Effective date: 21 May 2026

Last updated: 21 May 2026

This Privacy Policy explains how Global Inspections Group Inc., a Delaware corporation (“GIG”, “we”, “us”, or “our”), collects, uses, discloses, transfers, and protects personal information when you use our websites, applications, and platforms — including Outspection, Spktor, any GIG conciergerie or concierge platform, any platform that GIG develops, builds, or operates for a customer, and any other website, application, API, or service that links to this Policy (each a “Platform” and collectively the “Services”).

This Policy should be read together with our Terms and Conditions. Capitalized terms not defined here have the meanings given in the Terms and Conditions.

We have written this Policy to comply with, among other laws, the EU and UK General Data Protection Regulation (GDPR), the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA), and applicable data protection laws in the other jurisdictions in which we operate. Region-specific rights are described in Sections 10 and 11.

1. Who We Are and How to Contact Us

GIG is the controller of personal information processed through the Services, except where we act as a processor or service provider on behalf of a User (see Section 12).

You can contact us about privacy matters at:

Global Inspections Group Inc.
Attn: Privacy / Data Protection
16192 Coastal Hwy
Lewes, DE 19958, USA
Email: info@globalinspectionsgroup.com
Website: globalinspectionsgroup.com

If we have appointed a Data Protection Officer or an EU/UK representative, their contact details will be published on this page.

2. Scope

This Policy applies to personal information of visitors, account holders, and individuals connected with Clients and Providers — including importers, exporters, agents, inspection companies, field inspectors, and personnel of Bureaus of Standards and other organizations — who use or interact with the Services. It does not apply to third-party websites, services, or platforms that we do not control, or to personal information that Users process on their own account as independent controllers.

3. Information We Collect

We collect the following categories of personal information:

3.1 Account and identity information — name, job title, employer or organization, business and billing address, email address, telephone number, username and password, account role (Client, Provider, or other), and preferred language and currency.

3.2 Provider and Client profile information — for Providers: company details, service capabilities and coverage, certifications, accreditations, licenses, registrations, insurance details, qualifications, references, and identity or business-verification documents. For Clients: company details, requirements, and procurement information.

3.3 Verification and compliance information — information collected for identity verification, business verification, “know your customer” (KYC), anti-money-laundering, sanctions, and fraud-prevention checks, which may include government-issued identifiers, registration numbers, and documents provided by you or by third-party verification sources.

3.4 Transaction and payment information — requests, quotations, bookings, User Contracts, Provider Charges and Fees, invoices, payment status, and limited payment details. Card and bank details are collected and processed by our third-party payment processors; we generally receive only tokens, confirmations, and limited identifiers, not full card numbers.

3.5 Content and communications — information, documents, files, inspection-related records, declarations, reports, certificates, messages, ratings, reviews, and other Content you submit, exchange, or generate through the Services, and your communications with us (including support requests and survey responses).

3.6 Usage, device, and technical information — IP address, device and browser type, operating system, identifiers, log data, pages and features used, referring pages, dates and times of access, and actions taken within the Services.

3.7 Location information — approximate location derived from your IP address, and, where relevant to an inspection or assignment and where you provide it, more precise location information about inspection sites, consignments, or assignments.

3.8 Cookies and similar technologies — see Section 13.

3.9 Information from third parties — we may receive information about you from your employer or organization, from other Users (for example, a Client or Provider you transact with), from accreditation, registration, sanctions, and credit or fraud-prevention databases, from payment processors, and from analytics and identity-verification providers.

We do not intentionally collect special categories of data (such as health or biometric data) and ask that you do not submit them unless strictly necessary and lawful.

4. How and Why We Use Personal Information, and Our Legal Bases

We use personal information for the purposes below. Where the GDPR applies, the legal basis for each purpose is indicated.

4.1 To provide and operate the Services — to create and administer accounts, match Clients with Providers, enable quotations, bookings, communications, and document exchange, and provide customer support. Legal basis: performance of a contract; legitimate interests.

4.2 To process payments — to collect Provider Charges and Fees, remit funds, issue invoices and receipts, and manage refunds, chargebacks, and set-offs. Legal basis: performance of a contract; legitimate interests; legal obligation.

4.3 To verify identity and credentials and prevent fraud — to carry out verification, KYC, sanctions, anti-money-laundering, and fraud and risk checks, and to keep the Services secure. Legal basis: legitimate interests; legal obligation; performance of a contract.

4.4 To communicate with you — to send service, transactional, security, and administrative messages, and to respond to your requests. Legal basis: performance of a contract; legitimate interests; legal obligation.

4.5 To improve and develop the Services — to analyze usage, troubleshoot, test, conduct research, and develop new and improved features, including matching and recommendation logic. Legal basis: legitimate interests.

4.6 For marketing — to send you information about the Services and related offerings. Where required by law, we send marketing only with your consent, and you can opt out at any time. Legal basis: consent; or legitimate interests where permitted.

4.7 To ensure safety, security, and compliance — to enforce our Terms and policies, protect the rights, property, and safety of GIG, our Users, and others, detect and prevent abuse, and comply with law and lawful requests. Legal basis: legitimate interests; legal obligation.

4.8 For corporate transactions — to evaluate or carry out a merger, acquisition, financing, reorganization, or sale of assets. Legal basis: legitimate interests.

Where we rely on legitimate interests, we have assessed that those interests are not overridden by your rights and freedoms. You may contact us for more information about that assessment. Where we rely on consent, you may withdraw it at any time without affecting prior processing.

We do not make decisions producing legal or similarly significant effects about you based solely on automated processing without human involvement. Matching, ranking, and recommendation features assist human decision-making and do not replace it.

We share personal information only as described below. We do not sell personal information for money.

5.1 With other Users — to operate the marketplace, we share relevant information between Clients and Providers — for example, sharing a Client’s request and contact details with Providers, and a Provider’s profile, credentials, quotation, and contact details with Clients. Once Users connect, they may receive and process each other’s information as independent controllers.

5.2 With service providers and processors — we share information with vendors who process it on our behalf and under our instructions, such as cloud hosting and storage, payment processors, identity- and credential-verification providers, communications and email providers, customer-support tools, and analytics providers. They are bound by contract to protect the information and use it only to provide services to us.

5.3 With professional advisors — lawyers, auditors, accountants, and insurers, where necessary.

5.4 For legal and safety reasons — with courts, regulators, law enforcement, and other authorities where we believe in good faith that disclosure is required by law or legal process, or is necessary to protect the rights, property, or safety of GIG, our Users, or others, to enforce our Terms, or to detect, prevent, or address fraud, security, or technical issues.

5.5 In corporate transactions — with parties to a merger, acquisition, financing, reorganization, insolvency, or sale of assets, and their advisors, subject to appropriate confidentiality protections.

5.6 With your consent or at your direction — for any other purpose disclosed to you at the time.

5.7 Aggregated or de-identified information — we may create and share aggregated or de-identified information that cannot reasonably be used to identify you.

6. International Data Transfers

GIG operates internationally, and the Services are used by Users and Providers in many countries. Your personal information may be transferred to, stored in, and processed in the United States and in other countries whose data protection laws may differ from those of your country.

Where we transfer personal information out of the European Economic Area, the United Kingdom, or another jurisdiction that restricts transfers, we use a lawful transfer mechanism — such as the European Commission’s Standard Contractual Clauses, the UK International Data Transfer Agreement or Addendum, an adequacy decision, or another mechanism permitted by applicable law — together with additional safeguards where appropriate. You may contact us for more information about these safeguards.

7. Data Retention

We retain personal information for as long as your account is active and for as long as needed to provide the Services, and thereafter for the period necessary to: comply with legal, tax, accounting, and regulatory obligations; resolve disputes and enforce our agreements; maintain transaction, verification, and compliance records; and protect against fraud and legal claims. When personal information is no longer needed, we delete, anonymize, or securely destroy it. Retention periods vary by data type and context; we determine them based on the purposes above and applicable limitation and record-keeping periods.

8. Data Security

We maintain administrative, technical, and organizational measures designed to protect personal information against unauthorized access, loss, misuse, and alteration — including encryption in transit, access controls, authentication, and monitoring. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security. You are responsible for keeping your account credentials confidential and for notifying us promptly of any suspected unauthorized use.

9. Your Privacy Rights (All Users)

Depending on your location and applicable law, you may have the right to: access the personal information we hold about you; request correction of inaccurate or incomplete information; request deletion; object to or restrict certain processing; request a portable copy of information you provided to us; and withdraw consent where processing is based on consent.

To exercise any right, contact us at info@globalinspectionsgroup.com. We may need to verify your identity before responding. We will respond within the time required by applicable law. These rights are not absolute and may be subject to exceptions — for example, where we must retain information to comply with law or to establish, exercise, or defend legal claims. You may also have the right to lodge a complaint with your local data protection authority.

If you are in the European Economic Area or the United Kingdom, you have the rights described in Section 9 under the GDPR, namely the rights of access, rectification, erasure, restriction of processing, objection to processing (including objection to direct marketing and to processing based on legitimate interests), data portability, and the right not to be subject to solely automated decisions with legal or similarly significant effects.

You also have the right to withdraw consent at any time where processing is based on consent, and the right to lodge a complaint with your national supervisory authority. We would, however, appreciate the chance to address your concerns before you do so — please contact us first.

If we have appointed a representative in the EU or UK under Article 27 of the GDPR, or a Data Protection Officer, their contact details are published on this page.

11. Additional Disclosures for California Residents (CCPA/CPRA)

This Section applies to California residents and supplements the rest of this Policy.

11.1 Categories of personal information collected. In the preceding 12 months we have collected the following categories of personal information (as defined by the CCPA/CPRA): identifiers; personal records (such as contact and payment information); commercial information (such as transaction and quotation history); internet and network activity information; geolocation data; professional and employment-related information; and inferences drawn from the above. The sources, purposes, and recipients are described in Sections 3, 4, and 5.

11.2 Sensitive personal information. We do not seek to collect “sensitive personal information” beyond what is necessary, and we do not use or disclose it for purposes that would give rise to a right to limit its use under the CPRA. If government identifiers or similar information are provided for verification, we use them only for the verification, compliance, and fraud-prevention purposes described in Section 4.

11.3 No sale; no sharing for cross-context behavioral advertising. We do not sell personal information for monetary consideration, and we do not share personal information for cross-context behavioral advertising. We have not done so in the preceding 12 months. We do not knowingly sell or share the personal information of consumers under 16 years of age.

11.4 Your California rights. Subject to verification and legal exceptions, you have the right to: know and access the personal information we have collected, used, and disclosed; correct inaccurate personal information; delete personal information; and not be discriminated or retaliated against for exercising your rights.

11.5 How to exercise your rights. Submit a request by email to info@globalinspectionsgroup.com. You may use an authorized agent, who must provide proof of authorization. We will verify your request and respond within the timeframes required by the CCPA/CPRA.

12. When We Act as a Processor

For some processing — particularly where a Client (such as a Bureau of Standards or other organization) configures and operates a branded Platform and determines the purposes and means of processing — GIG acts as a processor or service provider on that Client’s behalf, and the Client is the controller. In that case, that Client’s privacy notice governs, and individuals should direct privacy requests to that Client; we will assist that Client as required by our agreement and by law.

13. Cookies and Similar Technologies

We and our service providers use cookies, pixels, local storage, and similar technologies to operate and secure the Services, remember your preferences and sign-in status, analyze usage and performance, and improve the Services. Some are strictly necessary for the Services to function; others are optional. Where required by law, we obtain consent for non-essential cookies through a cookie banner or preference tool, and you can change your choices there. You can also control cookies through your browser settings, though disabling some cookies may affect functionality.

14. Children’s Privacy

The Services are intended for business and professional use and are not directed to children. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us personal information, please contact us and we will take appropriate steps to delete it.

15. Third-Party Links and Services

The Services may contain links to, or integrations with, third-party websites and services that we do not control. This Policy does not apply to them. We encourage you to review the privacy notices of any third party before providing personal information to it.

16. Changes to This Policy

We may update this Policy from time to time. If we make material changes, we will provide notice — for example, by posting the updated Policy with a new effective date, by notice within the Services, or by email. Changes take effect when posted unless stated otherwise. Your continued use of the Services after the changes take effect constitutes acceptance of the updated Policy.

17. Contact Us

If you have questions, concerns, or requests regarding this Policy or your personal information, contact: