Global Partner Solutions

Privacy Policy

Version 1.1 — March 2026

Introduction

This Privacy Policy (“Policy”) explains the information collection, use, and sharing practices of Global Partner Solution.

Global Partner Solutions (https://www.gpsi-intl.com/) is committed to upholding your right to privacy under the laws of Canada, the United States, and any country we operate in respecting the protection of personal information.

Privacy Information

We define personal information as any information that can identify or authenticate a person’s identity. Global Partner Solutions (“GPSI”) use personal information to carry out of our business processes within the scope of our mission. We are committed to protecting your personal information with the most care and regardless of where GPSI’s office or mandates are located.

This Policy determines how GPSI process the personal information of its customers, external candidates applying for employment, employees, and any other person, no matter the medium selected (paper document, databases, sound recording, etc.).

Changes to This Policy

We may change this Policy from time to time. If we make material changes to this Policy, we will notify you of such changes by email or through a notice posted on our website. The date of the last update of the Policy will be indicated to allow you to know when it was changed.

Scope of Application of the Policy

This policy applies to all the employees within the organization including all our contractors.

Our Responsibilities

In accordance with the privacy principles set out in this Policy, we take necessary practices and measures daily to fulfill our privacy responsibilities. We demonstrate that we place high value on protecting your privacy. We have a team of experts in the field who manage and advise the company on privacy. Furthermore, in 2024, we conducted a comprehensive security performance assessment of all our systems with the assistance of an external firm. We are committed to maintaining an annual completion rate of at least 90% of identified information security and privacy actions, while ensuring that 100% of critical risks are addressed within defined timelines by 2027.

Privacy Committee

The Privacy Committee (« Committee ») was established to ensure that the necessary safeguards are in place for any project involving the usage of personal information. This Committee is composed with:

Robert Hachey
President and CEO of Global Partner Solutions
Mona Ashour
Data Protection Officer
George D’Alimonte
Compliance Officer

This Committee was reviewed in 2026, and its members remain unchanged until this document is revised.

The Committee will meet:

Frequency of meetings: quarterly. In the event of an incident or need to review the Policy, the security settings, or any other emergencies, sporadic meetings may take place.
Length of meetings: 45 minutes. Meeting can be held in person or virtually.
Attendance required: at least 2 members must be present. This facilitates on-the-spot decision-making and transparency for all stakeholders.

Data Protection Officer

At Global Partner Solutions, one of the responsibilities of the President is to ensure the privacy of his employees, customers and other stakeholders is protected. As a member of the Committee, Robert Hachey acts as a resource person for decision to be made about the privacy. However, he delegates its role as the Data Protection Officer to Mona Ashour. She fulfills all the competencies required for this role and to ensure the highest level of IT security.

The role of the Data Protection Officer shall be to:

  • Approve the personal information policies and practices that the company must establish and implement. This includes systematic assessments of potential risks and impacts on individuals’ privacy resulting from the processing of personal data. He guides the organization in conducting Data protection impact assessments and ensures that necessary mitigations are implemented to minimize privacy risks.
  • Serve as a knowledgeable resource within the organization for all data protection and privacy matters. He provides guidance and advice to management, employees, and other stakeholders on how to handle personal data, including data subject rights, data breach notifications, consent requirements, and privacy impact assessments.
  • Ensure that the organization adheres to applicable data protection laws and regulations, such as the GDPR, Bill 25 or other regional privacy laws. This involves monitoring internal processes, policies, and practices to identify non-compliance areas and taking corrective actions.
  • Manage the data breaches within the organization. This includes establishing procedures for detecting, reporting, and investigating data breaches and notifying the appropriate authorities and affected individuals within the required time frames.
  • Serve as the primary point of contact between the organization and data protection authorities. He handles communication with supervisory authorities, responds to inquiries, and assists with any audits or investigations related to data protection compliance.
  • Receive and respond to requests for access and rectification as well as requests related to data portability, complaint, and the right to be forgotten.
  • Responsible for raising awareness among employees regarding data protection laws, regulations, and best practices. He organizes training sessions, develops educational materials, and promotes a privacy-conscious culture within the organization.
  • Ensures that appropriate documentation is maintained to demonstrate compliance with data protection requirements. This includes maintaining records of processing activities, data protection policies, consent mechanisms, and other relevant documents.

Privacy Principles

Privacy principles include not only the collection, the use, or the disclosure of personal information, but also access to information.

What personal information is collected and how?

Global Partner Solutions collects your personal information such as your name, country of residency, phone number, company name, email address, IP address, access dates, and times. We collect such information when you submit your CV, register for an event, sign-up for a newsletter, or download any website content.

Global Partner Solutions also collects information through cookies and other tracking technologies (i.e. pixels and web beacons) such as your usage data, device data, and website data. We also use third-party analytics tools such as Google Analytics, Google Tag Manager, and Microsoft Clarity to help understand how, when, and why you use our website.

If you visit the login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me,” your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves the same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

We may collect the following types of information from you:

  • Personal information: This includes information that can be used to identify you, such as your name, email address, and phone number.
  • Usage data: This includes information about how you use our services, such as the pages you visit and the actions you take.
  • Device information: This includes information about the devices you use to access our services, such as the device type, operating system, and IP address.
  • Location information: This includes information about your location, such as your city and country.
  • Cookies and similar technologies: We may use cookies and similar technologies to track your activity and to personalize your experience.

Why is the information collected?

The information collected is used to communicate with you about our services and send you marketing communications. We collect, use, and process your personal information to send you important information regarding our services. This may include updates, administrative messages, responses to your questions, comments, and requests.

We may use your information for the following purposes:

  • To provide and improve our services: We may use your information to provide and improve the services we offer.
  • To personalize your experience: We may use your information to personalize your experience on our services, such as by showing you relevant content and ads.
  • To communicate with you: We may use your information to communicate with you, such as by sending you emails or push notifications.
  • To analyze and understand our users: We may use your information to analyze and understand how our users use our services.

Who will have access to the information?

We do not share the personal information that you provide to us with other third parties without your express consent, except as described below:

  • Service providers, such as consultants, vendors, third-party hosting providers, or other subcontractors engaged by us to support the provision of our services or help us operate our business.
  • Professional advisors, such as lawyers, accountants, insurers, or auditors, where necessary in the course of the professional services they render to us.
  • Third-party websites, such as those for which links have been included on our website. Your personal information shared on such third-party websites shall be subject to their respective data privacy policies.

Cross-Border Data Transfers

Global Partner Solutions (GPSI) operates across multiple jurisdictions, including Canada, Quebec, the United States, the United Kingdom, and the European Union. When personal information is transferred outside of the jurisdiction in which it was collected, such as from Quebec or the European Union: GPSI ensures that appropriate safeguards are in place to protect the information in accordance with applicable privacy laws, including the Act respecting the protection of personal information in the private sector (Loi 25) and the General Data Protection Regulation (GDPR).

These safeguards include, but are not limited to:

  • The use of Standard Contractual Clauses (SCCs) approved by the European Commission or the UK Information Commissioner’s Office.
  • The completion of Transfer Impact Assessments (TIAs) to evaluate the legal and regulatory environment of the destination country.
  • Contractual obligations with clients and service providers to ensure an equivalent level of protection for personal information.
  • Individuals whose personal information is transferred internationally retain all applicable rights under the originating jurisdiction’s privacy laws.

Legal Basis for Processing (GDPR)

In accordance with the General Data Protection Regulation (GDPR), GPSI processes personal information based on one or more of the following legal bases:

Purpose of ProcessingLegal Basis (GDPR Article 6)
Candidate sourcing and CV submission to clientsConsent (Art. 6(1)(a)) and/or Legitimate Interest (Art. 6(1)(f))
Communication with candidates and clientsLegitimate Interest (Art. 6(1)(f))
Contract management and onboardingContractual necessity (Art. 6(1)(b))
Payroll and HR administrationLegal obligation (Art. 6(1)(c)) and/or Contractual necessity
Marketing communications (e.g., newsletters)Consent (Art. 6(1)(a))
Security and fraud preventionLegitimate Interest (Art. 6(1)(f))

Where consent is the legal basis, individuals may withdraw their consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

Your choices and control

You have the following choices and controls over your information:

  • Opt-out of marketing communications: You can opt out of receiving marketing communications from us by following the unsubscribed instructions in the communications you receive.
  • Cookies and similar technologies: You can control the use of cookies and similar technologies through your browser settings.

What security measures are used to protect your personal information?

Your personal information may be held in our offices, stored on our servers, or stored on the servers of our service providers. Protecting your personal information is very important to us. We have reasonable and appropriate physical, organizational, and technological security measures in place to ensure the protection of your personal information that we collect, use, process, and store. However, given that no security system is perfectly impenetrable, we cannot guarantee the security of your personal information.

Access to your personal information is limited to those of our employees, service providers, subcontractors, and agents that require such access for carrying out their duties.

  • We take reasonable measures to protect your information from unauthorized access, use, or disclosure. However, no method of transmission over the Internet is completely secure, and we cannot guarantee the security of your information.
  • The measures in place to protect personal data, such as encryption, secure servers, and access controls. We take reasonable measures to protect your personal data from unauthorized access, use, or disclosure.

These measures include:

  • Encryption: We may use encryption to protect your personal data when it is transmitted over the internet.
  • Secure servers: We store your personal data on servers that are secured using industry-standard measures.
  • Access controls: We implement access controls to ensure that only authorized personnel have access to your personal data.

How long do we retain your data?

We only retain your personal information for as long as necessary to fulfill the purposes for which it was collected. For users that register on our website (if any), we also store the personal information they provide in their user profiles. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

Data retention and deletion:

  • We will retain your information for as long as necessary to provide our services and fulfill the purposes described in this privacy policy. We may also retain your information to comply with legal obligations, resolve disputes, and enforce our agreements.
  • When we no longer need to use your information, we will delete it or anonymize it.

What rights do you have over your data?

If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

You may contact us at privacy@gpsi-intl.com.

The rights of the individuals whose personal data is collected, including the right to access, correct, or delete their data, and the right to object to or withdraw consent for its use.

As an individual, you have the following rights in relation to your personal data:

  • The right to access: You have the right to request a copy of the personal data we hold about you.
  • The right to rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
  • The right to be forgotten: You have the right to request that we delete your personal data, subject to certain exceptions.
  • The right to object: You have the right to object to the processing of your personal data for certain purposes, such as marketing.
  • The right to withdraw consent: If we rely on your consent to process your personal data, you have the right to withdraw your consent at any time.
  • The right to data portability: You have the right to request that we transfer your personal data to another organization, or to you, in a structured, commonly used, and machine-readable format.

Children’s Data

GPSI does not knowingly collect or process personal information from individuals under the age of 13 (or the age defined by applicable local laws). If such information is inadvertently collected, GPSI will take immediate steps to delete it from its systems.

Automated Decision-Making and Profiling

GPSI does not engage in automated decision-making or profiling that produces legal effects or similarly significant impacts on individuals. All candidate evaluations and hiring decisions involve human review and discretion.

When is your consent requested?

Your consent is required whether you are a GPSI employee or a candidate. Many of our internal processes require personal information such as social insurance numbers and bank account information for payroll management. This information must be obtained only with your consent.

We use two different processes:

GPSI employees

Throughout the recruitment process for a position within GPSI, no information is shared with an external entity. The CV information is uploaded to our ATS CVs and is retained by the Human Resources department for a period of 7 years.

Once the contract is signed, the personal information of each employee is managed by that person only through the ADP Workforce Now system. This system has a multiple authentication procedure ensuring that the person accessing personal information has the specific right. Under no circumstances is the information available for reading to anyone other than the payroll manager. Authorized people to support GPSI employees are ADP support & Human Resources managers.

Candidates

There are differences in our recruitment process for our client. Candidates who submit their CV on our website, via LinkedIn or by email, receive confirmation that their information will be shared with a client (see Appendix 2). In this email, we remind them that we have a privacy policy and that if they have questions that it is still possible to contact the Data Protection Officer.

In addition, we convert all the CVs received and retained in a so-called corporate template, which contains no personal information about the candidate (see Appendix 3). Only these formats, blind CV, are sent to our customers when submitting candidates.

Once the placement is completed the Contact/ personal information is shared with Clients to complete the assignment and is confirmed, the personal information of each candidate is managed by that person only through the ADP Workforce Now system. This system has a multiple authentication procedure ensuring that the person accessing personal information has the specific right. Under no circumstances is the information available for reading to anyone other than the payroll manager. Authorized people to support GPSI employees are ADP support & Human Resources managers.

If a candidate ever needs support to access his or her information, the person responsible for Human Resources will ask him or her three questions related to the information in his or her file. These questions must be random and deal with three different subjects.

Biometric requirements

There is a possibility that some mandates require security tests (e.g., finger printing) in these situations, the client manages this information with a third party. GPSI does not receive or retain this information. We’re not involved in the process. It’s only between the candidate and the client.

How can you file a privacy complaint?

If you believe that your privacy rights have been violated, you can file a complaint with our Privacy Office using the SCAR database and by raising Form 4 NCR. There will be no retaliation for filing a complaint at privacy@gpsi-intl.com.

If you have any questions or concerns about our privacy policy, or if you would like to exercise your rights as an individual, please contact our Data Protection Officer using the following information:

Name Mona Ashour
Title Data protection officer
Email privacy@gpsi-intl.com
Phone 866-980-1387

Confidentiality Incidents and Incident Response Plan

A confidentiality incident can be defined as unauthorized access, use or disclosure of personal information, loss of personal information, or other breach in the protection of such information. GPSI mapped the process of receiving information security incident. We have established that a request can come from a source outside the company or from an internal source.

They work with us:

Contact us

We are available in every major market. Let’s find a time to connect!
Contact us to learn more about our services

    We will be more than happy to answer your questions and help you!

    With our support, you will become a top-rated supplier. Your supply base will be solidified, and customers will recognize your good performance with more business, financial rewards and the stability that comes with it.

    By phone. Our hours of operation are  8:00 AM – 5:00 PM EST.:

    Canada toll free : 866-980-1387
    US Office : 316-263-1288
    UK Office: 44 121 295 6504

    Blogs

    Case Studies

    Press Release

    Success Stories

    Supply Chain Services
    Industry

    Contact us:

    Canada toll-free: 866-980-1387
    US Office: 316-263-1288
    UK Office: 44 121 295 6504

    Supply Chain Services

    Supplier Performance Services
    Supplier Assessment
    Rate Readiness &
    Maturity Assessment
    – Source Inspection

    Supplier Sourcing
    Supplier Recovery & Delivery Assurance
    Executive Management Support
    Supplier Development

    Manufacturing and Operations Consulting 

    Executive Management Support
    Strategic Project Management

    Industries

    Medical Devices
    Energy
    Aerospace and Defence
    Transportation & Rail
    eVTOL

    About

    Contact Us
    Careers
    News
    Privacy Policy
    Sitemap
    SMS Terms of use

    Resources

    Media
    Case Studies
    Blog
    Whitepaper
    Brochures

    Subscribe to our Intelligence Briefing