Here at IDAP Solutions LP (“IDAP”) we are committed to protecting and respecting your privacy. We take your privacy seriously and will use your personal data only in accordance with applicable laws.
IDAP provides software development services. We run an entity in the United Kingdom and engage developers from Ukraine. The great mission of our website is to tell you about our company, show you our portfolio and share with you our expertise in the field. You can just surf on our website, read some articles, contact us regarding your project or apply to available job positions.
1. What is personal data and what is processing of personal data?
Personal data (or “data”) is any information relating to you and that alone or in combination with other pieces of information gives the opportunity to the person that collects and processes such information to identify you as an individual. It can be your name, your identification number, your location data, or information related to your physical, physiological, genetic, mental, economic, cultural or social life.
Processing of the information means any action with your personal data, for example, collection, recording, organization, structuring, storage, use, disclosure by any means and so on.
2. What your personal data, for which purposes and under which conditions do we process? IDAP collects from you only the following information and only for the stated below purposes:
a. Data from the Contact Form
When you fill the contact form on our website, we collect your name and email address, skype, company name, type of project, project description and a budget for it, information from attached files. Please, note that not all the data listed above are personal (for instance, project description). but all these data are collected and processed in order to communicate with you regarding our possible cooperation.
You may provide such data only intentionally, so we consider that by filling the contact form you give us a consent to process these data. In any case, we will additionally ask you about your consent to make sure that you happy with such processing. Note that some fields of contact form are optional, so you may choose what data you want to send us.
We will store personal data from the contact forms until our communication with you ends and 24 months after to ensure that you are satisfied with our response and you have received all needed information.
a. Data from CVs
You may choose to send us a CV at email address specified on our website. We will save your first name, last name and all other data from the attached CV. We will process these data in order to communicate with you as a possible member of our team.
Within the meaning of the GDPR such processing is necessary in order to take steps at your request prior to entering into a contract with you. This is the legal basis on which we will process your data listed in this section. If we decide that we cannot propose you to become the member of our team, we will delete your data. We will store these data only as long as we believe that we can propose you a position in our company and you are interested in such proposal.
Subscription to newsletters
When you subscribe to our newsletters, we collect and further process your email address in order to send you messages with some commercial or promotional information about our services. You may always opt-out, clicking the respective link in each message.
Personal data collected when you register on our mailing list will be stored as long as you are interested in receiving our emails. We consider that you’re interested until you unsubscribe from the mailing list (by clicking the respective link contained in each of our emails).
In order to improve and optimize the work of our website, in order to understand your needs and provide services that are relevant to you, we may collect your Usage Data. Usage Data reflect your behavior on our website, for example which pages you have viewed and for how long.
We may collect such data only if you give us a consent to do so.
We collect Usage Data with the help of the following third-party services:
Facebook Pixel. The Facebook pixel tracks your actions on the website. We use these data to measure the effectiveness of your ads, to define custom audiences for ad targeting, for dynamic ads campaigns, and to analyze that effectiveness of your website's conversion funnels.
Hotjar. We use Heat Mapping services of Hotjar to find the points of interest on our website (the areas of a page where you most frequently move the mouse or click), monitor and analyze web traffic and keep track of your behavior within our website. The data concerned within this activity are Cookies (see below what they are) and Usage Data, such as the parts of our website you visit, the date and duration of your visit, and type of the device you used during your visit. Sometimes, we may record sessions and make them available for later visual playback.
Note that we may process your personal data not only on the basis of your consent or at your request, but also when the processing is necessary:
- for compliance with our legal obligations;
- to protect your vital interests or vital interests of another natural person;
- for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
In all cases, we will notify you about applied legal basis for processing and other relevant details, before we start processing of your personal data on the specific legal basis. However, we will not, if we are forbidden to do so in accordance with our obligations under any applicable legislation.
If IDAP decides to change the purposes of processing specified above, we will inform you on such changes prior to the use of your personal data within the newly set purposes. The notification on such changes will be sent to your email and you will have to provide your consent for the amended purposes (unless additional purpose of processing is compatible with those listed above).
3. Who will access your personal data?
In order to provide high-quality services, IDAP hires people, enters into agreements with independent contractors as well as cooperates with other services providers, companies and organizations. For that reasons, some of your personal data can be passed to the mentioned persons.
IDAP uses only secure places of storage, such as provided its own servers located in Ukraine and servers of DigitalOcean LLC (the USA). DigitalOcean LLC deals with personal data in accordance with the EU-US Privacy Shield Framework. You may find commitments to the GDPR of DigitalOcean here .
In the frames of using third-party services when collecting and processing Usage Data, we may transfer your data to the following companies:
Hotjar Heat Maps & Recordings (Hotjar Ltd.)
Hotjar is a session recording and heat mapping service provided by Hotjar Ltd. Hotjar process your data in the EU. You may find the commitments to the GDPR of Hotjar under the following link: https://www.hotjar.com/legal/compliance/gdpr-commitment.
Google LLC provides IDAP with the services of Google Analytics. The company is located in the United States of America and complies with the requirements of the EU-US Privacy Shield. Here is some information on data protection practices of Google LLC: https://cloud.google.com/security/compliance/gdpr/
We use the services of Facebook Pixel provided by Facebook Inc. This company is also located in the USA and has been certified to the EU-U.S. Privacy Shield Framework. Their commitments to privacy protection are described here: https://www.facebook.com/business/gdpr
These well-known service providers will help us to ensure that your data is secure within IDAP.
You also have to be aware of the fact that IDAP may disclose your personal data to enforce and comply with the law. In other words, IDAP may disclose information necessary for the investigation or legal process on official request or the official bodies acting within their powers.
4. Your rights regarding your personal data IDAP collects and processes:
You have a right to access to your personal data processed by IDAP and right to data portability
This means that you can ask IDAP what personal data of yours is being processed. You can also ask for the clarifications on the information described above, i.e. purpose of collecting and processing, period of processing, third parties which have access to information. You have a right to request from IDAP your personal data in a structured, commonly used and machine-readable format. You also have the right to transmit those data to another controller, if the processing is based on your consent or on contract and the processing is carried out by automated means.
You have a right to request from IDAP to erase personal data
This means you can require all the inaccurate personal data concerning you being corrected. You can also complete the personal data if you feel there is a need to do so.
You can request IDAP to erase personal data
You can request IDAP to erase personal data if its processing is no longer necessary in relation to the purposes for which it was collected as well as if there are no legal grounds for the processing. In most cases IDAP will erase it unless otherwise required by legislation.
You have a right to restrict the processing of your personal data by IDAP
In some cases, prescribed by law you will be able to restrict the processing of your personal data, for example, if you contest the accuracy of your personal data being processed or in case IDAP is not interested in processing of your personal data any longer, but you want IDAP to do this on different reasons, for example, to bring some claim for somebody and, instead of the erasure of information, its processing will be just restricted.
You have a right to withdraw your consent
You can withdraw your consent for the collection and processing of your personal data by IDAP at any time by contacting us, without affecting the lawfulness of processing based on consent before its withdrawal. After we at IDAP receive such withdrawal request from you, we will process it in a timely manner and we will no longer process your personal data unless otherwise is set by law.
You have a right to object to processing of your personal data by IDAP
In some cases prescribed by the applicable laws you can object to processing of your personal data.
You have a right to object to processing of your personal data when the processing is related to the performance of our task carried in the public interest or in the exercise of official authority vested in us; or we process your data to pursue our or third party’s legitimate interests, and you believe that such interests are overridden by your interests or fundamental rights and freedoms.
If you make a request objecting to processing, we will no longer process the personal data unless we are able to demonstrate compelling legitimate grounds for the processing.
How to exercise your rights as to your personal data
Any requests to exercise your rights can be directed to IDAP through the contact details provided below. These requests are free of charge.
5. Time for reply and reaction
IDAP will provide information on action taken on your request related to your rights specified above within one month of receipt of the request for the longest. That period may be extended by two further months if IDAP is overwhelmed by the number of requests or the request at issue is complicated and requires a lot of action. IDAP will inform you of any such extension within one month of receipt of the request, together with the reasons of such delay.
If you have doubts as to our reply or reaction, or absence of such, you have the right to lodge a complaint with a supervisory authority that is empowered to process such complaints in your country.
6. How IDAP protects personal data?
7. Are you already 13 years old?
The privacy of children is one of our concerns. Here at IDAP we can provide services only in case you are aged 13 or older. If you are under 13 you will need to get your parent’s/guardian’s permission before submission of any personal data to IDAP. If you are underage, and there are no data as to your parent’s/guardian’s permission to use our website, we will not collect or process your personal data, and you will have limited use of our website.
8. Breach notifications
If any personal data of yours would be under the breach, we would inform you and the respective data protection agencies as to the accidents without undue delay, if there are high risks of violation of your rights as data subject. We would also do our best to minimize any such risks.