Privacy Notice

We at Gryphon Investigations Ltd. d/b/a Gryphon Strategies (“Gryphon Strategies,” “we,” “us,” or “our”) have created this Privacy Policy because we know you care about how information you provide to us is used and shared. This Privacy Policy applies to information collected when you visit our website located at www.gryphon-strategies.com (the “Site”), or purchase and/or use our services (“Services”).

Description of Users and Acceptance of Terms

This Privacy Policy applies to visitors to our Site, who view only publicly-available content (“Visitors”), and customers who purchase our Services (“Customers”).

By visiting our Site, Visitors are agreeing to the terms of this Privacy Policy and the accompanying Terms of Use.

By purchasing and/or using our Services, each Customer is agreeing to the terms of this Privacy Policy and that certain customer agreements between each Customer and Gryphon Strategies (the “Customer Agreements”). In the event of any conflict between the terms of this Privacy Policy and your Customer Agreements, the terms of the Customer Agreements shall govern.

Capitalized terms not defined in this Privacy Policy shall have the meaning set forth in our Terms of Use (when such term concerns Visitors), or the Customer Agreements (when such term concerns Customers).

What Information We Collect/Receive; the Purpose of Collection and Use

We collect and/or receive the following categories of information.

Contact Information: When you contact us through the Site, or purchase our Services, you will be asked to provide certain information which may include first name, last name, e-mail address, phone number, and name of your organization (“Contact Information”). The Contact Information is used to provide the requested Services, or information, and to contact Customers, and Visitors for purposes of direct marketing of our current and future products and services.

Investigation Subject Information: In order to provide our Services to our Customers, we collect certain information about the subjects of investigation (“Investigation Subjects”) which may include first name, last name, date of birth, SSN or Foreign ID Number, driver license number, passport Information, address history, professional biography (education and employment history), salary and other asset/source of wealth information, and names of relatives (“Investigation Subject Information”). Our Customers authorize the processing and transfer of Investigation Subject Information, and, as required under applicable laws and regulations, are responsible for providing privacy notifications to, and obtaining all necessary consents or authorizations from, Investigation Subjects in order for us to provide our Services.

Other Information: In addition to the Contact Information and Investigation Subject Information we may collect additional information (the “Other Information”). Such Other Information may include:

  1. From Your Activity. In an ongoing effort to improve the Site, we automatically collect certain information when you visit the Site. Such information includes, without limitation, your IP address, browser type and language, domain names, referring and exit pages and URLs, date and time, amount of time spent on particular pages, what sections of the Site Visitors visit, and similar information concerning your use of the Site.
  2. From Cookies. We collect information using “cookie” technology. Cookies are small packets of data that a website stores on your computer’s or mobile device’s hard drive so that your computer will “remember” information about your visit. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer until you delete them) to help us collect Other Information and to enhance your experience on the Site. If you do not want us to place a cookie on your hard drive, you may be able to turn that feature off on your computer or mobile device. Please consult your Internet browser’s documentation for information on how to do this and how to delete persistent cookies. However, if you decide not to accept cookies from us, the Site may not function properly.
  3. Third-Party Analytics. We may use one or more third-party analytics services (such as Google Analytics) to evaluate your use of the Site, compile reports on activity, collect demographic data, analyze performance metrics, and collect and evaluate other information relating to the Site and mobile and Internet usage. These third parties use cookies and other technologies to help analyze and provide us the data. By accessing and using the Site, you consent to the processing of data about you by these analytics providers in the manner and for the purposes set out in this Privacy Policy. Please be advised that if you opt out of any service, you may not be able to use the full functionality of the Site.

    Below is a list of analytics providers that we use; however, such list may be subject to change based on how we wish to understand the user experience and we will endeavor to update it diligently. You may use the accompanying links to learn more about such providers and, if available, how to opt-out from their analytics collection.

    For Google Analytics, please visit: https://www.google.com/analytics

Aggregated Information

In an ongoing effort to better understand our Visitors, Customers, and our products and services, we may analyze your information in anonymized and aggregate form in order to operate, maintain, manage, and improve the Site, and the Services. This aggregate information does not identify you personally. We may share and/or license this aggregate data to our affiliates, agents, business partners, and other third parties. We may also disclose aggregated user statistics in order to describe the Site and the Services to current and prospective business partners and investors and to other third parties for other lawful purposes.

Additional Uses

We also use information collected pursuant to this Privacy Policy to provide and improve the Site and the Services; to solicit your feedback; and to inform you about our products and services and those of our promotional partners.

Onward Transfer to Third Parties

Like many businesses, we contract with other companies to perform certain business-related services. We may disclose your information, including personal information in some cases, to certain types of third-party companies, but only to the extent needed to enable them to provide such services, including, without limitation, cloud hosting providers, analytics providers, customer relationship database providers, document repository and management providers, and background check and investigation services providers. All such third parties function as our agents, performing services at our instruction and on our behalf pursuant to contracts which require they provide at least the same level of privacy protection as is required by this Privacy Policy and implemented by Gryphon Strategies. We may also disclose your information, including any personal information, to any of our parent companies, subsidiaries, joint ventures, or other companies under common control with us in order to support delivery of our products and services.

Opt-Out for Direct Marketing

You may opt out at any time from the use of your personal information for direct marketing purposes by e-mailing the instructions to this email address: DataPrivacy@gryphon-strategies.com. Please allow us a reasonable time to process your request.

How We Protect Your Information

Gryphon Strategies is committed to taking appropriate measures to protect your information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction, taking into account the risks involved in processing and the nature of such data, and compliance with applicable laws and regulations. Please understand, however, that no security system is impenetrable. We cannot guarantee the security of our databases, nor can we guarantee that the information you supply will not be intercepted while being transmitted to and from us over the Internet. In particular, e-mail sent to or from the Site and/or the Services may not be secure, and you should therefore take special care in deciding what information you send to us via e-mail.

Retention of Personal Information

We will retain your personal information in a form that identifies you only for as long as it serves the purposes for which it was initially collected as stated in this Privacy Policy or subsequently authorized. We may continue processing your personal information for longer periods, but only for the time and to the extent such processing reasonably serves the purposes of archiving in the public interest, journalism, literature and art, scientific or historical research, and statistical analysis and subject to the protection of this Privacy Policy. After such time periods have expired, we may either delete your personal information or retain it in a form such that it does not identify you personally.

Accessing and Modifying Information and Communication Preferences

Upon request to DataPrivacy@gryphon-strategies.com, we will provide you with confirmation as to whether we are processing your personal information, and have the information communicated to you within a reasonable time. You have the right to correct, amend, or delete your personal information where it is inaccurate or has been processed in violation of this Privacy Policy. We may require payment of a non-excessive fee to defray our expenses in this regard. Please allow us a reasonable time to respond to your inquiries and requests.

In addition, you may manage your receipt of marketing and non-transactional communications by clicking on the “Unsubscribe” link located on the bottom of any Gryphon Strategies marketing e-mail. We will use commercially reasonable efforts to process such requests in a timely manner. You should be aware, however, that it is not always possible to completely remove or modify information in our subscription databases. Customers cannot opt out of receiving transactional e-mails related to their account with Gryphon Strategies.

Business Transfers

In the event of a merger, dissolution, or similar corporate event or the sale of all or substantially all of our assets, we expect that the information that we have collected and/or received, including personal information, would be transferred to the surviving entity in a merger or to the acquiring entity. All such transfers shall be subject to our commitments with respect to the privacy and confidentiality of such personal information as set forth in this Privacy Policy.

Disclosures to Public Authorities

In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also disclose personal information to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.

Important Notice to Non-U.S. Residents

The Site, and its servers are operated in the United States. Please be aware that your information, including your personal information, may be transferred to, processed, maintained, and used on computers, servers, and systems located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. Except in the case of data transfers under the EU-U.S. Privacy Shield and the Swiss-US Privacy Shield Framework, your decision to provide such data to us, or allow us to collect such data through our Site or Services constitutes your consent to this data transfer.

Important Notice For Individuals of the European Economic Area and Switzerland

Gryphon Strategies complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland transferred to the United States pursuant to Privacy Shield. Gryphon Strategies has certified that it adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this Privacy Policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

Gryphon Strategies is subject to the investigatory and enforcement powers of the Federal Trade Commission.

Upon request to DataPrivacy@gryphon-strategies.com we will provide you with confirmation as to whether we are processing your personal information, and have the information communicated to you within a reasonable time. You have the right to access, correct, amend or delete your personal information where it is inaccurate or has been processed in violation of this Privacy Policy. We may require payment of a non-excessive fee to defray our expenses in this regard. Please allow us a reasonable time to respond to your inquiries and requests.

We will provide an individual opt-out choice before we share your personal information with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to DataPrivacy@gryphon-strategies.com, with the subject line, “Privacy Shield”.

We will not disclose your sensitive personal information to any third party without first obtaining your opt-in consent. You may grant such consent by contacting us at to DataPrivacy@gryphon-strategies.com, with the subject line, “Privacy Shield”. In each instance, please allow us a reasonable time to process your response.

In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also disclose personal information to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.
Gryphon Strategies’ accountability for personal information that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Gryphon Strategies remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal information on its behalf do so in a manner inconsistent with the Principles, unless Gryphon Strategies proves that it is not responsible for the event giving rise to the damage.

In compliance with the EU-US Privacy Shield Principles and the Swiss-U.S. Privacy Shield Principles, Gryphon Strategies commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the EU-US and Swiss-US Privacy Shield Principles. EU individuals with inquiries or complaints regarding this Privacy Policy should first contact Gryphon Strategies at DataPrivacy@gryphon-strategies.com, with the subject line, “Privacy Shield”.

Gryphon Strategies has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles and Swiss-U.S. Privacy Shield Principles to BBB PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your Privacy Shield complaint is not satisfactorily addressed by Gryphon Strategies, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

External Websites

The Site may contain links to third-party websites (“External Sites”). Gryphon Strategies has no control over the privacy practices or the content of these External Sites. As such, we are not responsible for the content or the privacy policies of those External Sites. You should check the applicable third-party privacy policy and terms of use when visiting any such External Sites.

Children

We do not knowingly collect personal information from children under the age of 13. If you are under 13, please do not give us any personal information. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Policy by instructing their children to never provide us personal information without their permission. If you have reason to believe that a child under the age of 13 has provided personal information to us, please contact us, and we will endeavor to delete that information from our databases.

California Residents

Under California Civil Code Section 1798.83, California residents who have an established business relationship with Gryphon Strategies may choose to opt out of our sharing their personal information with third parties for direct marketing purposes. If you are a California resident and (1) you wish to opt out; or (2) you wish to request certain information regarding our disclosure of your personal information to third parties for the direct marketing purposes, please send an e-mail to DataPrivacy@gryphon-strategies.com or write to us at:

Gryphon Strategies
Attn: J. Tiburzi, Data Privacy Officer
1 N Broadway, Suite 602
White Plains, NY 10601

In addition, Gryphon Strategies does not monitor, recognize, or honor any opt-out or do not track mechanisms, including general web browser “Do Not Track” settings and/or signals.

Changes to This Privacy Policy

This Privacy Policy is effective as of the date stated at the top of this Privacy Policy. We may change this Privacy Policy from time to time. Any such changes will be posted on the Site. By accessing the Site and/or using the Services after we make any such changes to this Privacy Policy, you are deemed to have accepted such changes. Please be aware that, to the extent permitted by applicable law, our use of your information is governed by the Privacy Policy in effect at the time we collect the Information. Please refer back to this Privacy Policy on a regular basis.

How to Contact Us

If you have questions about this Privacy Policy, please contact Gryphon Strategies via e-mail at DataPrivacy@gryphon-strategies.com with “Privacy Policy” in the subject line.