Privacy Policy

1. Data Controller

The controller of your personal data is NOXVERI — a boutique cyber risk advisory firm operating in Poland and remotely across Europe.

For any matters relating to the protection of your personal data, please contact us at: kontakt@noxveri.com

2. What data we collect and why

Data is collected solely through the contact form on the main page. When you submit an enquiry, we process:

• name and surname,
• email address,
• company name (optional),
• message content.

Data is processed exclusively for the purpose of responding to your enquiry and, if applicable, establishing a working relationship.

3. Legal basis for processing

The legal basis for processing your data is your consent given when submitting the contact form (Article 6(1)(a) GDPR). You may withdraw your consent at any time — withdrawal does not affect the lawfulness of processing that took place before withdrawal.

4. Retention period

We retain data for as long as necessary to handle your enquiry, and thereafter until you withdraw consent or for a period not exceeding 12 months from the last contact — unless a service agreement has been concluded, which may justify a longer retention period.

5. Recipients of data

Data submitted through the contact form may be processed by third-party technical service providers used to handle enquiries (including Formspree as the email processing provider). These providers act solely under a data processing agreement and are not authorised to process data for their own purposes.

Data is not sold or shared with third parties for marketing purposes.

6. Your rights

In connection with the processing of your personal data, you have the following rights:

• access — the right to obtain a copy of data being processed,
• rectification — the right to correct inaccurate or incomplete data,
• erasure — the right to request deletion of data ("right to be forgotten"),
• restriction — the right to request suspension of processing,
• data portability — the right to receive data in a structured, machine-readable format,
• objection — the right to object to processing,
• withdrawal of consent — at any time, without affecting prior processing.

To exercise any of these rights, please write to: kontakt@noxveri.com

You also have the right to lodge a complaint with a supervisory authority. In Poland, the competent authority is the President of the Personal Data Protection Office (PUODO), ul. Stawki 2, 00-193 Warsaw. If you are located in another EU/EEA country, you may contact your local supervisory authority.

7. Cookies and third-party tools

This website does not use first-party analytics or marketing cookies.

The contact form is protected by reCAPTCHA v3 provided by Google. As a result, Google may process data relating to your use of the site. The Google Privacy Policy and Google Terms of Service apply.

8. Transfers outside the EEA

Personal data is not, as a rule, transferred outside the European Economic Area. Where third-party tools are used (e.g. reCAPTCHA), data may be processed by Google LLC based in the United States — on the basis of Standard Contractual Clauses approved by the European Commission.

9. Changes to this policy

We reserve the right to update this policy. Material changes will be communicated by updating the date shown at the top of this page. The current version is always available at noxveri.com/privacy-policy.