While this is a legal document, we use some professional terminology, so please review this section. We believe you should be able to easily understand what is covered in our Privacy Policy.

If a term is capitalized in this Privacy Policy but isn’t defined, it has the meaning given to it in our Terms and Conditions.

“Controller” means a person who determines the purposes and means of the Processing of Personal Data.

“Explicit Consent” means freely given, specific and informed consent to your Personal Data Processing by us. Explicit Consent could take the form of ticking an opt-in box or clicking on the button “Send” or another action that signifies agreement, such as oral confirmation, or the provision of contact details in the forms on our Website.

“Personal Data” means any information relating to a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, or an online identifier.Factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person also may be referred to as “Personal Data”.

“Personal Data Processing” or “Processing” means the collection, recording, structuring, storage, adaptation or alteration, use, disclosure, erasure, or destruction of any Personal Data.

“Processor” means a person who processes Personal Data on behalf of the Controller.

DiLex Group may in its sole and absolute discretion from time to time update and/or amend this Privacy Policy to reflect changes in our practices with respect to the Processing of Personal Data, or changes in applicable laws and regulations without the prior consent of the Client.

We kindly advise you to review the Privacy Policy periodically, as we may have updated them since your last visit. Any changes to these Terms of Conditions and the Privacy Policy will take effect upon publishing. PLEASE NOTE that we won't notify you about such updates.

Your continued use of the Website following the posting of any updates and/or amendments constitutes your acceptance of the new Privacy Policy.

DiLex Group practices related to the Processing of Personal Data comply with all the applicable international standards and regulations including but not limited to General Data Protection Regulation (“GDPR”) and California Consumer Privacy Act (“CCPA”) supplemented by California Privacy Rights Act (CCRA).

In general, it means that all the Personal Data should be:

1/ Processed lawfully, fairly, and in a transparent manner;

2/ Collected only for legitimate purposes that we have clearly explained to you and further processed in an appropriate way;

3/ Relevant to the purposes that we have discussed with you and limited only to those purposes;

4/ Accurate, up to date, and, where necessary, erased or rectified without delay;

5/ Stored for no longer than necessary for the purposes we have discussed with you.

Moreover, the appropriate security measures regarding Personal Data must be ensured.

We may collect the following Personal Data during you visit the Website or when you provide us with Personal Data in another way:

1/ Personal Data you provide when you fill in the forms on our Website, such as name and contact details;

2/ Personal Data you provide to us when contacting us directly by different communication formats (email, phone, instant messaging tools, etc.). Therefore, we may process some additional Personal Data that contains in messages or attachments that you may send to us, such as your bank account details and billing address;

3/ Details of visits to the Website, including but not limited to the device types and models you have used to access such information, its Internet Protocol (IP) address, browser type, browser version and language, operating system and platform, etc.;

4/ Personal Data you provide in connection with your responses to the vacancies available on our Website including but not limited to your education information and work experience;

5/ Personal Data relating to you or your employees that you provide to us to enable us to provide Services to you and to comply with our legal obligations (including with respect to Know Your Customer verification and anti-money laundering screening). In this case, we may collect such data from you: proof of residence and proof of identity in a form satisfactory to us; copies of all statutory documents, including but not limited to memorandum and articles of association, certificate of incorporation, proof of registered address, register of directors and shareholders, certificate of good standing; photo identification (passport, driving license, or government issued identification card); address verification (utility bill or bank statement); or any other Personal Data.

6/ Information that we collect from publicly available sources (in an online or offline context) e.g. state registers and databases, web pages, social media, and press releases.

We process your Personal Data only upon your Explicit Consent. If you fail to provide us with such an Explicit Consent, we may be unable to continue our business relationships with you and provide you with our Services.

PLEASE NOTE, that we are authorized to process your Personal Data without your Explicit Consent where it is required or permitted by the applicable laws or regulations.

We may process your Personal Data pursuant to the following legal bases:

1/ Ensuring our legitimate business interests and purposes, including but not limited to our legitimate interests in providing employment opportunities;

2/ Provision of our Services to you and other Clients;

3/ Your Explicit Consent, for example, when you opt-in to marketing communications from us;

4/ Fulfilling our legal and compliance obligations, for example, when we share your Personal Data with legal authorities on their legitimate request or conduct KYC verification.

We may process your Personal Data for one or more of the following business purposes:

1/ To understand your needs and provide you with better Service;

2/ To develop new products, Services, and features and analyze how you interact with them;

3/ To verify your identity and location, check whether your values and principles coincide with ours and decide whether it is appropriate or possible for DiLex Group to continue its relationship with you;

4/ To maintain our Website, including but not limited to detecting fraud and protecting against malicious, deceptive, fraudulent, or suspicious activity; personalize, and improve your user experience, and provide customer support;

5/ To communicate with you in different communications formats, process and react to your forms submitted, inquiries, and complaints, and process payment transactions;

6/ To generally comply with international, state, and local laws rules, and regulations, including but not limited to conducting KYC verification and anti-money laundering screening and fulfilling due diligence requirements;

7/ To respond to subpoenas and other legitimate requests of legal authorities;

8/ To protect and defend our rights, property, safety, and reputation or that of our Clients and other Users;

9/ To ensure our ongoing operations, administrative, accounting, reporting, and other processes;

10/ To ensure our marketing purposes, including but not limited to sending you marketing materials we believe will be of interest to you via email, phone, instant messaging tools, or other communication formats and understanding the effectiveness of our marketing;

11/ To analyze your responses to the vacancies available on our Website;

12/ For other reasonable purposes needed for administering, monitoring, and improving our Website and Services.

If we consider in our sole and absolute discretion that we need to use your Personal Data for another purpose, we will notify you about it and explain the legal basis which allows us to do so.

The retention periods vary in different jurisdictions and depend on the amount, nature, and sensitivity of the data collected. At a minimum, we keep your Personal Data for as long as needed to fulfill the purposes for which we collected it, including for the purposes of Services provision to you.

We must keep information for extended periods of time in order to fulfill our legal and compliance requirements, establish, exercise, or defend our legal rights, and for archival and historical purposes.

We may disclose your Personal Data:

1/ To any representatives of DiLex Group;

2/ To legal and regulatory authorities if required by any applicable law or regulation;

3/ To our trusted Third-Party service providers (for example, companies that provide systems, web hosting, and other IT services; internal and external counsels, experts, agents, lawyers, accountants, auditors, or other professionals);

TO THE GREATEST EXTENT PERMITTED BY LAW, NEITHER DILEX GROUP NOR ANY OF ITS AGENTS, REPRESENTATIVES, EMPLOYEES, AND ANYONE ELSE ACTING ON ITS BEHALF SHALL BE LIABLE FOR ANY PERSONAL DATA LOSS OF ANY PERSON BY SUCH PROFESSIONALS WHOSE APPOINTMENT HAS BEEN MADE IN GOOD FAITH AND WITHOUT NEGLECT.

4/ To any other entity where such disclosure is necessary for the proper performance of our Services to you and other Clients;

5/ If we believe in our sole and absolute discretion that such a disclosure is appropriate for purposes necessary to enforce Terms and Conditions and any Agreement;

6/ If we believe in our sole and absolute discretion that such disclosure is necessary to protect and defend our rights, property, safety, and reputation or that of our Clients and other Users;

7/ In order to comply with a judicial proceeding, court order or other legal obligation, or a regulatory or government inquiry;

8/ In connection with a reorganization or merger of our company with another company; or

9/ With your Explicit Consent.

To provide you with our Services and do it at the highest level we need to collaborate with different business partners, trusted Third-Party service providers, and other affiliated entities. They are frequently located in different countries, therefore we may transfer your Personal Data across national borders.

When you accept this Privacy Policy and submit your Personal Data to us it means that you agree that your Personal Data may be transferred to and stored outside the country in which you are located.

PLEASE NOTE that the laws and regulations of other countries may differ from the laws and regulations of your country.

To keep your Personal Data confidential and protected in compliance with applicable laws and regulations (basically with the GDPR and the CCPA, CPRA), we take the necessary security, legal, and technical measures. These measures include but are not limited to the following:

1/ We maintain physical, electronic, and procedural safeguards in connection with the Processing of your Personal Data;

2/ We use devices and applications that offer security features to protect your Personal Data against unauthorized access, disclosure, destruction, or loss;

3/ We don`t make, use or store hard copies of documents containing your Personal Data;

4/ We use two-factor authentication (2FA) and really strong passwords on our devices;

5/ We use only a secure Wi-Fi connection to prevent hacking and Personal Data loss;

6/ We limit the number of people who may access your Personal Data. These people are required to have permission for such access, are bound by confidentiality obligations, and responsible for confidentiality breach;

7/ We ask the person who requests the Personal Data disclosure to verify their identity and/or explain the legal basis of such a disclosure.

However, since no security system is impenetrable, neither we nor the Third Parties to whom we might disclose your Personal Data can provide any guarantees as to the security of their systems or that the Personal Data you provide won't be intercepted while being transmitted over the Internet.

The Website of DiLex Group may contain certain links to external websites and external websites may link to the Website of DiLex Group.

Please note, that external websites are not owned or controlled by us and have separate and independent privacy policies (other than the Privacy Policy of DiLex Group). We kindly recommend you carefully review the privacy policies of all external websites that you access.

The fact that DiLex Group has posted certain links on this Website cannot serve as an endorsement by DiLex Group of any of these external websites. DiLex Group waives any responsibility whatsoever for the content, operation, or security of any external websites, and as a consequence, will not be liable to you for any damages or losses caused or alleged to have been caused as a result of your use of any external websites that are linked (by way of hyperlink or otherwise) through this Website.

1/ If you are based in the European Union (EU) or European Economic Area (EEA).

Under the General Data Protection Regulation (“GDPR“), that is the key document applied to any organization that Processes Personal Data of European citizens, you have the following rights, including without limitation:

• Right to be informed means you can request confirmation of whether we process Personal Data relating to you;
• Right to access to your Personal Data means you can request a copy of your Personal Data that we may process;
• Right to rectifications means you can request we correct your Personal Data if inaccurate, incomplete, or out of date;
• Right to be forgotten means you can ask us to delete your Personal Data in certain circumstances provided by law;
• Right to restrict Processing means you can request that we limit the further Processing of your Personal Data, under certain conditions;
• Right to object Processing means you can request that we stop Processing your Personal Data at all, under certain conditions;
• Right to withdraw your consent given to us for a certain purpose;
• Right to data portability means you can request a copy of your own Personal Data in a structured, commonly used and machine-readable format;
• Right to not be subject to automated decision-making means your right not to be subject to decisions based solely on automated processing, including profiling, that significantly affects you;
• Right to complain to your local data protection authority.

2/ If you are a California resident.

The California Consumer Privacy Act (CCPA) supplemented by California Privacy Rights Act (CCRA) is closely similar to the GDPR and grants the California residents with the following rights, including without limitation:

• Right to know about the Personal Data we process about you, for instance, you can request disclosure of Personal Data collected by us about you, from whom it was collected, why it was collected, and, if sold, to whom;
• Right to be notified, before or at the point we collect your Personal Data, of the types of Personal Data we are collecting and what we may do with that information;
• Right to access and correct the Personal Data we process about you;
• Right to delete your Personal Data, under certain conditions;
• Right to know whether your Personal Data is sold or disclosed and to whom;

We do not, and will not, sell your Personal Data to Third Parties.

• Right to opt-out of certain privacy practices, including without limitation: right to opt out of sharing, processing and selling of information, right to opt out of automated decision-making technology, including profiling, etc.;
• Right to equal treatment and non-discrimination for exercising your CCPA rights;
• Right to sue for a Personal Data breach;
• Right to control the use of your Personal Data including limiting the use and disclosure of your sensitive Personal Data;
• Right to receive information about automated decision-making technologies.

If you have concerns about a potential breach of privacy law or regulation by DiLex Group, you can reach out to your usual contact at DiLex Group. We will promptly investigate your complaint and provide you with information on how we will handle it.

If you have any questions or concerns regarding this Privacy Policy, please contact us at info@dilex.group.