in which, any Personal Data is processed, and make independent decisions in relation to the Personal Data and/or who/which otherwise control that Personal Data.


For the purposes of the GDPR, Global Regulatory Services Limited is the data controller with regard to the Personal Data described in this Privacy Policy and Notice. Our Data Protection Coordinator can be contacted as follows:
Telephone: +44 (0)1223 750638


Post: Milton Hall, Ely Road, Milton, Cambridgeshire CB24 6WZ, United Kingdom


What personal data do we process?

We may process the following personal data:



Generally, you are under no obligation to provide this information, but without it, we may be unable to provide you with some of our Website content and services. It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us.


How we use your personal data and our legal basis

We will only process personal data, in accordance with applicable law, for the following purposes:



The legal basis for our processing of personal data for the purposes described above will typically include:




If you choose to submit your personal data to us, we will use this data to contact you with newsletters, marketing or promotional materials and other information about the exciting things Global Regulatory Services Limited is doing in Regulatory Affairs and Quality Compliance. You will be able to opt-out of our messages through every communication. If you opt out of receiving these communications, we will still contact you if necessary in relation to any work we are doing with you.




Disclosure of personal data

There are circumstances where we may wish to disclose or are compelled to disclose your personal data to third parties. These scenarios include disclosure to:


International transfer of your personal data

We may transfer your personal data to a third party in countries outside the country in which it was originally collected for further processing in accordance with the purposes set out above. Where this is the case, we will ensure that appropriate transfer mechanisms, such as the EU Commission approved Standard Contractual Clauses, are in place to ensure an adequate level of data protection.

If we transfer personal data to private organisations abroad, such as our suppliers and service providers, we will, as required by applicable law, ensure that your privacy rights are adequately protected by appropriate technical, organisation, contractual or other lawful means. You may contact us for a copy of such safeguards in these circumstances.


Retention of personal data

Generally, we will only retain your Personal Data for as long as necessary to fulfil the purposes we collected it for and for up to seven (7) years afterwards (for purposes related to Revenue requirements) or otherwise permitted by applicable laws. We may also retain your information during the period of time needed to complete our legitimate business operations, including for the purposes of satisfying any legal, accounting, or reporting requirements.


Sale of Organisation

Situations may arise where it is necessary to transfer information (including your Personal Data) to a third party in the event of a sale, merger, liquidation, receivership or transfer of all or substantially all of the assets of our organisation provided that the third party agrees to adhere to the terms of the Data Protection and Privacy Notice and provided that the third party only uses your Personal Data for the purposes that you provided it to us. The Personal Data transferred will be limited to that which is absolutely necessary. Where possible, you will be notified in the event of any such transfer and you will be afforded an opportunity to opt-out.


Security of personal data

We follow strict security procedures in the storage and disclosure of your Personal Data, and to protect it against accidental loss, destruction or damage. We take appropriate security measures to prevent unlawful or unauthorised processing of Personal Data, and to prevent the accidental loss of, or damage to, Personal Data. The data you provide to us is protected using modern encryption, intrusion prevention, and account access techniques as appropriate and required. We have put in place procedures and technologies to maintain the security of all Personal Data from the point of collection to the point of destruction. We maintain data security by protecting the confidentiality, integrity and availability of the Personal Data, defined as follows:



Data subject rights

Under certain circumstances, by law you have the following rights in relation to your personal data:



You can contact the Data Protection Commissioner as follows:


Information Commissioners Office
Wycliffe House
Water Lane

Tel: 0303 123 1113 (local rate) or 01625 545 745 (national rate)



Updates and changes to this policy

We update this policy sometimes. If we make important changes, like how we use your personal information, we'll let you know by email or on our website. If you don't agree to the changes, then you can always stop using our services, request we delete your data and stop giving us any more personal information.



Questions, comments, requests and complaints regarding this Policy and the information we hold are welcome and should be addressed to us at or +44 (0)1223 750638. 


10 November 2022