Privacy Policy
Effective as of 31 December 2023
The Purpose of this Privacy Policy is to explain how we collect and use your personal data (“Data”), as well as to set your rights related to the processing of your Data by us. Please, take a moment to read it carefully.
General Information
Your Data is processed by MVentures (“we”, “us”, “our”, “Matching Ventures”, “MVentures”, “Company”). MVentures manages your Data. Contact details of the MVentures office can be found here.
Data collected by us are processed in accordance with the rules set out in the Data protection regulations, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals concerning the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”) and local regulations issued based on GDPR. We keep the Data confidential and secure it against unauthorized access by third parties following the rules set out in the legal acts mentioned above.
What does this Privacy Policy apply to?
This Privacy Policy applies to all your Data collected by the Company, whether through MVentures website or by any other means. If your local legislation requires so, this Privacy Policy may be amended by local specifications.
MVentures website may contain links to the websites of our partner networks and/or affiliates. Please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.
This Privacy Policy may occasionally be updated. Please refer to the latest version online.
Privacy policy for clients and external experts
Along with your business collaboration with MVentures group companies (“we”, “us”, “our”, “MVentures”, “Company”) we process personal information about you as an external expert or a client (“Data”), depending on the essence of our business relationship.
The term “client” encompasses clients, represented by a natural person (individual entrepreneurs) and the employees and representatives of legal entities with whom we enter into business relations. The processing of Data takes place in order to establish and manage operations and obligations towards you as a software development company.
The term “external expert” encompasses natural persons, who collaborate with us directly for the purpose of business development or project delivery, or employees and representatives of legal entities with whom we enter into such kind of business relations.
We protect your Data and privacy by taking all relevant measures in accordance with applicable legislation, including the EU Regulation 2016/679 – known as General Data Protection Regulation (GDPR).
This privacy notice describes how MVentures uses your data, how we ensure its protection and which privacy rights are granted to you by law.
1. Data we collect from you
In certain situations, you may provide us with data (e.g. in the form of databases) in order to deliver a service for You. Data categories and purposes can vary according to the information contained in these databases. Therefore, in these situations, MVentures will become a processor and will need specific instructions from you in order to process this data (e.g. in the form of a data processing agreement).
We collect Data about you in a variety of ways. Sometimes we collect Data automatically when you interact with our Website, and sometimes we collect the Data directly from you.
1.1. Data you provide us directly
We collect and process your Data in order to ensure our day-to-day business activity. This data is mostly provided by you when entering into a business relationship with us. The Data will be generated and requested further along our contractual or informal cooperation, always in relation to a specific and well-defined purpose.
The amount of Data will vary depending on the purpose of our cooperation with you, but in most cases will include the following categories:
-
General information (name, surname, position, phone number, email, signature, company name and company information (which you represent); bank account number);
-
Historical data of our cooperation (the history of requests, projects performed together and feedback; results of our cooperation (project documentation, proposals etc.);
-
Social aspects and publications: (photo and contact information publication on our official website and social networks);
-
Data collected resulting from video surveillance in our premises (video image, time and location in our premises);
-
Data for tender applications (solely for external experts): (work experience, company name, project experience, education, languages).
1.2. Data we collect automatically
When you access our website, we may automatically collect the following information:
-
Device information (device model, information about the operating system and its version, unique device identifiers, enabled device accessibility features, mobile operator and network information, device storage information, version of your device system);
-
Location information (IP address, time zone, information about your mobile provider);
-
Data about your use of the Website, including, among others, frequency of use, areas and features of the Website that you access, visit or use, engagement with particular features.
Special categories of Data
Special categories of Data are data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
During your contractual relationship with MVentures, we will process this type of Data only in the cases mentioned below and always within the framework of a solid legal basis:
-
to guarantee the security of our premises (video/biometric data); and
-
when we have your consent to do so for specific purposes (photos at events and their publication).
In cases, you submit to us your information in the free format (e.g. CVs for application to tenders) certain categories of special categories of Data which are not required for the purpose of our cooperation might appear there. The processing of such type of information is unnecessary to our purposes and we advise you to limit the use of such categories of Data in these documents. Though if such data was provided willingly by you, we will treat it the same way as any other data categories, described in the current privacy notice.
2. How we use your Data
We will not collect and process your Data without letting you know. We process your Data based on one or more of the following legal bases:
-
Your consent. For example, on the registration screen when you give us your consent to process your Data.
-
Legitimate interest. We may process your Data in relation to our interests for the stated purpose, and this does not override yours.
-
Legal obligation. We may be obliged to process some of your Data to comply with applicable laws and regulations.
-
To fulfil our contractual obligations to you in order to provide services to you.
The legitimate interest can have a relatively broad interpretation as a legal basis. To bring clarity to this aspect, we consider our legitimate interest in relation to clients and external experts to be:
-
Maintaining and updating our pool of business contacts and external experts;
-
Project a positive external image for MVentures;
-
Improve the quality of our services;
-
Exchange information between the different MVentures entities (intra-group transfers);
-
Extension of our client base;
-
Involve MVentures in new tender opportunities;
-
Attract qualified external experts into the MVentures network and projects.
Moreover, we will also have a valid legal basis when we:
-
require processing your data to protect your or another person’s vital interests;
-
need to carry out a task in the public interest or in the exercise of official authority vested in us.
We will only use your Data for the above-listed interests as long as they are not overridden by your interests and fundamental rights. In this regard, each time this legal basis will be used, we will make a balancing test between this interest and your rights and liberties, in order not to limit disproportionately the latest.
Below please see the main purposes for which we will collect and process your Data.
If we collaborate with you as a client, we process your data in order to:
-
formalize our relationship in agreements;
-
understand and document your needs and requests;
-
manage the service you requested from us, including by contacting you;
-
receive payments for the service provided;
-
create statistics related to the usage of our services;
-
contact you for direct marketing purposes and propose cooperation opportunities;
-
ensure the security of our working premises;
-
respond to potential project-related requests after the end of our contractual relationship.
3. Principles of processing
3.1 Data minimization and purpose limitation
We will not process your Data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by you or collect any Data that is not needed for the mentioned purposes. For any new purpose of processing, we will ask your separate consent.
3.2. No sale of Data
We will not sell or rent your Data. We will not disclose your Data except as otherwise described in this Privacy Policy. We may share your Data between different MVentures entities (intra-group transfers) solely as described in this Privacy Policy.
4. Storage, retention and erasure of Data
MVentures ensures that your Data is stored in a centralized and organized manner, namely on our accounting systems administrative cloud-based account and in our internal management system. Your information may also be stored on secure corporate email accounts, as a result of intra-group data transfers. Moreover, we also store relevant documents (e.g. contracts, invoices) in paper-based form in adequate physical storage spaces.
We keep your Data only as long as we need it for the purposes described in this Privacy Policy. Our retention periods are based on criteria that include legally mandated retention periods, our intellectual property or ownership rights, contract requirements, operational directives or needs and for potential and pending litigation.
5. Security of your Data
To ensure the security of your Data in the course of our services, we implement the technical, legal and organizational means necessary to ensure a high level of protection of your Data. We implement and monitor a constantly thorough access rights system, which ensures that only authorized and relevant personnel can access it uniquely for lawful and clearly defined purposes.
Moreover, non-disclosure agreements are signed with all the concerned employees, in order to maintain the confidentiality of the documents and information provided by You.
6. International Data Transfers
In the course of our activities, your Data may be transferred within our group of companies (MVentures intra-group transfers).
6.1. Intra-group transfers of Data
MVentures is part of a group with several legal entities, forming what is called a group of undertakings. In order to pursue our activity, Data exchanges may take place in order to:
-
respond to your – client or expert – requests and needs;
-
apply for tender offers in which are involved other offices and branches of MVentures; and
-
share experience and statistical information with other branches;
MVentures develops a holistic approach to protecting the Data of its clients, therefore ensuring that you will benefit from the same guarantees and rights for the whole group.
6.2. Extra-group transfers of Data
In the context of its operations, MVentures may share your Data with entities outside our group of undertakings. This happens mainly with:
-
contracting entities (private companies or public authorities), based on your explicit consent or when fulfilling contractual obligations (e.g. for applying to a tender);
-
public authorities or law enforcement bodies, upon request and in order to fulfil a legal requirement;
-
third parties, for specific service providing (e.g. accounting services).
6.3. Trans-border transfers outside the EEA
Due to the international structure and reach of our activities, part of our operations is situated outside the European Economic Area (EU member states + Iceland, Norway and Liechtenstein). Therefore, we may transfer your Data outside the EEA to countries without adequacy decisions from the European Commission.
To mitigate and ensure an EU-level of data protection, MVentures uses Standard contractual clauses approved by the European Commission for all our trans-border transfers, which constitute a GDPR-compliant adequate safeguard for such operations.
7. Your privacy rights
7.1. Access to your Data (including in portable form)
You have a right to request information about what Data we process about you, to access all your Data, and to receive a copy of it. You can obtain information about how long we store your data and who receives data about you. Your right to access may, however, be restricted by legislation, protection of other people’s privacy and considerations for our business and practices. Our know-how, business confidential data, as well as internal assessments and material, may also as such be exempt from the right of insight.
If we use data based on your consent or as a result of an agreement, and the data processing is automated, you have a right to receive a copy of the data you have provided in an electronic machine-readable format.
7.2. Correction and erasure of your Data
If you believe that your Data is inaccurate, you have a right to contact us and ask us to correct such Data.
You may ask us to erase your Data if you withdraw your consent to processing if you believe such processing is unlawful.
7.3. Restriction of Processing
You have a right to request that the processing of your Data be restricted in some circumstances. For example, you have the right to request the restriction of your Data if you contest the accuracy of your Data and we need some time to verify its accuracy.
7.4. Right to object to the processing of your Data
You have the right to object to MVentures processing your Data when we invoke our legitimate interest for such an operation when we carry out a task in the public interest or for direct marketing purposes by contacting the person you usually deal with at MVentures.
7.5. Automated individual decision-making
You also shall have the right to object to a decision based solely on automated processing, including profiling. In these situations, MVentures will guarantee suitable measures to safeguard your rights, mainly the right to human intervention when reviewing such cases.
You will be notified if any automated decision-making is performed in relation to your Data.
7.6. Withdrawal of consent
If we process Data based on your consent, you can withdraw your consent to disclose Data at any given time. Please also note that we will continue to use your Data if we have to fulfil a legal or contractual obligation.
8. Accuracy and updating your Data
We will update your Data continuously during the period it is stored in our database. This is done for internal organization purposes and in order to permit better adequacy between your needs and requests and the services we provide. In this regard, it is possible for you to update your data by notifying you through an email to info@matching.ventures.
Privacy policy for employees and ex-employees
Along with your collaboration with MVentures (“we”, “us”, “our”, “Matching Ventures”, “MVentures”, “Company”), we process personal information about you (“Data”). We do it in order to establish and manage our work collaboration and to carry out our operations and obligations as a business management consulting company.
We protect your Data and privacy by taking all relevant measures in accordance with applicable legislation, including the EU Regulation 2016/679 – known as General Data Protection Regulation (GDPR).
This privacy notice describes how MVentures uses your Data, how we ensure its protection and which privacy rights are granted to you by law.
1. Data we collect from you
We collect Data about you in a variety of ways. Sometimes we collect Data automatically when you interact with our website, and sometimes we collect the Data directly from You.
1.1 Data you provide to us directly
We collect and process your Data in order to ensure our day-to-day business activity. This Data is mostly provided by You when entering into a contractual employment relationship with MVentures. The Data will be generated and requested further along the employment relationship, always in relation to a specific and well-defined purpose:
-
General information (name, surname, home address, position, phone number, email, bank account, signature, personal identification number, social insurance number, marital status, the capacity to work (medical conclusion));
-
Payroll administration and calculation of salaries and bonuses (working hours, salary rate, expenses, evaluation results, yearly salary, salary and bonuses amounts, number of children (childbirth certificates), maternity leave information, sick leave, vacation duration and days off);
-
Training, development and evaluation (exams and evaluation information, evaluation results, personal development plan information, salary increase, career history);
-
Employee benefits (driving license number and information, geo-localization data (itinerary, distance, usage of a taxi or rented cars), corporate phone number and information regarding your calls and data usage);
-
Business trips and support for visa (passport information, picture, additional information required by embassies);
-
Timebase account (obligatory data includes email, salary, position, project codes, number of worked hours, vacation, days off, sick leaves, picture, phone number. Upon your decision, you can also provide experience, skype identifier, certificates, languages are spoken, education);
-
Video surveillance and access to premises (access card number, company name, entry and exit logs, video image);
-
Social aspects and publications (photo and contact information);
-
Gmail and Google Drive usage (time of the last login, amount of storage space available. After termination of contract: access to Gmail and Google Drive information);
-
Staffing and staffing for employees on hire (position, projects, occupation rate, vacation information, business trips information, information about experience and involvement in projects);
-
Management of alumni network: name, surname, email, phone number, photo).
1.2. Data we collect automatically
When you access our website, we may automatically collect the following information:
-
Device information (device model, information about the operating system and its version, unique device identifiers, enabled device accessibility features, mobile operator and network information, device storage information, version of your device system);
-
Location information (IP address, time zone, information about your mobile provider);
-
Data about your use of the website (including, among others, frequency of use, areas and features of the Website that you access, visit or use, engagement with particular features).
Special categories of Data
Special categories of Data are data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
During your contractual relationship with MVentures, we will process this type of Data only in limited cases, always within the framework of a solid legal basis:
-
to sign the employment contract and to allocate social benefits (health data);
-
to guarantee the security of our premises (video/biometric data); and
-
when we have your consent to do so (photos at events and their publication).
2. How we use your Data
We will not collect and process your Data without letting you know. We process your Data based on one or more of the following legal bases:
-
Your consent. For example, on the registration screen when you give us your consent to process your Data.
-
Legitimate interest. We may process your Data in relation to our interests for the stated purpose, and this does not override yours.
-
Legal obligation. We may be obliged to process some of your Data to comply with applicable laws and regulations.
-
To fulfill our contractual obligations with You.
The legitimate interest can have a relatively broad interpretation as a legal basis. To bring clarity on this aspect, we consider our legitimate interest in relation to clients and external experts to be:
-
Extension of our client base;
-
Formation and training of our employees;
-
Employment of qualified candidates;
-
Projecting a positive external image for MVentures;
-
Improvement of the quality of our services;
-
Exchange of information between different MVentures entities (intra-group transfers);
-
Maintaining an up-to-date business contact network.
Moreover, we will also have a valid legal basis when we:
-
require processing your data to protect your or another person’s vital interests;
-
need to carry out a task in the public interest or in the exercise of official authority vested in us.
We will only use your data for the above interests as long as they are not overridden by your interests and fundamental rights. In this regard, each time this legal basis will be used, we will make a balancing test between this interest and your rights and liberties, in order not to limit disproportionately the latest.
Below see the main purposes for which we will collect and process your Data:
If you are a current employee, we process your Data in order to:
-
enter into a legal contractual relationship with you;
-
manage effectively our employment relations with you;
-
engage in new business opportunities;
-
respond to clients’ requests;
-
ensure adequate training and professional development opportunities for you;
-
evaluate your work performance;
-
motivate and offer stimulating benefits to you;
-
calculate and pay your salary and bonuses;
-
create a dynamic presence on social networks and for advertising purposes;
-
create work-related statistics;
-
ensure the security of the working premises.
After the end of our employment relationship, we will process your Data in order to:
-
stay in contact in order to ensure smooth continuity of our projects;
-
propose cooperation opportunities;
-
invite you to alumni reunions.
3. Principles of processing
3.1. Data minimization and purpose limitation
We will not process your Data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by you or collect any Data that is not needed for the mentioned purposes. For any new purpose of processing we will ask your separate consent.
3.2. No sale of Data
We will not sell or rent your Data. We will not disclose your Data except as otherwise described in this Privacy Policy. We may share your Data between different MVentures entities (intra-group transfers) solely as described in this Privacy Policy.
4. Storage, retention and erasure of Data
MVentures ensures that your Data is stored in a centralized and organized manner, namely in our accounting systems, corporate Google Drive account, the relevant human resources internal information systems and in the Timebase platform. Your information may also be stored on secure corporate email accounts, as a result of intra-group data transfers. Moreover, we also store relevant documents (e.g. contracts) in a paper-based form in adequate physical storage spaces.
We ensure its security by implementing a thorough access rights system, which ensures that only the authorized and relevant personnel can access it uniquely for lawful and clearly defined purposes.
Our retention periods are based on several well-defined criteria. Therefore, in a first instance, the data will be stored for as long as we are actively pursuing one of the purposes enumerated above and while we have a valid legal basis to do so. Moreover, Data will also be stored in order to comply with legally mandated retention periods, which are required by local legislation.
After the expiration of the purposes, your Data will be stored solely for the purpose to respond to pending or potential litigations.
5. International Data Transfers
In the course of our activities, your Data may be transferred to our inside our group of companies (MVentures intra-group transfers) but also shared with external partners (extra-group transfers).
5.1. Intra-group transfers of Data
MVentures is part of a group composed of several legal entities, forming what is called a group of undertakings. In order to pursue our activity, Data exchanges may take place in order to:
-
respond to client’s requests and needs;
-
cooperate with employees from other branches; and
-
provide services by other entities of the group of undertakings.
MVentures develops a holistic approach in protecting the Data of applicants, therefore ensuring that you will benefit from the same guarantees and rights for the whole group.
5.2. Extra-group transfers of Data
In the context of its operations, MVentures may share your Data with entities outside our group of undertakings. This happens mainly with:
-
clients, based on your explicit consent or when fulfilling contractual or legal obligations (e.g. for the execution of a contract/project or when applying for a tender);
-
public authorities or law enforcement bodies, upon request and in order to fulfill a legal requirement (e.g. labor inspection, consulates);
-
third parties providing services connected to pursuing our business purposes (e.g. telecommunication companies, hotels, travel agencies).
Besides transferring data outside its group, MVentures also may receive Data concerning yourself from third parties with whom we are in contractual relationships:
-
from clients – feedback on your performance of your assigned tasks;
-
from service providing companies – data on your use of certain services provided as employee benefits (taxi, car services and corporate mobile phone).
5.3. Trans-border transfers outside the EEA
Due to the international structure and reach of our activities, part of our operations and clients can be situated outside the European Economic Area (EU member states + Iceland, Norway and Liechtenstein). Therefore, we may transfer your Data outside the EEA to countries without an adequacy decision from the European Commission.
To mitigate and ensure an EU-level of data protection, MVentures uses Standard contractual clauses approved by the European Commission for all our trans-border transfers, which constitute a GDPR-compliant adequate safeguard for such operations.
6. Your privacy rights
6.1. Access to your Data (including in portable form)
You have a right to request information about what Data we process about you, to access all your Data, and to receive a copy of it. You can obtain information about how long we store your Data and who receives Data about you. Your right of access may, however, be restricted by legislation, protection of other people’s privacy and considerations for our business and practices. Our know-how, business confidential data, as well as internal assessments and material, may also as such be exempt from the right of insight.
If we use data based on your consent or as a result of an agreement, and the Data processing is automated, you have a right to receive a copy of the Data you have provided in an electronic machine-readable format.
6.2. Correction and erasure of your Data
If you believe that your Data is inaccurate, you have a right to contact us and ask us to correct such Data.
You may ask us to erase your Data if you withdraw your consent to processing if you believe such processing is unlawful.
6.3. Restriction of Processing
You have a right to request that the processing of your Data be restricted in some circumstances. For example, you have the right to request the restriction of your Data if you contest the accuracy of your Data and we need some time to verify its accuracy.
6.4. Right to object to the processing of your Data
You have the right to object to MVentures processing your Data when we invoke our legitimate interest for such an operation when we carry out a task in the public interest or for direct marketing purposes by contacting the person you usually deal with at MVentures.
6.5. Automated individual decision-making
You also shall have the right to object to a decision based solely on automated processing, including profiling. In these situations, MVentures will guarantee suitable measures to safeguard your rights, mainly the right to human intervention when reviewing such cases.
You will be notified if any automated decision-making is performed in relation to your Data.
6.6. Withdrawal of consent
If we process Data based on your consent, you can withdraw your consent to disclose Data at any given time. Please also note that we will continue to use your Data if we have to fulfil a legal or contractual obligation.
7. Accuracy and updating your Data
We will update your Data continuously during the period it is stored in our database. This is done for internal organization purposes and in order to permit better adequacy between our client’s needs and requests and your skills. In this regard, it is possible for you to update your data by notifying the person you usually deal with at MVentures.
8. Updates to this Privacy Policy
We reserve the right to change this Policy from time to time by posting an updated version on our website. If substantial changes are made that may significantly influence your rights or increase your responsibilities, we will notify you by email. We may provide notice of changes in other circumstances as well. We encourage you to periodically review this page for the latest information on our privacy practices.
9. Complaints
If you are concerned about an alleged breach of privacy law or any other regulation by MVentures, you can contact the person you usually deal with at MVentures or by email – info@matching.ventures. MVentures will investigate your complaint and give you information about how it will be handled.
Also you have a right to lodge a complaint with the relevant Data Protection Authority in your country. Please contact the person you usually deal with at MVentures or by email – info@matching.ventures, MVentures will guide you to what State data Protection Inspector you should lodge your complaint.
10. Contact us
You are always welcome to contact us if you have questions about your privacy rights and how we collect and use the Data by contacting the person you usually deal with at MVentures or by email – info@matching.ventures.
Please note that we may require proof of your identity and full details of your request before processing it. The data will only be used to verify your identity and will not be stored for longer than needed for this purpose.
We will reply in a reasonable delay, in accordance with the applicable regulations.