Privacy Policy

intive GmbH Spółka z ograniczoną odpowiedzialnoscią Oddział w Polsce (Limited liability company Branch in Poland)ul. Piłsudskiego 69, 50-019 Wrocław, Poland

Maciej Kaczmarski Odo24, e-mail: dpo@intive.com

intive GmbHFranz-Mayer-Str. 5 93053 Regensburg, Germany

Alexander Bugl, location: Eifelstraße 55, 93057 Regensburg, e-mail:kontakt@buglundkollegen.de

The controller of your personal data is intive GmbH or intive GmbH Sp. z o.o. Branch Office in Poland, with respect to requests and queries concerning processes in which the Branch Office in Poland is the sole controller.

Your personal data is processed on the basis of a legitimate interest (art. 6 pp. 1 p. f GDPR) in correspondence in relation to messages sent using a contact form (as well as social networking sites) and in answering questions sent.

The data will be processed for the duration of the communication or until an objection is made, which is deemed reasonable by the controller; in the case of intive GmbH, for a maximum of 1 year

The provision of personal data is voluntary, but necessary to answer to message sent.

The controller of your personal data is intive GmbH.

Your personal data is processed on the basis of a legitimate interest (art. 6 pp. 1 p. f GDPR) in the need to analyze the traffic on a website in order to optimize the functionality available on it.

The data will be processed until such time as an objection as the controller deems reasonable; in the case of intive GmbH, for a maximum period of 3 years.

The provision of personal data is voluntary, but necessary in order to optimize the functionality of our website.

The controller of your personal data is:

- If you have any questions regarding the processes administered by intive GmbH, the company will be the data controller of the process-related data;

- If you have any questions regarding the processes administered by intive GmbH Sp. z o.o. Branch in Poland as a separate controller, intive GmbH Sp. z o.o. Branch in Poland will be the controller of the process-related data;

- If you have any questions regarding the processes administered by any other Company, the particular company will be the data controller of the process-related data.

Depending on the nature of your request, your personal data can be processed on the basis of a legitimate interest (art. 6 pp. 1 p. f GDPR) which is the necessity to answer questions sent, as well as, when processing is necessary for the performance of a contract to which the data subject is party (art. 6 pp. 1 p. b GDPR) or on the basis of legal obligation incumbent on us as a controller (art. 6 pp. 1 p. c GDPR).

Your personal data will be processed for no longer than necessary, however:

- If the request for withdrawal of consent to the processing of personal data is justified and the controller has no other legal grounds for data processing, the personal data shall be deleted immediately; for intive GmbH provided that there are no contradictory statutory periods for data storage;

- Where a request for erasure is considered unjustified, the data shall be processed for the time necessary for the purpose for which they were obtained, where detailed information on the purpose and time of the processing was provided at the time of their acquisition. Detailed information in this respect may be obtained by contacting the Data Protection Officer again at the contact address below or, if not appointed, at the address: dpo@intive.com;

- Where requests other than for deletion are made, data will be processed for the purpose of responding to the request for information for the time necessary to respond and then for the time necessary to observe the principle of accountability, including the defense against claims, i.e. in the case of intive GmbH, intive GmbH sp. z o.o. Office in Poland, intive Ltd. (Ireland), and intive SRL for 3 years; in the case of intive S.A.U., SimTLiX SRL and DevSpark S.A., for 5 years.

The provision of personal data is voluntary, but necessary to answer to message sent, and – in case question concerns the contract – in order to perform a contract, or on the basis of legal obligation incumbent on us as a controller.

This means that they jointly decide on the purposes and methods of processing candidates' personal data. This also applies if your candidacy has been referred through the Referral Program. We have entered into a joint administration agreement within the intive Group, which regulates the division of data controller responsibilities under the RODO. For information on the division of tasks among the joint controllers or any other information related to the processing of your data under joint control, please contact the designated point of contact: dpo@intive.com.

Your personal data is processed in accordance with the following legal grounds:

- A legal obligation imposed on the controller to the extent that the person entering the recruitment process provides the data indicated by law (Article 6(1)(c) GDPR);

- Processing for the performance of a contract to the extent that, as part of the recruitment process, the resume submitter seeks to enter into a contract of employment or cooperation with intive (Article 6(1)(b) GDPR);

- Candidate's consent to the processing of other data voluntarily provided; The controller’s legitimate interest - in terms of the email address collected in the recruitment form on the website - in conducting recruitment activities electronically;

- Candidate's consent to the processing of data for participation in future recruitment processes, or consent given when applying without indicating a specific position (Article 6(1)(a) GDPR);

- Candidate's consent to share his/her resume within the Referral Program in effect at intive GmbH Sp. z o.o. Oddział w Polsce (Article 6(1)(a) GDPR);

- Candidate's consent to share the data contained in the resume with the intive client for whom the project for which recruitment is being conducted would be performed (Article 6(1)(a) GDPR);

- The express consent of the candidate if he or she voluntarily provides intive with special category data (Article 6(1)(a) GDPR);

- The prospective employer's legal obligation under the Law on Foreigners and the Law on Employment Promotion and Labor Market Institutions (in Poland) (Article 6(1)(c) GDPR);

- In accordance with our legitimate interest in providing support in obtaining other documents that allow foreigners to obtain the relevant residence and work permits, and which we are not required to obtain in accordance with the aforementioned regulations (art. 6 par. 1 lit. f GDPR) In accordance with our legitimate interest in providing support in obtaining other documents allowing a foreigner who is a family member of a prospective employee to reside, based on a power of attorney granted to an employee or associate of the Data Controller (Art. 6(1)(f) GDPR).

Your personal data will be processed no longer than necessary, however:

- Personal data collected for the purposes of the pending recruitment will be processed for the duration of the recruitment, until the withdrawal of consent to data processing (in the case of data processed on the basis of consent), or until an objection is raised to the processing of data on grounds related to the specific situation of the data subject (in the case of data processed us on the basis of the controller's legitimate interest), whichever occurs first; however, in the case of intive GmbH Sp. z o.o. Oddział w Polsce no longer than 6 months from the date of commencement of recruitment, and in the case of intive GmbH 6 months from the date of completion of recruitment;

- If you agree to participate in future recruitment processes, in the case of the Referral Program in effect at intive GmbH Sp. z o.o. Oddział w Polsce or an application submitted without indicating a position until the consent is withdrawn, unless the controller first deems the deletion of data to be justified, whichever occurs first; however, for no longer than 2 years from the date of receipt of the resume in the case of intive GmbH, intive GmbH Sp. z o.o. Oddział w Polsce and intive S.A.U.;

- In the case of processing of foreigners' data for the purpose of obtaining applicable work permits and declarations of entrustment of work to a foreigner, the data will be stored in accordance with the rules for the storage of employees' personal files.

- In the case of receipt of a decision to refuse to issue a work permit to a foreigner, the data will be processed until the filing of an objection that the Data Controller deems justified.

- No longer than for the time necessary to provide support in obtaining other documents allowing the foreigner to stay and work.

- If you agree to participate in future recruitment processes, in the case of the Referral Program in effect at intive GmbH Sp. z o.o. Oddział w Polsce or an application submitted without indicating a position until the consent is withdrawn, unless the controller first deems the deletion of data to be justified, whichever occurs first; however, for no longer than 2 years from the date of receipt of the resume in the case of intive GmbH, intive GmbH Sp. z o.o. Oddział w Polsce and intive S.A.U.;

- To the extent that the Data Controller provides support in obtaining documents allowing a foreigner who is a family member of a prospective employee to stay - on the basis of a power of attorney granted to an employee or associate of the Data Controller, the data will be processed for the duration of the proceedings in question or support in conducting them.

Your provision of personal data in the areas of name, surname, date of birth, contact information, education, professional qualifications and previous employment history is required by law, and otherwise voluntary. If you fail to provide personal data covered by the legal requirement, your application may be rejected.

The Controller of your data will be intive GmbH or another intive group company conducting marketing and sales activities.

Your data will be processed for the purpose of the Controller's legitimate interest, i.e. marketing of the Controller's in-house services based on the sales leads obtained (Article 6(1)(f) GDPR).

We have obtained your data in the form of name, position, place of employment, email address from a professional sales lead generation service provider.

- in the event you or your company has become our customer - for the period of limitation of claims, which is - for claims for periodic benefits and claims related to the conduct of business activity- 3 years for the Branch Office in Poland, 6 years for intive GmbH and intive S.A.U;

In case you are our potential customer or represent them:

- if we have contacted you, but not concluded a contract - your personal data will be processed by us for two years counted from the first contact;

- if we have sent an offer - your data will be processed for 5 years calculated from the date of sending the offer;

- In a situation where we have not received a response from you to our inquiry - we will process your data for a period of 2 years counted from the date of sending our message.

In any case, however, we will not process the data in the event of an effective objection or withdrawal of consent.

Provision of personal data is voluntary, but necessary for the purposes of processing. Failure to provide personal data will result in not receiving our marketing content.

The Controller of your personal data is the Company in which the monitoring is carried out.

Information about the personal data administrator is available on the boards located in the monitored area.

The legal basis for processing is legitimate interest in ensuring the safety of persons staying on the premises of the controller, including employees, protection of property, production control understood as the creation of software and the confidentiality of confidential information (Article 6(1)(f) GDPR).

The Controller processes image recordings for a period not exceeding: intive GmbH spółka z ograniczoną odpowiedzialnością oddział w Polsce - 3 months, intive GmbH – 72 hours, intive Ltd. and intive SRL – 1 month, from the date of their creation. After the expiry of the period referred to in the previous sentence, video recordings shall be destroyed unless otherwise provided by law or they may constitute evidence in legal proceedings unless, before the expiry of those periods, an objection is raised against the processing which the controller deems justified.

The provision of your personal data is voluntary, but for the purpose of staying on the Administrator's premises.

The provision of your personal data is voluntary, but for the purpose of staying on the Administrator's premises.

The controller of your personal data is intive GmbH or another intive group company using social media profiles for its own purposes.

In the case of Facebook profile, the Controller or co-Controllers (e.g. for Facebook Page Insights) of your personal data is also Meta Platforms Ireland Ltd. based in Dublin (address: 4 Grand Canal Square Grand Canal Harbour Dublin 2, Ireland). The co-management agreement may be found at this address: https://www.facebook.com/legal/controller_addendum.

Facebook has applicable regulations and privacy policies. To review Facebook's privacy policy, we encourage you to visit this page: https://www.facebook.com/privacy/explanation.

We also process your data as a part of our Facebook and Instagram profiles. The legal basis for this processing is our legitimate interest (Article 6(1)(f) GDPR), in relation to:

- responding to private messages you send to us through the relevant Facebook or Instagram functionality,

- sharing our posts with you as a follower of our Fan page/profile,

- informing you about our services by sharing posts on our Fan page/profile,

- obtaining anonymized analytical and statistical data obtained by the service in question based on the parameters we set in advance based on the nature of our clientele, as well as our promotional and marketing purposes

We process your personal data for the period of time necessary to resolve your case or to respond to your inquiry directed by our profile. Depending on the subject matter of your case, we may process your data in the future in order to demonstrate that we have resolved your case, i.e. until the statute of limitations for claims.

Provision of personal data is voluntary, but necessary for the purposes of processing.

Every data subject shall have the following rights:

- the right of access to data content;

- the right to rectify them;

- the right to remove data;

- the right to limit the processing;

- the right to transfer data;

- the right of objection;

- the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal – to withdraw your consent please contact the DPO of the Controller to which you gave your consent at the e-mail address: consentwithdrawal@intive.com or dpo@intive.com.

-the right to lodge a complaint with the supervisory authorities:

In the course of processing your personal data, we may share your personal data with different recipients in different situations. The recipients of personal data may be organisations supporting the Controller in the course of their business activities, in particular: banks, courier and transport companies, external entities providing IT support, personal data protection, legal protection, companies conducting internal controls/audits on behalf of the Controller, customers, contractors, entities responsible for the functioning of social networking sites, providing services that we use on the website, the Tax Office and the Police or other authorities on the basis of applicable laws. Moreover, the recipients may be companies within the intive capital group and entities to which intive provides space on its website.

The following entities that provide services to intive may also be recipients of personal data:

- LinkedIn Corporation

- Meta Platforms

- the right to limit the processing;

- Salesforce

- Google

- Usercentrics

intive does not make automated decisions, including profiling, which would result in legal consequences for the users of the website or otherwise significantly affect the users of the influencing website. Notwithstanding the above, intive takes measures to analyze traffic on the website and to collect data about the users through the use of cookies as well as to collect data about the users of the website by means of cookies for other service providers. This profiling does not result in a decision that has legal effects or similarly affects data subjects.

None of our services is directed to children, i.e. to people under 16 years of age.

According to the GDPR we inform you that:

1. With respect to the contract between any third party and intive (hereinafter referred to as the “Contract”), the controller of the personal data of the party to the Contract or those party’s employees, co-workers and other representatives, designated to represent the party or perform on behalf of the party the Contract, is the Company with which the Contract was concluded, that is one of the companies listed in the section “Controller of personal data” of this Privacy Policy.

2. Some of the Companies have designated a data protection officer (DPO) who can be contacted in various ways described in the section “Controller of personal data” of this Privacy Policy.

3. The legal bases for the processing are:

a) Art. 6 (1) b of the GDPR – processing of personal data is necessary for the performance of the Contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into the Contract – for the purpose of performing the Contract,

b) art. 6 (1) c of the GDPR - processing is necessary for compliance with a legal obligation to which the Company is subject, i.a. keeping accounts and fulfilling accounting obligations, as well as examining the controller’s financial condition,

c) art. 6 (1) f of the GDPR - processing is necessary for the purposes of the legitimate interests pursued by the controller, where the legitimate interest of the controller is:

-conclusion and performance of the Contract, regarding persons designated to perform the Contract and persons representing the parties to the Contract, i.e., e.g. proxies,

-establishment, exercise or defence of legal claims,

- archiving documents (for the period resulting from legal provisions),

- processing personal data within the corporate group for internal administrative purposes, including keeping statistics and financial statements for Companies.

4. Personal data can be transmitted to external entities that support the controller, in particular: banks, courier and transport companies, external entities providing IT support, personal data protection, legal services, companies conducting internal controls/audits at the request of the controller, governmental authorities or other authorities on the basis of applicable law. In addition, the recipients of the personal data can be other Companies.

5. Data subjects due to the GDPR regulations have the rights described in the “Rights of data subjects” section of this Privacy Policy.

6. Providing personal data is necessary to conclude and perform the Contract, fulfil legal obligations, and perform tasks covered by the controller’s legitimate interest. Where personal data have not been obtained from the data subject, the data originate from the party that employs (or cooperates with) the data subject. In such situations, the controller processes the following data: name, surname, phone number, e-mail address, position, other contact details.

7. Personal data will be processed for the periods indicated below:

- for a duration of time covering the pursuit of a contract, i.e. initiating cooperation and agreeing on its terms, as well as the conclusion and subsequent execution of the contract

- for the Branch Office in Poland billing documents related to the transaction will be stored for 5 yearscounting from the end of the calendar year in which the tax payment deadline has passed; other accounting documents regulated by the provisions of the Tax Ordinance Act or the Accounting A–t - for the periods indicated therein; with respect to intive GmbH, intive S.A.U.,SimTLiX SRL and DevSpark S.A. accounting documents related to the transaction shall be kept for 10 years.

- the period of limitation for claims shall be 6 years for the branch in Poland, intive GmbH, for claims for periodical services and claims related to the conduct of business activity for the Branch in Poland – 3 years, and 6 years for intive GmbH, intive S.A.U., SimTLiX SRL and DevSpark S.A.

- with regard to recovery for the duration of the proceedings, until their final and binding conclusion and, in the case of enforcement proceedings, until the satisfaction of claims in those proceedings;

- in case where the basis for the processing of personal data is the legitimate interest pursued by the controller - until a reasoned objection or the time of expiry of the deadlines indicated above.

8. Personal data may be transferred to third countries pursuant to Article 45, art. 46, art. 49 par. 1 of the GDPR. In particular data may be transferred to the United States of America and Ukraine based on standard contractual clauses and additional guarantees and to the Republic of Argentina (according to the decision of European Commission this third country ensures an adequate level of protection). Information about the applied safeguards and a copy of these safeguards can be obtained at e-mail address of the data protection officer. Personal data may also be transferred from Argentina to another country, i.e. a country belonging to the European Union, or the United States of America or Ukraine. Argentina considers the following countries as providing adequate data protection standards to ensure the free flow of data within them: EU Member States, EEA Member States, Switzerland, Guernsey, Isle of Man, Faeroe Islands, Canada (for the public sector only), Andorra, New Zealand, Uruguay and Israel (for automated processing only), the United Kingdom. For the transfer to the United States and Ukraine, it is carried out using appropriate safeguards, i.e. standard contractual clauses approved by the AIPP.

9. Personal data will not be used for automated decision making, including profiling, which is described in Art. 22(1,4) of the GDPR.

7. Personal data will be processed for the periods indicated below:

Personal data may also be transferred from Argentina to another country, i.e. a country belonging to the European Union, the United States of America, the United Kingdom, or Ukraine. Argentina considers the following countries as providing adequate data protection standards to ensure the free flow of data within them: EU Member States, EEA Member States, Switzerland, Guernsey, Isle of Man, Faeroe Islands, Canada (for the public sector only), Andorra, New Zealand, Uruguay and Israel (for automated processing only) and the United Kingdom. For the transfer to the United States and Ukraine, it is carried out using appropriate safeguards, i.e. standard contractual clauses approved by the AIPP.

Cookies are small text files that are saved on your computer or smartphone when you visit our website.

We are currently using Usercentrics tool which allows us to display a cookie banner, collect cookie consents and integrate the solution with our consent collection forms. Usercentrics plugin, which collects consents from the cookie banner or form, saves them, and allows for consent management that is fully compliant with GDPR.

There are different types of cookies. You may encounter the following categories of cookies on our website:

- Essential cookies - first-party session or persistent cookies that are necessary for the website to function correctly. These cookies enable basic features such as page navigation, secure access to areas of the site, and load-balancing. Without these cookies, certain services or functionalities requested by the user cannot be provided, as they ensure the proper operation of the site.

- Functional cookies - typically first-party persistent cookies that enhance the user experience by remembering preferences and settings. These cookies enable the website to offer personalized features, such as remembering login information, language preferences, or region-specific settings, which optimize and tailor the browsing experience according to the user's past interactions with the site.

- Marketing cookies - usually third-party persistent cookies that track visitor web activity to provide targeted advertisement. These cookies, unlike statistical cookies, are used to support online marketing by collecting information about the users to promote products through partners and other platforms.

You can find more information about cookies in the Cookie Settings, which you can return to at any time by selecting the link in the footer of our site. In the Categories window you will be able to see the categories of files used on the site at any time. When you click on a category, the files used on the site will be displayed. Select the Information button ⓘ to view the details of a particular file. Select the Services tab to view all cookies and learn about their type, purposes, storage period and source.

When accessing our website, you can accept all files by selecting "Accept All", selected files through the "More" option, or reject them by selecting "Decline". Files necessary for the operation of the website will be saved.

After selecting the "More" option, you can make detailed decisions about your consent to the cookies in question, as well as see the details of the file. Once you have made your choices, you can select "Save settings", and if you accept all files, select "Accept all". By selecting "Deny" you will reject all cookies except the Key cookies necessary for the proper operation of the site.

You can change your preferences at any time by returning to the Cookie Settings in the footer of our site.