IdeaSoft

Terms & Privacy

From designing visual identity to creating complex enterprise digital solutions - we can help you to achieve any goal with the best UX/UI practices

Industries
  • 01 GDPR
  • 03 Privacy Policy
  • 04 Privacy Notice

GDPR

Ideasoft is Taking Data Privacy Seriously

What is the GDPR?

The General Data Protection Regulation (GDPR) comes into force on 25 May 2018. The GDPR will automatically become law in all 28 Member States of the European Union and the European Economic Area (EU/EEA).

The aims of the GDPR are to:

  • Harmonize data privacy laws across the EU;
  • Modernize data privacy laws in the light of technological change;
  • Enhancement the rights of individuals;
  • Increase the accountability requirements and obligations for data controllers and data processors;
  • Ensure better records and evidence of compliance with data protection legislation and more transparency as to how data is used, by whom it is used and for what.

The GDPR applies to businesses (whether in the EU or not) that are processing the personal data of individuals in the EU including the personal data of GL customers, their end clients and employees.

What is Ideasoft doing about the GDPR?

Ideasoft processes personal data both as a controller and as a processor and we take our obligations under the GDPR very seriously. In order to prepare for the new regime, we have undertaken a program of activities including:

  • An audit of our global data processing activities;
  • An assessment of data security across our group;
  • Updates to our training, policies and procedures;
  • Ensuring that appropriate terms are in place with our vendors acting as data processors and sub-processors.
  • Updates to our Use of Cookies and similar technology in our website, marketing emails and our mechanisms for allowing customers to express their marketing preferences.

What are Ideasoft’s commitments to customers and data subjects?

Ideasoft is committed to complying with the requirements of the GDPR in practice; this means that we are committed to do the following when we are processing data for our customers:

  • We only process personal data, that you control and for which you are responsible, at your request, in accordance with the agreement we have with you, a written instruction or as required by law;
  • We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risks that are presented by the processing, which may include End Point, Gateway and Server Level Security at our premises, strong password polices, daily anti-virus updates, use on encryption, SSL VPN for external access, secure access over wired and wireless networks to our systems, central patch management, access control, polices and training among others.
  • We take all reasonable steps to ensure that only authorized personnel subject to confidential obligations have access to the personal data;
  • We will only engage sub-processors to assist in the performance of the services we deliver to you, with your consent. We will hold sub-processors to terms no less onerous than these commitments made to you;
  • We will not deliberately do anything to place you in breach of the GDPR and will tell you if we become aware that your instructions run contrary to what the GDPR permits;
  • We will assist you to fulfil any requests received by data subjects (individuals) to exercise their rights or any regulator requests;
  • We will inform you straight away after becoming aware of any breach or suspected breach that might compromise your data or put it at risk;
  • Where we need to transfer personal data out of the EU/EEA, we will do so subject to appropriate legal safeguards.

The above list is not exhaustive and Ideasoft is committed to meeting all of its obligations as processor of personal data controlled by our customers or their end clients under the GDPR.

If you have any questions about our approach to data privacy please contact privacy@ideasoft.io and we will be happy to discuss with you further.

IdeaSoft Grupp OU

Harju maakond, Tallinn, Kesklinna linnaosa,

Endla tn 4, 10142,

P: +1-646-980-4261

F: +1-646-749-6363

E: privacy@ideasoft.io

Privacy Policy

Ideasoft Grupp., together with its subsidiaries (“IDEASOFT”) has created this Privacy Policy in line with IDEASOFT’s commitment to your privacy on IDEASOFT websites and marketing initiatives. The following discloses IDEASOFT’s information gathering, dissemination and protection practices.

Compliance

If you do not agree to the terms of this Privacy Policy, please do not access or use IDEASOFT websites. If you wish to stop receiving IDEASOFT marketing materials then please click on the following link to unsubscribe.

Collection of information

IDEASOFT collects information to provide better services to its users and to better understand the visitors to its websites and what content is of interest to them. IDEASOFT collects information in the following ways:

  • information you affirmatively choose to submit to us (such as your name, email address, company name, title, country) for the purpose of accessing various downloads, viewing specific content, subscribing to IDEASOFT newsletters, registering for events and your preferences in receiving marketing from IDEASOFT and its third party partners and your communication preferences, etc. Information we have obtained about you from publicly available sources such as social media, marketing platforms or on events, you attended. You will receive marketing communications from IDEASOFT if you have requested information from IDEASOFT or you or your employer has purchased services from IDEASOFT;
  • information IDEASOFT receives from your use of IDEASOFT websites, such as the IP address, browser type, ISP, referring/exit pages, platform type, date/time stamp, number of clicks, domain name and country/state of all visitors to IDEASOFT’s websites;
  • location information when you use IDEASOFT’s websites as IDEASOFT may collect and process information about your location. IDEASOFT use various technologies and tools to determine location;
  • information that is considered aggregated data such as statistical or demographic data which IDEASOFT may use for any purpose. Aggregated data may be derived from your personal information but is not considered personal information in law as it does not directly or indirectly reveal your identity, unless IDEASOFT combines or connects aggregated data with your personal information so that it can directly or indirectly identify you;

IDEASOFT collects technical data from various third parties and public sources as, such as: analytics providers, advertising networks, search information providers

Other than as required by law, IDEASOFT websites do not collect any special categories of personal information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). IDEASOFT will not collect any information about criminal convictions and offences.

IDEASOFT will only use your personal information for the purposes for which it was collected, unless it reasonably considers that it needs to use it for another reason that is compatible with the original purpose. If IDEASOFT needs to use your personal information for an unrelated purpose, IDEASOFT will notify you and explain the legal basis which allows IDEASOFT to do so.

Sharing of information

IDEASOFT may disclose your personal information to the following categories of recipients:

  • to its group companies, professional advisers, third party services providers and partners who provide data processing services to IDEASOFT (for example, to support the delivery of, provide functionality on, or help to enhance the security of IDEASOFT websites), or who otherwise process personal information for purposes that are described in Privacy Notices or notified to you when IDEASOFT collects your personal information. A list of IDEASOFT’s current group companies is available upon request.
  • to any competent law enforcement body, regulatory, government agency, court or other third party where IDEASOFT believes disclosure is necessary (a) as a matter of applicable law or regulation, (b) to exercise, establish or defend its legal rights, or (c) to protect your vital interests or those of any other person.
  • to any other person with your consent to the disclosure.

Legal basis of processing

If your personal information is protected by EU data protection law, IDEASOFT’s legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which IDEASOFT collects it.

However, IDEASOFT will normally collect personal information from you only (a) where it needs the personal information to perform a contract with you, (b) where the processing is in its legitimate interests and is not overridden by your rights, or (c) where it has your consent to do so. In some cases, IDEASOFT may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.

If you have questions about or need further information concerning the legal basis on which IDEASOFT collects and uses your personal information, please contact IDEASOFT using the contact details provided under the “Contact Details” heading below and in the right-hand side column.

Use of information

Any information collected by IDEASOFT will be done in accordance with this Privacy Policy for the purposes of making better business decisions, supporting the activities you choose to engage in, and providing higher quality solutions and services to IDEASOFT’s customers. IDEASOFT uses your location information to tailor your experience with IDEASOFT websites. It may also use any non-personal information collected to enhance IDEASOFT websites, and your IP address for website diagnostics and administration. IDEASOFT will only retain your personal information for as long as necessary to fulfil the purposes it was collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal information, IDEASOFT considers the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which IDEASOFT processes your personal information and whether it can achieve those purposes through other means, and the applicable legal requirements.

International transfers

IDEASOFT processes information on servers in many countries around the world and you consent to your personal information being processed on a server located outside the country in which you reside. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective). However, IDEASOFT has taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Policy, including, utilizing the European Commission’s Standard Contractual Clauses for transfers of personal information between its group companies, which requires all group companies to protect personal information being processed from the European Economic Area to an equivalent standard to that required under European Union data protection law.

Information security

IDEASOFT protects your personal information in the same way that it protects its other confidential information, such as storing it on secure servers that only select IDEASOFT personnel have access to, and by encrypting it to help prevent access by any unauthorized parties. IDEASOFT has put in place procedures to deal with any personal information breach and will notify you and any applicable regulator of a breach when legally required to do so.

Marketing

As explained above, IDEASOFT will collect and use your personal data for marketing purposes. Your data will be stored in our CRM system. We will use your data to inform you about IDEASOFT products and services we think may be of your interest and sending you our newsletters. For statistical purposes, we will collect information about your response to our emails and our interaction with you to make decisions on future marketing. If you wish to stop that we collect and use this information please click here

Links

IDEASOFT websites contains links, plug-ins and applications to various third-party websites. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. IDEASOFT has no control over, and is not responsible for the content, privacy policies or reliability of such third-party connections. When you leave IDEASOFT’s website, IDEASOFT encourages you to read the privacy notice and privacy policy of every website you visit.

Your data protection rights

If your personal information is protected by EU data protection law, you have the following data protection rights which you may be able to exercise by contacting IDEASOFT using the contact details provided under the “Contact Details” heading below and in the right-hand side column:

  • If you wish to access, correct, update or request deletion of your personal information, you can do so at any time by contacting IDEASOFT.
  • In addition, you can object to processing of your personal information, ask IDEASOFT to restrict processing of your personal information or request portability of your personal information by contacting IDEASOFT.
  • You have the right to opt-out of marketing communications that IDEASOFT sends you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing emails IDEASOFT sends you or by using the relevant opt-out mechanism for non-email-based marketing.
  • Similarly, if IDEASOFT has collected and processes your personal information based on your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing IDEASOFT conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
  • You have the right to complain to a data protection authority about IDEASOFT’s collection and use of your personal information. For more information, please contact your local data protection authority.

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, IDEASOFT may charge a reasonable fee or refuse to comply with your request if your request is clearly unfounded, repetitive or excessive. IDEASOFT tries to respond to all legitimate requests within one month. Occasionally, it may take longer if your request is particularly complex or you have made a number of requests. In this case, IDEASOFT will notify you and keep you updated.

Cookies

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies some parts of IDEASOFT websites may become inaccessible or not function properly. For more information about the cookies that IDEASOFT uses, please see IDEASOFT’s Cookie Policy.

Changes to the policy

IDEASOFT reserves the right to modify or amend this Privacy Policy at its own discretion from time to time. The changes can be viewed here or elsewhere on IDEASOFT websites. Your continued use of IDEASOFT websites constitutes your acceptance of those changes.

This version was last updated on 06 September 2019 and historic versions can be obtained by contacting IDEASOFT.

Contact details

It is important that the personal information IDEASOFT holds about you is accurate and current. Please keep IDEASOFT informed if your personal information changes during your relationship with IDEASOFT. Additionally, if you have any questions about this Privacy Policy, the practices of IDEASOFT websites or your interaction with IDEASOFT via IDEASOFT websites, please contact:

IdeaSoft Grupp OU

Harju maakond, Tallinn, Kesklinna linnaosa,

Endla tn 4, 10142,

P: +1-646-980-4261

F: +1-646-749-6363

E: privacy@ideasoft.io

Privacy Notice – Applicants

IdeaSoft Grupp OU. (“IDEASOFT”) is committed to protecting the privacy and security of your personal information.

This privacy notice describes how we collect and use personal information about you during and after your application process, in accordance with the General Data Protection Regulation 2016 (“GDPR”).

This privacy notice applies to all applicants based in the European Economic Area and Switzerland. We may update this privacy notice at any time. Where we can, we will notify applicants of substantial changes to the privacy notice.

This privacy notice should be read in conjunction with the general privacy notice for general use of our corporate websites.

IDEASOFT is a "data controller". This means that we are responsible for deciding how we hold and use personal information about you. We have set out below the full details of the relevant IDEASOFT entity based on the country of the role you are applying for and the entity which decides how we process your personal information and is the data controller for data protection purposes.

We are required under data protection legislation to notify you of the information contained in this privacy notice.

This privacy notice does not imply in any way any contract of employment or contract for services or any other relationship between you and IDEASOFT.

It is important that you read this privacy notice so that you are aware of how and why we use your personal data.

The kind of information we hold about you

Personal data, or personal information, means any information, by itself or combined with other information, about an individual from which a person can be identified. It does not include data where the identity has been removed (anonymous data).

There are "special categories" of more sensitive personal data which require a higher level of protection. We do not routinely collect, store or use any special categories of personal data as part of our recruitment activities.

We may collect, store, and use the following categories of personal information about you:

  • Personal contact details such as name, title, addresses, telephone numbers, and personal email addresses;
  • Date of birth;
  • Your CV, professional social media profile if used as part of an application such as LinkedIn, cover letter, application forms and other information regarding your employment history such as dates of employment, job titles, job descriptions, skills, reason for leaving, previous salary and benefits information, any photographs of you contained in your CV, areas of interests, notice periods/availability for employment;
  • Your salary expectations and details of any offers made by us to you and your responses;
  • Interview history, questions, notes and technical assessment results;
  • Your feedback on IDEASOFT’s recruitment process;
  • How we obtained your data – from an application by you, through an agency or from a third-party website that you had used to seek employment;
  • CCTV footage from attendance at any IDEASOFT sites where we control the CCTV systems and any recordings of online video meetings.

If you use your online candidate profile using ideasoft.io we will also collect, store, and use the additional following categories of personal information about you, such as:

  • Your username and data required for log-in;
  • Your log in frequency and activity;
  • What software, devices or hardware you use to access your profile;
  • Your profile preferences and other forms you may complete in the online profile;
  • Any privacy or communication channel and frequency preferences.

How is your personal data collected?

We mainly collect personal information about applicants from:

  • Directly from you, such as using our website ideasoft.io/careers, email applications or at a recruitment fair;
  • From recruitment agencies that you are registered with and have agreed for them to provide us with your application information;
  • From current IDEASOFT employees or contractors, with your prior permission, as part of our internal referral program;
  • From third party websites and job boards that you have used to seek employment such as LinkedIn, Xing, Jobs.bg, Pracuj, Profession.hu;
  • From third party websites that help us obtain your contact details only from publicly available sources (if we do not already have it)

How we will use information about you?

We only use your personal information for the following purposes and legal bases:

Purpose Personal Data used Legal basis

Allow you to register, set up and maintain an online profile

  • Your personal contact details;
  • Your username and data required for log-in;
  • Your profile preferences and other forms you may complete in the online profile;
  • Any privacy or communication channel and frequency preferences

It is necessary for entering into or performing a contract with you

It is necessary for IDEASOFT’s legitimate interests in tracking recruitment and managing its external talent pool which are not overridden by your interests or your fundamental rights and freedoms which require protection of personal data

Considering you for and contacting you about the role you applied for or other potential suitable roles on an individual basis

  • Your personal contact details;
  • Your CV, professional social media profile if used as part of an application and other information regarding your employment history;
  • Your salary expectations and details of any offers made by us to you and your responses;
  • Interview history, questions, notes and technical assessment results;
  • Any recordings of online video meetings;
  • How we obtained your data – from an application by you, through an agency or from a third party website that you had used to seek employment

It is necessary for IDEASOFT’s legitimate interests in tracking recruitment and managing its external talent pool which are not overridden by your interests or your fundamental rights and freedoms which require protection of personal data

Your consent for IDEASOFT to retain your data, only if you expressly agree, as set out below

Contacting you about roles as part of a recruitment campaign (if you have opted in)

  • Your personal contact details;
  • Any privacy or communication channel and frequency preferences

Your consent for IDEASOFT to contact you with information about jobs as part of our recruitment campaigns, if you have opted in

Updating you on any changes to our privacy notice, security updates, changes to our website or online profile area

Your personal contact details

It is necessary for compliance with legal obligations, such as in the areas of data protection law and corporate compliance laws

Making a decision about your recruitment or appointment at IDEASOFT

  • Your CV, professional social media profile if used as part of an application and other information regarding your employment history;
  • Your salary expectations and details of any offers made by us to you and your responses;
  • Interview history, questions, notes and technical assessment results;
  • Any recordings of online video meetings

It is necessary for entering into or performing a contract with you

Internal reporting and understanding how we can improve our internal recruitment processes and website

  • Your feedback on IDEASOFT’s recruitment process;
  • Your log in frequency and activity;
  • What software, devices or hardware you use to access your profile;
  • Your profile preferences and other forms you may complete in the online profile;
  • Any privacy or communication channel and frequency preference

It is necessary for IDEASOFT’s legitimate interests in tracking recruitment and managing its external talent pool which are not overridden by your interests or your fundamental rights and freedoms which require protection of personal data

Physical security of our people, visitors and property

CCTV footage from attendance at any IDEASOFT sites where we control the CCTV systems

It is necessary for IDEASOFT’s legitimate interest in protecting the physical security of its people, visitors and property which is not overridden by your interests or your fundamental rights and freedoms which require protection of personal data

Data Sharing

Where you are represented by a recruitment agency, we will share information about your recruitment activity (such as interview feedback, any offers etc) so they can discuss this with you.

Given the nature of IDEASOFT’s business, from time to time our clients would like to receive summary CVs of applicants like you, as well as our existing employees. We aim to first provide anonymized summary CVs but this is not always possible. We will do our best to inform you of any such disclosure in advance.

In order to understand how we can improve our internal recruitment processes; we may use a third party survey provider to (i) send you an invitation to a survey and or (ii) collect your responses. Typically, we only share your name and email address. Only team leaders and recruitment managers in IDEASOFT’s appropriate Talent Acquisition teams will have access to replies from applicants under their remit. Your replies will not affect the progress or outcome of any recruitment process with IDEASOFT.

We may also use third party communication providers to help us manage communications around our recruitment and information campaigns. Typically, we will only share your name and email address.

We may also need to use third party service providers, for example, to help host our websites or servers. We contractual terms in place to protect your personal data.

We will share your data with other companies within the IDEASOFT group only for the purposes set out above.

However, to ensure that your personal information does receive an adequate level of protection we have put in place an intragroup data transfer agreement to ensure that your personal information is treated in a way that is consistent with and which respects the EU laws on data protection. If you require further information about this protective measure, you can request it from privacy@ideasoft.io.

We may need to disclose all or any part of your personal information if required to do so by law, or pursuant to a request from a governmental or regulatory entity/body or if we believe in good faith that such disclosure is necessary to (1) comply with legal or regulatory requirements or for the purposes of compliance with legal process; (2) prevent crime; (3) prevent any terrorist activity or threat to national security; (4) protect the safety or wellbeing of users of our staff or any other person.

Data Security

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal information to those employees, contractors and third parties who have a business need to know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality. Details of these measures may be obtained from privacy@ideasoft.io

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

Data retention

How long we will keep your information for?

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

After an unsuccessful application, we will aim to keep some or all of your personal data to the extent we need to for a period of 6 months after the last activity to consider you for any other job openings across the IDEASOFT Group and for legal/record keeping purposes.

IDEASOFT has asked you to consent to us storing your personal data after that initial period. Where you have given us your consent, we apply the following retention guidelines to your personal data:

  • After 6 months of no activity, we will minimize your personal data but at a minimum will retain your CV and information contained in it.
  • Within two years of no activity, we will aim to contact you to understand whether there are any roles at IDEASOFT which may be suitable for you. We may also contact you at any point up to this period, if we consider we have a potential suitable position for you and if you have opted in to receive any information generally about our recruitment campaigns.
  • If we do not hear from you, we will either delete your profile or archive your profile and create a dummy profile with only one data field (such as your email address) to help link any future applications.

You may withdraw your consent to IDEASOFT retaining your personal data beyond the initial 6 months period after an unsuccessful application.

If you do not consent to the retention of your data as set out here or you withdraw your consent, after 6 months of no activity or unsuccessful application, IDEASOFT will take reasonable steps to either delete your profile or archive your profile and create a dummy profile with only one data field (such as your email address) to help link any future applications. This will not affect your ability to receive information on our recruitment campaigns.

In some circumstances, we may anonymize your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.

Recruitment campaigns

You can opt into receive information about our recruitment campaigns from IDEASOFT.

You may unsubscribe from these emails at any time by a) unsubscribing using our website, b) logging into your online profile, if you have one, or b) by following the unsubscribe link on any recruitment campaign email from us.

We will take reasonable steps to unsubscribe you from these emails, but it may take up to 72 hours to take effect.

Your rights in connection with your personal data

  • Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes such as our recruitment campaigns or “hot jobs” emails.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact privacy@ideasoft.io in writing.

No fee usually required

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

CONTACT DETAILS

IdeaSoft Grupp OU

Harju maakond, Tallinn, Kesklinna linnaosa,

Endla tn 4, 10142,

P: +1-646-980-4261

F: +1-646-749-6363

E: privacy@ideasoft.io

COMPLAINTS TO SUPERVISORY AUTHORITY

You have the right to make a complaint at any time to the supervisory authority for data protection issues in your home country. A current list of the supervisory authorities in EU can be accessed here.

September 5, 2019

Get in touch
To the top
We use cookies to provide you with a better on site experience. You can read more about our use of cookies in our Cookies Policy. Click OK to continue browsing the IdeaSoft site. Be aware you can disable Cookies at any time.
OK