GMC Global Marketing Commerce

Global Marketing and Commerce (GMC)

Global Personal Data Processing Policy

Last updated: May 28, 2026

1. Introduction

At Global Marketing and Commerce ("GMC", "we", "our", or "the Company") we recognize the importance of privacy, information security, and the protection of personal data of our clients, users, partners, suppliers, employees, and visitors.

This Global Personal Data Processing Policy ("Policy") describes how we collect, use, store, protect, transfer, and process personal data in accordance with:

  • The European Union General Data Protection Regulation (GDPR / EU Regulation 2016/679).
  • Colombian Law 1581 of 2012 and its regulatory decrees.
  • Applicable international privacy and data protection regulations.
  • Global best practices for information security and digital privacy.

This Policy applies to all websites, forms, platforms, campaigns, applications, digital channels, technology tools, automation services, commercial processes, and operations carried out by GMC worldwide.

2. Data Controller

Controller: Global Marketing and Commerce

Website: gmarketingc.com

Contact email: privacy@gmarketingc.com

General email: info@gmarketingc.com

Corporate WhatsApp: +57 3011050564

International operations: The company operates from Colombia and provides services to clients and users located in multiple international jurisdictions.

3. Scope

This Policy applies to any processing of personal data carried out by GMC, including information collected through:

  • Websites and landing pages.
  • Digital forms.
  • Advertising campaigns.
  • CRM platforms.
  • Automation tools.
  • WhatsApp Business.
  • Email.
  • Social media.
  • Physical and virtual events.
  • Conversational commerce platforms.
  • Artificial intelligence tools.
  • Cookies and tracking technologies.
  • Contact and subscription forms.
  • Customer service.
  • Commercial and contractual processes.

4. Definitions

Personal Data: Any information that allows direct or indirect identification of a natural person.

Data Subject: Natural person whose personal data is being processed.

Processing: Any operation performed on personal data, including collection, storage, use, circulation, analysis, organization, or deletion.

Processor: Third party that processes personal data on behalf of GMC.

GDPR: European Union General Data Protection Regulation.

5. Principles

  • Legality.
  • Transparency.
  • Specific purpose.
  • Data minimization.
  • Accuracy.
  • Storage limitation.
  • Integrity and confidentiality.
  • Demonstrated accountability.
  • Information security.
  • Privacy by design.

6. Personal Data We May Collect

Identification data

  • Full name.
  • Identification document.
  • Job title.
  • Company.
  • Nationality.

Contact data

  • Email address.
  • Phone number.
  • Physical address.
  • City and country.

Commercial and professional data

  • Company.
  • Industry.
  • Commercial interests.
  • Contractual information.

Digital and technical data

  • IP address.
  • Browser.
  • Operating system.
  • Cookies.
  • Navigation data.
  • Campaign interactions.

Marketing and behavior data

  • Content preferences.
  • Interaction history.
  • Campaign responses.
  • Opens and clicks.

Data collected through automation or AI

  • Commercial conversations.
  • Automated interactions.
  • Responses generated through digital assistants.
  • Inputs voluntarily provided by users.

7. Sensitive Data

GMC does not deliberately request or process sensitive data except when strictly necessary, with explicit authorization from the data subject, or when required by law. If sensitive data is collected, reinforced security and confidentiality measures will be applied.

8. Purposes of Processing

Service delivery

  • Project execution.
  • Digital marketing.
  • Automation.
  • Technology development.
  • Audiovisual production.
  • Analytics.
  • Artificial intelligence.
  • Customer service.

Commercial management

  • Commercial contact.
  • Proposal drafting.
  • Invoicing.
  • Support.
  • Contract management.

Marketing and advertising

  • Newsletters.
  • Advertising campaigns.
  • Remarketing.
  • Commercial segmentation.
  • Digital advertising.
  • Content personalization.

Analytics and optimization

  • Traffic measurement.
  • Campaign optimization.
  • User experience improvements.
  • Performance evaluation.

Security

  • Fraud prevention.
  • Protection of technology infrastructure.
  • Access monitoring.

Legal compliance

  • Regulatory obligations.
  • Authority requirements.
  • Audits.

9. Legal Bases for Processing (GDPR)

  • Consent of the data subject.
  • Contractual execution.
  • Legitimate interest.
  • Legal obligation.
  • Protection of vital interests.
  • Regulatory compliance.

10. Use of Data for Advertising Purposes

GMC may use personal data for advertising, commercial, and digital marketing activities, including audience segmentation, personalized advertising, remarketing, commercial automation, email marketing, WhatsApp marketing, lookalike audience generation, and digital campaign optimization.

Important: GMC does NOT sell, rent, or trade personal databases to third parties. Data is used solely for our own service delivery, operations authorized by clients, and legitimate commercial activities related to GMC.

11. International Data Transfers

Due to the global nature of our operations, data may be transferred and stored on servers located outside the data subject's country of residence. This includes technology providers located in the European Union, United States, Latin America, and other international jurisdictions.

GMC implements adequate measures to ensure appropriate levels of protection, standard contractual clauses, security controls, and international privacy compliance.

12. Processors and Third Parties

We may work with third parties that process information on our behalf, including CRM platforms, email marketing tools, hosting and cloud computing, automation platforms, advertising platforms, AI tools, web analytics, and customer service systems. All third parties must comply with confidentiality and security obligations.

13. Data Retention

Personal data will be retained only for the time necessary to fulfill the processing purpose, comply with legal obligations, resolve disputes, meet regulatory requirements, and maintain legitimate commercial records. Afterwards, it will be securely deleted, anonymized, or blocked.

14. Information Security

GMC implements reasonable technical, administrative, and organizational measures to protect information against unauthorized access, loss, alteration, improper disclosure, fraudulent use, and cyber attacks.

Measures include access controls, secure authentication, encryption, firewalls, backups, access segmentation, internal confidentiality policies, and infrastructure monitoring.

15. Rights of Data Subjects

  • Access personal data.
  • Request correction or update.
  • Request deletion.
  • Limit processing.
  • Object to processing.
  • Request portability.
  • Revoke consent.
  • File complaints with competent authorities.

16. Procedure to Exercise Rights

Requests must be sent to privacy@gmarketingc.com and include full name, contact information, a clear description of the request, and supporting documents when applicable. GMC will respond within the legal timeframes applicable to the relevant jurisdiction.

17. Cookies and Tracking Technologies

Our websites may use cookies, pixels, tracking tags, analytics tools, and advertising scripts. These technologies improve user experience, analyze behavior, optimize campaigns, measure conversions, and personalize content. Users can manage cookies from their browser settings.

18. Use of Artificial Intelligence and Automation

GMC may use AI and automation tools for content generation, automated customer service, commercial segmentation, advertising optimization, behavior analytics, and conversational automation. We do not use fully automated systems to make decisions producing significant legal effects on individuals without adequate human supervision.

19. Protection of Minors

Our services are not intentionally directed at minors. We do not deliberately collect information from minors without the corresponding legal authorization. If we identify improperly collected data from minors, we will proceed to delete it immediately.

20. Security Breaches

In the event of security incidents compromising personal data, GMC may activate internal protocols, mitigate risks, notify competent authorities when required, and inform affected data subjects in accordance with applicable law.

21. International Compliance

GMC seeks alignment with international standards including GDPR (Europe), Colombian Law 1581, international privacy principles, and ISO best practices related to information security.

22. Changes to the Policy

GMC may update this Policy at any time. Changes will take effect upon publication at gmarketingc.com.

23. Contact

Email: privacy@gmarketingc.com

Website: gmarketingc.com

WhatsApp: +57 3011050564

24. Consent

By using our services, websites, forms, or digital channels, the user declares having read and accepted this Global Personal Data Processing Policy.