Privacy Policy
This Privacy Policy ("Policy") describes how we process personal data with respect to:
use of our website and mobile app gigsremote.com ("Website") including registration process;
process for conclusion, performance, execution and termination of services agreements and orders;
selection of professionals, recruitment processes, including for our own needs and for others.
“Personal data” means any information relating to an identified person or to a person who can be directly or indirectly identified. Please read this Privacy Policy carefully so that you understand how we collect and use your personal data. Please note, that we may have other privacy policies in place for other processes (such as, for instance, processing personal data of our employees).
1. Data Controller and Contact Details
1.1. The data controller under this Policy shall be „Gigs Remote” JSC, a company incorporated under the laws of Bulgaria with company no. 206874567, having its seat and registered address at no. 5 Oborishte street, 3rd floor, Sofia, VAT no. BG 206874567, (“GigsRemote, "us", "we", "our").
1.2. If you have any questions about this Privacy Policy you may contact us on our registered office address above or by email at termsofuse@gigsremote.com.
2. Personal Data We Collect and Use
2.1. We may process the following types of personal data:
for the conclusion and performance of a services agreement, for recruitment purposes and for registration of an account we may process your: names, id number and id document’s data, address, contact details, including phone number and email, CV, education, professional experience and skills, work preferences and expectations, invoice, bank account, tax and social security details, debit/credit card, account holder, photos, references, interviews information, your public profiles in professional social networks (such as LinkedIn), business card and other relevant data. If you are a business, we will also collect personal data about your authorised representatives and how to contact them;
in your communication or interaction with us through any kind of contact (including telephone, email, forms on our Website, instant messengers, social media websites and profiles) we may receive and process only information you provide us, such as names, email, phone number, social network profile, CV, preferences, photos, addresses, etc.;
when you access and use our Website we may collect and process information about your device (including, where available, your IP address, operating system, browser type, location) and how you use our Website. We may also receive cookies data, so please see our Cookie Policy for further details.
2.2. Usually, we receive personal data directly from you. However, in certain cases we may receive data for you from third parties, such as for instance from references, from public registers and websites, from social media for your public profiles in professional social networks; from bank institutions for executed payments, from third parties, such as recruitment agencies, our partners or clients, when they make reference to you.
2.3. In certain cases, provision of your personal data shall be necessary for the contract and its performance (for instance, we will need your identification data to enter into an agreement, we will need your bank details to pay you for your services, we will need your CV and other documentation to assess your skills and experience, etc.). In such cases, if you do not provide the necessary data, you will not be able to receive respective services/result or the services may not be properly performed.
2.4. Your responsibility:
When you submit to us any data or materials, including personal information, you represent that you have the authority to do so and permit us to process such data as set out in this Policy and this will not violate any rights of third parties, including the right to privacy, the right to freedom, copyrights, related rights, other intellectual property rights, etc.
Although our policy is to process personal information only limited to the extent that is necessary in relation to the purposes as set out herein, we encourage you not to submit to us unnecessary personal data (such as, for instance, photos of your family).
When you provide us personal data or get in touch with us you represent and warrant that you are at least 18 years old. Our services and processes are not intended to persons below that age and we do not intentionally collect and process data of younger persons.
Please note that when you contact us through our Website or social media, such as Facebook or LinkedIn, our and/or your profiles may be public and your interaction or posting may appear to be public. Find the Terms of Use of our Website. Please note that we do not control and do not assume responsibility for the use of your social media profile and accounts.
This Policy does not address and we are not responsible for the privacy, information and any practices of any third parties, including any third parties operating an external website, app or service to which our Website may link (such as, for instance, LinkedIn, Facebook, our clients, etc.). We encourage you, if you choose to visit or use any of these third-party websites or services, to review their privacy policies that may be different from our Policy.
3. Purposes of Processing (How We Use Your Data)
3.1. The main purpose of collecting and processing your personal data is to enter into and to perform a contract for services between us (such as to identify you, including through online profile, invoicing, payment, performance, delivery, communication, exercise of rights and obligations under the contract; etc.).
3.2. We may also process your personal data for the following specific purposes:
to communicate with you and to provide you requested information with respect to our Website, services, projects and other opportunities;
for recruitment and selection purposes in current campaigns, including for our own needs and to our clients and including if you contact us via our Website, through other websites (Facebook.com, LinkedIn.com, etc.) or offline, inter alia to contact you, to make a preliminary assessment, to select suitable candidates, to conduct interviews with selected candidates, to make assessments and offers, to introduce you to potential clients, etc.;
for recruitment purposes and work opportunities in future campaigns, when you have registered an account to the Website, to send you projects information, offers, suitable partners and services providers;
to send administrative information to you, for example, information regarding our rules and changes to our Terms and Policies;
to send you newsletters, marketing or promotional materials and other notices by mail, email, SMS, pop-up messages or phone. These are messages or materials for direct marketing purposes in order to advertise you our services, current or upcoming promotions and campaigns and we will always and at any time give you the opportunity to object receiving such messages in free and easy manner. We will also process your objections and withdrawals;
to comply with or fulfil obligations arising from law, regulations, acts of the authorities or of the court, such as for the purposes of accounting, control, reporting, auditing and tax purposes;
for safety and security purposes, when you access our buildings or systems, or to verify accounts and activity, for protection of information, code, materials and documents;
to exercise our rights or protect yours, ours, third-parties or public legitimate interests, such as investigation and prevention of theft, crime, fraud, misuse of services or of the Website and other offenses, to exercise rights under contracts, including before court, etc.;
to conduct a poll or research when you agree to participate;
for statistics and analysis and for the purpose to improve our products, services, procedures and policies, our Website and its functionality (including information collected from your web browser or application, such as your IP address, operating system, browser type, visit details, location and more).
4. LEGAL BASIS FOR PROCESSING YOUR DATA
4.1. When we process your personal data we may do that on the basis that it's necessary for the conclusion or performance of a contract to which you are party. That will usually be the case when we process your data for the purposes of services agreement, selection purposes, for your registration of account to our Website.
4.2. To send you marketing or promotional materials for our services, business and clients, if you do not have an account to our Website, we will usually need your consent. That would be the case also if you want to receive our newsletters. In such case you will always have the right to withdraw your consent (if that's the basis for processing) as detailed below in this Policy.
4.3. We may also process your personal data on the basis of our legitimate interest or the legitimate interests of a third party, where such interest is not outweighed by your interests or fundamental rights and freedoms. Such will be the case when we process your data for the purposes of contacting your public profile in professional social networks based on your stated experience and job preferences, for safety and security purposes and to prevent violation of rights or other interests, for collection of due payments, for statistics and analysis to improve performance and services.
4.4. We may also process your information where that is necessary for compliance with our legal obligations, such as for instance for tax, accounting purposes or to maintain records.
5. RECIPIENTS OF PERSONAL DATA
Your personal data may be disclosed in the following ways:
to our clients that you may work with or provide services to if we enter into services agreement; or to our clients that are looking for respective professionals. The client will see your CV and we may also share other relevant data for you, such as references, interview information, etc.
to our suppliers – independent professionals that may take part in a project;
to our Group companies for the purposes described in this Policy, as "Group" companies are all companies that together with GigsRemote are under common control;
to our or our Group's companies vendors and service providers who support our business, and in particular who provide us technical infrastructure services, hosting or cloud services, Website maintenance, software and product licenses, email services, payment services, professional advisers, accountants, insurance companies and others;
to third parties, including public authorities, if we are required to do so pursuant to applicable laws or legal, or court process, or in connection with an investigation of illegal activity or under lawful request from public or government or regulatory authorities; we may also share your data when we have a good-faith belief that this is necessary to prevent death or harm or financial loss, or in connection with an investigation of actual or suspected fraud or illegal activity, including violation of our or third party rights, such as for instance copyrights, other intellectual property rights or privacy rights;
to public, when you make certain interactions to our Website, social network profiles, or attend to a sponsored, hosted or organised public event;
to third parties in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or part of our business.
6. TRANSFER OF DATA TO THIRD COUNTRIES
6.1. In certain events for the purposes as detailed in this Policy we may transfer personal data to third countries outside the European Union, that may have different data protection laws than those of Bulgaria and of the EU. In particular, this may be the case in which one of our clients with whom you will work is a US based company. In such cases we will transfer your personal data to a third country only on the basis of: (a) an European Commission decision on an adequate level of protection for that third country (art. 46 of the GDPR); or (b) appropriate safeguards as provided under art. 46 of the GDPR, including by utilizing the Standard Contractual Clauses approved by the European Commission as amended and/or supplemented over time by the European Commission or other appropriate safeguards, including subject to specific permission of a competent supervisory authority; or (c) binding corporate rules approved by the supervisory authority (art. 47 of the GDPR).
6.2. In other events we may rely on and request your consent for particular transfer to a third country.
7. RIGHT TO WITHDRAW YOUR CONSENT
When we process personal data based on your consent, you have the right to withdraw your consent at any time. This will not affect the lawfulness of processing based on your consent before its withdrawal. You may exercise that right at any time without additional costs to you by one of the following:
by sending us an email to termsofuse@gigsremote.com with clear statement that you withdraw you consent; or
by mail to our registered office at the attention of Privacy department.
In the event that you withdraw your consent for the processing of personal data we will, without undue delay and to the extent provided under applicable laws, erase the relevant data from our systems.
8. YOUR OTHER RIGHTS
8.1. You have the following rights with respect to your personal data and as provided under applicable laws:
right to access - at any time you may request information about the personal data we have for you and the purposes of processing;
right to rectification - you have the right to ask to rectify your data if they are inaccurate;
right to erasure, "the right to be forgotten". You should keep in mind that this is not an absolute right and applies in accordance with applicable laws. For example, you have the right to request the deletion of your personal data if it is no longer necessary for the purposes for which it was collected or otherwise processed, but only if there is no legal obligation upon us that requires further processing (e.g. some of your data to be further processed for accounting, control or compliance purposes). In any case, we will respect any lawful and legitimate request for erasure of your data;
right to restriction of processing - this is your right to request that we limit the processing operations with your personal data as provided under applicable laws, such as, for instance, if you dispute the accuracy of your data, for the verification period;
right to data portability - you may request that data provided directly by you and processed by automated means by us is transferred to you or to another controller. This right only being applicable where our processing of your data is based on your consent or on a contract with you;
right to object. In particular the right to object includes that you may object at any time to processing of your personal data which is based on: a) the performance of a task carried out in the public interest or in the exercise of official authority vested to us; or b) pursuing our or third party's legitimate interests; or) the purposes of direct marketing.
8.2. In order to exercise your rights, you may contact us at any time by sending us an email to termsofuse@gigsremote.com. We may need to verify your identity or to contact you with respect to your request.
8.3. In the event that you are established in the European Union you also have the right to lodge a complaint with a supervisory authority, in particular in the Member State of the EU of your habitual residence, place of work or place of the alleged infringement.
9. AUTOMATED DECISIONS
9.1. We may use software to search databases for relevant professionals and/or clients and suitable individuals. The software may be used to determine suitability for a specific role via targeted questions or criteria relating to the role and/or may identify individuals according to their characteristics. For instance, the software may enable us to quickly identify individuals who have specific professional skills, e.g. Java Developer, Ruby Engineer, etc. or relevant professional experience.
9.2. Where we use software to assist us with our assessment of your suitability for a particular project and you consider that any such assessment has been made wrongly or incorrectly, you may ask for an explanation. You may object to any decision, which significantly affects you, being taken solely by a computer, software or another automated process, if any.
10. STORAGE PERIOD
10.1. We will retain your personal information for as long as necessary for the respective purposes of the processing and to comply with our obligations under applicable laws.
10.2. In particular, we may retain personal data:
for the purposes of concluding and executing a contract or for provision of services - generally for 5 years from the date of performance or termination of the contract;
for accounting and control purposes - in accordance with the statutory accounting and auditing rules and principles (for instance for 5 years from the end of the respective tax year). The data processed with respect to other legal obligations will be retained until the respective obligation ceases to apply;
for marketing purposes - until you withdraw your consent (if applicable) or until you object to processing or for two years as from our latest contact with you that provides you the option to opt-out;
that we process for safety and security purposes - for 1 year, unless a law provides for shorter period.
10.3. You may stop communicating with us in social networks at any time and according to the tools of the relevant social network, for example, if you have liked our Facebook page, you may withdraw such like (unlike), and so on.
10.4. We will close and delete your profile on our Website if it is not active or if you are not using any services from GigsRemote for a consecutive period of two years.
11. CHANGES IN THIS PRIVACY POLICY
We may change this Privacy Policy from time to time and you may see the last revision date of this Policy at the end of the document. Where the changes in the Policy affect processing of your data on the basis of your consent, we will notify you of the new Policy and request your consent on it.
Effective Date: This Privacy Policy is effective from 30 August 2022.