Skip to content

Data Protection

Information Clause for Business Partners

GDPR (RODO) information obligation under Articles 13 and 14

Last updated: June 2026

This information clause explains how Scanome Sp. z o.o. processes the personal data of contractors and business partners, as well as their representatives, employees, associates and contact persons, in connection with concluding and performing contracts and other business cooperation. It is provided pursuant to Article 13 and Article 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (the General Data Protection Regulation, "GDPR"; in Polish "RODO").

1. Controller

The controller of your personal data is:

  • Scanome Spółka z ograniczoną odpowiedzialnością
  • ul. Hoża 29, 00-521 Warszawa, Poland
  • Registered with the District Court for the Capital City of Warsaw, National Court Register (KRS) No. 0001027324
  • NIP (Tax ID): 7011135813 · REGON: 524829997

In matters relating to the protection of personal data, you may contact us by email at contact@scanome.com or by post at the registered address above.

2. Categories of personal data

Depending on your role in the cooperation, we may process the following categories of data:

  • identification data (e.g. first and last name, position / job title);
  • business contact data (e.g. business email address, business telephone number);
  • data relating to the company you represent or act for, and your role in concluding or performing the contract;
  • for persons signing agreements with us using a qualified electronic signature — the data contained in the qualified certificate, which may include a PESEL number or identity-document data.

We do not process special categories of personal data in this context.

3. Source of the data

Where we did not obtain your personal data directly from you (Article 14 GDPR), we received it from the business partner who is a party to, or is negotiating, the contract — typically your employer or the entity you represent or cooperate with — or from publicly available registers (such as the National Court Register (KRS) or the Central Registration and Information on Business (CEIDG)), or from the qualified certificate used to sign a document.

4. Purposes and legal bases of processing

  • Concluding and performing the contract or cooperation, including contact and day-to-day handling — Article 6(1)(b) GDPR where you are a party to the contract, or Article 6(1)(f) GDPR (the legitimate interest of the controller and of the entity you represent in concluding and performing the contract) where you act as a representative, employee, associate or contact person;
  • Compliance with legal obligations incumbent on the controller, in particular accounting and tax obligations — Article 6(1)(c) GDPR;
  • Establishing, exercising or defending legal claims arising from the cooperation, and ensuring the security and integrity of agreements (including verification of signatures) — Article 6(1)(f) GDPR (our legitimate interest);
  • where applicable, maintaining business relations and direct marketing of our own products and services — Article 6(1)(f) GDPR (our legitimate interest).

5. Recipients of the data

Your personal data may be disclosed to:

  • IT, hosting, email and infrastructure providers acting as our processors;
  • professional advisers (e.g. legal, accounting, tax and insurance advisers) and auditors;
  • providers of qualified trust services in connection with electronic signing of documents;
  • public authorities and bodies entitled to receive the data under applicable law, and other entities where disclosure is necessary to perform the contract or is required or permitted by law.

6. Transfers outside the European Economic Area

As a rule, we process personal data within the European Economic Area (EEA). Should a transfer to a third country occur (for example where a service provider operates outside the EEA), it will take place only subject to appropriate safeguards under Chapter V GDPR, such as an adequacy decision of the European Commission or Standard Contractual Clauses. You may request a copy of these safeguards using the contact details in section 1.

7. Retention period

We retain personal data for the period necessary to achieve the purposes set out above, in particular:

  • for the duration of the negotiations and of the contract or cooperation;
  • until the expiry of the limitation periods for claims arising from the contract;
  • for the period required by law, in particular accounting and tax retention obligations (generally 5 years from the end of the relevant financial year);
  • where data is processed on the basis of our legitimate interest (including marketing), until an effective objection is raised or that interest ceases to apply.

8. Your rights

Subject to the conditions set out in the GDPR, you have the right to:

  • access your personal data and obtain a copy of it;
  • rectify (correct) inaccurate or incomplete data;
  • erase your data ("right to be forgotten");
  • restrict processing;
  • data portability (where processing is based on a contract or consent and carried out by automated means);
  • object to processing carried out on the basis of our legitimate interest (Article 21 GDPR), including objecting at any time to processing for direct-marketing purposes.

You also have the right to lodge a complaint with the supervisory authority — the President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych), ul. Stawki 2, 00-193 Warszawa, Poland — if you believe that the processing of your personal data infringes the GDPR.

9. Obligation to provide data

Providing your personal data is voluntary, but it is necessary to conclude and perform the contract or cooperation and to maintain business contact. Failure to provide the data may prevent the conclusion or proper performance of the contract.

10. Automated decision-making

Your personal data is not used for automated decision-making, including profiling, that produces legal effects concerning you or similarly significantly affects you.

11. Contact

For any questions regarding this information clause or the processing of your personal data, please contact us at contact@scanome.com.

For information on how we process personal data of visitors to our website, please see our Privacy Policy.