About Us | Rhenai
Rhenai Logo

Information Disclaimer

In accordance with Articles 13 and 14 of Regulation (EU) 2016/679 (GDPR), please read the following information regarding the processing of personal data.

Information Disclaimer

Last updated: February 18, 2026

1. Data Controller

The controller of your personal data is Rhenai Digital Workforce Sp. z o.o., KRS No. 0001069165, NIP 7011174664.

2. Contact Address

The Controller may also be contacted in writing at: Rhenai Digital Workforce Sp. z o.o., ul. Puławska 99, 02-595 Warsaw, Poland, with the note “Personal Data”.

3. Legal Bases and Purposes of Processing

Your personal data may be processed for the following purposes:

  • pursuant to Article 6(1)(b) GDPR – in order to conclude an agreement, take steps prior to concluding an agreement and perform an agreement, until these purposes are fulfilled;
  • pursuant to Article 6(1)(a) GDPR – based on your separate consent, for specifically defined purposes, until the purpose is achieved or consent is withdrawn;
  • pursuant to Article 6(1)(c) GDPR – in order to comply with legal obligations imposed on the Controller, including accounting, archiving, tax and public authority obligations;
  • pursuant to Article 6(1)(f) GDPR – for the purposes of contact, handling inquiries and complaints, establishing, pursuing or defending claims, and verifying persons authorized to represent contractors;
  • pursuant to Article 9(2)(f) GDPR – where necessary, for the establishment, exercise or defence of legal claims.

4. Automated Decision-Making

Your personal data will not be processed for automated decision-making, including profiling.

5. Scope of Data

The scope of personal data processed may include:

  • name and surname;
  • contact telephone number;
  • correspondence address;
  • e-mail address;
  • name of the company on behalf of which you act;
  • job title or business function.

6. Recipients of Data

Recipients of your personal data may include:

  • entities authorized under applicable law, including tax authorities, courts, law enforcement authorities and other public bodies;
  • authorized employees and associates of the Controller;
  • processors acting on behalf of the Controller under data processing agreements, including IT, security, courier, accounting and consulting service providers;
  • other cooperating entities, including providers of legal, postal, advisory or debt collection services.

7. International Transfers

The Controller does not transfer your personal data to countries outside the European Economic Area or to international organisations.

8. Security Obligations

All external entities processing personal data on behalf of the Controller are required to ensure an appropriate level of data security and comply with applicable data protection obligations.

9. Your Rights

To the extent provided by applicable law, you have the following rights:

  • the right to access your personal data and obtain information about its processing;
  • the right to rectify inaccurate or incomplete personal data;
  • the right to erasure of personal data, also known as the “right to be forgotten”, where processing is no longer necessary;
  • the right to restriction of processing, where the conditions provided by law are met;
  • the right to data portability, where data is processed on the basis of a contract or consent;
  • the right to lodge a complaint with the supervisory authority, i.e. the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw, Poland;
  • the right to withdraw consent at any time, without affecting the lawfulness of processing carried out before its withdrawal;
  • the right to object to processing based on Article 6(1)(f) GDPR; in such case, processing will cease unless there are compelling legitimate grounds for the processing or the processing is necessary for the establishment, exercise or defence of legal claims.

10. Sources of Data

Your personal data may be collected:

  • directly from you;
  • from a contracting party that has provided the data of its representatives or contact persons;
  • from publicly available sources, in particular the National Court Register or the Central Registration and Information on Business.

11. Voluntary Provision of Data

Providing personal data is voluntary; however, failure to provide such data may prevent the conclusion or performance of an agreement, as well as contact in matters related to its execution.