Skip to content
Quercore Systems System design, modernization and integration delivery for critical financial platforms
  • Home
  • Services
  • Expertise
  • Insights
  • About
  • Contact

Privacy Policy

Privacy Policy

This Privacy Policy explains how we collect, use and protect personal data when you visit our website, contact us, apply for a role, or otherwise communicate with Quercore Systems.

Last updated

16 May 2026

This Privacy Policy applies to Quercore Systems and is presented here as a standalone legal notice in keeping with the visual language of the portal.

1. Who we are

This website is operated by Quercore Systems Grzegorz Popek, address at Wadowicka 7, 30-363 Krakow, Poland.

NIP: [679 259 94 40]

For the purposes of the General Data Protection Regulation (EU) 2016/679, and where applicable the UK GDPR, we are the controller of the personal data described in this Privacy Policy.

We have not appointed a Data Protection Officer. However, all privacy-related questions, data protection requests and concerns about how we handle personal data can be directed to:

privacy@quercore.systems

This Privacy Policy explains how we collect, use and protect personal data when you visit https://www.quercore.systems/, contact us, apply for a role, or otherwise communicate with us.

2. Scope of this Privacy Policy

This Privacy Policy applies only where Quercore processes personal data as a data controller.

This includes, for example, personal data relating to:

  • website visitors
  • people who contact us directly
  • employees and representatives of our clients, prospective clients, suppliers and business partners
  • marketing and business development contacts
  • job applicants and recruitment candidates

This Privacy Policy does not apply where Quercore processes personal data on behalf of its clients as a data processor.

Where Quercore develops software, hosts applications, provides engineering services, supports client systems, or otherwise processes personal data on behalf of a client, such processing is governed by a separate Data Processing Agreement, service agreement, statement of work, or other contractual arrangement with that client. In those situations, the relevant client is responsible for providing privacy information to the individuals whose data is processed.

This Privacy Policy also does not apply to third-party websites, platforms or services that we do not control. If our website contains links to third-party websites, their own privacy policies will apply.

3. Personal data we collect

3.1 Data collected automatically

When you visit our website, certain technical information may be collected automatically. This may include:

  • IP address
  • browser type and version
  • device information
  • operating system
  • pages visited
  • date and time of access
  • referring website, where applicable
  • basic diagnostic and security logs

This data is used to operate the website, keep it secure, diagnose technical issues, prevent abuse and maintain basic performance.

Our website is hosted using third-party hosting, CDN, DNS and web security providers. These providers may process limited technical data on our behalf in order to deliver, secure and monitor the website.

3.2 Data you provide to us

If you contact us by email, through a contact form, or by any other direct communication channel, we may process the information you provide, including:

  • your name
  • your email address
  • your company or organisation
  • your role or job title, if provided
  • your telephone number, if provided
  • the content of your message
  • any other information you choose to send to us

We use this information to respond to your enquiry, discuss potential work, provide requested information, and manage our business relationship with you or your organisation.

3.3 Business contact details

As a B2B software development and consulting company, we may process business contact details of our clients’ and prospects’ employees, representatives, consultants, suppliers and business partners.

This may include:

  • name
  • business email address
  • business telephone number
  • job title or role
  • company or organisation name
  • business correspondence
  • information relating to meetings, proposals, contracts, projects or services

We process this information to communicate with organisations, manage professional relationships, discuss potential engagements, deliver services, and fulfil B2B contracts.

3.4 Recruitment and careers data

If you apply for a role, contact us about work opportunities, or are introduced to us as a potential candidate, we may process recruitment-related personal data, including:

  • name
  • contact details
  • CV, resume or portfolio
  • employment history
  • education and qualifications
  • skills and experience
  • LinkedIn profile or other professional profile, if provided or publicly available
  • interview notes and recruitment correspondence
  • information about availability, expectations and suitability for a role

We use this information to assess your application, communicate with you, manage the recruitment process, and decide whether to enter into a contract with you.

If we want to keep your details for future recruitment opportunities after the current recruitment process has ended, we will ask for your consent where required.

3.5 Cookies and similar technologies

We use cookies and similar technologies on our website.

Strictly necessary cookies are used to operate the website and remember essential choices, such as cookie preferences.

Analytics or marketing cookies, if used, are only activated with your consent. You can find more information in our Cookie Policy, including cookie categories, purposes, retention periods and how to change your choices.

4. Purposes and legal bases for processing

We process personal data for the following purposes and on the following legal bases.

4.1 Website operation, security and diagnostics

We process technical and log data to operate, secure and maintain the website, detect abuse, troubleshoot errors and ensure basic website performance.

Legal basis: our legitimate interests in operating a secure and reliable website, under Article 6(1)(f) GDPR and, where applicable, UK GDPR.

4.2 Responding to enquiries

When you contact us, we process your personal data to respond to your message, provide requested information, discuss potential services, and manage pre-contractual or business communications.

Legal basis: taking steps prior to entering into a contract, under Article 6(1)(b) GDPR, or our legitimate interests in responding to business enquiries, under Article 6(1)(f) GDPR, depending on the context.

4.3 B2B relationship management

If you or your organisation are a client, prospective client, supplier, partner or other business contact, we may process your business contact details to manage the relationship, maintain records, communicate with you, organise meetings, prepare proposals, negotiate contracts, deliver services, manage projects and perform related administrative activities.

Legal basis: our legitimate interests in maintaining B2B relationships and fulfilling B2B contracts, under Article 6(1)(f) GDPR. Where we have a direct contract with you as an individual, the legal basis may also be contract performance under Article 6(1)(b) GDPR. Where we are required to keep certain records by law, the legal basis is legal obligation under Article 6(1)(c) GDPR.

4.4 Recruitment

If you apply for a role or contact us about work opportunities, we process your personal data to assess your application, communicate with you, conduct interviews, verify your suitability and decide whether to enter into a contract with you.

Legal basis: taking steps prior to entering into a contract, under Article 6(1)(b) GDPR.

Where we process information that you voluntarily provide beyond what is necessary for the recruitment process, the legal basis may be your consent under Article 6(1)(a) GDPR or our legitimate interests under Article 6(1)(f) GDPR, depending on the context.

Where we ask to keep your details for future recruitment opportunities, the legal basis is your consent under Article 6(1)(a) GDPR. You may withdraw that consent at any time.

4.5 Analytics and website improvement

If analytics tools are enabled and you give consent, we may process information about how visitors use our website to understand traffic, improve content and measure the performance of the site.

Legal basis: your consent, under Article 6(1)(a) GDPR.

4.6 Marketing technologies

If marketing technologies are enabled and you give consent, we may use them to measure campaigns or understand how visitors interact with our website and content.

Legal basis: your consent, under Article 6(1)(a) GDPR.

4.7 Legal obligations and protection of rights

We may process personal data where necessary to comply with legal obligations, respond to lawful requests, keep required records, or establish, exercise or defend legal claims.

Legal basis: legal obligation under Article 6(1)(c) GDPR or our legitimate interests under Article 6(1)(f) GDPR.

5. Who we share personal data with

We do not sell personal data.

We may share personal data with the following recipients where necessary:

  • Cloudflare - used for website hosting, Content Delivery Network, DNS and web security
  • Cloudflare Pages Function and Gmail API - used for secure contact form processing and message delivery
  • Google Workspace or Microsoft 365 - used for email communication and internal business productivity, depending on the final email setup
  • analytics providers, if analytics are enabled and you have consented
  • marketing technology providers, if marketing tools are enabled and you have consented
  • professional advisers, such as accountants, lawyers, tax advisers, auditors or consultants
  • public authorities, courts or regulators, where required by law or necessary to protect our rights

Where service providers process personal data on our behalf, we use appropriate contractual arrangements to protect that data.

Some providers may act as independent controllers for certain limited processing activities, depending on their own terms and the nature of the service.

6. International transfers

We are based in Poland, within the European Economic Area.

Some of our service providers may process personal data in countries outside the European Economic Area or the United Kingdom, including the United States, depending on the services used.

Where personal data is transferred outside the EEA or the United Kingdom, we rely on appropriate safeguards under applicable data protection law. These may include:

  • adequacy decisions adopted by the European Commission
  • adequacy regulations or equivalent mechanisms under UK data protection law
  • the EU-US Data Privacy Framework, where the recipient is certified and the transfer falls within its scope
  • the UK Extension to the EU-US Data Privacy Framework, where applicable
  • Standard Contractual Clauses approved by the European Commission
  • the UK International Data Transfer Agreement or UK Addendum, where applicable
  • additional technical or organisational measures where required

For transfers to US-based providers such as Cloudflare, Google or Microsoft, we may rely on the EU-US Data Privacy Framework and, where applicable, the UK Extension to the EU-US Data Privacy Framework, if the relevant provider is certified and the transfer falls within the scope of that certification. Where necessary, we may also rely on Standard Contractual Clauses or equivalent UK transfer mechanisms.

Transfers from the EEA to the United Kingdom may rely on the European Commission’s adequacy decision for the United Kingdom, where applicable.

You may contact us for more information about the safeguards used for international transfers.

7. How long we keep personal data

We keep personal data only for as long as necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

Typical retention periods include:

  • technical logs and diagnostics: for a limited period necessary for security, troubleshooting and abuse prevention
  • contact form and email enquiries: for the duration of the enquiry and, where relevant, for a reasonable period afterwards to manage follow-up communication
  • business correspondence: for the duration of the business relationship and applicable limitation periods
  • accounting, legal and contractual records: for periods required by applicable law
  • recruitment data: for the duration of the recruitment process and, where applicable, for a reasonable period afterwards to handle follow-up questions or legal claims
  • future recruitment data: for the period covered by your consent or until you withdraw that consent
  • analytics and marketing data: according to the retention periods described in the Cookie Policy or until you withdraw consent, where applicable

If we no longer need personal data, we will delete it or anonymise it where reasonably possible.

8. Your rights

Subject to legal conditions and limitations, you have the following rights in relation to your personal data:

  • the right to access your personal data
  • the right to rectify inaccurate or incomplete data
  • the right to erase your data
  • the right to restrict processing
  • the right to object to processing based on legitimate interests
  • the right to data portability, where applicable
  • the right to withdraw consent at any time, where processing is based on consent

Withdrawing consent does not affect the lawfulness of processing carried out before consent was withdrawn.

To exercise your rights, contact us at:

privacy@quercore.systems

We may need to verify your identity before responding to a request.

9. Right to lodge a complaint

If you believe that your personal data has been processed unlawfully, you have the right to lodge a complaint with a supervisory authority.

As we are based in Poland, you may contact the Polish supervisory authority:

President of the Personal Data Protection Office
Urzad Ochrony Danych Osobowych
ul. Stanislawa Moniuszki 1A
00-014 Warszawa
Poland

Website: https://uodo.gov.pl

If you are located in the United Kingdom, you may also have the right to contact the UK supervisory authority:

Information Commissioner’s Office
Website: https://ico.org.uk

You may also contact the supervisory authority in the EU member state of your habitual residence, place of work, or place of the alleged infringement.

10. Children’s privacy

Our website and services are intended for business users and adults. We do not knowingly collect personal data from children.

11. Cookies

For more information about cookies, similar technologies, consent choices and how to change your preferences, please see our Cookie Policy.

12. Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration or disclosure.

These measures may include, where appropriate:

  • data encryption in transit and at rest
  • strict access controls
  • secure authentication practices
  • secure internal policies and procedures
  • access limited to people who need the data for business purposes
  • supplier due diligence and contractual data protection safeguards
  • regular backups
  • monitoring, logging and incident response procedures
  • secure configuration of website, hosting and email systems

No website, online service or communication method is completely secure. For security concerns, suspected abuse or vulnerability reports involving this website or contact form, contact:

security@quercore.systems

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always be available on this page and will show the date of the most recent update.

14. Contact

For privacy questions, data protection requests or concerns about how we handle personal data, contact us at:

privacy@quercore.systems

Quercore Systems

System design, modernization and integration delivery for critical financial platforms

Confidential conversations welcome.

Imperial Business Center, ul. Wadowicka 7, 30-363 Kraków, Poland

Open in Google Maps

Navigate

  • Services
  • Expertise
  • Insights
  • About
  • Contact
  • Privacy
  • Cookies

Contact

contact@quercore.systems

© Quercore Systems. All rights reserved.