GENERAL
This Policy is adopted by DataArt Poland sp. z.o.o and other members of DataArt group ("DataArt", ‘We”). We are committed to protecting any personal data of users of this application and lawfully processing such data per relevant legislation and, for that reason, we have adopted this Privacy Policy (the “Policy”) to memorialize terms and conditions on data processing to be applied hereunder.
By using or accessing the application, you agree to the terms of this Privacy Policy. We may update our Privacy Policy to reflect changes to our data protection practices.
This application is developed for usage by DataArt personnel, contractors and partners (“Users”).
INFORMATION WE COLLECT AND PROCESS
We may collect, use, store and process different kind of personal information about Users:
- First and last name;
- Personal ID number;
- Birth date;
- Photo, if User provides it;
- Contact information (business email, phone, messengers’ IDs, etc.);
- Location;
- Professional data, including but not limited to details of Users’ qualifications, skills, experience, information about current level of remuneration, including benefit entitlements;
- Educational data;
- Other relevant information to Users’ qualifications and skills;
- Professional calendar data including information on everyday tasks User deals with.
We commit to protect Users’ personal information, and we do not gather any information in order to sell it.
USE OF INFORMATION
DataArt may use personal information:
- to administer the application;
- to administer its business and for management purposes;
- to keep the application secure and prevent fraud;
- for marketing and statistic;
- to track project progress and people availability;
- to contact Users as necessary to ensure business continuity and project management.
In course of personal information usage, we may share it inside members of DataArt group including international locations, if we in our sole discretion consider this necessary. All DataArt’s affiliates, subsidiaries and other members of DataArt enterprise group are committed to use and process Users’ data in strict accordance with this Policy.
The personal data that we collect may be stored, processed and transferred between any countries and locations in which DataArt operates in order to enable us to use the information in accordance with this Policy. We commit ourselves to ensuring the proper level of protection of your information in all our locations where it is transferred, stored and processed.
Every User is able to see and use general information about other Users, i.e. default role allows you to use name, surname, contact details, location (office) of others. Users with enhanced rights, provided them in accordance with DataArt Access Management Policy (e.g. HR department representatives) have access to additional data which is necessary to to perform their professional duties.
We may use third-party tools to collect, process and store your personal information. Before using such third-party tools, appropriate paperwork is signed between the third-party tool provider and DataArt to ensure that Users’ personal information is safe and processed on a lawful basis.
LEGAL BASIS FOR COLLECTION PERSONAL DATA
Collecting personal data based on consents. The collection of personal data based on consent from the Users is implemented by using “Consent paperwork” in those DataArt locations where consent is the only possible basis for data collection.
Collecting personal data based on contracts. Where applicable (e.g. for Users which are DataArt contractors or partners) we rely on contract using personal information for fulfilling our obligations related to contracts and agreements.
Collecting personal data based on legitimate interest. We may use personal data if it is considered to be legitimate interest, and if the privacy interests of the data subjects do not override this interest. Normally, to establish this legal basis for data collection, an assessment has been made during which a mutual interest between DataArt and the individual person has been identified. This legal basis is primarily related to our sales and marketing purposes. We will always inform individuals about their privacy rights and the purpose for collecting personal data.
TRANSFER AND STORAGE OF YOUR PERSONAL DATA. SECURITY AND RETENTION
Data that we collect from you may be processed by staff operating outside the EEA who provides support services. Transfers will only be made to countries which are the subject of an adequacy decision of the EU Commission or recipients who have entered into binding contracts with us to comply with the terms of this Privacy Policy and privacy legislation.
DataArt has implemented administrative and technical safeguards it believes are sufficient to protect the confidentiality, integrity and availability of Users’ personal information. We will keep personal data secure by taking appropriate technical and organizational measures against its unauthorized or unlawful processing and against its accidental loss, destruction or damage. These measures are documented and available for Users on DataArt internal resources and audited at least once a year.
All information Users provide to us is stored on our secure servers.
Personal information of Users will not be kept for longer than it is necessary to fulfill the purpose for which the personal data was collected. When the personal data that we have collected is no longer required, we will delete it in a secure manner. We may process data for statistical purposes, but in such cases, data will be anonymized.
Notwithstanding the above, we will retain documents (including electronic documents) containing personal data:
- to the extent that we are required to do so by law;
- if we believe that the documents may be relevant to any ongoing or prospective legal proceedings; and
- in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
DISCLOSURE OF YOUR PERSONALLY-IDENTIFIABLE INFORMATION
We may be required to disclose personally-identifiable information in response to lawful requests, such as subpoenas or court orders, or in compliance with applicable laws. This may include sharing personally-identifiable information with other companies, lawyers, agents or government agencies.
YOUR RIGHTS TO YOUR PERSONAL DATA
As a data subject, you have a number of rights. You can:
- access and obtain a copy of your data on request;
- require DataArt to change incorrect or incomplete data;
- require DataArt to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing. In this case we will have to finish our relationships, delete your profile and prohibit usage of the application;
- object to the processing of your data where DataArt is relying on its legitimate interests as the legal ground for processing;
- withdraw any consent to personal data processing at any time. The right to request a restriction on further data processing, in case there is a dispute in relation to the accuracy or processing of your personal data;
- complain with a supervisory authority.
If you would like to exercise any of these rights, please contact privacy@dataart.com.
If you remain dissatisfied, then you have the right to apply directly to your national supervisory authority for a decision. You can find your national supervisory authority online http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.
DataArt Poland sp. Z.o.o
ul. Tomasza Zana, 39а,
20-601 Lublin,
Poland
+48 (81) 454-6170
