GDPR
Privacy Policy — Qubiqa Poland
1. Introduction
Qubiqa Sp. z o.o. Qubiqa So. Z o. o. (“we”, “us”, “our”) takes the utmost care to protect personal data in a responsible and transparent manner. Our approach to data protection is based on the General Data Protection Regulation (GDPR), the Danish Data Protection Act, and our broader commitments to responsible business conduct, ethical management, and respect for human rights, as expressed in our CSR and ESG frameworks.
This Privacy Policy explains how we collect, use, store, and protect personal data when you contact us, visit our website, or use our services.
2. Data Controller
Qubiqa So. Z o. o.
Ceramiczna 30
64-920 Piła
Poland
Email: infopl@chsystem.dk
Phone: +48 67 356 70 10
3. Personal Data We Process
We process personal data when you contact us, request information, enter into agreements with us, apply for a job, or use our website. This may include, among other things, your name, contact details, company information, project-related information, and any documents you choose to share with us, such as CVs or technical specifications.
When you visit our website, we may also collect technical information such as IP address, browser type, device information, and interaction data. Some of this information is collected using cookies, which are described in section 10.
We may also receive information from publicly available sources, such as company registers, or from partners involved in providing our services.
3.1 Automatically Collected Data (Website and Analytics)
When you visit our website, we collect technical and behavioral data, such as:
- IP address,
- device and browser type,
- log data and interaction data,
- usage patterns, clicks, scrolling, and session behavior.
Analytical tools may include Google Analytics 4, Mouseflow, server-side tracking, and Google Tag Manager.
4. Purpose and Legal Basis
We process personal data to respond to inquiries, prepare and execute contracts, manage customer relationships, handle invoicing and accounting obligations, improve our website, and conduct recruitment activities. These activities are based, depending on the context, on legitimate interest, contractual obligations, legal requirements, or your consent.
We do not use personal data for purposes incompatible with the original purpose for which it was collected.
5. Sharing Personal Data
Personal data may be shared with trusted partners, such as IT providers, auditors, subcontractors, or recruitment partners, when necessary to provide our services or fulfill legal obligations. All partners who process personal data on our behalf are bound by confidentiality obligations and/or data processing agreements.
As part of our ESG governance, we expect all suppliers and partners to apply responsible data practices, respect human rights, and comply with GDPR. We never sell or trade any personal data.
6. Data Transfer Outside the EU/EEA
Some tools and service providers are located outside the EU/EEA. When personal data is transferred internationally, we ensure compliance with regulations by using Standard Contractual Clauses (SCCs) and data transfer impact assessments.
Linguistic note: The source uses the form “Qubiqa So. Z o. o.”. I have left it as is. If this is a typo and should be “Qubiqa Sp. z o.o.”, I will correct it throughout the text.
7. Data Retention Period
We retain personal data only for as long as necessary. Accounting documentation is stored for the period required by law. Customer-related information is stored for the duration of the cooperation and for an appropriate period for the statute of limitations for claims. Job applications are typically stored for up to six months, unless you consent to a longer retention period. Website logs are generally stored for a short period, unless security considerations require otherwise.
Data retention practices are regularly reviewed to ensure compliance with both legal requirements and our commitment to responsible resource management.
We retain personal data only for as long as necessary:
- contact inquiries: up to 2 years,
- newsletter-related data: until consent is withdrawn,
- analytical data: for short retention periods,
- customer data: 5 years in accordance with accounting regulations.
8. Security Measures
We protect personal data through a combination of technical and organizational measures, including access control, secure storage, encryption, regular backups, employee confidentiality obligations, and continuous monitoring of our systems. These measures support compliance with Article 32 of the GDPR and reflect our ESG commitment to integrity, accountability, and risk management.
We apply the CIS 18 information security framework and regularly conduct red team exercises to ensure a high level of protection for the rights and freedoms of data subjects, as well as our clients and partners. We adopt the CIS 18 IG 3 level as a benchmark, thereby providing our clients and partners with a top-class product.
9. Your Rights
You have the right to access your personal data, request its rectification or erasure, restrict processing or object to processing, and receive your data in a portable format. If processing is based on consent, you may withdraw it at any time.
Requests can be sent to: infopl@qubiqa.com. You also have the right to lodge a complaint with a supervisory authority.
10. Cookies
Our website uses cookies to ensure its proper functioning, improve user experience, and analyze traffic. Some cookies are strictly necessary for the website to operate, while others help remember user preferences or provide statistical data. If activated, analytical tools such as Google Analytics may store cookies that help us understand how visitors use the site.
We use Cookiebot to manage cookie consent in accordance with Danish regulations. You can change or withdraw your consent at any time via the cookie banner on our website. A detailed cookie declaration is available directly through Cookiebot.
Analytical and marketing cookies may be used by Google Analytics, Mouseflow, Meta, LinkedIn, and YouTube.
11. ESG and CSR Compliance
Data protection is an integral part of our CSR and ESG strategy. We treat privacy as a fundamental human right and incorporate data ethics into our governance model. This includes transparent handling of information, responsible supplier management, and fair recruitment practices.
We also consider the environmental impact of digital operations by limiting unnecessary data storage and selecting IT partners with a strong sustainability profile. Our governance framework ensures that data protection, human rights, and ethical conduct remain central to our operations and collaborations with partners.
12. Changes to this Privacy Policy
We may update this policy to reflect legislative, technological, or business changes. The latest version is available on our website.
13. Contact
Qubiqa Sp. z o.o.
Ceramiczna 30
64-920 Piła
Poland
Tel. +48 67 356 70 10
infopl@qubiqa.com
Last updated: 2026-03-23