zartis logo grey

Customer Privacy Policy

The ZARTIS group respects your privacy and is committed to protecting your personal information.

The ZARTIS group consists of:

  • Assemblypoint Limited, an Irish company registered in the CRO under number 476271, and corporate address at 12 South Mall, Cork, Ireland (parent company).
  • Zartis Spain SLU, a Spanish company with NIF B87685582, and corporate address at Calle Goya 83, 5 Derecha, 28001, Madrid, Spain.
  • Big Data Works SLU, a Spanish company with NIF ESB88044722, and corporate address at Calle Goya 83, 5 Derecha, 28001, Madrid, Spain.
  • Zartis Outsourcing SL, a Spanish company with NIF ESB88044714, and corporate address at Calle Goya 83, 5 Derecha, 28001, Madrid, Spain.
  • Zartis GmbH, a German company DE313019262, and corporate address at Schönhauser Allee 163, 10435 Berlin, Germany.
  • Zartis Unipessoal Lda, a Portuguese company PT516198084, and corporate address at Rua dos Lusíadas – Edf Alcantara Palace N9 R/C FTE, 1300-365, Lisbon, Portugal.
  • Zartis UK Limited, a British company with company number 11207666, and corporate address at Kemp House,  160 City Road,  London, EC1V 2NX, United Kingdom.
  • Zartis Crt Limited d.o.o, a Croatian company 81555309, and corporate address at Zagreb (Grad Zagreb) Radnička cesta 80, Croatia.
  • Zartis Czech Republic SRO, a Czech company CZ09764518, and corporate address at Školská 689/20, 110 00 Nové Město, Prague, Czech Republic.

 

This policy explains:

  • What information we collect when you engage with ZARTIS for consulting services (not including our website).
  • How we use that information.
  • Your rights regarding your data.

Information collected

We collect information you provide to us during the course of our engagement, such as:

  • Contact information (name, email, phone number)
  • Information relevant to your project (with your permission)

 

Lawful basis for data processing

Generally, for the purpose of customer-related work we will rely on the following lawful bases depending on the specific situation:

  1. GDPR Article 6.1.b – processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract. (Contract)
  2. GDPR Article 6.1.f – processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party. (Legitimate Interests)

 

We are unlikely to rely on other lawful bases when processing your data to execute our service contract with you, the customer. Where other lawful bases are used, you will be informed. For information regarding interactions you may have with Zartis, such as receiving marketing communications, applying to jobs or engaging with our other content outside of the commercial contract, please refer to our general website privacy policy at https://www.zartis.com/privacy-policy/. 

How do we use your information?

We use your information to:

  • Prepare and deliver project proposals.
  • Deliver the software consulting services you requested.
  • Communicate with you about your project.
  • Fulfil our contractual obligations.

We will never sell your information with third parties without your consent. We will share your data with third parties, such as software providers, email providers, subcontractors, etc, for the purpose of providing you with the contracted service. For more information, please refer to ‘Subprocessors’ below.

Your Rights

You have the right to:

  • Access your personal information.
  • Request correction of inaccurate information.
  • Request deletion of your information.
  • Data portability, allowing you to re-use your data across services in certain situations.
  • Be informed about the collection and processing of your personal data.
  • Object to, or restrict, the processing of your information in certain situations.

For any questions or to exercise your rights, please contact us via the email address listed in the Notices section of your contract. You may also contact us at dataprotection@zartis.com if you have any questions.

We will handle any request to exercise your rights following the applicable laws, but please note that these rights may not be absolute. The Zartis group may refuse or deny a request in accordance with applicable rules.

You may resort to the competent supervisory authority to file a complaint regarding your personal data processing, though we would appreciate the chance to rectify any issue you have directly.

Subprocessors

To support the delivery of our core services, including AI-powered solutions (such as AI agents), Zartis may engage third-party service providers (“subprocessors”) to process personal data on our behalf. These subprocessors assist with functions such as cloud hosting, communication tools, software development, and data analytics.

Zartis ensures that any subprocessors engaged are contractually bound by appropriate data processing agreements. These agreements require subprocessors to maintain confidentiality, implement appropriate security measures, and process personal data only in accordance with applicable data protection regulations, including the GDPR.

We maintain a current list of our subprocessors, which is available at: https://go.zartis.com/hubfs/Subprocessors.pdf

Customers will be notified in advance of any intended changes to our subprocessors, such as additions or replacements. Notifications will be provided via email or through updates on our website.

The categories of subprocessors we rely on to provide our services include:
Software companies that enable us to deliver and improve our services and solutions (including marketing communications, customer relationship management, application tracking, and AI-powered functionalities such as language models and content generation)
Hosting providers and cloud infrastructure services
Communication and analytics platforms
Payment service providers
Professional services firms (such as legal or tax advisors)
Public authorities, where legally required

Some subprocessors may be located outside the European Union. In such cases, Zartis relies on safeguards under GDPR Article 46 or applicable derogations under Article 49. Where possible, Zartis partners with EU or US-based providers certified under the EU-US Data Privacy Framework.

Zartis is part of a group of controlled undertakings. In line with GDPR Art. 4.19 and Recitals 37 and 48, we may share certain personal data within the Zartis group where there is a legitimate interest and such sharing is necessary for service delivery. Any internal data sharing is limited in scope and conducted in line with this Privacy Policy. You will be notified if data sharing within the group is applicable to your engagement.

For any questions about subprocessors or data transfers, please contact us at: dataprotection@zartis.com.

Additional Information

We maintain industry-standard security measures to protect your data. Zartis is ISO 27001 certified.

We are committed to transparency and building trust with our clients. If you have any questions about this policy, please don’t hesitate to ask.

 
 

Feel free to access further information on how we collect date online through our cookies policy.

Together, we create.

Talk to our experts
Team Augmentation
Tech Consulting
Custom Solutions
Industries
Company
Insights
CSR
Contact
Linkedin Instagram
iso 27001 certified software services company, Zartis

© 2024 Zartis – Team augmentation and technology consulting services. Legal Disclaimer | EU Whistleblower Protection Privacy Policy | Cookies Policy.

 
;