INCEPTI Privacy Policy

  • Effective date: 16 February 2026
  • Last updated: 16 February 2026

INCEPTI (“we”, “us”, “our”) handles personal data in a deliberate, proportionate and transparent way. We collect only what is necessary, use it only for clear purposes, and retain it only as long as justified.

1. Who We Are

Data Controller:

  • INCEPTI Advisory Sp. z o.o. (in formation)
  • Registered in: Poland
  • Registration number (KRS or CEIDG): (pending registration)
  • Registered address: Liliowa 29F, 04-953 Warsaw, Poland
  • Email: admin@incepti.eu

We act as Data Controller for personal data processed in connection with our website, surveys, consulting, training, coaching, bootcamps and advisory services.

Supervisory Authority in Poland: Prezes Urzędu Ochrony Danych Osobowych (PUODO).

2. What Data We Collect

We collect personal data strictly necessary to provide our services and conduct professional communication.

a) Contact Information

  • Name and surname
  • Professional email address
  • Role or job title
  • Organisation name
  • Phone number (when provided)

b) Surveys and Context Information

  • Organisational context and structure information
  • Operational challenges and constraints
  • Strategic priorities and objectives
  • other business-related information voluntarily provided

c) Engagement and Service Delivery Information

When delivering tailored bootcamps, training, coaching, change delivery and advisory services, we may process:

  • Participant and stakeholders’ lists (names, roles, business contact details)
  • Attendance records
  • Workshop outputs and working materials
  • Organisational charts relevant to the engagement
  • Meeting notes and agreed action items
  • Feedback and evaluation responses
  • Operational metrics or performance indicators shared for advisory purposes
  • Contractual and billing information

We do not intentionally collect special categories of personal data as defined under Article 9 GDPR. If such data is shared inadvertently, we limit its processing and delete it where appropriate.

3. Purpose of Processing

We process personal data to:

  • Respond to enquiries and provide requested information
  • Deliver surveys summary, report and related communications
  • Prepare and conduct consulting, training and advisory engagements
  • Manage contractual relationships and billing
  • Improve our services based on structured feedback
  • Send relevant professional updates where lawful

We do not engage in automated decision-making or profiling or any data broking activities.

4. Legal Basis for Processing

We rely on the following legal bases under GDPR:

  • Article 6(1)(b) – Processing necessary for the performance of a contract
  • Article 6(1)(f) – Legitimate interest in conducting professional business activities
  • Article 6(1)(a) – Consent, where explicitly required (e.g., optional marketing communications)

Where processing is based on legitimate interest, we ensure that such interests are balanced against your fundamental rights and freedoms.

5. Data Sharing and International Transfers

We do not sell personal or professional data.

We may share data with carefully selected and trusted service providers, including:

  • Website and hosting providers
  • Survey and communication platforms
  • Accounting and legal advisors

Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards such as Standard Contractual Clauses or equivalent legal mechanisms.

6. Data Retention

We retain personal data based on purpose, legal obligations, and business necessity:

  • Survey data: retained for up to 18 months after submission unless an engagement follows.
  • Pre-contractual correspondence: retained for up to 24 months.
  • Client engagement data: retained for the duration of the engagement and 6 years thereafter to meet Polish accounting and civil law requirements.
  • Financial and invoicing records: retained for 5 years as required under Polish tax law.
  • Marketing communications: retained until consent is withdrawn or objection is raised.

We periodically review stored data and securely delete information that is no longer necessary.

7. Data Security

We apply appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure or destruction. Security measures are proportionate to the sensitivity and volume of data processed.

8. Your Rights

Under GDPR, you have the right to:

  • Access your personal data (Article 15)
  • Rectify inaccurate data (Article 16)
  • Request erasure (Article 17)
  • Restrict processing (Article 18)
  • Data portability (Article 20)
  • Object to processing (Article 21)
  • Withdraw consent at any time (where applicable)

Requests can be submitted via admin@incepti.eu. You also have the right to lodge a complaint with the Polish supervisory authority (PUODO).

9. Confidentiality

Information shared in the context of surveys, workshops, coaching, advisory or contractual engagements is treated as confidential. We do not disclose business-sensitive information without authorisation.

10. Updates to This Policy

We may update this Privacy Policy when our services or legal obligations evolve. The most current version will always be available on our website.