Below, you can find information about how we collect, process and use the data which you provide to us.
We are the controller of your personal data. This means that we decide how and for what purposes the personal data that you provided to us is processed. We make every effort to ensure that your personal information is safe. We do not provide personal data entrusted to us for payment.
If you have any questions regarding the processing of your personal data by us, please contact us using the contact details below:
In connection with our business, we process the personal data of different people for different purposes, to a different extent, and on a different legal basis set out in the GDPR. For clarity, we have grouped this information by the purpose of processing your personal data.
Personal data – means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
We – Coditive Sp. z o.o., ul. Hugo Kołłątaja 1B/9, 44-193 Knurów, registered in the District Court in Gliwice, X Commercial Division of the National Court Register, under KRS number 0000907960, VAT No. PL9691643891.
You, your – every natural person with whom we have a legal relationship.
GDPR– Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC 95/46/EC (General Data Protection Regulation)
Website – websites we run, including www.coditive.ai.
Recipients of your personal data – entities to which we may transfer part of your personal data in connection with the performance of certain activities or services on our order. These entities cannot use your personal data unless we instruct them and only within the scope indicated by us. They will store your personal data securely and only for the period that we indicate to them or as required by applicable law.
I. Execution of contract or collaboration
We process your personal data to execute a contract or implement a collaborative relationship.
Processing period
Until the contract ends and for the limitation period applicable to the type of contract.
Legal basis
Indispensable for the performance of the contract or the implementation of our cooperation (Article 6 (1) (b) of the GDPR).
II. Legal obligations (accounting)
We process your personal data to comply with legal obligations, e.g., accounting and VAT records or other regulations required by law. This obligation is imposed on us by the applicable legal act.
Processing period
5 years starting from the beginning of the year following the financial year in which the documentation was created.
Legal basis
Compliance with the legal obligation (Article 74 paragraph 2 point 8 of the Accounting Act in connection with Article 6 (1) (c) of the GDPR).
III. Assessment of payment credibility and claims
We process your personal data to assess payment credibility and to establish, investigate, or defend claims.
Processing period
During the contract and for 3 or 10 years depending on the parties involved (the length of the period depends on whether both parties are entrepreneurs or not).
Legal basis
Our legitimate interest in verifying and assessing the reliability of our contractors and having personal data that will allow us to determine, assert or defend against claims, including clients and third parties (Article 6 (1) letter f GDPR).
Categories of recipients of your personal data
a) Entities providing accounting services
We use the services of entities providing professional accounting and billing services.
b) IT service providers
We use the services of entities that professionally provide IT services. We want your personal data to be secure, up-to-date, and confidential.
c) Professional legal advisors and entities dealing in debt collection
We use the services of entities that provide professional auditing services to us, related to legal assistance and the recovery of receivables resulting from legal relationships that connect us with our contractors
d) Entities operating postal or courier services
We use the services of entities that professionally provide postal or courier services.
Categories of personal data
We process only your personal data such as name, surname, employer, position, address of the place of employment, business phone, and business e-mail.
Source of personal data
Your personal data has been made available to us by the entity with whom we cooperate based on a contract or other binding arrangement and to which you are an employee or representative.
The purpose of processing
We process your personal data in order to comply with our obligations under the legal relationship with the entity you are an employee or representative.
Processing period
We process your personal data for this purpose until it ends, settlement, and expiration of the limitation period for claims regarding our cooperation with the entity of which you are an employee or representative, or until you raise objections only if we acknowledge Your legitimacy to this.
Legal basis
Our legitimate interest is based on the implementation of our agreements and legal relationships with the entity in which you are an employee or representative (Article 6 (1) letter f).
Categories of recipients of your personal data
a) IT service providers
We use the services of entities that professionally provide IT services. We want your personal data to be secure, up-to-date, and confidential.
b) Professional legal advisors
We use the services of entities that provide us with professional services related to legal assistance.
c) Entities operating postal or courier services
We use the services of entities that professionally provide postal or courier services.
I. Basic personal and employment data
We process your personal data in the form of first name (surname), surname, first name of your parents, date of birth, place of residence (address for correspondence), your education, and the course of previous employment in order to carry out the recruitment process.
Processing period
Until recruitment is completed, resulting in admission or refusal to work.
Legal basis
Compliance with the legal obligation (Article 22 ‘ § 1 of the Labor Code in connection with Article 6 (1) (c) of the GDPR).
II. Other data in recruitment application
We process your personal data, other than those mentioned above, indicated by you in the submitted recruitment application in order to carry out the recruitment process.
Processing period
Until end of recruitment process or withdrawal of consent to the processing of your personal data for this purpose.
Legal basis
Voluntary consent (Article 6 (1) (a) of the GDPR).
III. Future recruitment purposes
If you have agreed to this, we process your personal data for the purposes of future recruitment processes.
Processing period
Until completion of relevant recruitment processes or withdrawal of consent to the processing of your personal data for this purpose.
Legal basis
Voluntary consent (Article 6 (1) and GDPR).
Categories of recipients of your personal data
a) Entities providing recruitment
We use the services of entities that provide a safe and convenient opportunity to conduct the recruitment process, in accordance with the regulations of these entities’ services.
b) Entities providing service and security to the Website
We use the services of entities that ensure the professional operation of the Website and the security of your personal data. In order to guarantee the quality of these services, these entities process the IP addresses of people who visit the Website in order to search for job offers.
c) IT service providers
We use the services of entities that professionally provide IT services. We want your personal data to be secure, up-to-date, and confidential.
The purpose of processing
We process your personal data in order to ensure the security of information and documents, our employees and guests, as well as limit visits to so-called unwanted people, due to your visits to our office.
Processing period
We process your personal data for this purpose only for the period necessary to ensure the above-mentioned security, but no longer than one year from the visit of our office or until you object to the processing of your personal data and acknowledge its legitimacy.
Legal basis
Our legitimate interest is in the protection of information, documentation, and security of our employees and guests in our office (Article 6 (1) letter f).
The purpose of processing
We process your personal data in order to service your inquiry and provide an answer, e.g., preparation of the valuation of our services.
Processing period
Your personal data will be deleted by us in case of effective opposition by you or for the purpose of processing.
Legal basis
Our legitimate interest is in the form of allowing the conclusion of a contract for a limited period of time without the need to repeat the valuation because you can make a decision about using our service after receiving the valuation (Article 6 (1) letter f GDPR).
Categories of recipients of your personal data
a) Entities providing service and security to the Website
We use the services of entities that ensure the professional operation of the Website and the security of your personal data. In order to guarantee the quality of these services, these entities process the IP addresses of people who visit our Website.
b) IT service providers
We use the services of entities that professionally provide IT services. We want your personal data to be secure, up-to-date, and confidential.
We ensure the implementation of your rights listed below. You can implement your rights by submitting your request using the contact details we have indicated.
You have the right to withdraw any consent you gave us for the processing of your personal data at any time. The withdrawal of your consent has had an effect since its withdrawal. Withdrawal of consent does not affect the processing of your personal data carried out by us in accordance with the law before its withdrawal.
Withdrawal of consent does not entail any negative consequences for you. However, it may prevent you from continuing to do our actions on your behalf or using our functionalities which we can only legally provide with your consent.
Legal basis: Article 7 par. 3 GDPR
You have the right to object to the processing of your personal data at any time, if we process it based on our legitimate interest, for example in connection with sending you information about our new activities and initiatives, including profiling based on this basis.
If your objection turns out to be justified and we have no other legal basis to process your personal data, we will delete the information to which you objected.
If you oppose to be send marketing information, we will stop sending you this type of information.
Legal basis: Article. 21 GDPR.
You have the right to request the removal of all or some of your personal data.
Despite the request to delete your personal data, in connection with opposition or withdrawal of consent, we may retain certain personal data to the extent necessary to establish, investigate or defend any claims related to the processing of your personal data. This applies in particular to personal data including name, surname, and information about your consents or activity history, which we retain for purposes of handling complaints and claims related to the processing of your personal data by us in connection with the legal relationship between us. We will process your personal data for this purpose for a period of 10 years from the end of the legal relationship between us.
The legal basis for us to process your personal data for this purpose is our legitimate interest (Article 6 (1) letter f).
Legal basis: Article. 17 THE DGPR.
You have the right to request a restriction on the processing of your personal data. If you submit such a request, we will prevent you from using certain functionalities or services that will result in the processing of the requested data until we process your request. We will also not send any messages to you, including marketing ones.
Legal basis: Article. 18 DGPR.
You have the right to obtain confirmation from us whether we process your personal data, and if this is the case, you have the right to:
a) get access to your personal data;
b) obtain information about the purposes of the processing, categories of personal data being processed, the recipients or categories of recipients of this data, the planned period of storage of your data or criteria for determining this period, about your rights under the GDPR and the right to lodge a complaint to the supervisory authority, the source of these data, on automated decision-making, including profiling and safeguards applied in connection with the transfer of these data outside the European Union;
c) obtain a copy of your personal data, under the conditions indicated in the GDPR.
Legal basis: Article. 15 THE GDPR.
You have the right to request us to rectify your personal data when they are inconsistent with the actual state and the right to have incomplete personal data completed.
Legal basis: Article. 16 THE GDPR.
You have the right to receive the personal data that you provided to us and then send it to another personal data administrator of your choice.
You also have the right to request that personal data be sent by us directly to such other administrator if it is technically possible.
Legal basis: Article. 20 GDPR.
You can lodge complaints, questions, and requests regarding the processing of your personal data and the implementation of your rights.
If you believe that your right to the protection of personal data or other rights granted to you by GDPR has been violated, you have the right to lodge a complaint with the competent supervisory authority.
Legal basis: Article. 13 para. 2 lit. d) GDPR.
Providing your personal data by you is not mandatory. However, it is necessary to implement the legal relationship that binds us.
If you do not agree to receive information about our initiatives and proposals at the e-mail address provided by you, we will not be able to send you such information.
We use functional cookies only. Currently, our website uses Google reCAPTCHA to protect the website from spam and automated abuse.
Google reCAPTCHA is a tool provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Its purpose is to distinguish computers from humans. Simply put: it protects our website against spam sent by machines responsible for running automatic scripts during Internet traffic. These machines can steal information about network users and also generate spam. Spam can contain both malware and an influx of messages unrelated to the site.
Data collected: Information about your interaction with the CAPTCHA (IP address, browser information).
Legal basis: Legitimate interest in ensuring secure website operation (Article 6(1)(f) GDPR).
No analytics, advertising, or tracking cookies are used on the website.
We use services based in the US (Google reCAPTCHA), therefore considered “third country” under the GDPR.
We assure you that when using the services and technologies, we transfer personal data only to entities that ensure an adequate level of data protection in line with the requirements of the GDPR. In particular, we rely on the EU–U.S. Data Privacy Framework, which was adopted by the European Commission on July 10, 2023, as a valid transfer mechanism for data flows from the EU to certified U.S. companies.
Entities participating in the Data Privacy Framework are committed to complying with data protection standards equivalent to those in force in the European Union. You can find more information on the European Commission’s website:
https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/eu-us-data-transfers_en
If a service provider is not certified under the Data Privacy Framework, we ensure appropriate safeguards are in place – such as Standard Contractual Clauses (SCCs) approved by the European Commission – to ensure your data is processed in accordance with GDPR standards.
We will provide you with additional information upon request regarding the transfer of your personal data. You also have the right to obtain a copy of the data transferred to third countries at any time.
Depending on our needs, we can change and supplement the Privacy Policy. We will inform you of any changes or additions by posting relevant information on the Website, and in the case of significant changes, we can also send you separate notifications to the email address provided by you.
We make every effort to enable users to submit any comments, suggestions, tips and objections to the data processing policy adopted by us. All issues related to the content of this Policy should be sent to the e-mail address: [email protected].