The organisation after recognising the importance of protecting personal information has established a privacy policy on the protection of personal information. The organisation constantly attempts to protect personal information appropriately by familiarizing its directors, officers and employees with the privacy policy.
The extracts of the privacy policy stated as below:
A.Utilizing of Personal Information
Personal information, including but not limited to names, email addresses, phone numbers, postal addresses, and organisational details, is obtained through lawful and transparent means. Such information is utilized only for specified and legitimate purposes, including but not limited to providing requested services, communicating project updates and service-related information, sending transactional notifications such as invoices, reports, and deliverables, responding to inquiries submitted through the website or other communication channels, and sending periodic newsletters or updates where the individual has explicitly opted in to receive such communications.
B.Provision of Personal Information to a Third Party
Personal information collected shall not be provided, sold, rented, or otherwise disclosed to any third party without obtaining the prior consent of the individual concerned, except where required by law or regulatory authority. In cases where sharing of information with a third-party service provider is necessary for the fulfilment of services (such as email delivery infrastructure, cloud hosting, or analytics services), such third party must maintain appropriate and adequate standards for the protection of personal information and must execute an appropriate data processing agreement. Necessary and appropriate supervision shall be ensured towards implementing safety control measures with respect to such personal information. Under no circumstances shall email addresses or contact details collected by the organisation be sold, traded, or shared with third parties for marketing purposes.
C.Managing Personal Information
The organisation prevents any leak or loss of, and damage to personal information, and implements necessary and appropriate measures to ensure that personal information is securely managed. In case of such as a leak of personal information occur, the organisation endeavors to minimize the damage by taking prompt action.
D.Disclosure, Revision, and Deletion of Personal Information
When requested by an individual to disclose, revise, or delete his or her personal information, the organisation shall promptly act upon such request after confirming the individual’s identification. This includes the right to:
- Request access to all personal information held by the organisation pertaining to the individual
- Request correction of any inaccurate or incomplete personal information
- Request permanent deletion or erasure of personal information, including removal of email addresses from all mailing lists and communication databases
- Withdraw previously granted consent for receiving any form of communication from the organisation
All such requests may be directed to the Privacy Officer at care@gmands.com or by writing to:
Glopal Management and Services246-A, Santi Pally, BL-BE-121
Kasba, PO – E.K.T.P.
Kolkata – 700107
E.Compliance with the Existing Laws
The organisation endeavours to protect personal information by continuously improving the framework for the protection of personal information. The organisation complies with all applicable laws and regulations pertaining to the protection of personal information, including but not limited to:
- Applicable international data protection regulations where services are provided to clients outside India
- The Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
- The Digital Personal Data Protection Act, 2023 (DPDP Act)
- Any rules, regulations, or guidelines issued by the Data Protection Board of India
F.Any Revision of the Privacy Policy
The organisation may revise all or a part of its existing privacy policy and in case of any important revision, such revision will be notified on the organisation website.
Email Communication Policy
Glopal Management and Services uses email as a primary channel for business communication with its clients, partners, and individuals who have consented to receive communications from the organisation. This section outlines our practices governing the collection, use, and management of email addresses and all communications sent by the organisation.
A.Types of Email Communications
The organisation sends the following categories of email communications:
- Transactional Emails: Service confirmations, project updates, deliverable notifications, invoices, reports, and other communications directly related to an ongoing service engagement or contractual obligation
- Operational Emails: System notifications, account-related updates, security alerts, and scheduled maintenance notifications
- Informational and Marketing Emails: Newsletters, industry updates, promotional offers, event invitations, and other non-transactional communications, sent only to individuals who have explicitly opted in to receive such communications
B.Consent and Opt-In Policy
Email addresses are collected only through lawful and transparent means, including:
- Contact forms and inquiry forms on this website
- Direct business engagement, client onboarding, and service agreements
- Explicit opt-in through newsletter subscription forms
- Exchange of business cards or contact details at professional events, trade shows, or business meetings, with the knowledge and implied consent of the individual
The organisation does not purchase, rent, or acquire email lists from third-party sources. All recipients on our mailing lists have either directly provided their email address to the organisation or have an existing business relationship with us.
C.Unsubscribe and Opt-Out Mechanism
Every non-transactional email communication sent by Glopal Management and Services includes a clear and visible unsubscribe link, enabling recipients to opt out of future communications at any time. Upon receiving an unsubscribe request:
- The request shall be processed within 7 (seven) business days
- The individual’s email address shall be permanently removed from the relevant mailing list
- No further non-transactional communications shall be sent to the opted-out address
Recipients may also opt out of communications by sending an email to care@gmands.com with the subject line “Unsubscribe” or by writing to our registered office address.
Please note that opting out of marketing or informational emails does not affect transactional communications that are necessary for the fulfilment of an existing service agreement or contractual obligation.
D.Bounce and Complaint Handling
The organisation maintains robust mechanisms for handling email bounces and complaints to ensure high email deliverability standards and to protect the reputation of our sending infrastructure:
- Hard Bounces: Email addresses that produce a permanent delivery failure (hard bounce) are immediately and permanently removed from all active mailing lists. No further emails shall be sent to such addresses.
- Soft Bounces: Email addresses that produce a temporary delivery failure (soft bounce) are retried for a limited period. If delivery continues to fail, the address is suppressed from future communications.
- Spam Complaints: Any recipient who marks an email from the organisation as spam or files a complaint through their email service provider will be immediately unsubscribed and suppressed from all future communications. The organisation monitors complaint rates and takes corrective action if complaint thresholds are exceeded.
- List Hygiene: The organisation periodically reviews and cleans its mailing lists to remove invalid, inactive, or unengaged email addresses, ensuring that communications are sent only to active and willing recipients.
E.Email Authentication and Security
To ensure the integrity and authenticity of email communications sent by the organisation, the following email authentication protocols are implemented:
- SPF (Sender Policy Framework): DNS records are configured to specify which mail servers are authorised to send emails on behalf of the organisation’s domain
- DKIM (DomainKeys Identified Mail): All outgoing emails are digitally signed to verify that the message has not been altered in transit
- DMARC (Domain-based Message Authentication, Reporting, and Conformance): A DMARC policy is implemented to provide receiving mail servers with instructions on how to handle emails that fail SPF or DKIM authentication checks
These measures are in place to protect recipients from phishing, spoofing, and other email-based threats.
Data Retention Policy
Personal information, including email addresses and contact details, is retained by the organisation only for as long as necessary to fulfil the purpose for which it was collected. The following retention guidelines apply:
- Active Client Data: Personal information related to active service engagements is retained for the duration of the engagement and for a period of 3 (three) years thereafter, unless a longer retention period is required by applicable law or regulation
- Email Communication Records: Records of email communications, including delivery logs, bounce records, and complaint records, are retained for a period of 1 (one) year for compliance and audit purposes
- Marketing and Newsletter Subscriber Data: Email addresses of newsletter subscribers are retained until the individual unsubscribes or requests deletion
- Website Inquiry Data: Information submitted through website contact forms is retained for a period of 1 (one) year from the date of submission, unless the inquiry results in a business engagement
Upon expiry of the applicable retention period, personal information is securely deleted or anonymised in a manner that prevents reconstruction or re-identification.
Last reviewed: March 18, 2026 · Questions? Contact us.