General Statement

The Global Retailer and Manufacturer Alliance, Inc. (GRMA) is a global nonprofit with members from major retailers, manufacturers, trade associations, certification bodies and others. The alliance was formed to develop an auditing scheme that utilized consensus-based quality system standards for Good Manufacturing Practices (GMP’s) through the American National Standards process in several Non-Food related industries. We are totally committed to: Strengthening safety, quality and trust throughout the supply chain; Ensuring consistency and proper training of auditors; Reducing the number of audits and financial costs associated with audits; Combining regulatory requirements and retailer quality requirements; Having all certifying bodies able to certify the new standards.

In fulfilling its mission, GRMA relies on information about its members. Maintaining the integrity and confidentiality of member personal data and communicating how we use this data is very important to us. Therefore, we have created the following Privacy Policy (hereinafter ‘Policy’) which outlines GRMA’s uses for collecting and processing your Personally Identifiable Information (PII).

While the Policy presented here concentrates on information collected by GRMA through digital means, it also applies to PII submitted to GRMA by other means, including, but not limited to USPS mail, facsimile, telephone and registration or sign-up sheets.

By interacting with GRMA, you acknowledge that you have read and understand the processes, procedures and terms of this Policy, and furthermore, that you consent to providing the data we collect and how we use the same and share it in accordance with this Policy. If you do NOT agree with the data we collect and/or how GRMA uses and/or shares it, you should not interact with GRMA.

User Interactions 

Users interact with GRMA in a number of different ways and for a variety of reasons. However, generally speaking, it is for the following purposes:

  • Vising our website or microsites (collectively referred to as website)
  • Buying / renewing / enjoying the benefits of GRMA membership
  • Subscribing to / reading GRMA publications and communications
  • Participating in GRMA’s auditor training and certification

Collection & Processing of Your PII

GRMA collects and processes your PII when:

  • You have provided your consent (which you may withdraw at any time).
  • It is necessary for the performance of a contract to which you are a party.
  • GRMA is required to do so by law, including when necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, violations of GRMA’s terms of use or as otherwise required by law.
  • It is required to protect your vital interests or those of another person including situations involving potential threats to the physical safety of any person.
  • It is for the purpose of GRMA’s legitimate commercial interests and/or to carry out the non-profit goals and operation of GRMA (except where such interests are overridden by your rights and interests). Legitimate interests of GRMA include, but are not limited to, improving current programs /developing new programs; and providing aggregated data to entities / institutions which demonstrates our position as a source of information and an authority in industrial design.

Additionally, GRMA may receive information about you from publicly available and third-party databases or services that provide information about businesses or business-people that GRMA believes will help it identify products and services that may be of interest to you. GRMA will obtain your consent before contacting you if required by the law of the country in which you are located.  GRMA may also share your company’s contact information obtained in connection with GRMA events, summits and other webinars with those parties serving as event, summit or webinar/roundtable sponsors.

Furthermore, if GRMA is acquired by or merges with another entity, GRMA will notify users before information is transferred and becomes subject to a different privacy policy.


With each visit you make to the GRMA website, GRMA will automatically collect certain information, including, but not limited to: technical information, including the IP address used to connect your computer or device to the Internet, browser type and version, time zone setting, etc.  Information will also be collected about your visit, including the pages you viewed or searched for, page response times, download errors, length of visits to certain pages, and page interaction information (such as scrolling, click, etc.).

GRMA may set an access cookie(s) on user’s computers. GRMA lets other companies that show advertisements on GRMA’s pages, set and access their cookies on user’s computers.  Other companies’ use of their cookies is their own and is not subject to this Policy.  Advertisers or other companies do not have access to GRMA’s cookies.  Furthermore, GRMA uses web beacons to access GRMA cookies inside and outside of our network of web sites and in connection with GRMA’s products and services.

The website contains links to external, third party websites.  GRMA has no control over and is not responsible for the privacy practices or content of those sites. Check the privacy policy of each such website before making use of the same or revealing any PII.

Some areas of the website allow you to submit questions or express your opinions. Please note that all submissions become the property of the GRMA and GRMA is not responsible for the opinions or statements expressed therein and specifically disclaims any and all liability for any damages or injuries of any kind or nature arising out of or resulting from the third-party expression of those opinions, ideas or statement.

Some areas of the website are restricted to members only.  These areas require a user-name and password which is used to verify membership status and proper authorization to use a particular resource. Passwords are not stored by GRMA and usernames are not made available to third-party’s other than GRMA’s contracted website vendor(s).

GRMA does not disclose credit card account information provided by its users. When users choose to pay using their credit cards, GRMA submits the information needed to obtain payments to the appropriate clearing house and does not store such information. 

Users can edit their account information including marketing preferences at any time.  From time to time, GRMA may add new categories of marketing communications.  Users can opt out of receiving future marketing communications from these new categories or they can unsubscribe by following the instructions contained in the messages they receive.

GRMA limits its employee’s access to personal information about users unless GRMA reasonably believes that information is needed to provide products and services to users or in order to do their jobs.  GRMA maintains physical, electronic and procedural safeguards in place that comply with federal regulations to protect personal information about users.


Your California Rights 

FOR RESIDENTS OF CALIFORNIA ONLY: Section 1798.83 of the California Civil Code requires select businesses to disclose policies relating to the sharing of certain categories of your Personal Data (PII) with third parties. If you reside in California and have provided your Personal Data (PII) to GRMA, you may request information about our disclosures of certain categories of PII to third parties for direct marketing purposes. Such requests must be submitted to us at one of the following addresses: Global Retailer & Manufacturers Alliance, 1150 1st Ave, Suite 501, King of Prussia, PA 19406 by mail or calling the GRMA at (610) 945-1797 or notifying the GRMA at


Your European Rights 

FOR EUROPEAN RESIDENTS ONLY: You have the right to ask GRMA not to process your Personal Identifiable Information or PII for marketing purposes. We will usually inform you (before collecting your PII) if we intend to use your PII for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your PII. You can also exercise the right by contacting us by the following procedures: Global Retailer & Manufacturers Alliance, 1150 1st Ave, Suite 501, King of Prussia, PA 19406 by mail or calling the GRMA at (610) 945-1797 or notifying the GRMA at

Under European data protection laws, in certain circumstances, you have the right to:

  • Request access to your Personal Data or PII. You may have the right to request access to any Personal Data (PII) GRMA retains about you as well as related information, including the purposes for processing the PII, the recipients or categories of recipients with whom the PII has been shared, where possible, the period for which the PII will be stored, the source of the PII, and the existence of any automated decision making.
  • Request correction of your Personal Data or PII. You may have the right to obtain without undue delay the rectification of any inaccurate PII we hold about you.
  • Request erasure of your Personal Data or PII. You may have the right to request that any or all PII held about you is deleted.
  • Object to processing of your Personal Data or PII. You may have the right to prevent or restrict processing of your PII.
  • Request restriction of processing your Personal Data (PII) Request transfer of your Personal Data (PII. You may have the right to request transfer of your PII directly to a third party where this is technically feasible.
  • Withdraw your consent.

In addition, where you believe that GRMA has not complied with its obligations under this Notice or European law, you have the right to make a complaint to an EU Data Protection Authority, such as the UK Information Commissioner’s Office.

You can exercise any of these rights by contacting GRMA – Global Retailer & Manufacturers Alliance, 1150 1st Ave, Suite 501, King of Prussia, PA 19406 by mail or calling the GRMA at (610) 945-1797 or notifying the GRMA at

Additionally, for the purposes of the General Data Protection Regulations enacted by the European Union, (and Data Protection Acts of 1984 and 1998, as applicable), IDSA and its authorized agent/vendor must store, host and otherwise process the PII supplied by the website user when registering for the GRMA website. GRMA may send such data outside of the European Economic Area for processing.  If you reside in the European Union, please indicate your affirmative consent that the personal identifiable information you provide to GRMA may be transferred and stored in countries outside of the EU, including the United States and that GRMA may use such information to contact you via electronic mail, mail or by telephone with respect to matters related to the GRMA and its programs, your membership and other relevant professional related matters. 


Changes to this Policy 

This Policy is subject to amendment from time to time by GRMA in its sole discretion. Each time you interact with GRMA, you should visit the website to review this Policy to ensure you are reviewing the most recent version. GRMA will include the date of any modification or amendment at the top or bottom of this Policy.

About GRMA 

GRMA is a Nevada incorporated 501(c)(6) non-profit professional society with its principal business office located at Global Retailer & Manufacturers Alliance, 1150 1st Ave, Suite 501, King of Prussia, PA 19406.  GRMA may also be visited by way of its website located

For purposes of the General Data Protection Regulations (“GDPR”), the Data Controller is GRMA. GRMA’s Executive Director Contact is Allyn Shultis whose email address is  He may also be reached at his telephone number, which is (610) 945-1797.

If you have any questions about this Policy or any of GRMA’s programs or services as it relates to this Policy, please contact the GRMA at the above email address or telephone number or by mail at the above address.