NAME OF THE REGISTER

Gofore Gigs (https://gigs.gofore.com).

CONTACT FOR THE REGISTER

You may send your questions and requests regarding privacy to privacy@gofore.com. Regardless which of the above-mentioned companies is a data controller, you can always be in touch through the aforementioned email address.

UPDATES TO THIS PRIVACY POLICY

This Privacy Policy was last updated on 7th of February 2024.

We will update this Privacy Policy whenever there are changes in personal data processing, or in the applicable legislation, of which data subjects must be informed. The latest version of the Privacy Policy is available on gigs.gofore.com.

PURPOSES OF PROCESSING AND LEGAL BASIS

Gofore processes personal data in accordance with applicable legislation, including the General Data Protection Regulation (Regulation (EU) 2016/679, “GDPR”), and this Privacy Policy.

We use personal data in our registers for the following purposes:

• Processing and evaluating our partners and offers made by our partners.
• Pro-actively finding suitable partners for our customer needs from the expert pool created by our partners, Gofore Gigs users, and providing other co-operation opportunities for our partners.
• Analysing data given by our partners and possibilities of our partner ecosystem to develop our operations.
• Managing partner relationships
• Communication on service-related matters, such as incidents, updates, feedback, and user surveys.
• Marketing of Gofore’s or its partners other services or events for Gofore Gigs users (if marketing consent is given).
• Artificial intelligence (AI) based profiling to match experts with customer requirements, preparation of sales offers and overall resourcing and sales process management and development and training of AI models.

Our processing of personal data is based on the legal grounds of our legitimate interest. For certain freelancers, who have a contract with Gofore with the obligation for Gofore to provide certain project hours, the basis of processing personal data is also contractual. A legitimate interest occurs when, for example, the purpose of processing is to manage and develop a partner relationship and other similar legitimate business purposes. Gofore’s processing of personal data is based on legitimate interest of Gofore since processing of personal data as set out in this policy is mandatory in order to the person in question to be involved in services offered to Gofore’s customers, and because processing by Gofore is ordinary in the course of information technology services business. This basis has been evaluated by conducting a balance test.

We use AI tools to assist us in processing of personal data for purposes set out above. We use automated processing of personal data to assess aspects of our partners, such as their education, skills and experience, based on AI profiling. We do this based on our legitimate interest. A recommended decision reached by automated means is followed by a meaningful human review prior to a final decision on whether to offer a gig to a particular partner. Our AI models constantly learn and evolve based on the data they receive, and we continuously monitor AI models to ensure that they are fair, efficient, and unbiased. We believe that the AI based profiling benefits us, our partners, and our customers. The use of AI enables us to conduct partner and customer matching more efficiently and to ensure impartiality and quality of the decisions. Along with developing of self-learning AI tools, we use search algorithms in matching customers and experts.

We have conducted a balancing test and assessed that this processing does not conflict with the expert’s fundamental rights or freedoms.

Refusal by partners to submit information has effects on possible partner relations with Gofore. Gofore is committed to doing subcontracting through Gofore Gigs, meaning partnering with Gofore requires the use of Gofore Gigs.

PERSONAL DATA WE PROCESS

We process the following data:

Gofore Gigs users

• Name and contact information of registered users
• Company name and website address the user is related to
• User's job title
• Marketing consent of the user
• Partner type: company or freelancer
• Comprehensive application logs
• IP address

When authenticating in Gofore Gigs, we use Google Identity Platform for authentication and authorization purposes. This requires the application to have the right to read the basic profile and company information of any user that authenticates with Google, Microsoft or any other identity provider. However, Gofore stores only the following information received through authentication:

• User first name and last name
• User email

Company’s expert

• Expert’s basic information
• Name
• Sales pitch
• CVs in the original uploaded format, which may also contain information on referees (for example name, title and contact information) if such information is included in a CV

Gigsletter recipients

• Email address

Gigsletter recipients are maintained separately from other personal data in the Gofore Gigs, and the recipient may cancel their subscription any time through the link provided in the email.

We keep our partners’ details in Gofore Gigs and related systems, as required by the applicable legislation, only as long as necessary for the purposes of personal data processing. Retention periods may vary considerably depending on the nature and use of the personal data provided to us. As a rule, personal data is stored for as long as the partner wishes to have it saved in Gofore Gigs. Once partner is deleted from the company account, the personal data related to the user or expert will be anonymised and expert CV’s deleted permanently. Inactive company accounts will be deleted after five years of inactivity.

If the partner’s personal data is used to prepare a sales offer, the data will be held according to Gofore’s needs, but no more than five years. Also, if the partner has a contract with Gofore, this contract might obligate Gofore to retain some personal data for longer periods, as required by the applicable legislation, for example accounting rules and tax legislation.

Notwithstanding the above, the retention period for any personal data may be extended if Gofore has an existing or imminent need to defend itself against legal claims or to prepare or present legal claims.

DATA SOURCES WE USE

The personal data collected consists only of the information that Gofore Gigs users, our business partners, provide us.

SHARING AND DISCLOSING PERSONAL DATA

We use a range of service providers to process and maintain personal data. We can transfer personal data to third parties to the extent they need it to provide services or perform tasks we have designated to them. The tasks of parties that process personal data relate to matters such as business analytics, overall resourcing and sales process management and development, the management and maintenance of devices, information systems and software, error correction, and other data processing services.

Gofore and its subsidiaries are located in the member states of the EU. If the purpose of the processing of personal data requires transfer of data between Gofore and its subsidiary, we may share personal data within the Gofore group in which case, likewise, we will ensure that the processing of personal data complies with the applicable data protection legislation and this privacy notice.

We disclose personal data of our partners to our customers and potential customers when subcontracting.

If needed, Gofore may also disclose personal data at the request of a competent public authority.

TRANSFER OF DATA OUTSIDE THE EU OR EEA

Some of our service providers or other parties with whom we may share personal data might be located outside the EU or EEA. In such situations, we have ensured – either through contractual means or by using other appropriate protective measures – that they have the necessary level of data protection in place when processing personal data. For additional information about transfers across borders and any applicable precautions to be applied in each case, please contact the person referred in section “Contact for the register”.

For application incident management we use Sentry, which is needed to keep our service running. Sentry is operating from the United States of America. Any data processed through Sentry is retained for 90 days, and then permanently deleted. The data processing agreement between Gofore and Sentry conforms with the EU's General Data Protection Regulation, and Sentry commits to the standard contractual clauses on cross-border data transfers. Thereby Sentry is committed to an adequate level of data protection guaranteed by contractual arrangements approved by the European Commission.

SECURITY

The application logs and other technical registers for Gofore Gigs can be accessed by our technical specialists who contribute to operating Gofore Gigs service. All users are committed to keeping data confidential and to conforming with our company’s security guidelines. Access rights to the register are individually defined for each person according to the purpose of use.

Electronic register

Gofore Gigs can only be accessed with the appropriate user credentials. Those Gofore employees who have the correct user permission are allowed to see our partners; companies, company experts and freelancers through Gofore’s resourcing system.

Physical register

We do not store any collected material in physical format at Gofore Gigs.

RIGHT OF THE DATA SUBJECT

Data subjects have the right to check data concerning them that we have stored in the register, and to receive a copy of such data. If there are errors in the data, the data subject may, as a user, modify their data in Gofore Gigs themselves, or request that the controller correct the data. Data correction requests must be made in sufficient detail, so that we can make the correction.

In certain cases, data subjects have the right to demand that we delete their data. Such data must then be deleted if we no longer need it for the original purposes, or that we have no legal grounds for its processing. If processing has been based on consent, the data subject has the right to cancel their consent. Data subjects also have the right to receive the personal data they have submitted to us in a structured, commonly used, machine format, and the right to transfer the data to another controller.

In certain cases, data subjects also have the right to restrict or object our processing of their personal data. You also have the right to request information on elements of the joint controllership arrangement entered into between the Gofore group companies mentioned above in this Privacy Policy.

If your personal data is stored in our register and you have any questions or comments regarding its processing or you have a request in accordance with the right described above, please send an email to the address referred to in section “Contact for the register”.

You also have the right to file a complaint with the supervisory authority regarding the processing of your personal data. In Finland the supervisory authority is the Office of the Data Protection Ombudsman, www.tietosuoja.fi.

Cookie Policy

This Cookie Policy was last updated on 9th of October 2023.

Our website Gofore Gigs, gigs.gofore.com ("Website") uses cookies ("Cookies"). Cookies are small text files that are stored by the browser on the user's/visitor's device when using the Website. Cookies can be used, for example, to collect information about how you use the website and to "remember" your site preferences and actions. Gofore Gigs uses cookies to facilitate your use of the website. Cookies and the data collected with them are used also to monitor and analyze the usability and use of the website as well as improve the website.

Cookies contain a unique identifier (UID), such as a randomly generated series of numbers, that enables identifying your device. Although cookies can be used to identify your device, cookies generally do not allow the identification of users without certain additional information.

When you visit our website, we and/or third-party service providers, such as Facebook, place cookies on your device.

Data collected by cookies

We and third-party service providers collect especially the following information by cookies:

• IP address
• Visiting time
• Website through which you have moved to our website
• Visited webpages
• Clicked links
• Browser type (such as Google Chrome, Firefox)
• Screen resolution of the user's device
• Geographical location

Cookies that we use on our website

We use following cookies on our website:

Necessary

• Cookiebot uses cookies to store and maintain cookie consent compliance. Cookiebot is a consent management platform that helps websites comply with GDPR and privacy regulations by scanning the website for cookies and trackers and collecting user consent.
• Firebase uses cookies to support and secure user authentication. Firebase is an application development platform that provides backend services and tools for building applications and games.
• Matomo uses cookies to maintain and store cookie consent preferences. Matomo is a web analytics platform that tracks online visits to a website and displays reports on these visits for analysis.

Analytics

• Matomo uses cookies to monitor the usage of the website, but only if opted-in. Read more about the cookies set by Matomo from here.

How to manage cookies

Cookies necessary for the functioning of this website are set automatically. For non-mandatory cookies, we need your consent before we can store them on your device. If you have already given your consent to store cookies on your device and wish to withdraw it, you can do so from the 'Cookie settings' menu accessible from the bottom of the page.

You can also use your web browser settings to manage cookies. Please note that blocking all cookies may affect the functionality of our website and therefore some features of our website may no longer be available to you and may not be visible to you. For more information on how to change your browser's cookie management settings, please refer to your browser's user manual.

Contact us

We reserve the right to update and make changes to our Cookie Policy. Unless otherwise required by the mandatory laws, we may not inform in person the users of our website about the changes we have made to our Cookie Policy. Therefore we recommend you to read this policy from time to time.

If you have any questions about our cookies or this Cookie Policy, please be in contact with us via email at privacy@gofore.com and we will get back to you as soon as possible.