Table of Contents
- Personal information you give us:
- Personal information we get from third parties
- What happens if you don’t give us your data
- Purposes of personal data use
- Disclosing and transfer of personal data
- Your rights
- Retaining personal data
- Security of personal data
- Third party websites
- About cookies
- Website Security
- Questions, concerns, complaints
The Luxoft Holding, Inc, an international custom software development company, is a controller of the personal data submitted through this website (hosting provider: AWS; website is located in Ireland) and directly or indirectly collected in other ways
We do not knowingly attempt to solicit or receive information from children under 16.
Luxoft Holding, Inc and all its affiliated companies, including GlobalCareer organization, (the list of Luxoft group companies is here), hereinafter referred to as Luxoft Group, is committed to respecting your privacy.
This Privacy Notice describes the Luxoft’s policies and practices regarding collection and use of your personal data, and sets forth your privacy rights. We recognize that information privacy is an ongoing responsibility, and so we will from time to time update this Privacy Notice as we undertake new personal data practices or adopt new privacy policies. In relation to consent-based data processing (as further described below), we will notify you of any changes and request your further consent.
Data Protection Officer
The Luxoft Group is headquartered in Zug, Switzerland. The Luxoft Group has appointed an internal data protection officer for you to contact if you have any questions or concerns about our personal data policies or practices. The email of Luxoft Group data protection officer is GlobalDataProtectionOffice@luxoft.com.
How we collect and use (process) your personal information
We may collect, store and use the following kinds of personal data:
- information about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths);
- information you provide to us when submitting your CV (including your contact information);
- information you provide to us for the purpose of subscribing to our email notifications and/or newsletters (including your name and email address);
- information you provide to us when using the services or ordering trainings, or information which is generated in the course of the use of those services (including the timing, frequency and pattern of service use);
- information contained in or relating to any communication that you send to us or send through this website (including correspondence with us, communication content and metadata associated with the communication);
- information you provide to participate in Luxoft events, live or web conferences;
- your publications, blogs, interviews, opinions, etc.;
- any other personal data that you choose to send to us (i.e. the personal data of a candidate to work who you want to refer).
You can find more details on which data is collected for which purposes in part 4 of this Notice.
From time to time, the Luxoft Group receives personal information about individuals from third parties around the world. This may happen if you publish your CV in the Internet on some job boards, if someone recommended you for potential employment or if your employer signs you up for training or certification in Luxoft.
You can enjoy this website without giving us your personal data or providing your consent. You can even enter only the minimal amount of information (name and contact information) to your profile if you wish, and you can edit your profile at any time. Some personal information is necessary so that Luxoft can supply you with the services you have purchased or requested, and to authenticate you so that we know it is you and not someone else. You may manage your Luxoft subscriptions and you may withdraw your consent to marketing communication at any time.
Please note, that if you do not give us your data, we most likely will not be able to communicate with you and provide you with our services described below.
Personal data submitted to us through this website and personal data we collected from you or third parties or from public sources will be used for the purposes specified in this Notice.
Depending on the relationships we have or wish to have with you, we may use your personal data for the following purposes based on the legal grounds set forth hereunder:
4.1. Communications, based on Luxoft legitimate interest, art. 6 para. 1 f GDPR:
- if you have contacted us via this website or otherwise, we may process your name, contact details, location and other information you provided to us to be able to answer your questions, to organize the meeting, call, zoom or other communication (please note, that this communication may be recorded and stored by Luxoft representative in Luxoft corporate system, if you have given your consent), to enable you to publish your materials, interviews, opinions, comments, blogs, podcasts, photos and videos, to organize your participation in interactive features of our service when you choose to do so.
4.2. Marketing and public relations, based on your consent, art. 6 para. 1 a GDPR:
- if you are a visitor of our website, we may, by way of cookies and web beacons, process your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, log files, interactions with our website and with our online campaigns, data automatically collected about you or your device in accordance with this Privacy Notice, information you provided via website forms, services purchased (value, date, type, payment details), publicly available professional information about you, data sources, notes and remarks to carry out marketing research and to analyze the characteristics of this website visitors, to assess the impact of our marketing communication and to adjust it to the detected tendencies, to plan our future marketing activities, to prepare analytics and profiling for business intelligence, to personalize service and communications for you, to target our advertising, to provide direct marketing of the same, or similar, or related products and services; including also sharing and marketing within Luxoft Group
- if you are our subscriber, you receive or would like to receive our marketing materials, we may process your personal data you provided to us to spread promotional materials; make announcements about additions and changes concerning our services; personalize this website and our marketing communication for you; send you e-mail notifications (e.g. about the job vacancies or organized events); send you our email newsletters and magazines (you can inform us at any time if you no longer interested in these materials); send you marketing communications relating to our business which we think may be of interest to you.
4.3. Trainings and events,
based on our contract with you, art. 6 para. 1 b GDPR:
by purchasing courses or trainings via this website you agree to become a party to a Contract, terms and conditions of which will be stipulated in contract, offer or other documents concluded between you and Luxoft in connection with such courses or trainings. In this case your personal data such as full name, contact details, address, passport data, payment details (if you pay yourself), your employer, position (if employer pays) your attendance records, result of an exam, will be transferred to and processed by a data controller – Luxoft Training Center for the following purposes: to enter into agreement with you or your employer, organizing a visit and passing the training, passing the exam, issuing a certificate of passing the training, inviting you to our future trainings or courses.
You can manage your personal data in your personal account here.
or based on Luxoft legitimate interest, art. 6 para. 1 f GDPR:
if you have visited or intend to visit our event or participate our conference, we may process your full name, contact details, position, employer, communication and topic preferences, specialization, professional experience, gender, t-shirt size (to the extent you have given us your consent), tests results, photos and videos (to the extent permitted by law) with you from Luxoft events, to invite you and to organize your participation in our existing and future events/conferences.
Please note that we have right to publish the group photos and videos from our events/conferences on our website, social media profile or other channels for marketing purposes.
4.4. Recruitment, internship, referral, relocation,
based on your consent, art. 6 para. 1 a GDPR:
- if you are a potential employee or intern, we may process your full name, contact details, your CV and specializations, social media profiles, date of birth, education history, references, employment history, notice period at current employer, degrees, professional skills, personal/professional interests, language skills, salary expectations, relocation interests, family status, citizenship, certifications, testing results, publicly available professional information about you to assist you with ongoing or future employment or internship in Luxoft Group or its client, to enable you to submit your resume, apply for jobs online or to use the website otherwise.
or based on Luxoft legitimate interest, art. 6 para. 1 f GDPR:
- in specific cases, and only upon the client’s request, we may show your CV to a potential client for business engagement or to current client to confirm the high level of skills of our members of staff providing the services. Also to fulfill its compliance obligations our client may need to check your biography more closely before providing with the access to its protected data and facilities, so we may ask you, to provide more specific information such as tax number, work permission, citizenship, criminal background and, other additional and specific background checks required by particular clients to provide you with an access to clients’ systems and premises.
- if you are a candidate for relocation, we may process your full name, position, contact details, passport details, date of birth, place of birth, registered address, photo, visas, citizenship, your salary expectations and your offer, CV, data on your relocated family members, other data per Migration Authorities request, to organize your relocation and employment in one of the countries of our global presence.
or based on our contract with you, art. 6 para. 1 b GDPR:
- if you would like to refer us to another person for recruitment, you must obtain that person's consent. We will seek a confirmation of this fact from the referred person. You should provide this person with the following information and request an explicit provable consent:
Please provide me with your consent to the transfer of your personal data such as your full name, contact details, location, publicly available professional information about you, reference, notice period at current employer, salary expectations, your CV and specializations to an international group of companies Luxoft Group for the purposes of processing of this personal data in recruitment process for a position in the Luxoft Group or its client.
The controller of the filing system, in which your personal data is stored and processed — is Luxoft Holding, Inc. You may contact the Data Protection Officer of controller at GlobalDataProtectionOffice@luxoft.com. The controller will treat your personal data as confidential and will only process such information in compliance with the Privacy Notice and applicable legislation. The Luxoft internal departments in the countries of Luxoft global presence will have access to this recruitment database and will process your personal data on “need to know” basis for the purposes of managing the recruitment process for a position in the Luxoft Group or client.
Your personal data may be transferred outside of your own jurisdiction or outside EEA (European Economic Area) to other Luxoft Group locations insofar as reasonably necessary for the purposes set out above. The transfer is governed by corporate Standard contractual clauses adopted by all companies of Luxoft Group. Your personal data will be kept for unlimited period of time (or until the consent is revoked), unless otherwise prescribed by applicable legal requirements and presuming that it is necessary for the purpose of processing.
You have the right of access and correct the collected data, to restrict and object to the data processing, the right to lodge a complaint with a supervisory authority. If you do not wish us to use the information any longer which has been provided to us, please e-mail us at GlobalDataProtectionOffice@luxoft.com with the subject heading "Don't use my data" with your name inserted inside.
Please note, that we will use your personal data, which you provided, to identify you and to award you a referral bonus if applicable.
4.5. Business relations, based on Luxoft legitimate interest, art. 6 para. 1 f GDPR:
- if you are a representative of our current/potential client, vendor, business partner or investor, we may process your full name, contact details, current and previous positions, current and previous companies you represent, activities in relation to sales process, data on our communications with you, content and results of such communications, our internal notes about you, data on your position and publicly available professional information about you to develop and/or maintain business relations and communications with Luxoft Group, to engage a new business with the company you represent, to provide you with the status/details/other information about our works and services, to organize the approval, processing and signing of contracts, acts, invoices and other contractual documentation, to promote our new products, works and services, to confirm the high level of our works and services, to invite you to the meetings, events and organize them, to comply with Sarbanes-Oxley Act (SOX), economic sanctions and export control list screening, industry watch-lists, industry standards, regulators’ requirements and other requirements related to anti-corruption, fraud prevention and anti-money laundering.
4.6. Corporate and investor relations, based on Luxoft compliance obligations, art. 6 para. 1 c GDPR:
- if you are a current/potential director or top manager of Luxoft Group legal entity, we may process your full name, contact details, position, professional background, education, affiliation, shareholding, conflict of interest, ID/passport data, citizenship, bank details, remuneration, travel details and representative expenses with respect to organize your participation in corporate meetings, events or SOP programs, business travel, to pay your remuneration, to cover related expenses, to maintain our corporate records, to make obligatory public disclosures and reports, to execute auditor’s requests, to present the company and its management during the sale process and to perform other legal obligations. We also may share this information within the Luxoft Group, provide some of this data to banks, share registrar, notary, payroll agencies and legal advisors with the purpose of opening of corporate bank account or other accounts.
- if you are a current/potential shareholder or affiliate of Luxoft Group legal entity, we may process your name, contact details, ID, shareholding account, type and number of shares, number of votes and personal data of your representative to organize your participation in corporate meetings and events, to provide you with the meetings’ materials and our reports, to support you in execution of your shareholder’s rights, to make obligatory public disclosures and reports, to execute auditor’s requests and to perform other legal obligations, including anti-money laundering requirements (disclosure of beneficiaries).
4.7. Security, based on Luxoft legitimate interest, art. 6 para. 1 f GDPR:
- if you are a visitor of this website, we may process the personal data you uploaded, data automatically collected about you or your device in accordance with this Privacy Notice, for example by way of cookies, web beacons, to keep this website secure, prevent fraud, protect rights and interests of Luxoft Group and third parties, protect IP rights. This information may be disclosed for the purpose of investigation or legal prosecution.
- if you are a visitor of our office, we may process your full name, ID, time of entrance-exit, time spent at the office, CCTV records and the name of person, invited you, to monitor physical access and to ensure security in our office, to prevent, detect and investigate any crime, misconduct, incident or accident. This information may be disclosed to third parties for the purpose of investigation, legal prosecution or for insurance purposes.
4.8. Merger & acquisition, integration process, based on Luxoft legitimate interest, art. 6 para. 1 f GDPR:
- if you are an employee, candidate, manager, shareholder, investor, business partner of a company we intend to buy or already bought, we may process your personal data for the same purposes and on the same legal basis as this target company did. We will provide you with the specific privacy notice or will request a consent if necessary.
- other purposes for which we will provide you with an individual Privacy Notice.
You may withdraw your consent at any time with effect for the future. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal. We will not, without your express consent, supply your personal data to any third party for the purpose of their or any other third party's direct marketing.
Personal data that we are processing based on your consent will be kept during unlimited period of time (or until the consent is revoked), unless otherwise prescribed or permitted by applicable law. If have revoked your consent, we will store only minimum data about you (full name, contact details, our references and notes) to the extent justified based on another legal ground, such as legitimate interest.
The Luxoft Group is an international group of companies. Information we collect from you will be processed in EEA and outside EEA depending on the purpose of processing. The Luxoft Group endeavors to apply suitable safeguards to protect the privacy and security of your personal data during the transfer and to use it only consistent with your relationship with the Luxoft Group and the practices described in this Privacy Notice. The Luxoft Group also minimizes the risk to your rights and freedoms by not collecting or storing sensitive information about you.
To the extent permitted by applicable data protection laws, your personal data may be transferred between various locations of Luxoft Group insofar as reasonably necessary for the purposes set out in this Privacy Notice and within the scope of legitimate interest of Luxoft Group. In any case they are processed under the terms of Standard contractual clauses and Binding corporate rules adopted by all companies of Luxoft Group.
To the extent permitted by applicable data protection laws, we may disclose your personal data to some of our clients (for business engagement or to confirm the high level of skills of our team members), auditors, agencies, supervisory authorities or to other external service providers on “need to know basis” to perform our contractual obligations. We will clearly indicate for you each data recipient if it is well known at the time of the beginning of the processing.
We may also disclose your personal data:
- to the extent that we are required to do so by law;
- in connection with any ongoing or prospective legal proceedings;
- in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
The European Union’s General Data Protection Regulation and other countries’ privacy laws provide certain rights for data subjects.
You have a right to access and correct (rectify) the record of your personal data maintained by the Luxoft Group if it is inaccurate. You may request that the Luxoft Group erase that data or cease processing it, subject to certain exceptions. You may also request that the Luxoft Group cease using your data for direct marketing purposes. You have a right to lodge a complaint with the data protection authority if you have concerns about how the Luxoft Group processes your personal data. When technically feasible, the Luxoft Group will—at your request—provide your personal data to you or transmit it directly to another controller.
If access cannot be provided within a reasonable time frame, the Luxoft Group will provide you with a date when the information will be provided.
You may also request additional information about: the purpose of the processing; the categories of personal data concerned; who else outside the Luxoft Group might have received the data from Luxoft Group; what the source of the information was; and how long it will be stored.
If you wish to execute any of these rights, please contact our Data protection officer at GlobalDataProtectionOffice@luxoft.com. at any time.
WARNING! Please exercise your rights wisely and note that abuse of rights may entail your liability.
Your personal data is stored by the Luxoft Group on its servers, and on the servers of the cloud-based database management services the Luxoft Group engages.
Personal data that we are processing based on your consent will be kept for unlimited period of time (or until the consent is revoked), unless otherwise prescribed by applicable legal requirements and presuming that it is necessary for the purpose of processing.
If you didn’t provide us with your consent onto data processing or revoked the consent, we will store only minimum data about you (full name, contact details, our references and notes) for the statistic and reporting purposes or to the extent justified based on another legal ground, such as our legitimate interest.
Notwithstanding the other provisions of this Section, we will retain information and documents (including electronic documents) containing personal data:
- to the extent that we are required to do so by law
- if the information/documents are relevant to any ongoing or prospective legal proceedings; and
- in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
To help protect the privacy of data and personally identifiable information you transmit through use of this website, we maintain physical, technical and administrative safeguards.
We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees who need to know that information to provide benefits or services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information.
If any personal data leak occurs we will do everything to eliminate it and to assess a level of risk connected with the leak according to our Personal data breach policy. If it turns out the leak may lead to physical, material or non-material damage for you (e.g. discrimination, identity theft, fraud or financial loss) we will contact you without undue delay unless the law provides otherwise. All our steps will be taken in full cooperation with competent supervising authority.
We may update this Privacy Notice from time to time by publishing a new version on this website.
This website may include hyperlinks to, and details of third party websites. We have no control over, and we are not responsible for, the privacy policies and practices of third parties.
Cookies and web beacons
Cookies are pieces of data that a website transfers to a user's hard drive for record-keeping purposes. The identifier is then sent back to the server each time the browser requests a page from the server.
Web beacons are transparent pixel images that are used in collecting information about website usage, e-mail response and tracking.
Cookies can be used by web servers to identify users as they navigate different pages on a website and identify users returning to a website.
Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal data that we store about you may be linked to the information stored in and obtained from cookies.
The Luxoft Group has a marketing database management program which uses a cookie to analyze visitors’ interaction with various marketing messages like marketing emails or website marketing-based landing page. This cookie collects personal information including a user’s name, pages visited, how the website is accessed, a user’s purchases from the website, etc. This information is necessary to understand if our marketing campaigns are effective. You can configure your browser to disable these cookies.
A persistent auto-login cookie is also stored when you select the "remember me" option when logging in. The auto-login cookie is removed if you log out.
Most browsers allow you to refuse to accept cookies; for example:
- in Internet Explorer you can block cookies using the cookie handling override settings available by clicking "Tools", "Internet Options", "Privacy" and then "Advanced";
- in Firefox you can block all cookies by clicking "Tools", "Options", "Privacy", selecting "Use custom settings for history" from the drop-down menu, and unticking "Accept cookies from sites"; and
- in Chrome, you can block all cookies by accessing the "Customize and control" menu, and clicking "Settings", "Show advanced settings" and "Content settings", and then selecting "Block sites from setting any data" under the "Cookies" heading.
- in Safari you can block cookies by clicking “Preferences” and then “Privacy”, selecting option “Always block”
Depending on the version of a browser that you use the way of blocking may vary. If it turns out that the description placed above does not match to your browser, please try to check the relevant instructions online.
Blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, you will not be able to use all the features on this website.
You can delete cookies already stored on your computer; for example:
- in Internet Explorer, you must manually delete cookie files (you can find instructions for doing so at http://windows.microsoft.com/en-gb/internet-explorer/delete-manage-cookies;
- in Firefox, you can delete cookies by clicking "Tools", "Options" and "Privacy", then selecting "Use custom settings for history" from the drop-down menu, clicking "Show Cookies", and then clicking "Remove All Cookies"; and
- in Chrome, you can delete all cookies by accessing the "Customize and control" menu, and clicking "Settings", "Show advanced settings" or “Advanced” and "Clear browsing data", and then selecting "Cookies and other site and plug-in data" before clicking "Clear browsing data".
No data transmissions over the Internet can be guaranteed to be 100 percent secure. Consequently, we cannot ensure or warrant the security of any information you transmit to us and you understand that any information that you transfer to Luxoft Group is done at your own risk. However, Luxoft Group uses website security measures consistent with current best practices to protect its website, email and mailing lists. These measures include technical, procedural, monitoring and tracking steps intended to safeguard data from misuse, unauthorized access or disclosure, loss, alteration or destruction.
We realize there can be incidents of misuse or unauthorized program incursions, as almost every website, service and user encounters. In those instances, our goals are to move quickly to isolate the problem, ensure or restore proper functionality and minimize any inconvenience to our users. As appropriate and necessary, Luxoft Group will notify the relevant authorities of these incidents of misuse or unauthorized program incursions of the Luxoft Group website.
If you have any questions regarding your personal information, want to execute your rights or you have concerns or complaints, please contact us by sending an email to our Global Data Protection Officer at GlobalDataProtectionOffice@luxoft.com.
If you wish that we do not use the information you provided to us, please drop us an e-mail to GlobalDataProtectionOffice@luxoft.com with "Don't use my data" title and your name inside.
In order to update or correct your personal data please contact Global Data Protection Officer by sending a message to GlobalDataProtectionOffice@luxoft.com.