Your privacy matters to us.

Last updated: June 2026

1. Data Controller

The controller of your personal data is:

Business & Culture Agnieszka Gosztyła ul. Zwycięzców 6/83 03-941 Warsaw, Poland NIP (Tax Identification Number): 8133229763

If you have any questions regarding this Privacy Policy or the processing of your personal data, you can contact us at:

Email: hello@beyondbc.eu

2. What Personal Data We Collect

We may collect and process the following personal data:

Information you provide directly

When you contact us, schedule a meeting, or otherwise interact with us, we may collect:

• First and last name

• Email address

• Company or institution name

• Job title or professional role

• Information included in your message or correspondence

• Any other information you voluntarily provide

Information collected automatically

When you visit our website, certain technical information may be collected automatically, including:

• IP address

• Browser type and version

• Device information

• Aggregated, non-identifying website usage statistics

3. Purposes and Legal Bases for Processing

We process personal data for the following purposes:

Responding to inquiries and business communications

Purpose: to respond to your messages, inquiries, requests, and potential cooperation opportunities.

Legal basis:

• Article 6(1)(b) GDPR – taking steps prior to entering into a contract

• Article 6(1)(f) GDPR – our legitimate interest in conducting business communications

Scheduling meetings

Purpose: to arrange and manage meetings booked through our scheduling tool (Calendly).

Legal basis:

• Article 6(1)(b) GDPR

• Article 6(1)(f) GDPR

Website operation and security

Purpose: to ensure the proper functioning, security, and administration of the website.

Legal basis:

• Article 6(1)(f) GDPR – legitimate interest

4. Recipients of Personal Data

We may share personal data with trusted service providers acting on our behalf, including:

• Website hosting and website platform providers (Framer)

• Calendly LLC (meeting scheduling services)

• IT and technical support providers

• Professional advisors where necessary

• Public authorities where required by law

Such entities process data only under appropriate contractual safeguards and only to the extent necessary to provide their services.

5. International Data Transfers

Some of our service providers may process personal data outside the European Economic Area (EEA), including in the United States.

Where such transfers occur, appropriate safeguards are applied in accordance with GDPR requirements, including:

• Standard Contractual Clauses approved by the European Commission;

• The EU–US Data Privacy Framework, where applicable.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this Policy.

In particular:

• Contact and correspondence data: for the duration of communication and up to 3 years thereafter where necessary to protect legal claims.

• Meeting scheduling data: for the duration of the business relationship and related communications.

• Data required by law: for the period required under applicable legal and tax regulations.

7. Your Rights

Under GDPR, you have the right to:

• Access your personal data;

• Rectify inaccurate data;

• Erase your personal data;

• Restrict processing;

• Object to processing based on legitimate interest;

• Data portability;

• Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, please contact: hello@beyondbc.eu

You also have the right to lodge a complaint with the Polish supervisory authority:

President of the Personal Data Protection Office (UODO) ul. Stawki 2 00-193 Warsaw, Poland

8. Cookies and Analytics

This website uses Framer's built-in, privacy-friendly analytics, which do not use cookies or create persistent identifiers. As a result, no analytics or marketing cookies are placed on your device, and no cookie consent banner is required.

Only essential cookies strictly necessary for the website's operation and security may be used. You can manage or delete cookies at any time through your browser settings.

9. Voluntary Provision of Data

Providing personal data is voluntary. However, failure to provide certain information may make it impossible for us to respond to your inquiry, arrange a meeting, or provide requested services.

10. Automated Decision-Making

Your personal data is not subject to automated decision-making, including profiling, that would produce legal effects concerning you or similarly significantly affect you.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or business developments. The current version will always be available on this website together with the date of its latest update.