Privacy Policy
This Privacy Policy describes how GCA Technology Services (operating as Quasius Investment Corp. d/b/a GCA Technology Services) collects, uses, and protects your information. It applies when you visit our website or engage with our professional services.
Last Updated: April 11, 2026
Information We Collect
We collect information you provide directly to us and information collected automatically when you interact with our website.
Information you provide directly: When you complete a contact form, request a consultation, subscribe to our newsletter, or communicate with us by email, we collect the information you submit. This may include your name, email address, phone number, company name, job title, and the content of your message or inquiry.
Information collected automatically: When you visit our website, we automatically collect certain technical information. This includes your IP address, browser type and version, operating system, referring URLs, pages visited, time spent on pages, and the date and time of your visit. We collect this information through server logs and analytics tools. We use it in aggregate form to understand how visitors use our website.
Information from third parties: We may receive information about you from third-party sources such as professional networking sites, event registrations, or referral partners. This applies only where you have consented to share that information. We use this information only for the purposes described at the point of collection.
How We Use Information
We use the information we collect for the following purposes:
- To respond to your inquiries. When you contact us through the website or request a consultation, we use your contact information to respond to your request and follow up as appropriate.
- To deliver services. If you engage GCA for professional services, we use your information to perform those services, communicate with your team, and manage the engagement.
- To send communications you have requested. With your consent, we send newsletters, event invitations, and educational content about identity and access management topics relevant to your interests. You may opt out of these communications at any time.
- To improve our website. We use aggregated analytics data to understand how visitors interact with our website and to improve its content, structure, and performance.
- To comply with legal obligations. We retain and use information as required by applicable law, including for tax, accounting, and legal compliance purposes.
We do not sell your personal information. We do not use your information for automated decision-making or profiling that produces legal or similarly significant effects.
Information Sharing
We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We share information only in the following limited circumstances:
- Service providers. We share information with third-party vendors who perform services on our behalf, such as website hosting, email delivery, CRM systems, and analytics. Contract requires these vendors to protect your information. They may not use it for any purpose other than providing services to GCA.
- Business partners. In the context of delivering professional services, we may share relevant contact information with technology partners (such as Okta, SailPoint, or Microsoft) where required to fulfill your engagement. We will inform you when this applies.
- Legal requirements. We may disclose your information if required to do so by law, court order, or government authority, or where we believe disclosure is necessary to protect our legal rights, enforce our agreements, or protect the safety of our users or others.
- Business transfers. If GCA is involved in a merger, acquisition, or sale of assets, your information may transfer as part of that transaction. We will provide notice before your information transfers and becomes subject to a different privacy policy.
Cookies and Tracking
Our website uses cookies and similar tracking technologies to operate correctly and to understand how visitors use the site.
Essential cookies are required for the website to function. They enable features such as navigation, theme preferences, and form functionality. These cookies cannot be disabled without affecting site operation.
Analytics cookies help us understand aggregate traffic patterns, popular content, and visitor behavior. We use this data in aggregate form only. We do not use analytics cookies to track individual users across other websites.
Google Analytics 4: We use Google Analytics 4 (GA4) to understand how visitors use our website. GA4 collects information such as pages viewed, time on page, referring source, general device and browser type, and approximate geographic region. We also track specific interactions that indicate interest in our services, such as submitting a contact form, booking a consultation, or downloading a resource. GA4 uses cookies and similar identifiers to distinguish visitor sessions; we do not use this data to identify you personally, and we do not combine it with information you separately provide to us through a form.
Server-side monitoring: Separately, our website performs cookieless, server-side monitoring of broken links and missed redirects. This process logs only the requested page path and referring URL, on a short-term basis, to help us keep the site accurate. It does not use cookies, does not assign visitors a persistent identifier, and is unrelated to the Google Analytics 4 client-side analytics described above.
You can control cookies through your browser settings. Most browsers allow you to refuse new cookies, accept or reject specific cookies, or delete existing cookies. Note that disabling cookies may affect the functionality of our website. For more information about managing cookies, visit your browser's help documentation.
Opt out of Google Analytics 4: You can opt out of GA4 tracking on this website at any time using the control below. Your choice is saved in your browser and honored on future visits.
Data Security
We implement commercially reasonable technical and organizational measures to protect your personal information from unauthorized access, disclosure, alteration, and destruction. These measures include HTTPS encryption for data in transit, access controls that limit who within GCA can access personal information, and vendor security requirements for third-party service providers.
As an identity and access management company, GCA treats data security as a core priority. However, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security. We encourage you to take appropriate precautions when sharing sensitive information online.
We retain personal information for as long as necessary to fulfill the purposes described in this policy, to comply with legal obligations, resolve disputes, and enforce our agreements. When information is no longer needed, we delete or anonymize it using secure methods.
Your Rights (CCPA / GDPR)
Depending on your location, you may have certain rights regarding your personal information. These rights vary by jurisdiction and include:
- Right to know. You may request information about what personal data we hold about you. This includes the categories of data, the sources from which it was collected, the purposes for which it is used, and the third parties with whom it is shared.
- Right to access. You may request a copy of the personal information we hold about you.
- Right to correction. You may request that we correct inaccurate or incomplete personal information we hold about you.
- Right to deletion. You may request that we delete your personal information, subject to certain exceptions such as legal obligations or ongoing contractual relationships.
- Right to opt out of sale. We do not sell personal information. This right is therefore satisfied by our data practices.
- Right to non-discrimination. We will not discriminate against you for exercising your privacy rights.
- Right to data portability. Where technically feasible, you may request your personal information in a structured, machine-readable format.
To exercise any of these rights, please contact us at [email protected]. We will respond to verifiable requests within the timeframes required by applicable law (45 days under CCPA; 30 days under GDPR). We may need to verify your identity before processing your request.
Contact Information
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
GCA Technology Services
Quasius Investment Corp. d/b/a GCA Technology Services
Email: [email protected]
We treat privacy inquiries as a priority and will respond promptly. If you believe your privacy rights have been violated and we have not adequately addressed your concern, you may have the right to lodge a complaint with the applicable data protection authority in your jurisdiction.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we update the "Last Updated" date at the top of this page. We encourage you to review this policy periodically.