Privacy Policy
The Privacy Policy describes the rules and principles of Personal Data collection and processing by BitsHive Pvt Ltd ("BitsHive"), code: HE 436706, which is the Processor and may act as Data Controller for the purposes described in this Policy, registered address at Blue Area Manzoor Plaza, 1st floor, Flat/Office 5, 44000, Islamabad, Pakistan.
This Privacy Policy ("Policy") regulates the Personal Data collection, processing, storage and transfer, defines the lawful basis for the Personal Data processing and sets out the rights of Users, Customers, Consultants under applicable data protection and privacy laws.
References to the words "we", "our" or "us" or similar words herein shall mean BitsHive Pvt Ltd ("BitsHive"), depending on the context of the Policy.
References to "you" or "your" or similar words in the content shall mean Users, Customers and Consultants of BitsHive Pvt Ltd ("BitsHive").
We pursue privacy-protecting and creating measures to provide security for the Personal Data you hand over to us. We will only collect, use and transfer your data in the ways described in this Policy.
FAQs
We designate and capitalize certain terms. Their use throughout this Policy means that they have a specific meaning as defined in the description of such terms. In Section 1 of this Policy, we explain definitions of certain capitalized terms.
1.1 Client means a natural or legal person registered in the EU, USA, Switzerland, UK, Canada who enters or may enter into a Contract with BitsHive under which BitsHive and/or BitsHive Consultants shall have access to employees’, Clients’ or Users’ Personal Data
1.2 Contract means a bilateral legal obligation to provide/receive the Services whereby BitsHive is authorized to collect, process and protect Personal Data
1.3 Consultant means an employee of BitsHive, an independent contractor, an outsourcing company providing services to BitsHive on the basis of a commercial or partnership agreement.
1.4 Controller means any natural or legal person, public authority, institution or other body, which independently determines the purposes and means of Personal Data processing.
1.5 Questionnaire means a list of questions in a document designed as a method for collecting data from the respondent, which defines the category and type of data.
1.6 Personal Data means information that identifies you as an individual or can be identified in order to interact with you
1.7 User means an identifiable and non-identifiable person who interacts with the Software.
1.8 Software means web applications, mobile applications, desktop applications, server applications, software modules and code developed or maintained by BitsHive and owned by BitsHive or the Client. The content of the software is protected by copyright, trademark law and other rights related to intellectual property and unfair competition law.
1.9 Processor means any natural or legal person, public authority, institution or other body that gains access to the Personal Data processing and storage.
1.10 Means of communication - email, mobile connection, corporate and mobile messengers such as Telegram, WhatsApp, Slack, and conferencing tools such as Google Meet, Zoom, and Microsoft Teams.
1.11 Services mean software development, design, testing and consulting activities provided by BitsHive or Consultants.
1.12 EDPB (European Data Protection Board) means The European Data Protection Board.
1.13 CCPA (California Consumer Privacy Act) means California state statute designed to increase privacy rights and consumer protection for residents of California and the United States.
1.14 Cookie means small text files that store information about your past actions in the Software.
1.15 GDPR means the General Data Protection Regulation ("GDPR"), which applies to regulate the Personal Data processing as of May 25, 2018.
2.1 We collect identifiable and non-identifiable Users’, Clients’ and Consultants’ Personal Data in the ways set out below:
2.1.1 By means of the Software when accessing BitsHive and Consultants.
2.1.2 On social networks such as Twitter, Facebook, LinkedIn, Behance by BitsHive and Consultants. The list is not exhaustive.
2.1.3 At the time of participation in offline and online events in Ukraine, the EU and the US by BitsHive and Consultants scanning QR codes and online business cards.
2.1.4 During email marketing campaigns by sending out BitsHive promotional emails and special offers.
2.1.5 In the course of searching for Clients and establishing commercial relationships, BitsHive gains access to Personal Data on freelance exchanges such as UpWork, Fiverr, Freelancer. The list is not exhaustive.
2.1.6 During advertising campaign analytics using advertising and analytics services such as Google ADS, Google Analytics, Facebook ADS, Facebook Analytics. The list is not exhaustive.
2.1.7 On public web resources on the internet by BitsHive and Consultants to establish commercial relationships.
3.1 Personal data collected voluntarily at the initiative of the Users, Customers and Consultants. The data you hand over when you visit and/or interact with the Software, when you complete Contracts and Questionnaires, the data you provide when you are interviewed using the Communication Tools and the data you provide when you complete forms in the Software:
3.1.1 We collect Personal Data from Users, Customers and Consultants which identifies you as an individual and which can be used to contact you and/or to provide the Services. Users’, Clients’ and Consultants’ Personal Data shall include: name, surname, email, address, payment details, contact details of Client's employees, representatives and clients, type of employment, professional experience, educational background, skills and competencies, employment details, marital status.
3.1.2 Client’s and Consultant’s Personal Data: we may collect Personal Data of Client’s and Consultants’ employees, agents, contractors, and partners. This data will be processed and used in accordance with this Policy.
3.2 Personal data collected automatically. Some information about Users, Customers and Consultants is automatically collected from a computer or mobile device when interacting with the Software:
3.2.1 We may collect Personal Data, such as IP address, to understand the country which you are connecting from, when using the Software, time zone setting, information about the device and browser type using to access the Software, website URL from which you visited the Software, and third party websites you visit to log off the Software.
3.3 Non-Identifying Users’, Customers’, Consultants’ Personal Data: we may also collect other information such as postal codes, demographic and statistical data and information about using the Software.
3.4 In some cases we may convert some Personal Data into Non-Identifying Information. This is done by converting such information into a code. The code does not identify you and is not considered Personal Data under the GDPR, as it does not reveal your identity. We may combine the information collected from Software Users as statistical data and use it for analytics.
3.5 Combining Personal Data and Non-Identifying Information: when combining Personal Data and Non-Identifying Information, it is possible to convert it into information that can identify you. For example, in cases where a User’s or Customer's name and social media profile is available. We will treat the combined information as Personal Data that must be processed under this Policy.
3.6 Information collected from third parties: we may receive information from the third parties. For example, we may supplement the information we collect with records from public sources, including social networks, freelance exchanges or databases. If we combine information we collect from third parties with information we collect about you, we will treat such information as Personal Information under the Policy.
3.7 We may collect and process specific categories of Users’, Customers’ or Consultants’ Personal Data, such as information on race or ethnicity, religious or philosophical beliefs, sexuality and orientation, political views, trade union membership, health information, and genetic and biometric information. We may collect information about Consultants' criminal convictions and offences.
4.1 We process Users’, Customers’ or Consultants’ Personal Data for the purposes set out in this Policy:
4.1.1 To fulfill obligations to Clients, provide the Services and develop a business and commercial relationship with you and/or the legal entity you represent.
4.1.2 To fulfill your obligations to Consultants, provide the Services and develop your business and commercial relationship with you and/or the entity you represent.
4.1.3 To develop, provide, improve, update, correct errors in the Software and/or enhance the Services.
4.1.4 To provide internal quality and security controls, protect against fraudulent or illegal activities and hold those responsible for such activities accountable.
4.1.5 To measure the interest and Users’ interaction with the Software.
4.1.6 To adapt the content and offers shown on the Software as well as on other resources.
4.1.7 To authenticate and verify the Users’ identity and to verify the provided information.
4.1.8 To analyze the current Software functionality for security and vulnerability.
4.1.9 To respond to queries and complaints and to communicate.
4.1.10 To perform legal obligations and enter into Contracts with Consultants and Clients.
4.1.11 To enforce the law, including protecting our rights or third parties’ rights.
4.1.12 To prevent or stop an activity that we may consider illegal, fraudulent or unethical.
4.1.13 To analyze the target audience and Software client environment.
4.1.14 To prototype and create Software mock-ups.
4.1.15 To fulfill financial and accounting obligations to Clients and Consultants.
4.1.16 To create contextual, targeting, media and other types of advertising.
5.1 By providing access to Personal Data, you consent to the Personal Data transfer, storage and processing. We are obliged to take all necessary measures to ensure that Personal Data is processed in a secure manner and in accordance with the provisions of the Policy.
5.2 Personal Data shall be stored until requested to be deleted by the User, Client or Consultant or for five (5) years from the date of receipt if such storage is necessary to record statistical, financial, corporate and commercial data.
5.3 We may retain Personal Data for as long as necessary to provide the Services or fulfill obligations, resolve disputes, prevent misuse and enforce agreements.
5.4 The Personal Data we process and store is the Users’, Customers’ and Consultants’ property.
5.5 We are entitled to use and disclose the Users’, Customers’ and Consultants’ Personal Data only for the purposes specified in section 4 of the Policy.
5.6 If we change the Personal Data required for the correct provision/receipt of the Services, Users, Customers and Consultants are responsible for notifying us of such changes.
6.1 We make every effort to ensure that the storage of Personal Data complies, to the extent possible, with the GDPR and the CCPA. Taking into account that no method of transmission over the Internet is completely secure, BitsHive cannot and does not guarantee the security of any information you hand over to us.
6.2 We comply with the security measures for the storage of Personal Data under Article 32 of the GDPR, such as anonymization and encryption, ensuring confidentiality, integrity, availability and resilience of processing services, timely recovery of access to data and testing the effectiveness of security measures.
6.3 To improve data storage and security controls, the BitsHive engages a Data Protection Officer ("DPO") who is responsible for BitsHive's compliance with the personal data protection law in accordance with GDPR articles 37, 38, 39.
6.4 According to the GDPR, the BitsHive may engage the DPO to carry out the following tasks:
6.4.1 Informing the Сontroller and the Data Processor of the obligations under the data protection regulation;
6.4.2 Monitoring of compliance with the regulation rules and requirements;
6.4.3 Representation before the supervisory authorities for compliance with the regulations;
6.4.4 Advising in all situations related to the regulation;
6.4.5 Receiving and investigating Users’, Clients’ and Consultants’ appeals and complaints to protect their rights as set out in section 10 of this Policy.
6.5 We provide measures for the secure storage of collected Personal Data on servers and hosts and provide data encryption and anonymization. Access to the Software is encrypted using standard Transport Layer Security ("TLS") technology. We also use strict HTTPS transport security.
6.5.1 Access control and management system. When granting access to sensitive data, several layers of security are used.
6.5.2 Data access control. Consultants obtain access only to data required for the provision of Services.
6.5.3 Data transmission controls. The movement of data across BitsHive's internal networks and between Consultants, Users and Clients is protected.
6.5.4 Data entry controls. BitsHive verifies changes made or data deleted from processing systems.
6.5.5 Accessibility controls. Personal data is protected against accidental destruction or loss.
6.5.6 Data Integrity Control. BitsHive uses firewalls, anti-virus software and carries out external and internal penetration testing.
6.5.7 BitsHive is not responsible for leakage, unauthorized collection and disclosure, resale or misuse of Personal Data by the Controller or the Client.
7.1 BitsHive is a Asian company registered in Pakistan and we process and store Personal Data in the Asian Union. BitsHive’s Consultants may process and store Personal Data in the United States of America, EU countries and third countries.
7.2 When we transfer Personal Data to third parties, we will comply with safety measures under the GDPR and in accordance with the Policy. When transferring data, we rely on approved data transfer mechanisms, which may include Standard contractual clauses for international transfers, approved by the EDPB and GDPR. You may request a copy of the standard contractual clauses relating to your Personal Data if any.
8.1 BitsHive engages Consultants to receive and provide the Services. Consultants may access the Clients’ and Users’ Personal Data to the extent and wherever necessary for the performance of their obligations.
8.2 BitsHive engages Consultants to:
8.2.1 Provide Software development services;
8.2.2 Develop design solutions;
8.2.3 Conduct research and marketing analysis;
8.2.4 Test the Software;
8.2.5 Provide technical support for the Software:
8.2.6 Analyze traffic information in the Software;
8.2.7 Display and set up advertising in the Software;
8.2.8 Analyze information about the Users’ activities in the Software;
8.2.9 Create and provide content in the Software;
8.2.10 Perform integration via API with external services and program modules;
8.2.11 Carry out marketing and advertising campaigns;
8.2.12 Obtain legal support;
8.2.13 Receive accounting and financial support;
8.2.14 Order recruiting and HR services;
8.2.15 Order the services of sales and customer service managers;
8.2.16 Order the services of project and product managers;
8.2.17 Order the services of IT consultants, architects, DevOps, business analysts.
8.3 Consultants may collect Personal Data and access Clients' and Users' sensitive information via Means of Communication, in the Software or databases and by tracking activities on your device, including cookies and web beacons. Consultants may access sensitive information about Software Users and process data about family status, health, financial well-being, purchase and payment history, personal preferences and beliefs.
8.4 We may also transfer certain non-identifiable information about Software Users and BitsHive Clients to Consultants, to the extent necessary to provide the Services.
9.1 We use cookies to improve and simplify your interaction with the Software. Cookies are required to store the settings you have chosen in the Software, for example, language, and/or to remember your preferences. We use Cookies only in compliance with the requirements of the GDPR and the relevant guidelines and regulations provided by the EDPB. We follow legal grounds under Article 6 of the GDPR when we use cookies and similar technologies:
9.1.1 User consent;
9.1.2 Legitimate BitsHive’s interests.
9.2 We use basic and additional Cookies for the operation of the Software. Basic Cookies are always used and are necessary for the operation of the Software. Additional Cookies are collected and used if the Software User consents to this. It is up to you whether or not you accept Cookies, in full or in part. The User may block or delete Cookies, but in such case you may be restricted from using certain features of the Software.
9.3 To change the Cookie settings on your browser, follow the instructions given in the following links:
9.3.1 Google Chrome;
9.3.2 Safari;
9.3.3 Mozilla Firefox;
9.3.4 Opera;
9.3.5 Microsoft.
9.4 Types of cookies, purposes and retention period:
9.4.1 Basic Cookies and other tracking technologies are necessary for using the Software and comply with applicable data protection laws. We use cookies to check the Software functionality on your device, for example: whether the User's browser supports cookies, or whether the User has accepted the use of cookies or not.
9.4.2 Additional:
9.4.2.1 Analytical Cookies help to understand how Users interact with the Software, for example: which pages are visited, and how fast pages load. Such cookies collect information anonymously to avoid identifying you. The purpose of collecting such files is to improve the Software operation.
9.4.2.2 Marketing Cookies are used to display relevant advertising.
9.4.2.3 Functional Cookies allow you to remember your preferences and the choices you make in the Software and also allow you to provide you with important features including comments, widgets and online chat.
10.1 Access right. The Privacy Policy lists the Personal Data of the User, Customer, Consultant that we collect and process. The User, Customer and Consultant may contact DPO to request access to the Personal Data we hold in accordance with Article 15 of the General Data Protection Regulation.
10.2 Right to rectification. The User, the Customer and the Consultant shall have the right to update, correct, and supplement their Personal Data. The User, Customer and Consultant may also contact Article 16 of the General Data Protection Regulation to access their Personal Data in order to update, correct and/or amend it, pursuant to Article 16 of the General Data Protection Regulation.
10.3 Right to portability. User, Client and Consultant may request the transfer of Personal Data to third parties, pursuant to Article 20 of the General Data Protection Regulation.
10.4 Right to be forgotten. The User, the Client and the Consultant shall have the right to delete Personal Data about themselves in accordance with Article 17 of the General Data Protection Regulation. The Personal Data, in such a case, shall be deleted permanently.
10.5 Right to object. The User, the Client and the Consultant shall have the right to raise an objection to the processing of Personal Data at any time, in accordance with Article 21 of the General Data Protection Regulation.
10.6 The right to withdraw consent to data processing. The User, Client and Consultant shall have the right to withdraw their consent to the processing of Personal Data that has been provided to us at any time. In the event of withdrawal of the consent to the processing, certain features of our Software may not be available.
10.7 The right not to be subjected to automated decision-making in individual cases, including profiling. The User shall have the right not to be subjected to a decision that is based solely on automated processing, including profiling, which gives rise to its legal consequences pursuant to article 22 of the General Data Protection Regulation.
10.8 BitsHive may deny Users access right, right to rectification, portability, be forgotten, to object if BitsHive acts as the Processor of Personal Data and is restricted in its powers by the Data Controller.
10.9 We will make commercially reasonable efforts to accommodate your requests for deletion; however, certain information will be retained in the Software. In addition, the rights described above may be limited, for example, if complying with your request would result in disclosure of another person's Personal Data or if you ask us to delete information that we are required to retain by law, or if we have a legitimate interest in retaining (for example, for fraud prevention purposes).
10.10 Your Personal Data may remain on our records and information that you update or delete may be retained for our administrative purposes to the extent permitted by law. We will not delete information you have posted publicly using Software or within it. Be aware that neither you nor BitsHive can delete all copies of information that has previously been shared with others.
11.1 This supplemental privacy notice for California residents applies solely to California residents. It applies to Personal Data that we collect in the Software or through other means and resources, such as information collected offline, in person or by telephone, freelance exchanges or social media.
11.2 The CCPA requires us to disclose the categories of Personal Data we collect about consumers in California, the categories of sources from which the information was collected, the business or commercial purposes for which the information was collected, and the categories of parties to whom we share California residents’ Personal Data.
11.3 The CCPA permits you to request that we:
11.3.1 Provide you with the categories of Personal Data we have collected or disclosed about you in the past twelve (12) months;
11.3.2 Provide you with the source categories of your Personal Information;
11.3.3 Explain the business or/and commercial purpose for which we collected or processed your Personal Data;
11.3.4 Limited the categories of third parties to whom we may share your Personal Data;
11.3.5 Provide you with access and/or a copy of the information we hold about you;
11.3.6 Deleted your Personal Data in our possession.
12.1 We may publish current vacancies for the recruitment of Consultants. To apply for a vacancy, Consultants need to complete a questionnaire and be interviewed, which may be a video/audio call using the Means of Communication. By completing the questionnaire, the Consultant hands over to us Personal Data and agrees that such data will be processed by BitsHive.
12.2 The questionnaire data shall only be available for processing by BitsHive and Clients of BitsHive. The questionnaire includes the collection of the following data: location, work portfolio, information about employers, employer references, participation in rankings and awards, professional achievements, diplomas and certificates of education, hourly rate, name, age, contact details, marital status and state of health.
12.3 The information handed over in the questionnaire is the Consultant's Personal Data and will be processed and used according to this Privacy Policy.
13.1 The Software may contain links to third party websites such as advertisements, partners, online payments, external services and programs integrated via API. If you decide to link to a third party website, you will be redirected to that third party website.
13.2 The fact that we link to a third party website is not an indication of our association with that website, nor is it an indication that their privacy and/or information security policy complies with our Policy.
13.3 We have no control over any third party websites that may be located on the Software. Third party websites may place their own Cookies or other files on your device, collect data or solicit personal information from you. We encourage you to review the privacy policy of websites you visit by clicking on links provided by you through the Software.
14.1 We may change, update and amend this Policy from time to time to ensure that Personal Data is kept secure and that Policy complies with the GDPR/CCPA.
14.2 In the event of material changes that affect Personal Data, we shall notify Users, Customers and Consultants of such changes by posting a news release on the Software and/or by means of an email newsletter.
14.3 If you unsubscribe from emails notifying us of changes to legal documentation, it remains the responsibility of Users, Clients and Consultants to familiarize themselves with them.
14.4 Once the Privacy Policy has been amended, we have the right to request that Users, Clients and Consultants re-consent to the updated Policy.
14.5 Our electronic or otherwise retained copies of this Policy shall be deemed to be true, complete, valid and enforceable versions of this Policy in effect at the time you use the Software
15.1 We collect Personal Data for the publication of cases and references from BitsHive’s Users, Clients and Consultants. Please note that the cases and references you provide may be available for public viewing by Users on the Software.
15.2 We collect feedback and references about the Services and the Software to promote and market the BitsHive’s Services. We use this information to respond to your requests, improve the Services and the Software, develop new products and features and attract new Customers.
15.3 With the consent of Users, Clients, Consultants, we may publish references or cases which include or link to your Personal Data in the Software. If you wish to update or delete your case and/or reference, you may contact us at legal@bitshive.com.
16.1 For any questions regarding collection and processing of your data by BitsHive, you can contact our DPO, at legal@bitshive.com.
16.2 You are also entitled to receive further information about your rights in relation to your Personal Data by sending an email to: legal@bitshive.com.
16.3 If you have an unresolved privacy or data use issue that we have not resolved, any questions or complaints about the Software or this Policy, you may contact us by sending an email to: legal@bitshive.com.