DATA MINIMIZATION POLICY

 

1. BASIC PRINCIPLES

1.1 Main principle

Grey Partnerships collects only the essential minimum of data necessary to operate the www.biznesiekologia.com portal and provide information services in the field of sustainable business.

1.2 Legal basis

• Art. 6 para. 1 lit. a GDPR (consent) – newsletter, comments
• Art. 6 para. 1 lit. f GDPR (legitimate interest) – contact, events, analytics
• Art. 6 para. 1 lit. b GDPR (contract performance) – orders, invoices

1.3 What we DO NOT collect

The portal categorically does not collect:

• Surnames (only first names in forms)
• Private home addresses
• Private phone numbers
• Sensitive data (political views, religious, health)
• Photos from events without consent
• Detailed payment data (handled by payment operator)

2. WHAT WE COLLECT AND WHY

2.1 Contact form

We collect:

• Email address (to respond)
• Message content (to know what you’re asking about)

Optionally:

• First name (to know how to address you)
• Company name (to tailor the response)
• Industry (to better match content)

We store: 2 years, then automatically delete

2.2 Newsletter

We collect:

• Email address (to send newsletter)

Optionally:

• First name (to personalize message)
• Areas of interest (to match content)

We store: Until unsubscription

2.3 Events (webinars, conferences)

We collect:

• Email address (to send link/notifications)
• Number of people (to prepare event)

Optionally:

• First name (for better contact)
• Company name (for participation certificates)
• Position (to tailor content)

We store: 1 year after event

2.4 Comments on the site

We collect:

• Email address (for reply notifications)
• First name or pseudonym (to display with comment)
• Comment content

We store: 3 years or until comment deletion

2.5 Site analytics

We collect automatically:

• IP address (anonymized)
• Browser and device type
• Visited pages
• Visit time

We store: 14 months (according to Google Analytics settings)

3. SIMPLIFIED SECURITY

3.1 Technical

• HTTPS encryption on entire site
• Secure passwords for systems
• Automatic deletion of old data
• Backups in secure location
• WordPress system updates

3.2 Organizational

• Only 2-3 team members have access to data
• Regular password changes
• We don’t share data with external parties
• Data review every 6 months

4. YOUR RIGHTS

You have the right to:

• Check what data we have about you
• Correct incorrect data
• Delete your data
• Withdraw consent at any time
• Transfer data to another service

Contact: redakcja@biznesiekologia.com

5. SIMPLE PROCEDURES

5.1 If you want to delete your data

Write us an email: “Please delete my data” – we’ll delete it within 7 days.

5.2 If you want to check your data

Write us an email: “Please provide information about my data” – we’ll respond within 14 days.

5.3 If you want to unsubscribe from newsletter

Click the “Unsubscribe” link in any newsletter or write to us.

6. PRACTICAL EXAMPLES

6.1 Contact form

• Email: [required]
• Message: [required]
• First name: [optional]
• Company: [optional]
• Industry: [optional]

☑ I agree to data processing for response purposes

6.2 Newsletter subscription

• Email: [required]
• First name: [optional]
• Areas of interest: [optional]

☑ I agree to receive the Business and Ecology newsletter

6.3 Event registration

• Email: [required]
• Number of people: [required]
• First name: [optional]
• Company: [optional]
• Position: [optional]

☑ I agree to data processing for event organization purposes

7. ALTERNATIVE CONTACT METHODS

7.1 Without providing data

• Comments under social media posts
• Participation in open events without registration
• Using the website without logging in
• Reading articles without registration

7.2 Anonymous feedback

• Surveys without personal data
• Suggestion box at events
• Anonymous feedback forms

8. WHAT WE DO IN CASE OF PROBLEMS

8.1 If someone breaks into our systems

• Immediately change passwords
• Check if data was stolen
• Inform everyone who might be affected
• Report to appropriate authorities

8.2 If we make a mistake

• Immediately correct it
• Inform affected persons
• Implement procedures to prevent recurrence

9. COOPERATION WITH OTHER ORGANIZATIONS

9.1 Rules

• We don’t share mailing lists
• We don’t sell data
• We cooperate without exchanging personal data
• We only share statistics (without personal data)

9.2 Examples of safe cooperation

• “We have 5000 people in our newsletter” ✓
• “Here’s our subscriber list” ✗
• “”We co-organize a webinar” ✓
• “We send your promotion to our list”✗

10. MONITORING AND IMPROVEMENT

10.1 What we check monthly

• Whether we delete old data
• Whether systems are secure
• Whether we follow our rules

10.2 What we do every six months

• Review entire policy
• Check if we can collect even less data
• Update procedures

11. KEY RULES FOR THE TEAM

11.1 For all employees

• Don’t ask for data that isn’t needed
• Don’t share data with external parties
• Regularly delete old data
• Ask when in doubt

11.2 For the person responsible for data

• Monthly system check
• Responding to access/deletion requests
• Ensuring security
• Policy updates

12. TECHNICAL DETAILS (FOR ADMINISTRATOR)

12.1 Retention periods

• Contact form: 24 months
• Newsletter: until unsubscription
• Events: 12 months
• Comments: 36 months
• System logs: 30 days
• Analytics: 14 months

12.2 Automatic deletion

• Script runs every 30 days
• Data deletion after deadline
• Backup before deletion (for 90 days)
• Logging all operations

12.3 Security

• Database encryption
• Automatic backups
• Access only from authorized devices
• Two-factor authentication

13. CONTACT FOR DATA MATTERS

Person responsible for personal data:

• E-mail: redakcja@biznesiekologia.com
• Phone: 22 398 48 48
• Address: Grey Partnerships Sp. z o.o., ul. Żurawia 6/12, 00-503 Warsaw

We respond to:

• Questions about our practices
• Data access requests
• Data deletion requests
• Privacy complaints

14. IF YOU HAVE QUESTIONS

14.1 Do I have to provide my data?

No. Most of our content is available without registration. We collect data only when you want to:

• Get an answer to a question
• Receive newsletter
• Register for an event
• Comment on an article

14.2 Do you sell data?

No. We never sell, rent, or share personal data.

14.3 Can I change my mind?

Yes. You can withdraw consent or request data deletion at any time.

14.4 Am I safe?

Yes. We use standard security measures and collect minimum data.

SUMMARY

Main principles of the Business and Ecology portal:

• We collect only what’s really needed
• We store only as long as necessary
• We protect data from unauthorized access
• We don’t share data with anyone
• We respect your rights and choices

If you have questions, just write to us.