(Current update November 1 2021. Please note, in case if terms described in this Privacy Notice are changed, Arvosoftware will take all reasonable measures in order to inform you prior to implementation of such changes)

1. Contact information for privacy matters

If you have any questions regarding your personal data, feel free to contact our Data Protection Officer via vga@wp.arvosoftware.com..

2. Sources of your personal data

Arvosoftware may collect and process information that

1. you personally provided to us in hard copies, sent by email or through messengers to our representatives,
2. we generate internally during performance of a contract between you and Arvosoftware,
3. you provide during interaction with our web sites, through cookies (please see Cookie policy for details) and web forms,
4. we obtain from third parties, integrated services or recruitment agencies,
5. we obtain from open sources, social media sources, public web sites or press releases.

Arvosoftware will not process your personal data if such is prohibited by applicable data protection laws or regulations.

3. Purposes of processing

Arvosoftware processes your personal data linked to particular purposes and corresponding legal bases outlined below:

• purposes to which you agree in a consent form;
• for the fulfilment of the contract as further specified in our contracts with employees, clients and consultants;
• in order to comply with legal obligations specified in a particular law or regulation;
• legitimate interests pursued by Arvosoftware group members, except where such interests are overridden by your interests or fundamental rights and freedoms.

Please expand the relevant section below for further information. Please consider that you may belong to more than one category. If you need further assistance, please contact our Data Protection Officer via vga@wp.arvosoftware.com..

In case Arvosoftware is planning to change the purpose of processing to such that is incompatible with the original one, we will contact you to provide you with further information on purposes for processing prior to it taking place, at all times ensuring appropriate legal basis for processing, which may include asking for your additional consent.

Arvosoftware does not process your personal data for automated decision-making, including profiling. For cases where automatic processing is performed, Arvosoftware will inform you additionally in the relevant section of this notice.

4. Recipients of personal data

Arvosoftware Group consists of the following entities: Arvosoftware Ltd (Ireland); Arvosoftware Ltd (England); Arvosoftware (Ukraine).

All your personal data will be kept strictly confidential and will not be disclosed to unauthorized third parties or made public without your prior notification by this notice or in person. Arvosoftware will not transfer your personal data internationally without reasonably ensuring that the rights and freedoms of you as the data subject are protected.

We never sell your data or share it with other third parties in order to obtain direct or indirect financial gains.

To obtain information about third-party recipients of your personal data, please expand the relevant section below. Please consider that you may belong to more than one category. If you need further assistance, please contact our Data Protection Officer via vga@wp.arvosoftware.com..

5. Where Arvosoftware stores your personal data

The data collected by Arvosoftware is stored within the information systems, owned and operated by Arvosoftware, and in the cloud systems. All information you provide to Arvosoftware is stored (including backups) within a secure environment certified in accordance with world-leading security standards (currently, ISO/IEC 27001:2013 “Information Security Management System”). Once Arvosoftware receives personal data from you, a third party or a public source, it will use all reasonable procedures and security measures to avoid unauthorised access, loss, disclosure or amendment of the personal data.

Please mind that transmission of information via the Internet (including by email) is not completely secure, and, although Arvosoftware will do its best to protect your personal data, we cannot guarantee the security of your data in transfer. Accordingly, please proceed with any such transmission at your own risk.

6. Storage period

We store your personal data for a limited period of time, which varies depending on type of data, the purposes of processing, legal requirements and duration of contractual relationship with Arvosoftware .
To obtain information about the storage period of your personal data, please expand the relevant section below. Please consider that you may belong to more than one category. If you need further assistance, please contact our Data Protection Officer via vga@wp.arvosoftware.com..

7. Your rights

As a data subject you have the following rights:

• right to obtain information in relation to your personal data;
• right to access your personal data;
• right to data portability;
• right to withdraw the consent;
• right to correct mistakes in your personal data;
• right to stop the unwarranted processing;
• right to be forgotten (erase your personal data);
• right to be aware of the existence of the automated individual decision-making and to object in this regard;
• right to lodge a complaint to a supervisory authority.

Sources of your personal data

Arvosoftware collects and process the information originated as follows:

• Information that you personally provide, e.g. by filling in questionnaires or during the communication with HR department specialists, information entered into IT systems to which you have been granted access with, provided on paper or sent in corporate emails.
• Information collected directly from you, including fingerprints for your unique identification for provision of access to Arvosoftware premises (if you consented for it).
• Information that you store at company-owned equipment provided to you;
• Data provided by third parties, e.g., information collected and provided to us by third parties for execution of a contract and maintenance of contractual relationship between you and Arvosoftware. This data may include feedback from clients that have experience of working with you, background check results, compliance check results, whistle-blower reports or feedback from Arvosoftware client representatives;
• Data generated internally, e.g.,your login in the systems, logs of performed actions in the internal systems and corporate network, CCTV footage, videos created during interview with you, corporate structure data, collaboration history, data obtained from your team leads, other Arvosoftware.

Types of information

Arvosoftware collects and processes the following types of information:

• For the purpose of maintenance of employment records:
name, surname, date of birth, gender, citizenship, marital status, division, department, position, passport details, passport scan, tax id scan copy, marriage certificate, birth certificate, social security number, driving licenses, relatives’ passport, email, phone number, skype, registration address, residence address, country, town, education, diplomas, certificates, employment history, work experience, CV, references, contracts and amendments to the contracts, start date, end of probation date, background check results, evaluation (after interview), link to social profiles, job satisfaction surveys, information about unavailability reasons (including health certificates if applicable), reasons for termination of the employment
• For the purpose of maintenance of records for individual contractors/entrepreneurs:
  name, surname, date of birth, gender, citizenship, division, department, position, passport details, passport scan, tax id scan copy, social security number, email, phone number, skype, registration address, residence address, country, town, education, diplomas, certificates, employment history/work experience, CV, references, individual entrepreneur documents scans, individual entrepreneur reports, information about remuneration, contracts and amendments to the contracts, acts on performed work, start date, end of trial period, background check results, evaluation (after interview), link to social profiles, information about unavailability reasons (including health certificates if applicable), reasons for termination of contract
• For the purpose of workplace administration:
name, surname, position, passport number, email, phone
• For the purpose of ensuring a physical security within Arvosoftware premises or provision of parking spaces:
name, surname, photo, email, phone, passport number, project, license plate, car model, fingerprints, CCTV footage
• For the purpose of business trip management and related financial accounting:
name, surname, date of birth, phone, email, itinerary project, department, budget holder name, budget holder surname, travel dates, destination, passport scan copy, passport issuing date, passport expiration date, passport number, citizenship, tax id scan copy, information from your ERM profile, reservation details, travel documents, travel costs
• For the purpose of event organisation, including holiday events for kids: name, surname, date of birth, gender, citizenship, division, department, position, project, email, phone, location, photo, video interviews, name and surname (of a child), date of birth (of a child), photo and video with participants of the events
• For the purpose of background and compliance check:
name, surname, passport id, tax id scan copy (in some of the locations), information obtained during the check from publicly available and generated sources
• For the purpose of providing reports to the local authorities in some countries upon request and compliance with local legislations with respect to social protection and fair working environment (including Royal Decree-Law 8/2019 in Spain): 
name, surname, gender, national id, SSN, Arvosoftware email, location, working hours, days of absence

Please review our corporate policies and procedures to obtain more information about personal data processing practices in Arvosoftware.

Purposes of processing

Arvosoftware processes data for the fulfilment of the contract or in order to comply with legal obligations specified in a particular law or regulation, which may vary in countries where we operate. When personal data is processed based on a legitimate interest of Arvosoftware as an employer, partner or service provider we ensure that your interests as a data subject are not overridden by your interests or fundamental rights and freedoms. Data is processed for following purposes:

• Maintenance of employment records: Official employment documents processing, resourcing, team management, establishment of contractual relationships, employment, employment & performance of a contract, remuneration.
• Maintenance of records for individual contractors/entrepreneurs: Arvosoftware’s accounting and performance of contractual obligations, resourcing, team management, establishment of contractual relationships.
• Workplace administration: workplace location, office administration, procurement of services / equipment, user access management, postal services, business cards creation, provision of physical access to premises and parking slots, informing Arvosoftware by sending SMS to their personal phone numbers in case of emergency, obligatory evacuation requirement or massive troubleshootings of Arvosoftware networks disabling any other means of communication.
• Provision of benefits and payments to Arvosoftware: payments to Arvosoftware, medical insurance, pension fund reporting.
• Financial accounting and operations: financial accounting, reimbursement, payment of taxes, bank account opening, financial audit, financial reporting, payments for services, obligatory payments.
• Provision of access to information resources and hardware: provision access to information resources, software accounting, hardware accounting.
• Internal and external communication: communications, promo actions and marketing, event organisation, informing Arvosoftware by sending SMS to their personal phone numbers in case of emergency, obligatory evacuation requirement or massive troubleshootings of Arvosoftware networks disabling any other means of communication.
• Performance of services: software development, project delivery, management of the projects.
• Business trips management: business trips organization, business trips accountancy, taxi booking.
• Support during relocation to different offices of Arvosoftware and client sites: relocation, obtaining a work permit and visa opening, support during immigration, monitoring of visas and initiation of work and residence permit extension, related consulting.
• Operational support and maintenance: service request management, business continuity management, infrastructure support, system testing.
• Protection of Arvosoftware`s assets: Information security monitoring and troubleshooting.
• Time tracking for employees in selected locations:collection, processing and storage of information related to worked hours, vacations, days of absence, required to provide reports to the Governmental Authorities according to local regulations.
• Education, knowledge and performance management.
• Whistleblowing.
• Background and compliance checks.

Recipients

Your personal data may be wholly or partially disclosed to the following third parties:

• companies of the Arvosoftware;
• client, whom you are providing services too, for performance of a contract;
• external accounting service providers in your country, for provision of accounting and payment services;
• external tutors, knowledge management providers or other service providers that assess your performance and may suggests for you points for improvement;
• external providers of benefits;
• external providers that provide services of transportations, accommodation or other service providers that may support during business trip;
• external auditors;
• service providers supplying and servicing our internal system;
• attorneys and legal councils;
• banks and other financial service providers for transfer of remuneration for your services;
• governmental entities where required by law or mandatory order;
• third parties that issues visas and work permits, including embassies, immigration offices, etc., if you requested a relocation;
• landlords and other providers of physical security services in our offices;
• security operation centres and other service providers;
• printing service providers.
• telecommunication services providers.

Retention period

Based on the type of processed personal data, it may be stored for a different period of time from 1 month (CCTV video records and some logs) up to a period of time that is required by applicable law. If you need more information, please, contact our Data Protection Officer via vga@wp.arvosoftware.com..

Data Protection and COVID-19

This Notice is designed to advise you about how we may seek to collect and hold additional personal data about you in relation to the unprecedented challenges we are all facing during the Coronavirus pandemic (COVID-19).
In addition to listed above information, during this time we collect the date and time of the office visit, record of chosen by you desk, as well as voluntarily provided to us information by you and/or your colleagues about COVID-19 cases and potential contact circles within the Arvosoftware premises.

The above personal data will be used by our Facility Management Team and other relevant departments to ensure that Arvosoftware offices are compliant with the local requirements with respect to the prevention of the spread of COVID-19 during the pandemic. The information of your active booking will be visible to other Arvosoftware for them to be able to plan office visits based on the current desk availability. This is because not all Arvosoftware will be able to attend offices simultaneously and the desk booking system is intended to ensure that every Arvosoftware visit to the office is as pleasant and convenient as possible during the pandemic.
We will also use the bookings history if there happens to be a reported COVID-19 case in the office in order to identify the Arvosoftware who potentially may have been in contact with the carrier. Please note that in this case, Arvosoftware will contact you via business email or personal phone number you have shared with us to provide you with emergency information.
Your personal data will be kept confidential at all times and will not be disclosed to any third party, except in the following cases:

• booking process – to a third-party provider of the workplace booking and management system, Office Space Software.
• email distribution and emergency information provision – to third-party providers of global or local email/telephone communication services, e.g. G Suite by Google, Inc.)

The data collected by Arvosoftware is stored within the information technology systems owned and operated by Arvosoftware, as well as in cloud-based systems. We will only keep your information for as long as it is necessary, that is during the quarantine measures in the countries where Arvosoftware has offices, taking into account government advice and the on-going risk presented by COVID-19.

If you have any questions regarding your personal data, please contact the Data Privacy Team via vga@wp.arvosoftware.com..Candidates

Types of information

Arvosoftware collects and processes any information that was provided by you directly to us or by the companies acting as recruitment agencies or your referees. Arvosoftware processes your personal data including your name, email, phone, skype, links for social media profiles, work experience, technologies, education, location, feedback from interviewers and client representatives etc. We do not collect sensitive personal data for recruitment purposes. Please note that in case you provide sensitive data voluntarily, for example by including it in your CV, Arvosoftware may store this personal data in files that you provided, which become attached to your profile in our internal systems, but will not process or use the data for other purposes than storage.

Purposes of processing

All personal data is collected and processed only for the following purposes:

• entering your information into Arvosoftware’s internal systems in order to provide additional offers about open vacancies that may be interesting for you;
• establishment of a contractual relationship between you and Arvosoftware. Additional information may be requested from you by Arvosoftware Recruitment representatives in order to prepare the contract of proceed with background and compliance checks;
• technical maintenance of our internal systems, including data back-up, data migration without any modification of your personal data.

Recipients

Your personal data may be wholly or partially disclosed to the following third parties:

• companies of the Arvosoftware Group;
• email service provider if the data is transferred to us via Internet;
• our client representatives if they are participating in candidates interview and approval for opened positions;
• service providers supplying and servicing our internal system for candidates relations management.

Retention period

Retention period of your data may vary based on current legislative requirements. Generally, Arvosoftware does not store your personal data for a period longer than 3 years from the last contact with you, if you provide your consent for personal data processing, or 3 month, if you did not provide such consent. If you would like to be erased from the Arvosoftware candidates database earlier, please contact our Data Protection Officer via vga@wp.arvosoftware.com..

Background checks

Arvosoftware performs background and compliance checks in order to protect Arvosoftware and our clients confidential information and ensure a safe environment within the organisation. Background checks performed based on the legitimate interest of Arvosoftware, considering that GDPR principles such as proportionality and data minimization are implemented.

Checks performed based on the following information provided by you: full name, citizenship, country of residence, birth date, national identity document series and number (in some of the countries) and Tax ID (in some of the countries).

We perform checks via open sources, aggregated open sources or medias against following parameters: illegal or criminal activity, embezzlement, fraud, corruption or bribery; money laundering and slave trafficking; appearance in the sanction lists; conflicts of interest and/or relationships with persons on the sanction lists, or persons connected to government officials, large financial corporations and political parties.

Foundings of background and compliance checks will be communicated to you by Arvosoftware representatives. Arvosoftware will keep results of the check confidential and will not disclose it to any third parties, this information kept with absolute care and only available to specialists of the Compliance Department and management.

Data will be retained according to the requirements of applicable legislation and in any case for no longer than 3 years from the data of check.
Parameters of background checks and data used during the checks may vary in countries where Arvosoftware operates. Detailed information will be provided to you by the Arvosoftware Recruitment representative.Office Visitors

Types of information

Arvosoftware processes personal data like your contact details and full name, email, date and time of visit, signature, and video records created during your visit.

Purposes of processing

All personal data is collected and processed only for the following purposes:

• to ensure the physical and information security of the premises;
• to protect your safety during the visit of the premises;
• to provide you with other administrative services (taxi, catering services, etc.) to ensure that your visit to Arvosoftware`s premises will be pleasant and convenient.

Recipients

Your personal data may be wholly or partially disclosed to the following third parties:

• companies of the Arvosoftware Group;
• service providers supplying and servicing maintenance of the visitor management system;
• service providers of physical security guard services;
• email service providers if data is transferred via email;
• business centre owners and other administrative service providers (taxi service, catering service) which ensure that your visit to Arvosoftware`s premises will be pleasant and convenient.

Retention period

Based on the type of information your personal data may be stored in our internal systems for up to 3 years, however, video records created during your visit are stored for no longer than 1 month. If you would like to obtain more details, please contact our Data Protection Officer via vga@wp.arvosoftware.com..Web-Site Visitors

Types of information

During visiting our web-site Arvosoftware may collect information directly entered by you in contact us forms or through cookies, beacons and other trackers. In this case, Arvosoftware may process your personal data which include your IP, location, visited web pages on our web-site, and, if you filled “contact us form”, your name, email, phone and country and ifromation in text of the message.
All personal data is collected and processed only for the following purposes:

• to ensure stable operation of Arvosoftware web site;
• to monitor popularity of our publication and web-pages;
• to provide relevant information on our web site and web sites of our partners.

Recipients

Your personal data may be wholly or partially disclosed to the following third parties:

• companies of the Arvosoftware Group;
• our partners which may deliver relevant information to you through advertisement, publications and other materials;
• email service provider if the data is transferred to us via email or “contact us” form;
• service providers supplying and servicing our internal system for customer relation management;

Retention period

Information collected through cookies, beacons and other trackers is retained no longer than 6 months, however, based on collected information impersonalised and aggregated statistics can be created and processed.
Information entered by you in “contact us” form can be stored and retained for 12 months from the last contact date (please see section for representatives of potential clients for additional information).

Types of information

Arvosoftware collects and processes information provided by you if you were invited as speaker to one of the events organised by us. In this case, Arvosoftware processes personal data like your name, email, photo, and professional experience. Arvosoftware also may process photos and videos to which you are a participant.

Purposes of processing

Your personal data is collected and processed based solely on your consent (unless we pay you for the event, in which case please refer to the section about Representatives of Vendors and Service Providers) in order to publish information at external web sites to invite participants to the event or to publish event report or other materials.

Recipients

• companies of the Arvosoftware Group;
• email service provider if the data is transferred to us via email;
• external web resources promoting the event and streaming providers.

Retention period

Retention period of personal data at the external resources is defined by the resource where personal data will be published. If you request deletion of your personal data Arvosoftware will take all reasonable efforts to delete such published information.Representatives of Potential Clients

Types of information

Arvosoftware collects and processes information that is provided by you or other individuals on your behalf, as well as information available on public and open sources. In this case, Arvosoftware processes personal data related to the company or business you represent, including your name, email, job position, linkedIn profile etc.

Purposes of processing

All personal data is collected and processed only for the following purposes:

• to establish a contractual relationship between your company and Arvosoftware;
• to enter your information into internal IT systems in order to contact you with information related to our service offerings.

Recipients

Your personal data may be wholly or partially disclosed to the following third parties:

• companies of the Arvosoftware Group;
• email service provider if the data is transferred to us via email;
• service providers supplying and servicing our internal system for customer relation management.

Retention period

Personal data is retained for 12 month from the last contact, unless the contractual relationships are established.Representatives of Current or Former Clients

Types of information

Arvosoftware collects and processes information that is provided by you, other individuals from your company and/or entered into written contracts between your company and Arvosoftware. In this case, Arvosoftware processes personal data related to the company or business you represent like your name, email, company name and address, job position, phone number, social profile reference, Skype, emails sent from you to Arvosoftware etc.

If you require to obtain access to Arvosoftware premises and consented to use Arvosoftware`s fingerprint access system, Arvosoftware will collect and process your sensitive personal data, namely fingerprints. This is purely for your convenience and you may opt for using an access badge instead without any detriment.

Purposes of processing

All personal data is collected and processed only for the following purposes:

• to enter your information into internal IT systems in order to contact you with information related to our service offerings;
• to establish contractual relationship between your company and Arvosoftware;
• to execute the contract with your company and to maintain a good relationship with your company and its representatives;
• to prepare business cases and marketing materials with mentioning your company representatives in order to promote image of your company`s and Arvosoftware`s business (where permitted by contract);
• to invite your company’s representatives to participate in the events organised and hosted by Arvosoftware;
• to inform about changes in performance of the services and additional arrangements, if required;
• to provide information requested by your company or its representatives.

Recipients

Your personal data may be wholly or partially disclosed to the following third parties:

• companies of the Arvosoftware Group;
• email service provider if the data is transferred to us via email;
• service providers supplying and servicing our internal system for customer relation management;
• phone helpline service provider if you requested any kind of support via helpline;
• electronic signature service provider if contract with you was signed in electronic format;
• satisfaction survey organiser if you participate in customer satisfaction survey.

Retention period

Client and Client representative personal data is stored for 6 years after the end of contractual relationship with the Client. Contractual data may be stored by Arvosoftware longer, if it is required by law.
If personal data belongs to individual who is no longer represent a Client personal data may be deleted immediately (except email correspondence which may be used in order to execute contract with the Client) after provision of information to consideration of Arvosoftware’s Data Privacy Team via vga@wp.arvosoftware.com..Representatives of Vendors and Service Providers

Types of information

Arvosoftware collects and processes information that is provided by you, other individuals from your company or is entered into written contracts between your company and Arvosoftware. In this case, Arvosoftware processes personal data like your name, email, company name and address, job position, phone number, social profile reference, Skype etc.

If you require to obtain access to Arvosoftware premises and consented to use Arvosoftware`s fingerprint access system, Arvosoftware will collect and process your sensitive personal data, namely fingerprints. This is purely for your convenience and you may opt for using an access badge instead without any detriment.

Purposes of processing

All personal data is collected and processed only for the following purposes:

• to enter your information into internal IT systems in order to contact you with information related to services that is provided by your company and / or you;
• to establish contractual relationship between your company and Arvosoftware;
• to execute the contract with your company and to maintain a good relationship with your company and its representatives;
• to inform about changes in performance of the services and additional arrangements, if required;
• to provide information requested by your company or its representatives.

Recipients

Your personal data may be wholly or partially disclosed to the following third parties:

• companies of the Arvosoftware Group;
• email service provider if the data is transferred to us via email;
• service providers supplying and servicing our internal system for customer relation management;
• electronic signature service provider if contract with you was signed in electronic format.

Retention period

Personal data is retained during performance of a contract with a Vendor or service provider plus the amount of time that is defined by law in your country.

If personal data belongs to an individual who no longer represents a Vendor or service provider, personal data may be deleted immediately after provision of information to consideration of Arvosoftware’s Data Privacy Team via vga@wp.arvosoftware.com..Non-Arvosoftwareers Participating in Relocation Plan

Types of information

When Arvosoftware supports you with relocation to other country we collect and process the following information (required information may vary based on the requirements of visa provision in country you are relocated to):

• Information about an individual applying for relocation to one of Arvosoftware`s offices: name, surname, maiden name (if applicable), date of birth, place of birth, nationality, current address, passport number, phone, email, registration address, marital status, countries of legal residency in the last 5 years, parents’ names, education, scan copy of travel passport, scan copy of previous travel passport, scan copy of national passport, photo, scan copies of diplomas, certificates, labour book, bank statement, individual entrepreneur registration documents, relocation country, native country, marital status, number of children, visa issue date, visa expiry date; residence permit number and expiry date, parents’ information (including name, surname, maiden name, data of birth), personal data of the family member who is an EEA citizen (including name, surname, maiden name, date of birth, social security number, if applicable).
• Information about adult dependents of the individual: name, surname, maiden name (if applicable), citizenship, relationship with the individual being relocated, phone, email, registration address, nationality, full names of parents, photo, passport number, date of birth, nationality at birth, place of birth, marital status, scan copy of travel passport, scan copy of previous travel passport, scan copy of national passport, travel passport number, date of issue, date of expiry, issuing authority, national passport number, tax number, US social security number (if applicable), address, email, phone, countries where the person lived, current occupation, Schengen and national visa information, parents’ information (including name, surname, maiden name, data of birth), personal data of the family member who is an EEA citizen (including name, surname, maiden name, date of birth, social security number, if applicable), scan copy of tax ID, scan copies of diplomas, certificates, labour book, relocation country, native country, number of children, visa issue date, visa expiry date; residence permit number and expiry date.
• Information about children participating in relocation: name, surname, gender, citizenship, place of birth, date of birth, passport number, US social security number (if applicable).

Purposes of processing

All personal data is processed in order to support your approved relocation (including information about your dependents and children, if applicable) to one of Arvosoftware`s offices of your choice or to our client’s location. Please note that you may always refuse collection and processing of your data and obtain work permit and visa without assistance by Arvosoftware.

Recipients

Your personal data may be wholly or partially disclosed to the following third parties:

• companies of the Arvosoftware Group;
• email service provider if the data is transferred to us via email;
• attorneys supporting visa opening process;
• embassies and immigration offices of the destination country;
a client sponsoring of your relocation;
• service providers used for exchange of information between you, Arvosoftware and the above third parties.

Retention period

Personal data is retained during performance of contractual relationships with relocated individuals plus 1 year.