Privacy & Cookie Notice

Last updated: February 26, 2026

Introduction

This Privacy & Cookie Notice explains how THE EPC NETWORK SP. Z O.O. (“EPC Network”, “we”, “us”, “our”) collects and processes personal information when you visit our website, contact us, interact with our communications, or apply for roles through our careers page (together, the “Services”).

“Personal information” (or “personal data”) means any information relating to an identified or identifiable individual.

This notice is intended to provide transparent information required under applicable privacy and data protection laws, including the EU General Data Protection Regulation (GDPR). This notice may be supplemented by additional privacy statements for specific Services or processes.

1. Who We Are

Data controller (for the Services):
THE EPC NETWORK SP. Z O.O.
Emilii Plater 53, 00-113 Warszawa, Poland
KRS: 0001135725
NIP: 1251777005
REGON: 540042397
Share capital (kapitał zakładowy): 5600 PLN
Email: info@theepc.network

If you apply for a position via our recruitment platform provider (Peopleforce) linked from our website, that platform may process your personal information under its own privacy notice in addition to ours.

Children: The Services are not intended for individuals under 16 years of age. We do not knowingly collect personal information from individuals under 16.

2. What Information We Collect

We may collect the following categories of personal information depending on how you use the Services:

A) Information you provide directly

Contact and business details: name, business email address, phone number, company name, job title (if provided).
Inquiry content: information you submit via contact forms or email (e.g., project description).
Business relationship information: communications and related records.

B) Recruitment information (if you apply)

Application data: CV/resume, employment and education history, skills, and any other information you choose to provide.
Recruitment communications: interview scheduling information and correspondence.

C) Information collected automatically

Device and technical data: IP address, browser type/version, device type, operating system, language settings.
Usage data: pages visited, time spent on pages, clicks and navigation patterns, referring URLs.
Cookies and similar technologies: described in Section 9.

D) Information from third parties (limited)

Recruitment platform providers: application and process data provided through the careers platform.
Public sources: professional information you make publicly available (e.g., professional profiles) where relevant to business inquiries or recruitment.

3. How We Collect and Use Your Information

We collect and use personal information to:

A) Provide and maintain the Services

operate the website, maintain functionality, and ensure availability;
troubleshoot issues and improve performance and user experience.

B) Communicate with you and manage business relationships

respond to inquiries submitted through our contact form or email;
schedule calls/meetings and provide requested information;
manage B2B relationship communications (including proposals and coordination).

C) Recruitment

review applications, evaluate candidates, and manage the hiring process;
communicate about the application and interview process.

D) Security and compliance

protect the website and our systems (security monitoring, access control, log retention);
prevent, detect, and investigate abuse, fraud, or security incidents;
comply with applicable laws, regulations, and lawful requests.

E) Marketing communications (where applicable)

send business communications about our services where permitted by law and consistent with your preferences.

You can opt out at any time using the unsubscribe mechanism (if available) or by contacting us.

4. Legal Bases (EEA/UK – GDPR)

Where GDPR applies, we process personal data under one or more of the following legal bases:

Contract / steps prior to entering into a contract (Art. 6(1)(b)) – to respond to your request and manage cooperation.
Legitimate interests (Art. 6(1)(f)) – to operate, secure, and improve the Services; manage B2B communications; prevent fraud; and ensure IT security (balanced against your rights).
Consent (Art. 6(1)(a)) – where required (e.g., certain cookies, optional communications). You may withdraw consent at any time.
Legal obligation (Art. 6(1)(c)) – to comply with legal and regulatory requirements.

We may share personal information with:

Service providers (processors) that support website hosting, IT operations, security, analytics (where enabled), communications tools, and recruitment platforms.
Professional advisors (legal, audit, and similar) as needed for legitimate business purposes.
Authorities and regulators when required by law or to protect rights and security.
Transaction counterparties in the context of corporate transactions (e.g., merger, acquisition, restructuring), subject to appropriate safeguards.

We require service providers to protect personal information and process it only under our instructions and applicable law.

6. International Transfers

We operate from Poland and may work with clients and service providers internationally, including in the United States. As a result, your personal information may be transferred to, stored in, or accessed from locations outside the European Economic Area (EEA).

Where we transfer personal data outside the EEA, we implement appropriate safeguards, such as:

an adequacy decision (where applicable), or
the European Commission’s Standard Contractual Clauses (SCCs) and additional safeguards where required.

You may request more information about safeguards by contacting us (Section 12).

7. How Long We Retain Your Information

We retain personal information only as long as necessary for the purposes described in this notice, including legal, accounting, and reporting requirements.

Typical retention criteria (examples):

Inquiries and contact form submissions: retained for the period needed to respond and follow up, then for a reasonable recordkeeping period (e.g., up to 24 months from last interaction), unless a longer period is required.
B2B relationship records: for the duration of the relationship and then as required by applicable laws and limitation periods.
Recruitment records: retained for the hiring process and a reasonable period after it ends (e.g., up to 12 months), unless you consent to longer retention for future roles.
Security logs: retained for a limited period (e.g., up to 12 months) unless needed longer to investigate incidents.

We may retain data longer where necessary to establish, exercise, or defend legal claims.

8. How We Secure Your Information

We implement appropriate technical and organizational measures designed to protect personal information, such as:

access controls and least-privilege permissions;
monitoring and logging to support security and integrity;
encryption where appropriate;
policies and procedures to prevent unauthorized access, disclosure, alteration, or destruction.

No security measures are perfect, but we continuously work to protect personal information.

9. Cookies and Similar Technologies

Cookies are small text files stored on your device. Similar technologies can include pixels, tags, embedded scripts, and SDKs.

Cookie categories

Depending on the tools enabled on the website and your choices, we may use:

Strictly Necessary cookies – required for the website to function and for security.
Preferences / Functional cookies – help remember settings and improve site features.
Analytics cookies (optional) – help us understand website usage and improve performance.
Marketing / Targeting cookies (optional) – used to measure campaigns or provide relevant content (where enabled).
Social media cookies (optional) – enable social features and may track interactions (where enabled).

Managing cookies

You can manage cookies through our cookie banner/settings tool (where available) and through your browser settings. Blocking some cookies may impact website functionality.

10. Your Rights

Depending on applicable law (including GDPR), you may have the right to:

access your personal data,
rectify inaccurate or incomplete data,
request erasure (in certain circumstances),
request restriction of processing,
object to processing (including objection to processing based on legitimate interests),
request data portability (in certain circumstances),
withdraw consent at any time (where processing is based on consent),
lodge a complaint with a supervisory authority.

For individuals in Poland, the competent supervisory authority is the President of the Personal Data Protection Office (PUODO).

11. Region-Specific Information

A) Poland / EEA (GDPR)

If you are located in the EEA, we process your personal data in line with GDPR and applicable local laws. You can exercise your rights by contacting us (Section 12).

B) United States (general)

Certain U.S. state privacy laws may grant additional rights depending on your state of residence and the applicability of those laws. Where applicable, you may have rights to access, delete, or correct personal information, and to opt out of certain processing.

12. How To Contact Us

If you have questions about this notice or would like to exercise your rights, contact us at:

THE EPC NETWORK SP. Z O.O.
Emilii Plater 53, 00-113 Warszawa, Poland
Email: info@theepc.network
Subject line suggestion: “Privacy Request”

We may request reasonable information to verify your identity. Any information collected for verification will be used only for that purpose.

If you believe we are not addressing your concerns appropriately, you may lodge a complaint with your local supervisory authority (for Poland: PUODO).

13. Updates To This Notice

We may update this Privacy & Cookie Notice from time to time. When we do, we will revise the “Last updated” date above and post the updated version here.

Back to Home