This Privacy Policy explains how Oleh Bykh Deep Eco (referred to as "we," "us," or "our") processes personal data in compliance with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679).
1. Data Controller Information
The Data Controller responsible for the processing of your personal data is:
Name of Business - Oleh Bykh Deep EcoOwner (Data Controller) - Oleh BykhNIP (Tax ID) - 9552400972REGON (Statistical ID) - 541320958Registered Address - ul. Augustyna Szamarzewskiego 21/2, 60-514 Poznań, PolandContact Email - oiduts.ocepeed%40tcatnoc
2. Types of Data Processed and Purpose of Processing
We primarily process personal data within a Business-to-Business (B2B) context. The data we process is strictly limited to what is necessary for our core activities: providing biodiversity management advisory, ecological surveys, and related B2B services.

3. Data Recipients and Transfers
We only disclose personal data to recipients when legally necessary or essential for providing our services.

Processors: We may use third-party service providers (e.g., cloud hosting, accounting, IT support, email marketing platforms) who process data on our behalf. We ensure all processors are GDPR-compliant through Data Processing Agreements (DPAs).

Legal/Official Bodies: Data may be disclosed to public authorities (e.g., tax office, courts) when required by law.

International Transfers: We generally do not transfer data outside the European Economic Area (EEA). If a transfer is necessary (e.g., using a US-based cloud provider), we will ensure adequate safeguards are in place, such as Standard Contractual Clauses (SCCs).

4. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Contractual Data: Retained for the duration of the contract plus the statutory limitation period for claims (typically 3-10 years under Polish law).

Marketing Data: Retained until the data subject objects or withdraws consent.

Accounting Records: Retained for the period required by tax and accounting laws (currently 5 years from the end of the calendar year in which the tax obligation arose).

5. Your Data Protection Rights
Under the GDPR, you have the following rights concerning your personal data:
- Right of Access: To request copies of your personal data.
- Right to Rectification: To request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
- Right to Erasure ('Right to be Forgotten'): To request that we erase your personal data, under certain conditions.
- Right to Restrict Processing: To request that we restrict the processing of your personal data, under certain conditions.
- Right to Object to Processing: To object to our processing of your personal data, under certain conditions (especially for direct marketing based on legitimate interest).
- Right to Data Portability: To request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
- Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw it at any time.

To exercise any of these rights, please contact us using the contact details provided in Section 1. We will respond to your request without undue delay and at least within one month.

6. Right to Lodge a Complaint
If you believe that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with the supervisory authority in Poland:

Prezes Urzędu Ochrony Danych Osobowych (President of the Personal Data Protection Office)

Address: ul. Stawki 2, 00-193 Warszawa, Poland

Website: https://uodo.gov.pl/

7. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. The latest version will always be posted on our website. We encourage you to review it periodically.

Last Updated: 25-10-2025.