Last updated on June 01, 2022.

1 Introduction

GLSS respects each site visitor’s right to privacy. We collect and use information from our website only as disclosed in this privacy statement. This privacy statement applies to and discloses the privacy practices of information collected by GLSS only. If you disagree with any part of this privacy statement, please do not use our website.

Hereafter, the terms “GLSS” and “we” and its derivatives refer to the owner of the website. The term “you” and its derivatives refers to the user or viewer of our website. The term “statement” refers to this document. The terms “GLSS website” or simply “website” refer to the website

GLSS is the data controller of the information you provide during the process of application, registration, certification, examination, or other purposes as outlined in this privacy statement.

Any details entered in one of our online forms will be stored electronically by us. If you have any questions about the process or the way your information is handled, please contact our data protection officer via email at

2 Website content

The content of the GLSS website is intellectual property protected by law. The information and content provided may not be re-used without our explicit permission, except for private or other personal use within the limitations of the General Data Protection Regulation (GDPR). The press releases and articles from our press service presented on the website are available to the editors of newspapers or periodicals for publication. Should they be published, GLSS will request the publisher to provide a proof copy.

This privacy statement does not cover any link within the GLSS website that leads to other websites. We have no authority or responsibility over the content or design of other companies’ websites that can be assessable via hyperlinks from our website. Furthermore, we explicitly disassociate from any internet content that might be illegal or offensive. You take full responsibility for using hyperlinks on our website to access other companies’ websites. We recommend that you check the policies concerning data protection and privacy of the GLSS partners or other users whose websites can be accesses through our website.

GLSS is not responsible for any outcome caused by opening or otherwise engaging with the website(s) of our partners. The partners hyperlinks and addresses provided on our website are generated automatically (geographical location and contact) in accordance with the partners physical address.

3 Lawful Basis for Processing

We collect personally identifiable information (PII) only with the consent of the natural person (data subject) and ensure that the data collected is used only for the stated purpose.

In addition, when you create an account and become a GLSS client, partner, trainer, auditor, invigilator, or distributor, you are required to fill out an electronic form for which we are not held responsible. We ask for your consent to send you information only regarding our training courses, news, newsletters, webinars, or other content related to our services.

4 Types of Collected Information

We only collect the information that you provide to us when you visit our website.

The provision of information to GLSS is a voluntary act. Clicking the “Submit” button on any of our web forms on our website means that you are aware of the GLSS’s Terms, Conditions, and Policy provisions and voluntarily consent to the conditions outlined therein.

4.1 Registration Forms

When creating a GLSS account, you provide information which can personally identify you, such as your full name, email address, phone number, country, state, and city. In addition, when you create a GLSS partner account, we also collect your company’s information, including its name, physical address, phone number, and fax.

The information we collect helps us complete your registration process and identify you as a user of our website.

4.2 Registration through the partner

GLSS operates globally through its network of partners. GLSS helps their partners so they can perform and distribute GLSS services to their clients effectively and with high quality. GLSS partners are eligible to create training course events and enroll training course participants in them. When using the Enroll Course Participants form, the participant’s GLSS account will be created by the partner and only activated after the user clicks the activation link via email.

The partner is fully responsible for creating the account and for using the participant’s PII, including the full name, country, province/state, and email address.

4.3 Marketing emails

GLSS is the data controller responsible to handle all marketing communications of GLSS services and products.

If you previously agreed to receive marketing communications, you will occasionally receive relevant news and offers about our services and products. To improve our services we may contact you for survey and market research purposes.

Personal Information collected for marketing purposes is processed in accordance with your subscription preferences.

4.4 Help and Support Center

We support our clients via the Live Chat support line, available at our website’s Help Center. If you use Live Chat, we will collect your name, email address, and the content of your Live Chat session. This information will be retained for three years and will not be shared with other parties. Live Chat logs are continually monitored for quality improvement.

If and when you call GLSS’s support line, we collect Calling Line Identification information. We use this information to help improve the efficiency and effectiveness of our services. GLSS holds the information necessary to fulfill callers’ requests, opening a ticket in the system, and going through processes regarding the ticket until the procedure is completed. The information provided through the ticketing system is reviewed and, if applicable, deleted on an annual basis.

4.5 Persons Who Contact Our Network through the Website

If you use our website to connect with our network of partners and trainers, we collect only the information you provide us with, such as your name, phone number, email address, and residence.

Your composed message is also collected to prevent, detect, and respond to any form of fraud or abuse that could damage our network.

4.6 Job Applicants

When you apply for a job at GLSS, we ask for your personal information, contact details, email address, and résumé. Your résumé may contain other data that are considered personal information, such as your education certifications, professional trainings, and previous work experiences.

All the information you provide during your job application is only used to process your application or, if necessary, to fulfill legal and regulatory requirements. We use your contact details to provide you with information related to the processing of your job application. In addition, we use the other information you provide to assess your suitability for the role you have applied for.

We do not collect more information than we need to fulfill our stated purposes and do not retain any information for longer than necessary. We do not share any of the information you provide with any third parties. The information you provide, be it in digital or physical format, will be handled securely.

5 Our Service Providers

5.1 Amazon Web Services

To provide our services and publish our website, we use the cloud computing platform of Amazon Web Services (AWS). We do not grant any permission to AWS to share any personal information that we collect from our website’s account holders. You can read the privacy notice of AWS here.

5.2 Emailing

Microsoft 365 (Outlook) is another service we use for email exchanging and cloud data backup. We use Microsoft 365 because it complies with several information security requirements, including, but not limited to, ISO/IEC 27001, ISO/IEC 27701, and the EU-GDPR. Microsoft 365 offers encryption of data at rest that includes files stored in cloud service and encryption of data in transit that includes exchanged email messages or conversations that are taking place in a meeting.

Microsoft 365 uses several technologies and strong encryption protocols that include Internet Protocol Security (IPSec), Transport Layer Security/Secure Sockets Layer (TLS/SSL), and Advanced Encryption Standard (AES). We do not guarantee encryption to the recipients of our emails. Therefore, ensuring encryption in your end is your sole responsibility.

We also monitor any emails sent to us for viruses or malicious software, including file attachments. Please note that you are responsible for ensuring that any email you send to us is legally compliant.

We use third parties, such as Sendinblue, Amazon SES, and Microsoft Outlook, to deliver emails to our network. For more information on how data is handled by them, please read Sendinblue’s privacy policy, Amazon’s privacy notice, and Microsoft’s privacy statement.

5.3 Payments on the GLSS website

Payments made from the GLSS website are processed by a third-party service called Stripe. The information provided during the payment process is not stored in the GLSS system, but it is only passed on to Stripe for the sole purpose of completing the payment process initiated by the user. To find out how Stripe processes and uses your data, please read their privacy policy.

Our website also supports PayPal payment services. PayPal privacy statement is available here.

5.5 GoToWebinar

In order for our free webinars to be accessible globally, we use the services of LogMeIn Inc., Go-To-Webinar and GoToMeeting. The LogMeIn Inc. privacy policy can be found here.

Upon interest to participate in a webinar organized by GLSS, during the registration on the platform, we collect your full name, email address, and residence for the sole purpose of identifying your participation in the webinar.

5.6 Social Media

We use third-party providers, such as LinkedIn, Facebook, Instagram, Twitter, YouTube, SlideShare, ISSUU, Pinterest, and others to manage our social media interactions.

Social media interaction is maintained via social media accounts listed above. All providers have their own privacy policies and statements that outline the way they collect, process, and store data. To read their policies and statements, please make sure to visit their websites.

If you send us a private or direct message via social media, the message will be stored at LinkedIn and Slideshare as per their privacy policy, Facebook and Instagram as per their data policy, and Twitter as per their privacy policy. Google LLC and its affiliates offer different services, including YouTube, for which they have their own privacy policy.

The subscribers of GLSS on LinkedIn will not be shared with another network by GLSS, unless requested or asked by them. We do not send any marketing emails to our network subscribers without prior consent. In addition, we may publish a link for subscription to our news and newsletters.

5.7 Digital badges

We use Credly to issue digital badges that are web-enabled versions of your certification credentials. Information such as your name, email address, and certification schemes are necessary to ensure the authentication of badges via Credly.

Upon giving your consent to the processing of the abovementioned data when creating your GLSS account, the service will automatically award badges after your certification application is validated, and after creating an account with Credly. To know your Data Subject Rights and learn how Credly processes your information, please refer to Credly’s Privacy Policy.

5.8 Ticketing system

To track issues and manage projects we use management services of Atlassian Jira.

We may store personal details of individuals when necessary to track and manage matters subject to their account or the GLSS system. Content could also include a description of the topic, files, and links relevant to the subject matter.

6 Cookies and Similar Technologies

When you visit our website, you should be aware that we use third-party services like Google Analytics to collect standard internet log information and details of visitor behavior patterns. This is done with the aim of collecting information with regard to the number of visitors on our website. The processing of this information does not provide any kind of identification of the visitors.

In addition, we use Content Delivery Network to identify the geolocation of our website visitors. The only case when GLSS collects personally identifiable information through the website is when a visitor voluntarily creates a user account. We provide full transparency and clear explanation on how we use the information collected in these cases.

You can read more about how we use cookies on in our Cookie Policy.

7 Certification Exam

Before scheduling an online GLSS exam, candidates are required to submit an online exam profile through their GLSS account. Candidates are required to provide a picture of their front profile and their governmental or non-governmental ID, whereby all information apart from their full name and picture can be hidden.

Candidates taking a paper-based exam are required to fill out the Candidate Identification Sheet (CISH) before starting the exam. In the CISH, they are required to provide their full name, email address, and additional exam session details, such as exam title, date, and location. The sole purpose of collecting this information is for GLSS to identify candidates.

By taking a GLSS exam, GLSS will use your full name and email address to enroll you in the system of processing exams. In addition, we might also use your full name, and email address to enroll you in the completed training course event, in case the step was not already completed by the GLSS Partner.

GLSS training courses are offered via GLSS-authorized partners. After completing the training course, candidates can take the certification exam on a paper-based exam or through the GLSS online examination platform. The date of announcing the exam results depends on various factors, and after the exam results are announced, the training course organizer (GLSS partner) and the training course trainer(s) (GLSS-certified trainer(s)) will be able to see the exam results in order to fulfill administrative tasks (e.g., complete candidates list, schedule exam retakes). This applies to all training course participants who, after completing the training course, make their first attempt on a paper-based exam, take a retake paper-based exam, take a first attempt exam online, or take a retake exam online.

This applies to all training course formats offered by GLSS through its authorized partners. The results are shared with the partners and trainers through their partner account and certified trainer account(s).

If, due to a disability, a candidate needs special accommodation during the exam, they are required to fill out the Candidates with Disabilities Form and provide GLSS with documented information before the request is reviewed for approval. Information concerning the candidate’s medical condition is treated with strict confidentiality.

7.1 GLSS Exams

GLSS Exams, the application we have developed to offer online certification exams, is also used to provide certification exams for accredited GLSS certification schemes.

The application shares the examinee’s webcam feed and computer screen, not simultaneously, with the remote online exam Invigilator at all times during the candidate’s verification process, and online examination. The feed is stopped when the exam time span ends, and the Invigilator can no longer access the feed.

During the verification step and the online examination process, the application takes automatic screenshots every 20 minutes from the feed selected by the Invigilator. The remote Invigilator is also able to take screenshots to verify the candidate’s identity (compare the screenshots with the pictures the candidate provided with the examination profile), and when/if suspicious activity/behavior that goes against our examination policy is noticed during the examination process.

Data coming from the exam application is stored on Amazon S3 Simple Storage Service and the buckets are by default encrypted with an AES-256-bit encryption key.

The data can be accessed only when/if access is requested by authorized personnel at GLSS and/or IAS, and is not shared with any other parties.

The retention period of screenshots and examination profiles is 3 years. The examination profile containing your ID and profile picture can also be deleted voluntarily from myGLSS dashboard after you receive your exam results.

8 Certification Application

As a certification body, GLSS is responsible for developing and maintaining valid and up-to-date certifications, setting the standards to certify individuals and organizations, and issuing certificates.

We collect users’ personal information provided to us from their GLSS account. In addition, applying for a GLSS certification requires submitting information, such as the résumé, work experience, education, and training certifications.

Depending on the certification scheme, you will also be required to provide the contact information of two references who can validate your professional experience. We will contact your referrals via email or phone and they will be asked to fill out an online form to confirm your experience.

9 Trainer Certifications

Candidates interested in applying for the GLSS trainer certification process are required to first submit the GLSS Trainer Eligibility form using their GLSS account. In addition, they are required to also provide us with a résumé, organization name, and address. After GLSS approves the candidate’s eligibility to become a GLSS Trainer, the Trainer Certification Application form will become available in the candidate’s GLSS account.

During the certification process, candidates are required to electronically send a video of themselves simulating a presentation of a GLSS training course session. This recording session is done on GLSS’s website using the GLSS recording tool. The recorded session will be reviewed during the trainer’s evaluation process.

Upon completing the trainer application process, the information and data of the candidates whose application is rejected are stored for one year and permanently deleted afterward. However, for candidates who become GLSS-certified trainers, all the information and data submitted during the application will be stored by GLSS. If the trainer status is Freelancer or Open with authorization, the information will be made public in the Trainers’ tab on the GLSS website. The data will not be shared with third parties, unless required by law.

The profiles of the GLSS-approved trainers are also visible to the GLSS Distributor accounts.

10 Invigilator Application

Candidates interested in applying to become GLSS invigilators are required to complete their registration by filling out the application form with personal details which include the full name, national identification document, email address, phone number, country, region, and zip code.

The personal data are used for invigilating purposes only, and are only available to the Partner who assigned the person as an Invigilator.

11 Children

This privacy statement is not intended for children. We understand the importance of protecting children’s information, especially in an online environment, and we do not knowingly collect or maintain information about children.

12 Search Engines

GLSS reserves the right to build a search engine within the website to help its visitors find information easily. The search engine serves as a means of searching publicly available information on our website, not personally identifiable information of users.

13 Security and Performance

We take precautions to protect your information and privacy. When you submit information via the form(s) available on our website, your information is protected both online and offline. Only employees who need the information to perform a specific task (for example, customer service managers, certification managers, and examiners) are granted access to personally identifiable information. The computers and servers in which we store personally identifiable information are kept in a secure environment with strictly controlled access.

We use a third-party service to help maintain the security and performance of our website. Considering the data exchanged via internet is not 100% secure, we cannot guarantee that the information you send will not be lost, used unlawfully, or modified in a fraudulent manner. We bear no liability for the use of information by you or any third party.

13.1 Retention of Data

We keep personal data only as long as necessary and only for the reasons set forth in this policy, or until we receive your request to have your personal data erased. Please note that we may retain your data for longer periods, as necessary to comply with our legal obligations.

13.2 Data Protection Policy

GLSS has established a Data Protection Policy that ensures its employees, clients, partners, and stakeholders that their data is protected and handled accordingly with absolute caution and confidentiality. Please read our Data Protection Policy here.

14 Complaints

GLSS strives to meet the highest standards of data protection when collecting and using personal information. For this reason, we take any complaint seriously. We encourage our website users, visitors, and any interested party to bring to our attention any observation or opinion that they believe can lead to an unfair, misleading, or inappropriate collection and usage of information.

This privacy statement is meant to be brief and clear. It does not provide exhaustive details of all the aspects ofGLSS’s collection and usage of personal information. However, we are happy to provide any additional information or explanation needed.

If you want to make a complaint about the way we have processed your personal information, you can do so by following the steps described in our Complaint and Appeal Policy.

15 Subject Access Rights under the EU GDPR

If you are part of the European Union (EU) or the European Economic Area (EEA), or are accessing the site from these territories, you have the following rights under the GDPR:

  • Right to access your personal data;
  • Right to correct any inaccurate personal data;
  • Right to erase your personal data;
  • Right to object the processing of your personal data;

To exercise your rights under the GDPR, you can send a request to our data protection officer at for access to personal data. We will always verify the identity of anyone making subject access request before handling over any information. Confirmation will be asked from the data subject using the email they used to create their GLSS account.

The first copy of your data will be provided free of charge. However, the data subject will be charged a fee of 30EUR should they request other copies. We will aim to provide the relevant data within 14 days.

15.1 Requests for Erasure

When you submit a request for the erasure of your data, we will anonymize all the personal information in a manner that ensures no identification of the data subject. The anonymized data is only used by GLSS for analytic purposes, such as the number of participants in a training course event or the number of certified individuals for a certain period of time.

Please keep in mind that we do not erase all of your information because of legal obligations such as financial transactions and accreditation requirements. If you are GLSS certified, hold any of the credentials we offer, and request the erasure of your information, a digital copy of the certificate(s) and the financial invoice(s) will be stored and encrypted with limited access.

15.2 Unsubscribe from Marketing Emails

If you decide to unsubscribe from receiving marketing emails, your email address will be removed from the mailing list until next time you decide to update your subscription preferences voluntarily.

Upon unsubscribing, if you still decide to maintain a GLSS account, you will still receive emails from the GLSS system related to your account setting, training, examination, and certification purposes.

To unsubscribe from marketing emails of the GLSS Group, click the “unsubscribe” link placed at the footer in the marketing emails you receive, or contact to update your subscription preferences.

16 Disclosure of Personal Information

In general and under all circumstances, we will not disclose personal data without consent. However, if requested by the regulatory body, supervisory authority, or other legal authorities, we may disclose your information.

17 Changes to This Privacy Statement

We regularly review this privacy statement. You will not be notified for changes in this privacy statement. You are required to visit this statement on our website.

17.1 How to Contact Us?

If you want to request information about our privacy statement, you can email us at or write to our headquarters:

GLSS Headquarters:

Evmenous 4

GR 54250



Skip to content