Skip to main content Scroll Top
Social-linkedin Instagram Youtube
office.kielce@ngproc.com
+48 790150081
contact us
«
Privacy Policy
»

Effective date: May 20, 2025
Last updated: Nov 1, 2025

1. Introduction

Welcome to NextGen Procurement Consultants Prosta Spółka Akcyjna (“NextGen”, “we”, “us”, or “our”). We respect your privacy and are committed to protecting your personal data. This Privacy Policy describes how we collect, use, store, share and protect your information when you visit our website (www.ngproc.com) or otherwise communicate with us (via contact forms, email, social media, events, etc.).

2. Data Controller & Contact

NextGen Procurement Consultants Prosta Spółka Akcyjna
Address: Działkowa 10A, 26-085 Kostomłoty Pierwsze, Poland
KRS: 0001173877 | NIP: 9592082892 | REGON: 541766690
Email: office.kielce@ngproc.com
We act as the data controller under the European Union General Data Protection Regulation (GDPR).

3. Scope / Applicability

This Privacy Policy applies to:

  • Visitors to our website and affiliated digital platforms;

  • Clients, prospects and contacts in our CRM or sales systems;

  • Participants in our webinars, events or trainings;

  • Job applicants who submit CVs or other recruitment data;

  • Suppliers, vendors, partners and contractors;

  • Individuals who correspond with us via e‐mail, social media or other channels.
    We want to ensure transparency about how we treat personal data across these different contexts.

4. Personal Data We Collect

We may collect the following categories of personal data:

  • Contact & identity information: name, job title, company name, email address, telephone, social media profile.

  • Technical and usage data: IP address, device type, browser, operating system, usage of our website/platforms, cookie identifiers, referrer URLs.

  • Recruitment data: CV, professional experience, qualifications, contact details and other information you provide.

  • Marketing & analytics data: preferences, interests, website interactions, consent status, cookie tracking.

  • Other data: as necessary for event registration, newsletter subscription, communication with us.

5. Legal Basis for Processing

We rely on one or more of the following legal bases for processing personal data:

  • Consent (Art. 6(1)(a) GDPR), e.g., when you agree to cookies/marketing.

  • Contract / pre‐contractual steps (Art. 6(1)(b) GDPR), e.g., when handling your inquiry or preparing a proposal.

  • Legitimate interests (Art. 6(1)(f) GDPR), such as maintaining our website, analytics, marketing communications, business operations — provided your rights don’t override these interests.

  • Legal obligation (Art. 6(1)(c) GDPR), when we must comply with law (e.g., regulatory requests, tax records).

6. How We Use Your Data

We use your personal data for the following purposes:

  • To respond to inquiries, requests, forms and communications.

  • To manage recruitment and evaluate candidates.

  • To deliver newsletters, marketing communications (when you’ve consented or when legitimate interest applies).

  • To analyze website traffic and performance if such tools are enabled (e.g., Google Analytics, LinkedIn Insight Tag).

  • Website analytics (Google Analytics) are used only after obtaining user consent and can be disabled at any time via cookie settings.

  • To maintain, secure and improve our website, services and user-experience.

  • To comply with applicable laws, auditing, regulatory matters and internal governance.

  • To share with service providers (hosting, CRM, analytics, event platforms) as necessary and under contract.

We do not sell your personal data to third parties for their own direct marketing purposes.

7. Data Retention

We retain personal data only as long as necessary for the purposes listed above or as required by law. Examples:

  • Contact/inquiry records: up to 12 months after last interaction.

  • Recruitment candidate data: up to 12 months after application unless you consent to longer retention.

  • Analytics/cookie data: as per your consent settings and our internal policy.
    If required by law (e.g., tax, reporting) we may retain data longer.

8. Data Sharing & International Transfers

  • We may share personal data with trusted service providers acting as data processors (hosting, CRM, analytics, marketing automation, IT support).

  • We may disclose data to regulatory or government authorities when required by law.

  • When transferring personal data outside the European Economic Area (EEA) or United Kingdom (UK), we apply appropriate safeguards (e.g., Standard Contractual Clauses, approved transfer mechanisms).

  • We may transfer data within our corporate group (if applicable) subject to appropriate safeguards.

9. Profiling and Marketing

  • With your consent, or under legitimate interest where applicable, we may analyse your interests, behaviour on our website or events in order to personalise communications, marketing and content.

  • You have the right to object to processing based on legitimate interests and to withdraw consent at any time.

  • We do not perform solely automated decision-making with legal or similarly significant effects (unless explicitly stated).

10. Children’s Privacy

Our website and services are not directed at children under the age of 16. We do not knowingly collect personal data from individuals under 16. If you believe we may have collected data of a child under 16, please contact us and we will take steps to delete it.

11. US State Privacy Rights

If you are a resident of California, Colorado, Connecticut, Utah, Virginia or other US states with similar data privacy laws, you may have additional rights such as: access, correction, deletion, data portability, opting-out of sale or sharing of personal information, and objection to targeted advertising. Although we do not “sell” personal data, you may submit a request by contacting office.kielce@ngproc.com with subject “US State Privacy Request”. We will not discriminate against you for exercising these rights.

12. Your Rights

Under applicable data protection laws (including GDPR) you have the right to:

  • Access your personal data we hold.

  • Request correction of inaccurate or incomplete data.

  • Request deletion (“right to be forgotten”) where applicable.

  • Request restriction of processing.

  • Object to processing (including profiling or direct marketing).

  • Request data portability (to another controller) where applicable.

  • Withdraw consent at any time where the processing is based on consent.

  • Lodge a complaint with a supervisory authority (in Poland: the PUODO / Urząd Ochrony Danych Osobowych).

13. Data Security

We implement appropriate technical and organisational measures to protect your personal data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. Access is restricted to authorised personnel and third-party providers under contract who comply with our security standards.

14. Changes to This Policy

We may update this Privacy Policy from time to time (for example to reflect changes in law or our practices). The updated version will be published on this page with a revised “Last updated” date. Continued use of our website after changes means you accept them.

15. Contact / Data Protection Officer

If you have any questions, concerns or requests regarding this Privacy Policy or your personal data, please contact us at:
Email: office.kielce@ngproc.com
Address: Działkowa 10A, 26-085 Kostomłoty Pierwsze, Poland