top of page

Privacy Policy

Effective Date: June, 2025

​

The Global Anti-Scam Alliance ("GASA", "we", "our", or "us") is committed to protecting your personal data and privacy rights. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website [https://www.gasa.org] ("Site"), attend our events, or otherwise engage with us.

​

1. Who We Are

The Global Anti-Scam Alliance is a nonprofit organization working to protect individuals and organizations from scams worldwide. If you have questions about this policy, please contact:

Global Anti-Scam Alliance


Email: partner@gasa.org
Website: https://www.gasa.org/

​

2. What Data We Collect

We may collect and process the following categories of personal data:

​

a. Personal Information You Provide

  • Full name

  • Email address

  • Job title and organization

  • Country or region

  • Information submitted via forms or surveys

  • Communications with our team

​

b. Automatically Collected Data

  • IP address

  • Browser and device type

  • Pages visited, time spent, and referral source

  • Cookie and tracking data (see Section 6)

​

3. How and Why We Use Your Data (Legal Bases)

We process personal data under the following legal bases (in accordance with Article 6 of the GDPR and equivalents in other jurisdictions):

​

Purpose / Legal Basis

Communicating with you / Consent or Legitimate Interest

Sending newsletters and updates / Consent

Registering for events / Performance of a contract

Responding to inquiries / Legitimate Interest

Improving website functionality and security / Legitimate Interest

Complying with legal obligations / Legal Obligation

​

4. How We Share Your Information

We do not sell your personal information.

​

We may share data with:

  • Third-party service providers such as email tools (e.g., Moosend), webinar platforms (e.g., StreamYard), automation (e.g., Zapier), and customer support (e.g., Helpscout)

  • Hosting and analytics platforms

  • Event partners, only with your explicit consent

  • Public authorities, where legally required

​​

All third parties who process personal data on our behalf are bound by a Data Processing Agreement (DPA) in compliance with Article 28 of the GDPR and equivalent laws.

​

5. International Data Transfers

Your personal data may be transferred to and processed in countries outside your own jurisdiction, including countries that may not provide the same level of data protection (e.g., the United States).

​

In such cases, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission

  • Adequacy decisions where applicable

  • Data Processing Agreements with appropriate safeguards

​

6. Cookies and Tracking

We use cookies and similar technologies to:

  • Analyze website usage

  • Improve content and performance

  • Track campaign effectiveness

​

By continuing to use our Site, you consent to our use of cookies unless you disable them in your browser.

Users from the EU/EEA, UK, and other jurisdictions with opt-in cookie requirements will be presented with a cookie consent banner upon visiting the site.

​

7. How Long We Keep Your Data

We retain your personal data only as long as necessary for the purposes outlined in this policy, unless a longer retention period is required by law.

​

We regularly review and securely delete or anonymize unused data.

​

8. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Right to access your data

  • Right to rectification of inaccurate data

  • Right to erasure (“right to be forgotten”)

  • Right to restriction of processing

  • Right to data portability

  • Right to object to processing

  • Right to withdraw consent at any time

  • Right not to be subject to automated decision-making (we do not use such processing)

​

To exercise any of these rights, contact partner@gasa.org.

​

9. Your California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the right to:

  • Know what personal information we collect, use, and disclose

  • Request deletion of your personal information

  • Opt-out of the sale or sharing of your personal data (we do not sell your data)

  • Request correction of inaccurate information

  • Limit the use of sensitive personal data (if collected)

​​

To exercise your California rights, email us at partner@gasa.org with “CCPA Request” in the subject line.

​

10. Children’s Privacy

Our Site and services are not directed at or intended for children under the age of 16. We do not knowingly collect data from minors. If you believe we have done so, please contact us to have the data removed.

​

11. Data Security

We use technical and organizational measures to protect your personal data, including:

  • Secure hosting

  • Access controls

  • Encryption (where appropriate)

  • Staff awareness and confidentiality agreements

​

While we take data security seriously, no online service can be 100% secure.

​

12. Data Processing Agreements (DPAs)

We enter into Data Processing Agreements with all third-party vendors that process data on our behalf. These DPAs ensure that your personal information is handled according to strict confidentiality, security, and legal standards in compliance with applicable laws, including GDPR and CCPA.

​

13. Updates to This Policy

We may update this Privacy Policy from time to time. If we make significant changes, we will notify you by posting the updated policy on our website and changing the "Effective Date" at the top.

​

14. Contact Us

For questions, concerns, or to exercise your privacy rights:

​

Global Anti-Scam Alliance
Email: partner@gasa.org
Website: https://www.gasa.org/

bottom of page