Cleverstaff Privacy & Cookies Policy

I. Glossary – key Terms.

Personal Data – all information relating to you that we process. For example: first name, last name, email address, phone number, etc.

Processing – any actions performed on Personal Data. For example: collecting, storing, updating, deleting data.

Website – a platform consisting of a network of interconnected web pages, available at https://cleverstaff.net

All words/terms used in the Privacy and Cookies Policy that are capitalized but not defined above should be understood as having the meaning assigned to them in the Terms of Service, unless a different meaning is clearly implied by the context in which they are used.

II. Who is the controller of your personal data?

The controller of your personal data is Cleverstaff LLC, located at 25/2 Novomostytska Street, Kyiv, 04084, Ukraine. Email address: contact@cleverstaff.net

III. What Personal Data do we collect, and what are the purpose, duration, and legal basis for its processing?

1. VISITS TO THE WEBSITE

   When you visit the Website, we may use cookies and other similar technological solutions (detailed information can be found in Section VI of the Privacy and Cookies Policy), which help maintain the proper functioning of the Website and allow us to analyze information about your activity on the Website. We process this data to improve the quality of the services we offer and to enhance the operation of the Website. Cookies (or similar technologies) may also help us tailor the content available through the Website to your interests (profiling). We may use certain cookies for marketing purposes, both within the Website and on the websites of our business partners.

   The legal basis for using cookies and similar technologies is generally your consent.

   The legal basis for processing data collected through the use of cookie technology is, however, our legitimate interest or that of a so-called “third party” (Art. 6(1)(f) GDPR – including the need to ensure the highest quality of presented content, and sometimes also marketing of our products and services or those of our partners; however, in such cases, partners do not participate in the processing of your data). To the extent that our partners may have direct access to this information, the legal basis for such processing is your voluntary consent (Art. 6(1)(a) GDPR).

   We process Personal Data based on your consent for as long as it is not withdrawn. Personal Data processed on the basis of our legitimate interest may be stored until you object to such processing, except in cases where, despite your objection, we determine that there are important, legally justified grounds for processing that override your interests, rights, and freedoms, or grounds for establishing, exercising, or defending legal claims.

   The above does not apply in situations where the use of cookies and similar technologies is necessary for the proper functioning of the Service (providing you with an electronically delivered service), in which case we rely on legal provisions and, accordingly, on the necessity of processing for the performance of the Service Agreement (Article 6(1)(b) GDPR). Your Personal Data is then processed for the period necessary to achieve these purposes.

   Information about the recipients of your Personal Data, including any potential transfer of your Personal Data to third countries (outside the European Economic Area), is described in detail in Section IV below.

   The rights you are entitled to in connection with the processing of your Personal Data are described in detail in Section V below.

2. REGISTRATION ON THE WEBSITE (ACCOUNT)

   To create an account on our Website, we will require you to provide certain Personal Data. Providing all information is voluntary; however, some data are necessary for the conclusion of the Service Agreement, and failure to provide such data may mean that entering into the agreement will not be possible.

   Personal Data that are not required may help us improve our Website. We may also use them for statistical purposes.

   The purpose, as well as the legal basis, for processing is the conclusion and proper performance of the Service Agreement (Article 6(1)(b) of the GDPR) — for example, creating an Account for you.

   Your data may also be processed for marketing purposes, such as displaying advertisements and offers (discounts) tailored to your interests based on profiling. The legal basis for these activities is Article 6(1)(f) of the GDPR, i.e., the legitimate interest of the Data Controller or a third party (the Controller’s own marketing or that of its partners).

   We may also process your Personal Data to detect, prevent, and address any privacy threats, fraud, or other bad faith activities, as well as to establish, handle, and pursue claims that may arise in the relationship between you and the Data Controller. In such cases, the legal basis for processing is our legitimate interest (Article 6(1)(f) of the GDPR).

   We process your Personal Data for the duration of the Service Agreement (however, for enhanced protection, they may be deleted two years after your last activity on the Service). This period may be extended accordingly in connection with any claims (within the statute of limitations established by law) or legal proceedings—for the duration and resolution of such proceedings. In all cases, the longer retention period of Personal Data shall apply.

   Personal Data processed based on our legitimate interest may be processed until you object to their processing, except in cases where, despite your objection, we determine that there are important, legally justified grounds for processing that override your interests, rights, and freedoms, or grounds for the establishment, exercise, or defense of legal claims.

   Information about the recipients of your Personal Data, including any transfer of your Personal Data to third countries (outside the European Economic Area), is detailed in Section IV below.

   The rights you have in relation to the processing of your Personal Data are described in detail in Section V below.

3. CONCLUDING SALES AGREEMENTS

   When you use paid features on our Website, we process information related to placing orders and fulfilling Sales Agreements. To conclude and perform a Sales Agreement, we will require certain Personal Data. Providing all information is voluntary; however, some data are necessary to conclude the Sales Agreement, and failure to provide them may result in the inability to enter into such an agreement.

   Personal Data that is not required may help us improve our Website. We may also use it for statistical purposes.

   The purpose and legal basis for processing is the conclusion and proper performance of the Sales Agreement (Art. 6(1)(b) GDPR) – for example, delivering the functionalities you have ordered.

   Your data may also be processed for marketing purposes, such as presenting you with advertisements and offers (discounts), including those tailored to your interests based on profiling (the legal basis for these activities is Article 6(1)(f) GDPR, i.e., the legitimate interest of the Controller or a third party, such as the Controller’s own marketing or that of its partners).

   Some of your Personal Data may also be processed for the purpose of handling and pursuing claims, as well as for fulfilling legal obligations arising from applicable laws, such as tax and accounting obligations. The legal basis for processing is, respectively, our legitimate interest (Article 6(1)(f) GDPR) or the necessity to comply with a legal obligation (Article 6(1)(c) GDPR).

   If you decide to provide a review regarding the contract concluded with us, we will process your data to assess your satisfaction with our Service. This, in turn, will allow us to improve and enhance the quality of our operations, which constitutes our legitimate interest (Article 6(1)(f) GDPR).

   If you have concluded a Sales Agreement with us, we process your Personal Data for the period necessary to perform the agreement, and subsequently for archival purposes, which is particularly required by tax regulations.

   The processing periods described above may be extended accordingly due to potential claims, including legal proceedings—for the duration of such proceedings and their resolution – as well as when the law requires us to retain certain types of data for a longer period. In all cases, the longer data retention period applies.

   Personal Data processed based on our legitimate interest may be stored until you object to their processing, except in cases where, despite your objection, we determine that there are important, legally justified grounds for processing that override your interests, rights, and freedoms, or grounds for establishing, exercising, or defending legal claims.

   Information about the recipients of your Personal Data, including any transfer of your Personal Data to third countries (outside the European Economic Area), is detailed in Section IV below.

   The rights you are entitled to in connection with the processing of your Personal Data are detailed in Section V below.

4. CONTACT WITH US

   When you contact us, for example via email, available forms, social media, etc., examples of Personal Data we may process include: Personal Data that identifies you (e.g., email address, IP address), contact metadata (e.g., date of contact, duration of our conversation), as well as the content of our communication (e.g., the content of emails). Your Personal Data is processed in order to respond to your inquiry, improve our communication, enhance the quality of customer service, and also for marketing purposes. The purpose of processing depends on the reason for our communication; therefore, sometimes your Personal Data will be used to conclude an appropriate agreement with you, and if we already have a contract, to provide you with appropriate care within our cooperation (e.g., handling your complaint).

   In such cases, the legal basis for processing depends on the context of the communication. If you contact us solely to obtain general information, for example about the Service, we process your Personal Data based on our legitimate interest (arising from the aforementioned purposes; Article 6(1)(f) of the GDPR). However, if your inquiry leads to the conclusion of a Sales Agreement, the appropriate legal basis for processing will be Article 6(1)(b) of the GDPR – taking steps at the request of the data subject prior to entering into a contract. If we already have a contract and you contact us regarding its performance, the basis for our actions is Article 6(1)(b) of the GDPR – processing necessary for the performance of a contract.

   We may also process your Personal Data for the purpose of handling and pursuing claims — the legal basis for this processing is our legitimate interest (Art. 6(1)(f) GDPR).

   Providing Personal Data is voluntary; however, it is necessary for effective communication with us.

   If your Personal Data has been collected solely in connection with our current communication, we may process it, depending on the category of the specific information, for a period ranging from a few days up to several months (more detailed inquiries and conversations that may be relevant for our future contact).

   Personal Data processed based on our legitimate interest may be stored until you object to their processing, except in cases where, despite your objection, we conclude that there are important, legally justified grounds for processing that override your interests, rights, and freedoms, or grounds for establishing, pursuing, or defending claims.

   The principles of protection and use of Personal Data by social media platforms you may use to contact us are described in their privacy policies. For example, information about the processing of Personal Data by LinkedIn can be found at: https://www.linkedin.com/legal/privacy-policy

   Information about the recipients of your Personal Data, including any potential transfer of your Personal Data to third countries (outside the European Economic Area), is described in detail in Section IV below.

   The rights you are entitled to in connection with the processing of your Personal Data are described in detail in Section V below.

5. OUR CONTRACTORS AND THEIR EMPLOYEES / COLLABORATORS

   If you are our contractor or an employee/collaborator of our contractor, we may process your identification data, contact details, and information related to the performance of your contract, including, in particular, your first and last name, the name of the employing entity, contact phone number, email account, your position/held qualifications, and any correspondence between us. If you are a party to a contract concluded with us, we will also process your registration data and information related to our settlements.

   We process personal data for the proper performance of the contract concluded between us and your employer/entity you represent, including documenting its conclusion and identifying the persons authorized to carry out the tasks specified in the contract.

   This is necessary to fulfill the legally justified interest of the data controller (Article 6(1)(f) of the GDPR), which is the performance of the contract with our contractor. If you, as a natural person, are a party to a contract with us, your personal data will be processed by us for the purpose of performing that contract (Article 6(1)(b) of the GDPR).

   Additionally, in the case of processing your Personal Data for the purpose of: - defending against potential claims, as well as for possibly making claims, the basis for processing your data will be our legitimate legal interest (Art. 6(1)(f) GDPR); - fulfilling the administrator’s legal obligations(e.g., tax, accounting), the basis for processing your data will be the fulfillment of legal obligations imposed on the administrator (Art. 6(1)(c) GDPR).

   We received your data directly from you or from your employer/entity you represent. Providing personal data is voluntary, but submitting it is a condition that enables the conclusion of the contract or allows you to perform the tasks specified in the contract (failure to provide them will prevent our cooperation).

   As a rule, data processed based on our legitimate interest will be processed until an objection is raised or the purpose for which it was processed is fulfilled. Data related to the performance of the contract is stored for the duration of the contract (and also for the period resulting from confidentiality obligations – if a separate declaration has been signed) and usually for several years after its termination, as required by tax regulations and the limitation periods for certain claims. These periods may be appropriately and necessarily extended in the case of any claims and legal proceedings – for the duration of these proceedings and their settlement – and also if the law requires us to process the data for a longer period in specific cases.

   Information about the recipients of your Personal Data, including any transfer of your Personal Data to third countries (outside the European Economic Area), is described in detail in Section IV below.

   The rights you have in connection with the processing of your Personal Data are described in detail in Section V below.

IV. Who has access to your Personal Data?

Access to your Personal Data is granted only to entities that support us in running the Service based on appropriate agreements, such as entities providing IT services or supplying tools that enable our communication, conducting marketing campaigns, our advisors including legal advisors, entities providing accounting services, and payment processing providers.

All these entities have access only to the information necessary for their activities.

If you choose to leave a review that will be published on our Service, the circle of recipients of your Personal Data disclosed in that review will be unlimited. Of course, it is up to you whether and what data will be disclosed in the review you submit.

In every case of data transfer outside the EEA, we apply the required security measures, including, for example, the standard data protection clauses adopted by the European Commission's decision, taking into account appropriate safeguards. You can obtain a copy of the safeguards we use regarding the transfer of personal data to a country outside the EEA by contacting us.

V. Your rights regarding the processing of your personal data

To efficiently process your rights, please send any requests to the email address indicated in section II, with the subject line “RODO Request,” specifying in the message which right you wish to exercise. The instructions given in the previous sentence are only a recommendation, not a requirement. Submitting a request in a different manner will not result in the loss of the rights listed below.

You have the right to exercise the following at any time:

1. access to Personal Data (including, for example, obtaining information about which Personal Data is being processed or receiving a copy of it);
2. request rectification and restriction of processing (e.g., if the Personal Data is incorrect) or erasure of Personal Data (e.g., if it has been processed unlawfully);
3. data portability of Personal Data that you have provided to the Controller and that is processed by automated means, where the processing is based on consent or a contract (e.g., transfer to another controller);
4. withdraw any consent given to the Controller at any time; withdrawal does not affect the lawfulness of processing carried out based on consent before its withdrawal;
5. object to the processing of Personal Data conducted for the purpose of legitimate interests pursued by the Controller or a third party (unless there are compelling legitimate grounds for the processing that override your interests). If the Personal Data is processed for direct marketing purposes, you have the right to object at any time to such processing, including profiling to the extent that it is related to such direct marketing—if so, the Personal Data may no longer be processed for such purposes;
6. fodge a complaint with the President of the Personal Data Protection Office (a detailed description of the complaint procedure is available at: https://uodo.gov.pl/pl/83/155). Of course, if you wish to raise concerns about how we operate, we encourage you to contact us first.

VI. What are "cookies" and other similar technological solutions? How and for what purpose do we use them?

Cookies are small data files that are stored on your device when you visit the Service, and for example, they store information about your use of the Service. We use cookies and other technological solutions to recognize you as a returning User, to improve the quality of our service, to collect statistical data, and for marketing purposes. We also process them to analyze the popularity and effectiveness of our offers.

The cookie technology (or similar functionality) we use collects information about every person visiting the Service. Please note that the information below applies to all individuals using the Service, regardless of whether they have placed a paid order or have an Account.

The information collected in cookies does not always constitute Personal Data within the meaning of the GDPR. However, some information – depending on its content and how it is used – may be linked to a specific individual (e.g., by associating certain behaviors with data provided during Account registration on the Service), and therefore may be considered Personal Data.

Of course, you can change how cookies are used, including blocking or deleting them entirely through your web browser or mobile app settings. However, you should keep in mind that such actions may prevent or significantly hinder the proper functioning of our Service – for example, by noticeably slowing down its performance. Therefore, we recommend not disabling cookies in your browser or app.

We always provide our Clients with information that clearly explains which specific cookies we use and for what purposes during their first visit to our Service.

In the Service, we use two types of cookies (or other similar technological solutions): session cookies, which remain stored on your computer or mobile device until you log out of the Service or close the software, and persistent cookies, which remain on your device for the time specified in the cookie parameters or until manually deleted in your web browser/application.

Depending on the case, we may use the following types of cookies (or other similar technologies) in particular:

1. technical (necessary) – essential for the proper functioning of the Service and the features available within it; these cookies are not used to track visitors of the Service;
2. analytical – used to analyze your behavior within the Service for statistical and analytical purposes; they help us achieve our legitimate goals of improving how our website functions, for example, by ensuring users can easily find what they are looking for;
3. preference – allow the Service to adjust its appearance, functionality, and operation to the user's individual preferences;
4. marketing – used to analyze your behavior and provide information that enables your identification, including for marketing purposes on third-party websites; we will use this information, taking into account your choices and preferences, to make our site and the ads displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

At any time, you can open the cookie banner from the website by clicking the "Cookie Settings" link located at the bottom of the webpage.

It may happen that we cooperate with other companies in relation to their marketing (advertising) activities. For the purposes of this cooperation, your browser or other software installed on your device may also store cookies from entities conducting such marketing activities, which may become controllers of your Personal Data (these are so-called third-party cookies). Cookies sent by these entities are intended to ensure that you are shown only those ads that match your individual interests and needs. We believe that displaying personalized advertising may be more appealing to you than ads unrelated to your needs. Without these cookies, this would not be possible, as it is the companies cooperating with us that provide the advertising content for you.

We may use the following entities or services of entities that use cookies on the Service:

1. Google AdWords
2. Google Ads
3. Google Analytics
4. Meta Platforms

The aforementioned entities, in connection with the use of their own cookies on the Service, may become controllers of your Personal Data. More information about the cookies used by these entities can be found in their privacy policies.