Privacy Policy

1. Introduction

This Privacy Policy (hereinafter referred to as the "Policy") outlines the principles governing the collection, processing, storage, and protection of personal data of individuals who use the services of Webiz International LLC. It also defines the rights of data subjects and how they can exercise their rights in accordance with applicable data protection laws.
By accessing or using the Webiz International LLC website, you confirm that you have read and understood this Policy and agree to its terms. This Policy forms an integral part of the Terms of Service and applies to all interactions with our platform.
The company ensures compliance with the Constitution of Georgia, the Law of Georgia on Personal Data Protection, and other relevant national and international regulations such as the General Data Protection Regulation (GDPR) where applicable.

2. Purpose Of Data Processing

We process personal data for the following purposes:

• To provide, manage, and improve our recruitment services.
• To verify user identities and ensure platform security.
• To comply with legal obligations and regulatory requirements.
• To conduct analytics and research to improve user experience.
• To send marketing communications (with user consent).
• To provide customer support and process inquiries.

3. Categories Of Personal Data

This Privacy Policy (hereinafter referred to as the "Policy") outlines the principles governing the collection, processing, storage, and protection of personal data of individuals who use the services of Webiz International LLC. It also defines the rights of data subjects and how they can exercise their rights in accordance with applicable data protection laws.
By accessing or using the Webiz International LLC website, you confirm that you have read and understood this Policy and agree to its terms. This Policy forms an integral part of the Terms of Service and applies to all interactions with our platform.
The company ensures compliance with the Constitution of Georgia, the Law of Georgia on Personal Data Protection, and other relevant national and international regulations such as the General Data Protection Regulation (GDPR) where applicable.

4. Definitions Of Terms

The terms in this document are defined in accordance with the Georgian Law on "Personal Data
Protection."

5. Legal Basis For Data Processing

The company processes information to fulfill its obligations. Its activities fully comply with Georgian law and international standards, ensuring personal data processing based on the subject’s consent and/or service requirements.

• User Consent (voluntary agreement of the data subject).
• Contractual Necessity (to fulfill agreements with users)
• Legal Compliance (to meet legal obligations and regulatory requirements).
• Legitimate Interests (to improve our services and maintain platform security).

The company processes data without restrictions using automated, semi-automated, or manual methods. This includes collecting, recording, photographing, audio/video recording, organizing, storing, modifying, retrieving, using, disclosing, transferring, distributing, grouping, blocking, deleting, or destroying data, whether obtained from the data subject or third parties.

6. Data Retention Policy

6.1 The company processes data lawfully, fairly, transparently, and with respect for the data subject’s dignity.
6.2 Data is collected for specific, clearly defined, and legitimate purposes and processed only
to the extent necessary to achieve those purposes.
6.3 Collected and stored data will be accurate, up-to-date, and corrected, deleted, or
destroyed without undue delay if found inaccurate.
6.4 Data is retained only as long as necessary for its legitimate purpose. Once that purpose is fulfilled, data is deleted, destroyed, or anonymized unless required by law for overriding public interest reasons.
6.5 The company guarantees data security by implementing technical and organizational measures to prevent unauthorized or unlawful processing, accidental loss, destruction, or damage.

7. International Data Transfers

We may store or process user data outside of Georgia,  namely  in the EU. Transfers are conducted in accordance with applicable legal frameworks such as Standard Contractual Clauses (SCCs) under GDPR where applicable.

8. International Data Transfers

Our platform utilizes AI-driven algorithms to match candidates with job opportunities. Users
may request a manual review of AI-based decisions that impact their job applications.

9. Processing of Minor’s Data

The company’s services are not intended for minors.

10. Processing of Deceased Person’s Data

Data of deceased individuals is processed solely for fulfilling contractual obligations and protecting the company’s contractual rights/interests, in compliance with the Georgian Law on Personal Data Protection.

11. Third-Party Data Sharing

We share personal data to fulfill legal obligations, protect legitimate interests, and ensure the proper provision of services, based on the context and purposes of data processing to the following parties:

• The data subject’s representative/legal representative.
• Contracting parties;
• Entities as required by law.
• Third parties for service purposes, such as auditors, research organizations, IT service providers (e.g., cloud infrastructure services), or other similar entities.
• Financial institutions (e.g., banks, intermediary banks for international transfers, investors, Visa, Mastercard, etc.);
• Other third parties based on the data subject’s consent.

12. Sources of Data Collection

We obtain personal data from the following sources:

• When an individual becomes a user of the company’s services/products;
• When an individual applies for a job vacancy within the company;
• When an individual becomes an employee of the company;
• When an individual enters into an employment or other contractual agreement with the company;
• When an individual uses the company’s products and services;
• During telephone communications;
• When an individual visits the company’s website;
• When an individual sends letters via mail or email;
• From publicly/openly/legally accessible databases, directories, and online sources;
• When an individual attends an event organized by the company.

13. Processing of Data for Direct Marketing

13.1 The company is authorized to conduct marketing activities only with the data subject’s consent. This includes sending marketing offers via phone calls, emails, text messages, voice messages, or other telecommunication methods, as well as direct communication regarding services, products, or promotional requests.

13.2 The data subject has the right to request the cessation of their data processing for direct marketing purposes at any time. The company must comply with this request within five (5) business days.

13.3 Personal data processed for direct marketing purposes is retained for the duration of the marketing campaign, starting from the data subject’s consent.

13.4 The company may process personal data for marketing purposes until the data subject withdraws their consent.

14. Cookies & Automated Tracking

14.1 When using the website, the company processes technical information, which may include the user’s computer IP address, browser type and version, pages visited, visit time and date, time spent on pages, unique device identifiers, and other diagnostic data.

14.2 To continuously improve service quality and user experience, the company collects cookies from website visitors.

14.3 The data subject has the option to accept or decline the use of cookies.

15. User Rights

The law grants data subjects the following rights, which may only be restricted in cases provided by law:

• Right to Information and Data Copy – You have the right to be informed about the collection and use of your personal data. Upon request, the company must provide details on which personal data is processed, for what purpose, how it is collected, storage duration, and who it is shared with.
• Right to Rectification, Update, and Completion – If your personal data processed by the company is incorrect, incomplete, or inaccurate, you may request correction, updating, or completion by providing the necessary information.
• Right to Erasure (Deletion) or Termination of Processing – You have the right to request the termination, deletion, or destruction of your personal data.
• Right to Restriction (Blocking) of Processing – You can request data processing restrictions when the accuracy of personal data is disputed or if you request its termination, deletion, or destruction. The company will review the request within a maximum of 10 business days and, if no legal basis for further processing exists, it will comply.
• Right to Withdraw Consent – You may withdraw your consent at any time unless it conflicts with legal requirements. Note that withdrawal does not affect processing carried out before the withdrawal. Additionally, withdrawing consent may limit the company’s ability to provide full services.

16. Obligations of Data Processors, Controllers, and Co-Processors

16.1 Implement appropriate technical and organizational measures to protect personal data from accidental or unlawful destruction, alteration, disclosure, unauthorized access, damage, or loss.
16.2 Restrict access to personal data only to employees fulfilling contractual rights and obligations and who are bound by confidentiality, even after their employment ends.
16.3 Process personal data in compliance with cooperation agreements and legal requirements.
16.4 Maintain records of data processing activities in electronic and/or physical form.

17. Procedure for Exercising Data Subjects’ Rights

17.1 Data subjects can exercise their rights by submitting a written request to the company, as the data processor, including via email at info@webiz.com. The request must be in writing and clearly state the subject’s demand.
17.2 Authorized company representatives are required to respond to the data subject’s request promptly, in accordance with Georgian law.

18. Video & Audio Monitoring

18.1 The company conducts video surveillance of the building’s interior perimeter. Data subjects must be informed about the monitoring through their direct supervisor or via informational/warning signs or banners.
18.2 The purpose of video surveillance is to ensure the security of data subjects and the protection of confidential information, in full compliance with the Personal Data Protection Law.
18.3 Audio monitoring is conducted in accordance with the Georgian Law on Personal Data Protection, serving as a necessary and proportionate measure to achieve legitimate objectives.
18.4 Audio monitoring is implemented during the provision of services by Webiz International LTD, including online interviews.

19. Corporate Email & Communication Monitoring

Work email is monitored to prevent unauthorized disclosure of confidential information to third parties. Employees are required not to use work email for personal purposes or non-work-related correspondence. All employees must be informed about this monitoring. Additionally, employees have the right to request information regarding the monitoring of their work email.

20. Incident Response Policy

The company’s authorized representative must immediately record any detected incident, its impact, and the measures taken. If the incident poses a significant risk, they must notify the Personal Data Protection Office in writing or electronically within 72 hours of discovery. Notification is not required if the incident is unlikely to cause substantial harm or pose a serious threat to fundamental rights and freedoms.

21. Other Terms

21.1 Any rules and procedures not covered by this policy are regulated in accordance with Georgian legislation.
21.2 This policy must be accessible to all company employees for awareness and enforcement purposes.
21.3 The policy document will be reviewed as needed, but at least once a year or in the event of significant changes in personal data protection regulations.

22. Contact Us

For inquiries regarding this Privacy Policy, please contact us:

• Address: 2 Gudiashvili St., Paragraph Hotel Building, 3rd Floor, Georgia
• Email: info@webiz.com