sourcingNOW » privacy policy

1. General Information

SourcingNOW Sp. z o.o., with its registered office in Warsaw (00-105), at ul. Twarda 18, entered into the National Court Register kept by the District Court for the Capital City of Warsaw in Warsaw, 12th Commercial Division of the National Court Register under number 0001152815, holding NIP 5253033009 and REGON 540777800, as the data controller (DC), pays special attention to respecting privacy and protecting personal data entrusted to it by users, candidates, employees, and business partners.

We want you—as the data subject—to know how SourcingNOW Sp. z o.o. collects, uses, processes, stores, and potentially shares your personal data. We also want you to know your rights under applicable national and EU data protection laws.

We encourage you to read this Privacy Policy, which describes our data protection practices. This document may be updated—any changes will be published on the Company's website.

SourcingNOW Sp. z o.o. provides professional recruitment services, supports clients in acquiring suitable candidates, and fosters the career development of job seekers.

Our priority is to operate in a lawful, reliable, and transparent manner—particularly in the area of data protection—in accordance with the provisions of the GDPR and applicable national law.

This Privacy Policy outlines the rules for processing and protecting personal data by SourcingNOW Sp. z o.o. (hereinafter: the “Company”, “Controller”), especially in connection with the use of services provided electronically, recruitment processes, and other forms of cooperation with individuals. The Company ensures that data processing complies with the provisions of:

Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR),
The Personal Data Protection Act of May 10, 2018.

2. Personal Data Controller

The personal data controller is SourcingNOW Sp. z o.o., with its registered office at Twarda 18, 00-105 Warsaw, entered into the National Court Register under number 0001152815, NIP: 5253033009, REGON: 540777800. SourcingNOW Sp. z o.o. has appointed a Data Protection Officer (DPO), who can be contacted regarding all matters related to data processing via email: kontakt@sourcingnow.pl

Contact:

Email: kontakt@sourcingnow.pl

Phone: +48 791 337 260

3. Purposes and Legal Bases of Data Processing

Personal data may be processed by the Controller for the following purposes:

3.1. Fulfilling legal obligations, e.g. under labor, tax, or social insurance law.Legal basis: Article 6(1)(c) GDPR

3.2. Performing contracts and providing services electronically, including order processing, inquiry handling, and proper operation of the website.Legal basis: Article 6(1)(b) GDPR

3.3. Conducting recruitment activities, such as:

Assessing candidate qualifications,
Verifying competencies and matching to positions,
Carrying out selection processes.Legal basis: Article 6(1)(a) GDPR (candidate’s consent)

3.4. Carrying out marketing activities (including email marketing of the Controller’s products and services).Legal basis: Article 6(1)(a) GDPR (consent)

4. Scope of Processed Data

The Controller processes personal data in the following scope:

Job candidates:

Identification and contact data (name, surname, email address, phone number, address),
Education and professional experience,
Qualifications, training, interests,
Work permit data, interview notes.

Special categories (if provided):

Disability status,
Nationality.

Employees:

Personal, address, and contact data,
PESEL number, identity document data,
Banking, tax, and insurance information,
Health data (e.g. sick leave, medical exams),
Vacation data, performance results, employment history.

Other stakeholders (e.g., contractors):

Contact data,
Identification data (NIP, REGON),
Bank account details (for settlements),
Identity document data (for sole proprietors).

5. Voluntariness and Data Retention Period

5.1. Voluntariness of Providing DataProviding personal data is voluntary but necessary for contract conclusion and execution, participation in recruitment, or receiving marketing information.

5.2. Data Retention Period

Data processed under legal obligations – until the obligation is fulfilled.
Data processed under contract – until its performance, expiration, or termination.
Data based on consent – until it is withdrawn, no longer than 9 years from the date of consent.

5.3. Withdrawal of ConsentConsent can be withdrawn at any time, without affecting the lawfulness of prior processing.

6. Data Recipients

Personal data may be shared with:

The Company’s clients in the scope of recruitment services,
IT, cloud, accounting, and consulting service providers,
Public institutions (e.g., ZUS, tax office, labor inspectorate),
Other entities processing data on behalf of the Controller under data processing agreements.

If data is transferred outside the European Economic Area (EEA), appropriate safeguards are applied, particularly EU standard contractual clauses.

7. Data Subject Rights

Every data subject has the right to:

Access their data and obtain a copy,
Rectify or complete data,
Erase data (if no legal basis for further processing exists),
Restrict processing,
Object to processing (including for marketing purposes),
Data portability to another controller,
Lodge a complaint with the President of the Personal Data Protection Office (UODO).

Requests can be submitted via the contact details in section 2.

8. Data Security

The Controller applies appropriate technical and organizational measures to ensure the security of processed data, particularly to protect against unauthorized access, alteration, loss, or destruction.

8.1. SourcingNOW Sp. z o.o., as Data Controller, applies adequate technical and organizational measures tailored to risks and categories of protected data, including protection against unauthorized access, loss, disclosure, destruction, or modification. Security measures include SSL encryption and internal data protection policies.

8.2. All personal data collected through the website is stored on secure servers, accessible only to authorized personnel based on permissions granted by the Controller.

8.3. Communication between the user’s device and the website is encrypted using SSL.

8.4. The Controller notes that using the internet, particularly public Wi-Fi, may carry risks such as malware, phishing, or cracking. To increase security, SourcingNOW Sp. z o.o. recommends using IT security solutions provided by specialized providers.

9. Cookies

9.1. To ensure proper functioning of the website and for statistical and analytical purposes, SourcingNOW Sp. z o.o. uses cookies.

9.2. Cookies are small text files stored on the user’s device, containing domain name, storage duration, identifier, and other information.

9.3. The website uses:

Session cookies – deleted when the browser is closed,
Persistent cookies – stored until manually deleted or expired.

9.4. Cookies used by the website do not identify the user. They do not collect personal data or install malware.

9.5. Cookies created by the site are not accessible to other websites. However, third-party cookies (e.g., Google Analytics) may be placed and read by external servers.

9.6. Users can change cookie settings in their browsers at any time, including blocking or limiting them, or manually deleting stored files.

9.7. Disabling or limiting cookies may affect some functionalities or prevent the use of certain parts of the website.

9.8. Controller’s cookies are used for:

User authentication and session maintenance,
Customizing content to user preferences,
Analyzing user behavior for site optimization.

10. Changes to the Privacy Policy

The Controller reserves the right to make changes to this Privacy Policy. The current version will always be available on the Company’s website.