Privacy Policy

Last updated: 3 June 2026

This Privacy Policy describes how personal data and cookies are processed in connection with the use of the b2bcyber.com website.

Data Controller

The controller of your personal data is Dominik Banat, operating the b2bcyber.com website under the B2B Cyber brand, further referred to as the “Controller”.

For privacy and data protection matters, please contact: [email protected].

What data we process, for what purposes, and on what basis

Depending on how you use the website, we may process the following data:

• Technical data and information about website use – for example IP address, date and time of the request, URL, device information, operating system, browser information, and technical logs. We process this data to ensure website security, administer the website, detect abuse, protect against spam, and diagnose technical issues. The legal basis is our legitimate interest under Article 6(1)(f) GDPR.
• Data submitted through the contact form or by email – for example your name, email address, phone number, and message content. We process this data in order to respond to your inquiry, handle correspondence, and take steps prior to entering into a contract or in connection with a business relationship. The legal basis is Article 6(1)(b) GDPR and, where the message does not relate to entering into or performing a contract, Article 6(1)(f) GDPR.
• Data submitted in a recruitment process – if you apply through the career form or send us your CV, we may process the data contained in the form, CV, cover letter, or other attachments. We process this data in order to conduct the current recruitment process and, if you give consent or voluntarily provide additional data, also within the scope of that consent. The legal basis is Article 6(1)(b) GDPR, Article 6(1)(c) GDPR and, where applicable, also Article 6(1)(a) GDPR and Article 9(2)(a) GDPR.

Providing data is voluntary. However, failure to provide the data required for contact or recruitment may make it impossible for us to respond to your message or review your application.

Google reCAPTCHA

We use Google reCAPTCHA on pages with forms in order to protect the website, forms, and infrastructure against spam, abuse, and automated traffic.

reCAPTCHA may analyze device and browser information, IP address, interaction data, and other information necessary to assess whether traffic comes from a human or from an automated system.

In connection with the use of Google reCAPTCHA, data may be transferred to Google. Details about how Google processes data are available here: Google Privacy Policy and Google Terms.

The legal basis on our side is Article 6(1)(f) GDPR, namely our legitimate interest in protecting the website and forms against abuse. If applicable law requires prior consent for specific technologies, their use is subject to your consent settings.

Cookies and consent management

The website uses cookies and similar technologies. We also use Cookiebot / Usercentrics CMP to manage consent for cookies and similar technologies.

Depending on the active website features, the following categories of cookies may be used:

• Necessary – required for the proper operation of the website, security, storing privacy settings, and handling forms
• Preferences – if features that remember user settings are active on the website
• Analytics or marketing – only if such tools are actually used on the website and in accordance with your consent settings

A detailed list of the cookies currently in use, their providers, purposes, and storage periods is available in the consent banner or in the cookie settings tool displayed on the website. You can change or withdraw your consent at any time.

You can also manage cookies directly in your browser. Official browser help pages are available here:

• Microsoft Edge
• Firefox
• Google Chrome
• Google Chrome on Android
• Opera
• Safari
• Safari on iPhone and iPad

Restricting certain cookies may affect the operation of selected website features.

Who we may share data with

Data may be shared with entities supporting the Controller in operating the website and business, in particular hosting and IT infrastructure providers, email providers, technical support providers, security solution providers, form or recruitment tool providers, and professional advisers where necessary.

Data may also be disclosed to duly authorized public authorities where required by law.

Transfers outside the EEA

Some service providers used by the website may process data outside the European Economic Area.

In such cases, data is transferred only with the safeguards required by GDPR, in particular on the basis of adequacy decisions, Standard Contractual Clauses, or other appropriate safeguards used by the relevant provider.

How long we keep data

• Contact data and correspondence – for the period necessary to handle the matter, and afterwards for the time necessary to defend against claims or pursue them
• Recruitment data – for the duration of the current recruitment process and, if you consent to future recruitment processes, until consent is withdrawn or those processes end, for no longer than 12 months, unless a longer period is required by law or needed for claims defense
• Technical logs and security data – for the period necessary to ensure security, analyze incidents, and administer the website
• Cookie and consent-related data – until the relevant cookie expires, is deleted from your device, or consent is changed or withdrawn, whichever comes first, subject to data necessary to document granted or withdrawn consent

Your rights

You have the right to:

• access your data
• rectify your data
• erase your data
• restrict processing
• data portability where provided by law
• object to processing based on Article 6(1)(f) GDPR
• withdraw consent at any time where processing is based on consent
• lodge a complaint with the competent supervisory authority

To exercise your rights, please contact us at [email protected].

If you believe your personal data is processed unlawfully, you may lodge a complaint with the President of the Personal Data Protection Office in Poland, ul. Stawki 2, 00-193 Warsaw.

Automated decisions

We do not carry out automated decision-making that produces legal effects concerning you or similarly significantly affects you within the meaning of Article 22 GDPR.

However, anti-spam and security tools such as reCAPTCHA may automatically analyze traffic in order to detect abuse.