Information Clause for Contractors
Last updated: May 23, 2026
DevHunt information clause for contractors who are natural persons, representatives of contractors, including members of bodies, authorized signatories or representatives of entities cooperating with DevHunt and their employees or coworkers, whose personal data is made available to DevHunt in connection with the conclusion or performance of agreements to which DevHunt is a party.
This document contains, among others, information on the purposes of processing your personal data by [DevHunt — registered company name and address] (hereinafter "Data Controller" or "DevHunt"), the period of their processing by the Data Controller, your rights, possible recipients of your personal data, contact details in matters related to the processing of your data by the Data Controller.
The following information is presented in connection with the obligations arising from Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter "GDPR").
1. Data Controller
The Controller of your personal data is [DevHunt — registered company name and address].
2. Contact
For any matter relating to the processing of your personal data by the Data Controller, including in order to exercise your rights, you may contact the Data Controller:
- In writing — by sending a letter to the registered office address indicated in point 1 above;
- Via email — at the following address: privacy@devhunt.io.
3. Purposes of Processing
Your personal data, depending on the relationship between you and the Data Controller, are processed for the following purposes:
| Purpose | Legal Basis | Data Retention Period |
|---|---|---|
| Taking actions preceding the conclusion of the agreement and then performing the agreement to which you are a party, and taking actions necessary for its proper implementation. | Article 6(1)(b) GDPR | Personal data will be processed until the completion of all activities preceding the conclusion of the agreement. Then, in the case of concluding the agreement — until the complete performance of the agreement, including its expiry, termination or cancellation. |
| Taking actions necessary to conclude the agreement, and then performing the agreement to which you are not a party, including verification of the representation rights, contact during the performance of the agreement, and exchange of correspondence regarding the performance of the agreement. The processing of personal data of agents/representatives and employees/coworkers of the Data Controller's trading partner for the above purposes constitutes a legitimate interest pursued by the Data Controller. | Article 6(1)(f) GDPR | Data will be processed until the completion of all activities preceding the conclusion of the agreement. Then, in the case of concluding the agreement — until the complete performance of the agreement, including its expiry, termination or cancellation. |
| Fulfillment of legal obligations, including tax, accounting and reporting provisions. | Article 6(1)(c) GDPR read with individual provisions of applicable law imposing obligations on the Data Controller. | For tax documentation — 5 years from the end of the calendar year in which the tax payment deadline expired. For accounting documentation — 5 years from the end of the calendar year in which the operations, transactions and proceedings were/will be finally completed, repaid, settled or expired. In other cases — until the Data Controller fulfils other obligations specified in individual provisions of law. |
| Realization of legitimate interests of the Data Controller: handling, investigating and/or defending against claims. | Article 6(1)(f) GDPR | Until the legitimate interest of the Data Controller is fulfilled or an effective objection to such processing is raised, no longer than until the end of the calendar year in which the limitation period expires under applicable law. |
Note: The period of personal data processing is determined individually for each purpose. Both during and after the processing of personal data for a given purpose, DevHunt may process personal data based on other purposes and grounds indicated in the table for the period indicated for them.
4. Sources of Personal Data
Depending on the relationship between you and the Data Controller, your personal data may be obtained:
- Directly from you — e.g. data provided in the agreement, data provided in correspondence;
- From publicly available sources — e.g. official company and business registers;
- From third parties — e.g. a contractor who has granted you a power of attorney or indicated you to contact or perform certain activities in connection with the agreement concluded with the Data Controller.
5. Categories of Personal Data
Depending on the relationship between you and the Data Controller, the Data Controller may process the following categories of your personal data:
- Identification data — e.g. name, surname, passport number, tax ID, business registry number, depending on your country;
- Data on the official position — function held;
- Business contact details — e.g. correspondence address, telephone number, email address;
- Financial data — e.g. bank account number to which receivables will be paid under the agreement concluded with the Data Controller.
6. Recipients of Personal Data
Access to your personal data may be granted to authorized employees and associates of the Data Controller, entities with whom the Data Controller has concluded a data processing agreement, or to whom the provision of your personal data is compliant with applicable laws.
The recipients of your personal data may include entities cooperating with DevHunt in the provision of services, including entities providing:
- Hosting services
- Mailing services
- Contact form provision services
- Consulting services
- IT services
- Delivery of correspondence and parcels
- Personal and property protection services
- Consultative, advisory, control, legal, and archiving services
7. Transfer to National Authorities
Your personal data may also, within the limits set by law, be transferred to national authorities, institutions, or other entities that, based on applicable laws, are entitled to request access to or receive it — e.g. law-enforcement authorities and the competent data protection authority.
8. Your Rights
You have the following rights in relation to the processing of personal data:
- The right to access personal data and receive a copy thereof;
- The right to correct personal data;
- The right to delete personal data;
- The right to restrict processing;
- The right to transfer data processed in an automated manner and based on consent or based on an agreement;
- The right to object to processing — in cases where DevHunt processes your personal data based on a legitimate interest.
9. Right to Lodge a Complaint
If you believe that the processing of personal data violates the provisions of the GDPR or other personal data protection provisions, you have the right to lodge a complaint with the competent data protection authority.
10. Voluntary Nature of Providing Data
Although providing your personal data is voluntary, providing the data — depending on the relationship between you and the Data Controller — is necessary to conclude or perform an agreement with the Data Controller. Furthermore, in cases where the processing of your data is carried out to fulfil the legal obligations of the Data Controller, failure to provide the data may affect the performance of the agreement made with the Data Controller and trigger implications arising from applicable provisions of law.
11. Automated Processing
Your personal data will not be processed in an automated manner that could result in automated decision-making, including decisions based on profiling.