27 Apr Where Does Your HR Software Come From?
Choosing an HR system is no longer a purely technical decision. Over the past few years, topics once reserved for diplomatic offices have entered boardrooms: data jurisdiction, country of origin, and dependency on foreign corporations. Geopolitics is now a factor in software procurement – and it is not going away.
In this context, Open Source gains a new dimension. It is no longer just a cost-effective alternative to expensive licences or a niche technology for enthusiasts. For organisations handling sensitive employee data, it is becoming an instrument of digital sovereignty.
Local Content – When Policy Meets Procurement
The Local Content initiative, increasingly prominent in Polish and European public policy, asks a question that should always be part of any software decision: where does what you use come from, and who benefits from it?
Local Content is a policy of preferring domestic or regional suppliers of goods and services – a concept long established in sectors such as energy and infrastructure, now being applied directly to information technology. The rationale is multi-layered:
- Economic: money spent with a local supplier stays in the local economy.
- Legal: European regulations – GDPR, NIS2, DORA – impose specific requirements on data location and protection that are significantly easier to meet when working with a provider operating in the same jurisdiction.
- Strategic: dependence on software controlled by entities outside the European Union creates potential vulnerability to political decisions, economic sanctions, or regulatory changes made in distant countries.
For organisations pursuing public contracts or EU funding, the Local Content argument is no longer abstract – in many cases, it is becoming a formal criterion or a factor in tender evaluation.
Why HCM Systems Deserve Special Attention
Human Capital Management systems hold some of the most sensitive data an organisation processes: salaries, performance reviews, health-related absences, disciplinary records, and personal identification numbers. Under GDPR, this data is subject to strict requirements – and the location of processing matters.
When you run your HCM on a US-based SaaS platform, your employee data is subject to the US CLOUD Act. This means US authorities can compel the provider to hand over data stored anywhere in the world – without necessarily notifying the data subject or the data controller in Europe. For HR data, the risk is not theoretical.
This is exactly where the choice of an HCM system becomes a legal and operational question, not only a technical one. And it is where Open Source, deployed on-premise or with a European cloud provider, offers a fundamentally different answer.
Open Source as a Response to Geopolitical Risk
Open Source software does not “belong” to any single country or corporation in the way closed commercial software does. A project may be initiated in one country, developed by a community of contributors from thirty others, and deployed by a local partner on servers in your own data centre. None of these elements depends on the others.
This is a fundamental difference compared to the SaaS model dominant among large commercial vendors. With a cloud HCM delivered by a US corporation, your data, processes, and business continuity depend on decisions made in San Francisco, on US law governing data access, and on the stability of trade relations between the US and the EU. None of those factors is under your control.
Open Source eliminates or radically reduces this dependency – provided the system is actually deployed on your own infrastructure or with a European operator. Open code also means the possibility of audit: you know what you are installing, without having to rely on the vendor’s assurances.
MintHCM: A Polish Open Source HCM Built for European Requirements
MintHCM is an HR and Human Capital Management system developed in Poland, built on the open-source SuiteCRM foundation. It is not a SaaS product – it is software you deploy in your own environment or with a European hosting partner of your choice.
From a Local Content perspective, MintHCM checks every relevant box:
- Country of origin: Poland – EU jurisdiction from development through support.
- Code: fully open, auditable, no black boxes.
- Data location: entirely under your control – on-premise, private cloud, or EU-based hosting.
- Vendor relationship: governed by Polish and EU law, not subject to CLOUD Act or equivalent extraterritorial legislation.
- Ecosystem: implementation partner, support, and development capacity available locally.
For organisations in regulated sectors – financial services, healthcare, public administration – this combination is not a nice-to-have. It is increasingly a requirement.
Where Does Your Software Come From?
Not everyone who decides on an HR system purchase knows where the producer is registered. The table below compares several HCM and related systems by country of origin and key data sovereignty implications.
| Product | Country of Origin | Category | Notes |
| MintHCM | Poland | HR / HCM | Open Source, built on SuiteCRM, hosted on-premise or EU cloud |
| SuiteCRM | United Kingdom | CRM | Fully Open Source, SugarCRM successor |
| SpiceCRM | Austria | CRM | Modern UI, developed in Europe |
| Mautic | USA (foundation) | Marketing Automation | Open Source, data hosted locally |
| Workday HCM | USA | HCM / SaaS | Closed SaaS, data in US cloud, CLOUD Act exposure |
| BambooHR | USA | HCM / SaaS | Closed SaaS, limited EU data residency options |
| SAP SuccessFactors | Germany / USA | HCM / SaaS | Enterprise SaaS, partial EU hosting available |
The Implementation Partner as Strategic Value
Poland has a mature implementation market, and Polish technology companies have for years specialised in adapting and extending European Open Source systems for local and regional clients.
This distinction matters. When an organisation selects an open-source HCM and commissions its implementation from a Polish firm, it simultaneously achieves several objectives: it uses European software, invests in the local economy, and retains full control over code and data. The value is not the product alone – it is the ecosystem: software, implementation partner, and infrastructure considered together.
The Local Content initiative, read literally, points precisely to this model.
Open Source as Strategy, Not Just Technology
For years, Open Source was evaluated primarily through the lens of cost: no licence fees, access to code, freedom to modify. Those arguments remain valid. Today, however, an additional dimension enters the calculation – one that would not have been raised in conversations about HR systems a decade ago.
Digital sovereignty means asking: who has access to your organisation’s data? Who can change the terms under which you use the system? Who can cut off access to a service in response to a political decision?
In the case of Open Source HCM — deployed on your own infrastructure, by a local partner, built on European code – the answer to each of those questions is: you.
That is what the Local Content initiative means when it talks about building technological resilience. And that is what a well-chosen Open Source HCM system actually delivers.