Privacy Policy

Last updated: 1 January 2026 · RB Consulting, Domaniewska 24/93, 02-672 Warszawa, Poland · NIP: 5214113129

RB Consulting ("we", "us", "our") is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and applicable Polish data protection law. This Privacy Policy explains what data we collect, why we collect it, how we use it, and what rights you have.

1. Data Controller

The data controller responsible for your personal data is:

RB Consulting
Domaniewska 24 / 93
02-672 Warszawa, Polska
NIP: 5214113129
Email: [email protected]

2. What Personal Data We Collect

We collect and process the following categories of personal data:

Contact data: name, email address, company name — when you submit a contact form or email us directly.
Communication data: content of messages, emails, and correspondence with us.
Technical data: IP address, browser type, device type, pages visited, and time of visit — collected automatically via standard web server logs.
Payment data: when you pay for our services, payment processing is handled by Mollie B.V. We do not store your card details. See Mollie's privacy policy at mollie.com/legal/privacy.

3. Legal Basis for Processing

We process your personal data on the following legal bases:

Contract performance (Art. 6(1)(b) GDPR): to provide IT consulting services you have requested.
Legitimate interests (Art. 6(1)(f) GDPR): to respond to enquiries, improve our services, and prevent fraud.
Legal obligation (Art. 6(1)(c) GDPR): to comply with tax, accounting, and other applicable legal requirements.
Consent (Art. 6(1)(a) GDPR): where you have given explicit consent, e.g. for marketing communications (you may withdraw at any time).

4. How We Use Your Data

To respond to your enquiries and consultation requests
To provide, manage, and invoice IT consulting services
To process payments via Mollie
To comply with legal and tax obligations (Polish tax law, EU VAT rules)
To maintain the security and performance of our website

5. Data Sharing and Third Parties

We do not sell your personal data. We may share data with:

Mollie B.V. (payment processor) — for payment processing. Mollie is regulated by De Nederlandsche Bank (DNB).
Email service providers — to manage correspondence (e.g. Google Workspace / Gmail).
Accounting and legal advisors — who are bound by confidentiality obligations.
Public authorities — where required by law (e.g. tax authorities, regulators).

All third-party processors are required to handle your data in compliance with GDPR and have signed appropriate data processing agreements (DPA) where required.

6. International Data Transfers

Your data is primarily processed within the European Economic Area (EEA). Where data is transferred outside the EEA (e.g. via Google services), we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission.

7. Data Retention

Contact enquiries: retained for up to 3 years after last contact.
Contract and invoice data: retained for 5 years as required by Polish accounting law (Ustawa o rachunkowości).
Website technical logs: retained for up to 12 months.

8. Your Rights Under GDPR

You have the following rights regarding your personal data:

Right of access — to obtain a copy of your data (Art. 15)
Right to rectification — to correct inaccurate data (Art. 16)
Right to erasure — to request deletion ("right to be forgotten") (Art. 17)
Right to restriction — to limit how we use your data (Art. 18)
Right to data portability — to receive your data in a structured format (Art. 20)
Right to object — to processing based on legitimate interests (Art. 21)
Right to withdraw consent — at any time, without affecting prior processing

To exercise any of these rights, contact us at: [email protected]

You also have the right to lodge a complaint with the Polish data protection authority: Urząd Ochrony Danych Osobowych (UODO), ul. Stawki 2, 00-193 Warszawa, uodo.gov.pl.

9. Cookies and Tracking

Our website uses minimal technical cookies necessary for proper functioning. We do not use advertising cookies, third-party tracking, or analytics tools that identify individual visitors. No consent banner is required as we do not use non-essential cookies.

10. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. All data is transmitted over encrypted HTTPS connections.

11. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top will reflect any changes. We encourage you to review this page periodically.

12. Contact

For any questions regarding this Privacy Policy or your personal data, contact us:
RB Consulting — [email protected]
Domaniewska 24 / 93, 02-672 Warszawa, Polska