Privacy policy

Last updated: 16 March 2026 

This Privacy Policy describes how Opticoteam LLC (optico.team) ("optico.team", "we", "our", or "us") collects, uses, stores, transfers, and protects personal data in connection with its Build-Operate-Transfer (BOT) and operated team services. 

optico.team is committed to processing personal data lawfully, fairly, and transparently in accordance with the Law of Georgia on Personal Data Protection (2023) and, where applicable, the General Data Protection Regulation (EU) 2016/679 ("GDPR"), and other applicable data protection regulations. 

1. Scope of This Policy 

This Privacy Policy applies to: 

• Visitors to our website 

• Business clients, partners, and prospects 

• Candidates, consultants, and personnel engaged through our services 

• Any individual whose personal data is processed by optico.team in the course of providing BOT and operated team services 

Where optico.team processes personal data of individuals located in the European Union or European Economic Area ("EU/EEA"), the provisions of the GDPR apply in addition to Georgian data protection law. 

2. Who We Are 

Company Name: Opticoteam LLC (brand: optico.team) Legal Form: Limited Liability Company Registered Address: 41 Zakaria Paliashvili Street, Entrance 1, Tbilisi, Georgia) 

The company provides Build-Operate-Transfer (BOT) and operated team services, including: 

• recruitment and team formation 

• HR administration 

• payroll coordination 

• compliance and operational support 

• management of distributed engineering teams for corporate clients 

For data protection purposes, optico.team acts as: 

Data Controller - for website visitors, prospects, and business contacts. 

Data Processor - when processing personal data on behalf of clients under contractual instructions. 

3. Categories of Personal Data We Process 

3.1 Website Visitors 

• Name 

• Email address 

• Company name 

• IP address 

• Device identifiers 

• Browser information 

• Website usage analytics 

3.2 Business Clients & Partners 

• Name and job title 

• Employer / company name 

• Contact details (email, phone number) 

• Contractual, billing, and communication data 

3.3 Candidates & Consultants 

• Identification data (name, nationality, date of birth where applicable) 

• CVs, education, employment history, qualifications 

• Payroll and compensation data (where applicable) 

• Work authorization, visa, or residency data (where applicable) 

• Assignment, performance, and engagement data 

4. Purposes of Processing 

Personal data may be processed for the following purposes: 

• Responding to inquiries and communications 

• Providing BOT and operated team services 

• Recruitment and onboarding 

• HR administration and payroll coordination 

• Compliance with labor, immigration, tax, and regulatory requirements 

• Managing contracts and business relationships 

• Improving services and website functionality 

• Protecting legal rights and preventing fraud 

5. Legal Basis for Processing 

Under the Law of Georgia on Personal Data Protection and, where applicable, Article 6 of the GDPR, each processing purpose is supported by a specific legal basis: 

Where processing is based on consent, the data subject has the right to withdraw consent at any time, without providing reasons, through the same channel used to provide consent or by contacting us at hello@optico.team. Withdrawal of consent does not affect the lawfulness of processing carried out prior to the withdrawal. 

Where optico.team relies on legitimate interest as a legal basis, a balancing test has been conducted to ensure that such interests do not override the fundamental rights and freedoms of the data subject. 

6. Data Sharing and Disclosure 

Personal data may be shared with: 

• Business clients (as part of service delivery) 

• HR, payroll, legal, accounting, IT, and compliance service providers 

• Government authorities or regulators where required by law 

• Professional advisers, auditors, and consultants 

All third parties are required to comply with confidentiality and data protection obligations. 

7. International Data Transfers 

As optico.team operates globally, personal data may be transferred outside Georgia and, where applicable, outside the EU/EEA, where necessary for service delivery. 

Where such transfers occur, optico.team ensures appropriate safeguards are implemented, including: 

• contractual data protection clauses 

• secure processing standards 

• compliance with the cross-border transfer rules under Georgian data protection law 

For transfers of personal data of EU/EEA-based individuals to Georgia or other countries that have not received an adequacy decision from the European Commission, optico.team relies on Standard Contractual Clauses (SCCs) adopted by the European Commission in accordance with Article 46(2)(c) of the GDPR, supplemented by additional safeguards where necessary. A copy of the applicable SCCs may be obtained by contacting us at hello@optico.team. 

8. Data Retention 

Personal data is retained only for as long as necessary to: 

• fulfill contractual and operational obligations 

• comply with legal and regulatory requirements 

• resolve disputes and enforce agreements 

After the retention period expires, data will be securely deleted or anonymized. 

The following indicative retention periods apply: 

9. Data Security 

optico.team implements appropriate technical and organizational security measures, including: 

• role-based access control 

• secure IT infrastructure 

• encryption where appropriate 

• confidentiality obligations for personnel and partners 

• regular security and compliance reviews 

10. Data Subject Rights 

Under Georgian law and, where applicable, the GDPR, individuals may have the right to: 

• access their personal data 

• request correction or updating of inaccurate data 

• request deletion of personal data where legally permitted 

• request restriction of processing 

• object to certain types of processing 

• withdraw consent where processing is based on consent 

• receive their personal data in a structured, commonly used and machine-readable format and transmit it to another controller (data portability) 

• not be subject to decisions based solely on automated processing, including profiling, which produce legal or similarly significant effects 

• lodge a complaint with the Personal Data Protection Service (PDPS) of Georgia if they believe their data protection rights have been violated 

Individuals located in the EU/EEA also have the right to lodge a complaint with the supervisory authority in their country of residence. A list of EU/EEA supervisory authorities is available at: https://edpb.europa.eu/about-edpb/about-edpb/members_en 

Requests may be submitted using the contact details below. 

Personal Data Protection Service (PDPS): Website: https://pdps.ge 

11. Cookies and Website Technologies 

Our website may use cookies and similar technologies to: 

• enable website functionality 

• analyze website usage 

• improve user experience 

Strictly necessary cookies are used without prior consent. Analytics, marketing, and other non-essential cookies are placed only after obtaining the user's consent. Users may withdraw cookie consent or manage preferences at any time via browser settings or our cookie consent mechanism. 

12. Children's Data 

optico.team services are intended exclusively for business use. 

We do not knowingly collect or process personal data of individuals under the age of 18. 

13. Changes to This Privacy Policy 

This Privacy Policy may be updated periodically to reflect legal, regulatory, or operational changes. 

The latest version will always be available on our website.  

14. Contact Information 

For privacy-related inquiries or requests: 

Email: hello@optico.team 

Company: Opticoteam LLC (optico.team) 

Registered Address: 41 Zakaria Paliashvili Street, Entrance 1 Tbilisi, Georgia