Skip to main content
NEW: Phrase Quality Performance Score – a game changer in automation. TAKE A LOOK

Phrase

Privacy policy

Privacy Notice for Clients and Users

Phrase a.s., with its registered office at Václavské náměstí 2132/47, 110 00 Prague 1, Czech Republic and Phrase GmbH, with its registered office at ABC-Straße 4, 20354 Hamburg, Germany (both together as “we” or “us” or “our”) act as joint controllers of the processing of your personal data. This privacy notice describes how your personal data is processed and for what purposes.

What personal data do we collect about you?

We collect the following personal data in connection with your relationship with us or your relationship with our clients: your name and surname, job title, name of your organization, user name, email address, phone number, Phrase ID, billing address and bank account details, password, VAT number, information from your LinkedIn profile, information about your participation in conferences, information about our historic interaction with you or your organization, IP address of the device, type of Internet browser you use to connect to use our services (ie the Phrase Solution) and if applicable, other information about your device, information about the use of Phrase Solution  by you or your organization and information about opportunities for further sale of our products to you or your organization.

While we do not primarily focus on processing of personal data uploaded to the Phrase Solution, we recognize that our clients and users have the ability to upload any content to the Phrase Solution. We do not have control over whether any personal data or what kinds of personal data are uploaded within such content, as this depends solely upon the decision of our clients and users. Beside processing the uploaded content (including the personal data contained within) in order to provide our services to our clients, we, in some cases, also use the content (including the personal data contained within), for our own purposes, primarily to enhance and maintain Phrase products and service offerings, including data processing for the purposes of machine learning as described below.

How do we obtain your personal data?

Your personal data can be:

  • Obtained directly from you or from your organization, such as your name, surname, and contact details.
  • Included in the content you or our clients and users upload to, or create, generate, or translate within the Phrase Solution.
  • Created in the course of our relationship with you or your organization, such as information about our interaction with you.
  • Collected from public sources such as your LinkedIn profile.

How do we use your personal data?

Your personal data will be processed for the following purposes:

  • To enable you or your organization to use Phrase Solution and to enhance its functionality
  • To maintain our business relationship with you or your organization
  • Our internal reporting and archiving
  • To ensure network and information security
  • To analyze and understand how Phrase Solution is being used and to enhance its functionality
  • To provide you or your organization with business proposals

We also use the content (which may include personal data) uploaded by our users and clients to enhance and maintain Phrase products and service offerings. This includes using the content for machine learning of our models, where we train our models based on uploaded data for various purposes, such as training to choose the best machine translation service, to provide an estimated quality assessment score for particular machine translation tasks or to train the model for specific needs of our clients. While the machine learning may involve processing of personal data as such (if there is any personal data uploaded in the content), it focuses on enhancement of translations provided under Phrase Solution and not on analysis of personal data. For more information on machine learning visit the Artificial Intelligence and Machine Learning FAQ.

On what legal basis do we use your personal data?

We use your personal data on the following basis:

  • Processing your personal data to enable your use of Phrase Solution  (for example, your identification data for administration of the account or for billing purposes) is necessary so that we can perform the services set out in the contract we have established with you or your organization (Article 6 (1) b) GDPR).
  • Processing of your personal data to comply with our legal obligations (Article 6 (1) c) GDPR), e.g. obligation to archive accounting documents.
  • Processing of your personal data for other purposes listed in Section “How do we use your personal data?” is based on our legitimate interest (Article 6 (1) f) GDPR) as processing of personal data for these purposes: (i) to help us to maintain a productive business relationship with you or your organization, (ii) to improve our ability to understand business needs of you or your organization; (iii) to improve and enhance our services; and (iv) to ensure network and information security. 

How long will we keep your personal data?

If you are a user, i.e. an employee, contractor or other person acting on behalf of your organization having a user account, we will always keep your personal data for the period for which you will be using our services. We will also keep your personal data where required by law or where we need to do so in connection with potential or actual legal action, or an investigation involving Phrase a.s. or Phrase GmbH.

We will also delete your user data automatically if your user account is considered inactive, within the meaning that your user account no longer contains any jobs, projects, translation memories, term bases or other content.

If you are acting on behalf of your organization, but you do not have a user account, your personal data will be held until you opt-out or until two years have passed since your last active communication with us.

With whom do we share your personal data?

Your personal data will be accessible to our employees, as well as to authorized employees of our suppliers which provide us with a variety of essential services. In particular, your data will be accessible to our most important suppliers (including our suppliers of software / platforms and cloud service providers), such as Amazon.com, Inc. (our server provider), Zendesk, Inc. (our tech support platform provider), Snowflake Inc. (our data warehouse and trend and usage analyses provider), Mixpanel Inc. (our main product data analytics tool), Salesforce, Inc. (our customer relationship management software provider), Chargebee, Inc. (our billing platform provider), Stripe, Inc. (our payment processing software provider), Gainsight, Inc. (our customer success software provider), Google LLC (our email and document storage provider), HubSpot, Inc. (our main marketing tool), or any additional or replacement suppliers we may appoint from time to time who provide us with various services.

Your personal data may also be shared with other recipients, such as government authorities or other subjects where we have a valid legal title under the GDPR to share your personal data (for example, in certain cases when deemed reasonable, we can share details on your logs to the Phrase Solution to comply with our security measures).

Transfers of your personal data outside of your home country

Your personal data may be transferred to countries outside the European Economic Area. These countries include: The USA, Canada, and Japan. 

When transferring personal data to third countries outside the European Economic Area, we will rely (i) either on adequacy decisions of the European Commission under Article 45 of the GDPR (where the European Commission recognizes that a third country ensures a level of protection adequate to the GDPR) or (ii) on standard contractual clauses agreed with the parties with which we share the data internationally.

The countries recognized by the European Commission as having an adequate level of protection can be found on the webpages of the European Commission here, and include, among others, also the USA (when sharing personal data with commercial organizations participating in the EU-US Data Privacy Framework), Japan (when sharing personal data with private sector organizations) and Canada (when sharing personal data with specific federally regulated organizations). 

Where we cannot rely on an adequacy decision (in particular the EU-U.S. Data Privacy Framework, the adequacy decision on data transfer to United Kingdom, the adequacy decision on data transfer to Canada, and the adequacy decision on data transfer to Japan), we will rely on data transfer agreements based on model standard contractual clauses approved by the European Commission to ensure that the persons to whom we transfer data in those countries commit to ensure an adequate level of protection for your personal data. You can find more information about data transfer agreements here.

Protecting your personal data

We may share your personal data with other recipients (in particular, our suppliers) under a written agreement which commits such recipients to appropriate safeguards in relation to handling of your personal data (including in relation to maintaining confidentiality of your personal data and implementing appropriate technical and organizational security measures).

We will take appropriate legal, organizational and technical measures to protect your personal data consistent with applicable privacy and data security laws.

We do not sell your personal data to any third parties.

Your rights

You are entitled to:

Request access to processing information

You have the legal right to request information at any time about whether we are processing your personal data. If this is the case, you have the right to be informed about the extent to which your personal data is being processed as well as to be provided with a copy of your personal data. Where the personal data is transferred to third countries, you also have the right to be informed of the appropriate safeguards implemented by us in relation to the transfers.

Request the correction and/or deletion of your personal data

You have the right to obtain the rectification of inaccurate personal data concerning you and/or to have incomplete personal data completed. In certain circumstances you have the right to erasure of the personal data concerning you without undue delay. The right to erasure does not apply, in particular, if processing is necessary to comply with legal obligations.

Object to the processing of your personal data

You have the right to object at any time to the processing of your personal data that is based on legitimate interest. We will no longer process personal data unless we can demonstrate legitimate grounds for the processing which override the interests, rights and freedoms of you as data subject or for the establishment, exercise or defense of legal claims.

Request the restriction of the processing of your personal data

You have the right to request the restriction of the processing of your personal data where (i) you have contested its accuracy for a period enabling us to verify the accuracy of such personal data, (ii) if the processing is deemed unlawful and you will oppose the erasure of personal data and request the restriction of processing instead, (iii) we no longer need the personal data for the purposes of processing but it is required by you for the establishment, exercise or defense of legal claims or (iv) where you objected to the processing of your personal data (as above) pending verification whether our legitimate grounds override those of you.

Request receipt or transmission to another organization, in a machine-readable form, of the personal data that you have provided to us

You have the right to transmit your personal data to another company in a safe and secure way without hindrance to usability in cases where the processing is based on performance of contract and the processing is carried out by automatic means.

Complain to your local data protection authority, or to a court of law, if you consider that the processing of personal data relating to you infringes the applicable data protection laws.

You may be entitled to claim compensation for damages or distress incurred or suffered in consequence of unlawful processing of your personal data.

You are not required by law to provide your personal data to us, however, if you don’t, then we may not be able to provide you or your organization with our service. If you object to the processing of your personal data, we will respect that choice in accordance with our legal obligations. Depending on the scope of your request, this could mean that we will not be able to provide you or your organization with our service.

If you would like to exercise any of your rights, please let us know by getting in touch using the contact details below.

Contact Us

If you have questions or requests regarding the processing of your personal data or require additional information, please contact: privacy@phrase.com.

Privacy Notice for Marketing Communication

Phrase a.s., with its registered office at Václavské náměstí 2132/47, 110 00 Prague 1, Czech Republic, and Phrase GmbH, with its registered office at ABC-Straße 4, 20354 Hamburg, Germany (both together as “we” or “us” or “our”) act as joint controllers of the processing of your personal data. This privacy notice describes how your personal data is processed and for what purposes.

What personal data do we collect about you?

We only collect and process your personal data in compliance with the provisions of the EU General Data Protection Regulation (“GDPR“) and other provisions of European data protection law.  This data includes your name and surname, job title, name of your organization, email address, phone number, country of your location, languages you speak, and identification of your social media account.

How do we obtain your personal data?

We obtain your personal data either directly from you or from public sources such as your LinkedIn profile.

How do we use your personal data?

Your personal data will be processed for marketing purposes, including sending you marketing materials about us and our services and products by email.

On what legal basis do we use your personal data?

We use your personal data on the following basis:

  • If you are not our former or existing client our processing of your personal data is legitimate if you have given your consent as stipulated in Article 6 (1) a) GDPR.
  • If you are our former, prospecting or existing client then processing of your personal data is based on our legitimate interest in accordance with Article 6 (1) f) GDPR, as it helps our business to offer you new products and services, and provide you with some other information about us that you may find interesting.

How long will we keep your personal data?

We will always keep your personal data for the period for which we maintain an active interaction with you or your organization. We will also keep your personal data where required by law or where we need to do so in connection with potential or actual legal action, or an investigation involving us. Otherwise, data will be held until you opt out,  until you do not engage with us for more than two years, or until they are no longer subject to contractual or legal retention obligations.

With whom do we share your personal data?

Your personal data will be accessible to our employees, as well as to authorized employees of our suppliers which provide us with a variety of essential services. In particular, your data will be accessible to our most important suppliers (including our suppliers of software/platforms and cloud service providers), such as Salesforce, Inc. (our customer relationship management software provider), Gainsight, Inc. (our customer success software provider), Google LLC (our email and document storage provider), HubSpot, Inc. (our main marketing tool), or any additional or replacement suppliers we may appoint from time to time who provide us with various services.

Your personal data may also be shared with other recipients, such as government authorities or other subjects where we have a valid legal title under the GDPR to share your personal data.

Transfers of your personal data outside of your home country

Your personal data may be transferred to countries outside the European Economic Area.  These countries include: The USA, Canada, and Japan.

When transferring personal data to third countries outside the European Economic Area, we will rely (i) either on adequacy decisions of the European Commission under Article 45 of the GDPR (where the European Commission recognizes that a third country ensures a level of protection adequate to the GDPR) or (ii) on standard contractual clauses agreed with the parties with which we share the data internationally.

The countries recognized by the European Commission as having an adequate level of protection can be found on the webpages of the European Commission here, and include, among others, also the USA (when sharing personal data with commercial organizations participating in the EU-US Data Privacy Framework), Japan (when sharing personal data with private sector organizations) and Canada (when sharing personal data with specific federally regulated organizations). 

Where we cannot rely on an adequacy decision (in particular the EU-U.S. Data Privacy Framework, the adequacy decision on data transfer to United Kingdom, the adequacy decision on data transfer to Canada, and the adequacy decision on data transfer to Japan), we will rely on data transfer agreements based on model standard contractual clauses approved by the European Commission to ensure that the persons to whom we transfer data in those countries commit to ensure an adequate level of protection for your personal data. You can find more information about data transfer agreements here.

Protecting your personal data

We may share your personal data with other recipients (in particular, our suppliers) under a written agreement which commits such recipients to appropriate safeguards in relation to handling your personal data (including in relation to maintaining confidentiality of your personal data and implementing appropriate technical and organizational security measures).

We will take appropriate legal, organizational and technical measures to protect your personal data consistent with applicable privacy and data security laws.

We do not sell your personal data to any third parties.

Your rights

You are entitled to:

Request access to processing information

You have the legal right to request information at any time about whether we are processing your personal data. If this is the case, you have the right to be informed about the extent to which your personal data is being processed as well as to be provided with a copy of your personal data. Where the personal data is transferred to third countries, you also have the right to be informed of the appropriate safeguards implemented by us in relation to the transfers.

Request the correction and/or deletion of your personal data

You have the right to obtain the rectification of inaccurate personal data concerning you and/or to have incomplete personal data completed. In certain circumstances, you have the right to erasure of the personal data concerning you without undue delay. The right to erasure does not apply, in particular, if processing is necessary to comply with legal obligations.

Object to the processing of your personal data

You have the right to object at any time to the processing of your personal data that is based on legitimate interest. We will no longer process personal data unless we can demonstrate legitimate grounds for the processing which override the interests, rights and freedoms of you as data subject or for the establishment, exercise or defense of legal claims.

Request the restriction of the processing of your personal data

You have the right to request the restriction of the processing of your personal data where (i) you have contested its accuracy for a period enabling us to verify the accuracy of such personal data, (ii) if the processing is deemed unlawful and you will oppose the erasure of personal data and request the restriction of processing instead, (iii) we no longer need the personal data for the purposes of processing but it is required by you for the establishment, exercise or defense of legal claims or (iv) where you objected to the processing of your personal data (as above) pending verification whether our legitimate grounds override those of you.

Request receipt or transmission to another organization, in a machine-readable form, of the personal data that you have provided to us

You have the right to transmit your personal data to another company in a safe and secure way without hindrance to usability in cases where the processing is based on performance of contract and the processing is carried out by automatic means.

Complain to your local data protection authority, or to a court of law, if you consider that the processing of personal data relating to you infringes the applicable data protection laws.

You may be entitled to claim compensation for damages or distress incurred or suffered in consequence of unlawful processing of your personal data.

You are not required by law to provide your personal data to us, however, if you don’t, then we may not be able to provide you or your organization with our service. If you object to the processing of your personal data, we will respect that choice in accordance with our legal obligations. Depending on the scope of your request, this could mean that we will not be able to provide you or your organization with our service.

If you would like to exercise any of your rights, please let us know by getting in touch using the contact details below.

Contact Us

If you have questions or requests regarding the processing of your personal data, or require additional information, please contact: privacy@phrase.com.

Privacy Notice for Sales Communication

Phrase a.s., with its registered office at Václavské náměstí 2132/47, 110 00 Prague 1, Czech Republic and Phrase GmbH, with its registered office at ABC-Straße 4, 20354 Hamburg, Germany (both together as “we” or “us” or “our”) act as joint controllers of the processing of your personal data. This privacy notice describes how your personal data is processed and for what purposes.

What personal data do we collect about you?

We only collect and process your personal data in compliance with the provisions of the EU General Data Protection Regulation (“GDPR“) and other provisions of European data protection law.  In connection with our potential or actual business cooperation with you or your organisation, we collect personal data such as: your name and surname, job title, name of your organisation, email address, phone number, Skype contact details, Phrase Solution Cloud ID, information from your LinkedIn profile, information about your participation in conferences, information about our historic interaction with you or your organisation, information about the use of the Phrase Solution by you or your organisation, and information about opportunities for further sale of our products to you or your organisation.

How do we obtain your personal data?

Your personal data can be:

  • Obtained directly from you, such as your name, surname, and contact details.
  • Created in the course of our relationship with you or your organisation, such as information about our interaction with you.
  • Collected from public sources such as your LinkedIn profile.

How do we use your personal data?

Your personal data will be processed for the following purposes:

  • To enable you or your organisation to use the Phrase TMS / Strings Cloud or its trial versions.
  • To discuss our potential business relationship with you or your organisation; and, if you or your organisation becomes our client, to maintain the business relationship with you or your organisation.
  • Our internal reporting.
  • To provide you or your organisation with business proposals.
  • For future marketing, including sending to you marketing materials about us and our services and products by email (if applicable).

On what legal basis do we use your personal data?

We use your personal data on the following basis:

  • If you or your organisation becomes our client, then the processing of your personal data for the purpose of use of Phrase Solution is necessary to allow us to perform a contract that we have concluded with you or your organization (Article 6 (1) b) GDPR).
  • Processing of your personal data for other purposes listed in Section “How do we use your personal data?” is based on our legitimate interest  (Article 6 (1) f) GDPR) as processing of personal data for these purposes: (i) to help us to maintain a productive communication and business relationship with you or your organisation, (ii) to improve our ability to understand your business needs and (iii) to improve our services.

How long will we keep your personal data?

We will always keep your personal data for as long as there is a specific purpose for such storage, and for the duration of our business relationship with you or your organisation. We will also keep your personal data where required by law or where we need to do so in connection with  potential or actual legal action or an investigation involving us. Data will be held until you opt-out or until two years have passed since your last active communication with us.

With whom do we share your personal data?

Your personal data will be accessible to our employees, as well as to authorized employees of our suppliers which provide us with a variety of essential services. In particular, your data will be accessible to our most important suppliers (including our suppliers of software / platforms and cloud service providers), such as Amazon.com, Inc. (our server provider), Zendesk, Inc. (our tech support platform provider), Snowflake Inc. (our data warehouse and trend and usage analyses provider), Mixpanel Inc. (our main product data analytics tool), Salesforce, Inc. (our customer relationship management software provider), Chargebee, Inc. (our billing platform provider), Stripe, Inc. (our payment processing software provider), Gainsight, Inc. (our customer success software provider), Google LLC (our email and document storage provider), HubSpot, Inc. (our main marketing tool), or any additional or replacement suppliers we may appoint from time to time who provide us with various services.

Your personal data may also be shared with other recipients, such as government authorities or other subjects where we have a valid legal title under the GDPR to share your personal data.

Transfers of your personal data outside of your home country

Your personal data may be transferred to countries outside the European Economic Area.  These countries include: The USA, Canada, and Japan.

When transferring personal data to third countries outside the European Economic Area, we will rely (i) either on adequacy decisions of the European Commission under Article 45 of the GDPR (where the European Commission recognizes that a third country ensures a level of protection adequate to the GDPR) or (ii) on standard contractual clauses agreed with the parties with which we share the data internationally.

The countries recognized by the European Commission as having an adequate level of protection can be found on the webpages of the European Commission here, and include, among others, also the USA (when sharing personal data with commercial organizations participating in the EU-US Data Privacy Framework), Japan (when sharing personal data with private sector organizations) and Canada (when sharing personal data with specific federally regulated organizations). 

Where we cannot rely on an adequacy decision (in particular the EU-U.S. Data Privacy Framework, the adequacy decision on data transfer to United Kingdom, the adequacy decision on data transfer to Canada, and the adequacy decision on data transfer to Japan), we will rely on data transfer agreements based on model standard contractual clauses approved by the European Commission to ensure that the persons to whom we transfer data in those countries commit to ensure an adequate level of protection for your personal data. You can find more information about data transfer agreements here.

Protecting your personal data

We may share your personal data with other recipients (in particular, our suppliers) under a written agreement which commits such recipients to appropriate safeguards in relation to handling of your personal data (including in relation to maintaining confidentiality of your personal data and implementing appropriate technical and organizational security measures).

We will take appropriate legal, organizational and technical measures to protect your personal data consistent with applicable privacy and data security laws.

We do not sell your personal data to any third parties.

Your rights

You are entitled to:

Request access to processing information

You have the legal right to request information at any time about whether we are processing your personal data. If this is the case, you have the right to be informed about the extent to which your personal data is being processed as well as to be provided with a copy of your personal data. Where the personal data is transferred to third countries, you also have the right to be informed of the appropriate safeguards implemented by us in relation to the transfers.

Request the correction and/or deletion of your personal data

You have the right to obtain the rectification of inaccurate personal data concerning you and/or to have incomplete personal data completed. In certain circumstances you have the right to erasure of the personal data concerning you without undue delay. The right to erasure does not apply, in particular, if processing is necessary to comply with legal obligations.

Object to the processing of your personal data

You have the right to object at any time to the processing of your personal data that is based on legitimate interest. We will no longer process personal data unless we can demonstrate legitimate grounds for the processing which override the interests, rights and freedoms of you as data subject or for the establishment, exercise or defense of legal claims.

Request the restriction of the processing of your personal data

You have the right to request the restriction of the processing of your personal data where (i) you have contested its accuracy for a period enabling us to verify the accuracy of such personal data, (ii) if the processing is deemed unlawful and you will oppose the erasure of personal data and request the restriction of processing instead, (iii) we no longer need the personal data for the purposes of processing but it is required by you for the establishment, exercise or defense of legal claims or (iv) where you objected to the processing of your personal data (as above) pending verification whether our legitimate grounds override those of you.

Request receipt or transmission to another organization, in a machine-readable form, of the personal data that you have provided to us

You have the right to transmit your personal data to another company in a safe and secure way without hindrance to usability in cases where the processing is based on performance of contract and the processing is carried out by automatic means.

Complain to your local data protection authority, or to a court of law, if you consider that the processing of personal data relating to you infringes the applicable data protection laws.

You may be entitled to claim compensation for damages or distress incurred or suffered in consequence of unlawful processing of your personal data.

You are not required by law to provide your personal data to us, however, if you don’t, then we may not be able to provide you or your organization with our service. If you object to the processing of your personal data, we will respect that choice in accordance with our legal obligations. Depending on the scope of your request, this could mean that we will not be able to provide you or your organization with our service.

If you would like to exercise any of your rights, please let us know by getting in touch using the contact details below.

Contact Us

If you have questions or requests regarding the processing of your personal data, or require additional information, please contact: privacy@phrase.com.

Privacy Notice for Candidates

Phrase a.s., with its registered office at Václavské náměstí 2132/47, 110 00 Prague 1, Czech Republic and Phrase GmbH, with its registered office at ABC-Straße 4, 20354 Hamburg, Germany, Phrase Ltd, with its registered office at 73 Cornhill, London EC3V 3QQ, United Kingdom and Phrase Inc., with its registered office at 90 Canal Street, 4th Floor, Boston, Massachusetts, 02114, US ( together as “we” or “us” or “our”) act as joint controllers of the processing of your personal data. This privacy notice describes how your personal data is processed and for what purposes.

What personal data do we collect about you?

In the course of the recruitment process, we collect and generate information about you. We only collect and process your personal data in compliance with the provisions of the EU General Data Protection Regulation (“GDPR“) and other provisions of European data protection law. This information includes mainly personal data provided by you:

  • Your basic information – such as your name (including name prefix or title), gender, age, date of birth, relationship to a person, photograph.
  • Contact information – such as your home address, email address, and phone number(s).
  • Talent Management Information – such as details contained in letters of application and resume/CV, previous employment background, all background checks (including criminal record checks where applicable) education history, professional qualifications, language and other relevant skills, details on performance management ratings and performance appraisals, and all correspondence with us with regard to job applications, including references.

How do we obtain your personal data?

We collect your personal data submitted during our recruitment process, or records obtained when you engage with our company’s People Team.

We may also receive personal data about you from other sources, such as recruitment agencies, healthcare provider directories, and publicly available sources. We combine personal data that we have about you from various sources, including the personal data that you have provided to us.

How do we use your personal data?

Your personal data will be processed for the following purposes:

  • Identifying and evaluating candidates for our positions.
  • Record-keeping related to hiring processes.
  • Analysing the hiring process and outcomes.
  • Conducting background checks, where permitted by law.

On the other hand, we will not:

  • Use your personal data for any other purposes than those described above.
  • Make recruiting or hiring decisions based solely on automated decision-making.
  • Transfer any of your data to any third country or international organization which are not considered to be providing adequate protection of personal data.

On what legal basis do we use your personal data?

We use your personal data on the following basis:

  • Articled 6 (1) a) GDPR: the processing of your personal data is based on your consent to keep your data in our database of candidates.
  • Article 6 (1) b) GDPR: the processing of your personal data is necessary for the conclusion of the employment relationship with you.
  • Article 6 (1) c) GDPR: the processing of your personal data is necessary for compliance with our legal and regulatory obligations.
  • Article 6 (1) f) GDPR, the processing of your personal data is necessary for the purposes of the legitimate interests pursued by us, such as to achieve purposes specified in Section “How do we use your personal data?”

How long will we keep your personal data?

In addition to using your personal data for the position for which you have applied, we may retain and use your personal data to consider you for other positions. If you do not want to be considered for other positions or would like to have your personal data removed, you may contact us as specified below. Unless required for tax or other legal purposes or in connection with employment, we will generally keep your data for a maximum of 6 months.

With whom do we share your personal data?

Your personal data will be accessible to our employees, as well as to authorized employees of our suppliers which provide us with a variety of essential services. In particular, your data will be accessible to our most important suppliers (including our suppliers of software / platforms and cloud service providers), such as Greenhouse Software, Inc. (our main recruiting tool), Personio SE & Co. KG (our HR software provider), LinkedIn Talent Solutions (our recruiting tool provider), or any additional or replacement suppliers we may appoint from time to time who provide us with various services.

Your personal data may also be shared with other recipients, such as government authorities or other subjects where we have a valid legal title under the GDPR to share your personal data.

Transfers of your personal data outside of your home country

Your personal data may be transferred to countries outside the European Economic Area.  These countries include: The USA, Canada, and Japan.

When transferring personal data to third countries outside the European Economic Area, we will rely (i) either on adequacy decisions of the European Commission under Article 45 of the GDPR (where the European Commission recognizes that a third country ensures a level of protection adequate to the GDPR) or (ii) on standard contractual clauses agreed with the parties with which we share the data internationally.

The countries recognized by the European Commission as having an adequate level of protection can be found on the webpages of the European Commission here, and include, among others, also the USA (when sharing personal data with commercial organizations participating in the EU-US Data Privacy Framework), Japan (when sharing personal data with private sector organizations) and Canada (when sharing personal data with specific federally regulated organizations). 

Where we cannot rely on an adequacy decision (in particular the EU-U.S. Data Privacy Framework, the adequacy decision on data transfer to United Kingdom, the adequacy decision on data transfer to Canada, and the adequacy decision on data transfer to Japan), we will rely on data transfer agreements based on model standard contractual clauses approved by the European Commission to ensure that the persons to whom we transfer data in those countries commit to ensure an adequate level of protection for your personal data. You can find more information about data transfer agreements here.

Protecting your personal data

We may share your personal data with other recipients (in particular, our suppliers) under a written agreement which commits such recipients to appropriate safeguards in relation to handling of your personal data (including in relation to maintaining confidentiality of your personal data and implementing appropriate technical and organizational security measures).

We will take appropriate legal, organizational and technical measures to protect your personal data consistent with applicable privacy and data security laws.

We do not sell your personal data to any third parties.

Your rights

You are entitled to:

Request access to processing information

You have the legal right to request information at any time about whether we are processing your personal data. If this is the case, you have the right to be informed about the extent to which your personal data is being processed as well as to be provided with a copy of your personal data. Where the personal data is transferred to third countries, you also have the right to be informed of the appropriate safeguards implemented by us in relation to the transfers.

Request the correction and/or deletion of your personal data

You have the right to obtain the rectification of inaccurate personal data concerning you and/or to have incomplete personal data completed. In certain circumstances you have the right to erasure of the personal data concerning you without undue delay. The right to erasure does not apply, in particular, if processing is necessary to comply with legal obligations.

Object to the processing of your personal data

You have the right to object at any time to the processing of your personal data that is based on legitimate interest. We will no longer process personal data unless we can demonstrate legitimate grounds for the processing which override the interests, rights and freedoms of you as data subject or for the establishment, exercise or defense of legal claims.

Request the restriction of the processing of your personal data

You have the right to request the restriction of the processing of your personal data where (i) you have contested its accuracy for a period enabling us to verify the accuracy of such personal data, (ii) if the processing is deemed unlawful and you will oppose the erasure of personal data and request the restriction of processing instead, (iii) we no longer need the personal data for the purposes of processing but it is required by you for the establishment, exercise or defense of legal claims or (iv) where you objected to the processing of your personal data (as above) pending verification whether our legitimate grounds override those of you.

Request receipt or transmission to another organization, in a machine-readable form, of the personal data that you have provided to us

You have the right to transmit your personal data to another company in a safe and secure way without hindrance to usability in cases where the processing is based on performance of contract and the processing is carried out by automatic means.

Complain to your local data protection authority, or to a court of law, if you consider that the processing of personal data relating to you infringes the applicable data protection laws.

You may be entitled to claim compensation for damages or distress incurred or suffered in consequence of unlawful processing of your personal data.

You are not required by law to provide your personal data to us, however, if you don’t, then we may not be able to provide you or your organization with our service. If you object to the processing of your personal data, we will respect that choice in accordance with our legal obligations. Depending on the scope of your request, this could mean that we will not be able to provide you or your organization with our service.

If you would like to exercise any of your rights, please let us know by getting in touch using the contact details below.

Contact Us

If you have questions or requests regarding the processing of your personal data, or require additional information, please contact: privacy@phrase.com.

Privacy Notice for Participants in the Phrase TMS Certification Program

Phrase a.s., with its registered office at Václavské náměstí 2132/47, 110 00 Prague 1, Czech Republic, and Phrase GmbH, with its registered office at ABC-Straße 4, 20354 Hamburg, Germany (both together as “we” or “us” or “our”) act as joint controllers of the processing of your personal data. This privacy notice describes how your personal data is processed and for what purposes.

What personal data do we collect about you?

We collect the following personal data in connection with your relationship with us: your name and surname, information that you obtained the certification, and e-mail address. This personal data falls under the EU General Data Protection Regulation (“GDPR”) into the category of identifiers, provided that we only collect and process your personal data in compliance with the provisions of the GDPR and other provisions of European data protection law.

Optionally, based on your additional consent, we may also collect the information about your location and your professional position.

How do we obtain your personal data?

Your personal data can be:

  • Obtained directly from you, such as your name, surname, and contact details.
  • Included in the statistics from the course you were enrolled in.

How do we use your personal data?

Your personal data will be processed for the following purposes:

  • To create a list of certified linguists which can be accessed by various language services providers (“LSPs”).
  • To enable you to get approached by such LSP with potential job offers.
  • Our internal reporting.
  • To ensure network and information security and to enhance our services.

On what legal basis do we use your personal data?

We use your personal data on the following basis:

  • Service provision/fulfilment of the contractual obligations (Article 6 (1) b) GDPR).
  • The necessity to comply with our legal obligations (Article 6 (1) c) GDPR), e.g. obligation to archive accounting documents.
  • Our legitimate interest pursuant to Article 6 (1) f) GDPR (i) to help us to maintain a productive business relationship with you, (ii) to improve our ability to understand your business needs; (iii) to improve and enhance our services; and (iv) to ensure network and information security.
  • Your consent under Article 6 (1) a) GDPR, which you gave us upon completing the certification by confirming the relevant checkbox, for the purpose of sharing your personal data with relevant Language Service Providers.

How long will we keep your personal data?

We will always keep your personal data for the period for which you will be using our services while completing the Phrase TMS – Linguist Certification and afterwards for the purpose of maintaining the record that you have completed this certification successfully. We will also keep your personal data where required by law or where we need to do so in connection with potential or actual legal action, or an investigation involving Phrase a.s. or Phrase GmbH.

We will also delete your personal data upon your request.

With whom do we share your personal data?

Your personal data will be accessible to our employees, as well as to authorized employees of our suppliers which provide us with a variety of essential services. In particular, your data will be accessible to our most important suppliers (including our suppliers of software/platforms and cloud service providers), such as Amazon.com, Inc. (our server provider), Salesforce, Inc. (our customer relationship management software provider), Gainsight, Inc. (our customer success software provider), Google LLC (our email and document storage provider), HubSpot, Inc. (our main marketing tool), or any additional or replacement suppliers we may appoint from time to time who provide us with various services.

If you complete the Linguist certification, your personal data will be also accessible to Language Service Providers who are customers of Phrase TMS solely on the basis of your explicitly given consent upon completing the certification.

Your personal data may also be shared with other recipients, such as government authorities or other subjects where we have a valid legal title under the GDPR to share your personal data.

Transfers of your personal data outside of your home country

Your personal data may be transferred to countries outside the European Economic Area.  These countries include: The USA, Canada, and Japan.

When transferring personal data to third countries outside the European Economic Area, we will rely (i) either on adequacy decisions of the European Commission under Article 45 of the GDPR (where the European Commission recognizes that a third country ensures a level of protection adequate to the GDPR) or (ii) on standard contractual clauses agreed with the parties with which we share the data internationally.

The countries recognized by the European Commission as having an adequate level of protection can be found on the webpages of the European Commission here, and include, among others, also the USA (when sharing personal data with commercial organizations participating in the EU-US Data Privacy Framework), Japan (when sharing personal data with private sector organizations) and Canada (when sharing personal data with specific federally regulated organizations). 

Where we cannot rely on an adequacy decision (in particular the EU-U.S. Data Privacy Framework, the adequacy decision on data transfer to United Kingdom, the adequacy decision on data transfer to Canada, and the adequacy decision on data transfer to Japan), we will rely on data transfer agreements based on model standard contractual clauses approved by the European Commission to ensure that the persons to whom we transfer data in those countries commit to ensure an adequate level of protection for your personal data. You can find more information about data transfer agreements here.

Protecting your personal data

We may share your personal data with other recipients (in particular, our suppliers) under a written agreement which commits such recipients to appropriate safeguards in relation to handling your personal data (including in relation to maintaining confidentiality of your personal data and implementing appropriate technical and organizational security measures).

We will take appropriate legal, organizational and technical measures to protect your personal data consistent with applicable privacy and data security laws.

We do not sell your personal data to any third parties.

Your rights

You are entitled to:

Request access to processing information

You have the legal right to request information at any time about whether we are processing your personal data. If this is the case, you have the right to be informed about the extent to which your personal data is being processed as well as to be provided with a copy of your personal data. Where the personal data is transferred to third countries, you also have the right to be informed of the appropriate safeguards implemented by us in relation to the transfers.

Request the correction and/or deletion of your personal data

You have the right to obtain the rectification of inaccurate personal data concerning you and/or to have incomplete personal data completed. In certain circumstances, you have the right to erasure of the personal data concerning you without undue delay. The right to erasure does not apply, in particular, if processing is necessary to comply with legal obligations.

Object to the processing of your personal data

You have the right to object at any time to the processing of your personal data that is based on legitimate interest. We will no longer process personal data unless we can demonstrate legitimate grounds for the processing which override the interests, rights and freedoms of you as data subject or for the establishment, exercise or defense of legal claims.

Request the restriction of the processing of your personal data

You have the right to request the restriction of the processing of your personal data where (i) you have contested its accuracy for a period enabling us to verify the accuracy of such personal data, (ii) if the processing is deemed unlawful and you will oppose the erasure of personal data and request the restriction of processing instead, (iii) we no longer need the personal data for the purposes of processing but it is required by you for the establishment, exercise or defense of legal claims or (iv) where you objected to the processing of your personal data (as above) pending verification whether our legitimate grounds override those of you.

Request receipt or transmission to another organization, in a machine-readable form, of the personal data that you have provided to us

You have the right to transmit your personal data to another company in a safe and secure way without hindrance to usability in cases where the processing is based on performance of contract and the processing is carried out by automatic means.

Complain to your local data protection authority, or to a court of law, if you consider that the processing of personal data relating to you infringes the applicable data protection laws.

You may be entitled to claim compensation for damages or distress incurred or suffered in consequence of unlawful processing of your personal data.

You are not required by law to provide your personal data to us, however, if you don’t, then we may not be able to provide you or your organization with our service. If you object to the processing of your personal data, we will respect that choice in accordance with our legal obligations. Depending on the scope of your request, this could mean that we will not be able to provide you or your organization with our service.

If you would like to exercise any of your rights, please let us know by getting in touch using the contact details below.

Contact Us

If you have questions or requests regarding the processing of your personal data, or require additional information, please contact: privacy@phrase.com.