Privacy Policy

Last updated: 20.06.2026

Data Controller:
ISBP Sp. z o.o.
ul. Kępowa 54/4, 40-583 Katowice, Poland
NIP 6342999234 · KRS 0000912909 · REGON 389363161
Contact: privacy@isbp.eu

1. Scope

This policy describes how ISBP Sp. z o.o. ("ISBP", "we") processes the personal data of people using our website and contacting us, in accordance with Regulation (EU) 2016/679 (GDPR).

2. What data we process

Contact form data: full name, company name, work e-mail and message content.
Consultation booking data (Cal.com): name, e-mail and chosen meeting time.
Technical data: standard server logs (for the security and stability of the service).

3. Purposes and legal bases

Responding to enquiries and business contact — Art. 6(1)(b) and (f) GDPR (legitimate interest: handling enquiries).
Arranging and delivering consultations — Art. 6(1)(b) GDPR.
Website statistics and security — Art. 6(1)(f) GDPR (legitimate interest: developing and protecting the site).
Compliance with legal obligations (e.g. accounting) — Art. 6(1)(c) GDPR.

4. Recipients

Data may be entrusted to trusted providers acting on our behalf (processors):

Cal.com — handling consultation bookings,
hosting and e-mail provider,
accounting and legal service providers.

5. Transfers outside the EEA

We aim to use providers that process data within the European Economic Area. Where a transfer outside the EEA is necessary, it takes place on the basis of Standard Contractual Clauses (SCC) approved by the European Commission.

6. Retention

We process data for as long as necessary to achieve the purpose (handling an enquiry, cooperation), and afterwards for the period required by law (including limitation of claims and accounting obligations). Analytics data is aggregated and does not allow identification.

7. Your rights

You have the right to: access your data, rectification, erasure, restriction of processing, data portability and to object. You also have the right to lodge a complaint with the President of the Personal Data Protection Office (PUODO).

8. Voluntariness and automated decisions

Providing data is voluntary but necessary to respond or to arrange a consultation. We do not make decisions on a solely automated basis and do not use profiling.

9. Contact

For matters concerning personal data, contact: privacy@isbp.eu.

10. Changes

We may update this policy. The current version is always available on this page together with the date of the last update.