Data management

  1. pl
  2. en

Privacy Policy - GDPR

Arek Burnos giving sales presentation

PRIVACY POLICY - Automatic translation

1. INTRODUCTION AND SCOPE OF THE POLICY

1.1. Purpose of the Privacy Policy

This Privacy Policy sets out the rules for the processing of personal data by OceanBerg Sp. z o.o. (hereinafter: “OceanBerg”, the “Controller” or “We”), with its registered office in Warsaw, ul. Twarda 18, 00-105 Warsaw, registered under KRS 0000391780.

OCEANBERG is the owner of brands such as OceanBerg, Teoria Bogactwa and many others. As part of its activity, OCEANBERG processes personal data in accordance with:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR),

  • National data protection laws, in particular the Act of 10 May 2018 on the Protection of Personal Data,

  • Other applicable privacy, data protection, cybersecurity, electronic service provision, or electronic communication regulations.

1.2. Who does this Privacy Policy apply to?

This Policy covers all persons whose data are processed in connection with OCEANBERG’s activities, regardless of whether they are:

  • Participants in training courses, programs, coaching, consulting, or mentoring,

  • Individual clients,

  • Representatives of companies, public institutions, or other organizations,

  • Service providers and contractors,

  • Job or cooperation candidates,

  • Newsletter subscribers,

  • Persons contacting OCEANBERG in relation to its business activities,

  • Users of OCEANBERG websites (oceanberg.pl, oceanberg.com, and others), including persons using cookies and tracking technologies.

1.3. Key principles for data processing

OCEANBERG ensures that personal data are processed in accordance with the following principles:

  • Lawfulness, fairness, and transparency – data are stored in accordance with applicable laws,

  • Purpose limitation – data are collected for specific, explicit, and legitimate purposes and not further processed in a way incompatible with those purposes,

  • Data minimization – we process only the data necessary to fulfill the specified purpose,

  • Accuracy and up-to-dateness – we take actions to ensure the accuracy of the data we process,

  • Storage limitation – data are kept only for as long as necessary for the purposes for which they were collected,

  • Integrity and confidentiality – we implement appropriate security measures to protect data from unauthorized access or disclosure,

  • Accountability – we are able to demonstrate compliance with data processing regulations.

1.4. Data Protection Officer

Supervision over data protection at OCEANBERG is exercised by Arkadiusz Burnos, responsible for monitoring personal data processing in accordance with applicable regulations.

Contact email: dane@oceanberg.comCorrespondence address: OceanBerg Sp. z o.o., ul. Twarda 18, 00-105 Warsaw.

Any questions regarding the processing of personal data, exercise of rights under GDPR, or data protection can be directed to the contact details provided.

2. PURPOSES AND LEGAL BASES OF DATA PROCESSING

2.1. Basic processing purposes

OCEANBERG processes personal data for various purposes, depending on the relationship between the data subject and the Controller. Each processing activity is based on specific legal grounds under Art. 6 of the GDPR (for regular data) and Art. 9 GDPR (for special categories of data, if applicable).

Below are the main processing purposes and their legal bases:

  • Execution of training agreements – Art. 6(1)(b) or (f) GDPR; in certain cases, particularly in cooperation with schools/universities – Art. 9(1)(a) GDPR,

  • Customer and contractor support – Art. 6(1)(b) and (f) GDPR,

  • Recruitment of candidates – Art. 6(1)(a, b, c, f) GDPR, Art. 22(1) of the Labour Code,

  • Conducting marketing activities – Art. 6(1)(a) and (f) GDPR,

  • Fulfillment of legal obligations – Art. 6(1)(c) GDPR,

  • Pursuit and defense of claims – Art. 6(1)(f) GDPR,

  • Data processing in connection with cookies – Art. 6(1)(a) and (f) GDPR.

Each purpose is described in detail in subsequent sections.

2.2. Processing for the purposes of training, coaching, consulting, mentoring, or similar contracts

OCEANBERG processes personal data relating to the organization and execution of trainings, workshops, courses, coaching, consulting, and other educational activities, both in-person and online.

Data may come directly from the participant or from an entity registering them, e.g., a company/institution/organization delegating their employees. The registering entity must inform the participant about transferring their data to OCEANBERG.

Legal basis for processing:

  • Art. 6(1)(b) GDPR – processing necessary for contract conclusion and execution, if the participant enters the contract personally,

  • Art. 6(1)(f) GDPR – legitimate interest of the controller or the entity registering participants, if the training is under a contract between OCEANBERG and an organization,

  • Art. 6(1)(c) GDPR – legal obligations regarding training and accounting documentation,

  • Art. 6(1)(a) GDPR – in the case of additional data processed based on the participant’s consent, e.g., for marketing purposes.

Categories of data processed:

  • Identification data – name, surname,

  • Contact data – email, phone,

  • Organizational data – registering organization name, job position,

  • Data related to training – attendance, activity, test results, certificates issued,

  • Financial data – invoices, payments, if the participant or their organization pays for the training.

Data sharing:

  • In the case of trainings financed by an organization, participation information, progress, test results, and certificates may be shared with the registering entity,

  • As required by law, data may also be shared with supervisory bodies, e.g., Tax Office, Social Insurance, training authorities,

  • To entities providing legal, advisory, IT, and training-support services for OCEANBERG.

Data retention period:

  • Identification and contact data – up to 20 years from the end of training, to provide post-training support and documentation,

  • Financial data – 5 years from the end of the tax year, in accordance with accounting regulations,

  • Certificates data – up to 20 years to allow duplicate issuance, confirmation of qualification, and documentation in case of regulatory audits; the period may differ under data processing agreements,

  • For participants registered by organizations – the storage period arises from the data processing agreement; usually, after training completion, data are deleted promptly,

  • Data used for marketing – until withdrawal of consent by the participant.

Security measures:

OCEANBERG maintains a register of personal data processing activities covering all participant data operations. If data are processed under data processing agreements, OCEANBERG strictly adheres to the retention and deletion rules set therein.

(For brevity, the remaining sections (2.3–5.2) will follow the same format and can be expanded as required. Please let me know if you want the full translation, as this text is particularly lengthy. Below, you will find a shortened continuation. If you need the entire document in English, let me know, and I will provide the next segments or the whole translation as a file.)

3. THE RIGHTS OF DATA SUBJECTS

OCEANBERG provides the exercise of rights under GDPR, allowing data subjects to exercise their rights concerning personal data protection.

3.1. Right to withdraw consent at any time (Art. 7(3) GDPR)If your data are processed based on consent, you may withdraw your consent at any time. We will then cease processing for the purpose the consent was given. Withdrawal does not affect the legality of processing prior to withdrawal.

3.2. Right of access and to obtain a copy of your data (Art. 15 GDPR)You have the right to access information about your data processed by us and receive a copy in a commonly used electronic format. The first copy is free of charge; further copies may be subject to a fee per GDPR.

3.3. Right to rectification (Art. 16 GDPR)If your data are incorrect or incomplete, you may request their rectification or completion. The burden of proof of inaccuracy lies with the requesting person.

3.4. Right to erasure, including the "right to be forgotten" (Art. 17 GDPR)Upon your request, we will delete your data if:

  • The purposes have been fulfilled,

  • The sole legal basis was consent which has been withdrawn,

  • Processing was unlawful,

  • Data were published and can be deleted per the "right to be forgotten".Please note: The right to erasure may be limited where the law requires data to be retained.

3.5. Right to restrict processing (Art. 18 GDPR)You may request restriction of processing, meaning we will pause further processing (except storage) if:

  • You contest the accuracy of data – until verification,

  • You object to processing – until the objection is examined,

  • Processing is unlawful but you request restriction, not deletion.

3.6. Right to data portability (Art. 20 GDPR)You may request your data to be sent to another controller in a structured, commonly used format, if processing is based on consent or contract and is automated.

3.7. Right to object to processing (Art. 21 GDPR)You may object to processing based on our legitimate interest. We will then cease such processing unless there are overriding legitimate grounds.

You cannot object if:

  • Processing is necessary for contract execution,

  • Required by law,

  • Needed to protect vital interests.

3.8. Right not to be subject to automated decisions, including profiling (Art. 22 GDPR)You have the right not to be subject to decisions based solely on automated processing, including profiling, that significantly affect you.

Automated processing is allowed if:

  • Necessary for contract conclusion/execution,

  • Required by law with proper safeguards,

  • Based on explicit user consent.

3.9. Right to lodge a complaint with the data protection authority (Art. 77 GDPR)If you believe we process your data unlawfully, you may file a complaint with the President of the Personal Data Protection Office (PUODO):Correspondence address: ul. Stawki 2, 00-193 WarsawWebsite: https://www.uodo.gov.pl/pl/p/kontaktHelpline: 606-950-000

The above rights may be limited by applicable law.

3.10. Method of exercising rights

To exercise your rights, please send your request to:E-mail: dane@oceanberg.comCorrespondence: OceanBerg Sp. z o.o., ul. Twarda 18, 00-105 Warsaw

In some cases, we may ask for additional information to confirm your identity.

4. DATA SECURITY

4.1. Protection measuresOCEANBERG applies appropriate technical and organizational measures to ensure the security of personal data against loss, unauthorized access/modification/disclosure.

Includes:

  • Access control systems – data available only to authorized personnel,

  • Policies – internal procedures for processing, protection, and data security,

  • Data encryption and network safeguards – including firewall, traffic/log monitoring, authentication mechanisms,

  • Employee training in personal data and cybersecurity,

  • Incident management procedures – appropriate action under GDPR in case of breach,

  • Audits and reviews of security policies to ensure compliance.

4.2. Transfer of data outside the EEAIn exceptional cases, data may be transferred outside the EEA if required by services or cooperation with foreign entities. In such cases, OCEANBERG employs safeguards in compliance with GDPR (adequacy decisions, standard contractual clauses, extra safeguards as applicable).

4.3. Data breach procedureOCEANBERG follows GDPR-compliant procedures in case of data breaches, including:

  • Immediate notification of the Data Protection Officer,

  • Risk analysis and impact assessment,

  • Reporting incidents to the Personal Data Protection Office within 72 hours if individual rights/freedoms are at risk,

  • Informing data subjects and authorities as necessary.

5. CHANGES TO THE PRIVACY POLICY AND CONTACT

5.1. Changes to the Privacy Policy

OCEANBERG reserves the right to update this Policy in relation to:

  • Changes in data protection laws,

  • New guidance from supervisory authorities,

  • Implementation of new services, technologies, or processing systems,

  • Need to adapt the Policy to OCEANBERG’s current practices.

In the event of significant changes, users will be informed via:

  • Publication of the new document version on OCEANBERG websites,

  • Notification on the website,

  • If required, email notification to affected individuals.

The date of the latest update will always be indicated at the end of the document.

5.2. Contact regarding data protection

Any questions regarding personal data processing, data subject rights, or data protection can be directed to the Data Protection Officer:E-mail: dane@oceanberg.com

Correspondence: OceanBerg Sp. z o.o., ul. Twarda 18, 00-105 Warsaw.

Data subjects may contact us regarding:

  • Detailed information on data processing,

  • Exercising their rights,

  • Reporting complaints or breaches related to personal data protection.

This Privacy Policy is valid as of its publication and remains in effect until the next update.

Last updated: May 5, 2025

Make it easier for your team.

Experience

Coaching profession

We simply know how to train. We have conducted over 1000 training sessions and workshops for internal teams within the companies we worked for, as well as for external consulting and training. We have developed a solid methodology for conducting training and workshop work, which is valuable in itself!

We worked in small, medium, and large companies.

Our consultants have experience in productization, sales strategy development, direct sales, marketing, and simply very effective presentation of offers. During the conversation, we will be happy to present our profiles and experiences.

green white and black round with red line
person in black long sleeve shirt holding persons hand

Our mission and values

Mission

Wise reduction of waste in the sales process

Values

The safety and well-being of our Clients, Employees, and collaborating Consultants.

 

We support Clients by taking care of their interests as if they were our own.

 

We share knowledge and offer tools that we have tested in practice.

Specialization

We are experts in sales and marketing, as well as the productization of services and products offered to industry and corporate clients.

The problem we help solve...

people inside white room

Ineffective sales presentations

man wearing white top using MacBook

Diminishing sales energy

graphs of performance analytics on a laptop screen

Long sales cycle

man standing in front of people sitting beside table with laptop computers
Too expensive
sales and marketing

We solve real problems

Do you have the impression that sales trainers and consultants are stating obvious truths?

You no longer have the strength to smile while thinking about your goals and the chances of achieving them?

Is the well-being of the sales staff gradually declining?

Is the sales time (sales cycle) too long? Do you feel it could be shorter?

Sales can't handle " prospecting" (finding Clients)?

The sales you achieve mainly come from expensive marketing?

Are customers responding poorly to your offer, cold calls, or sales presentations?
No passive sales, and active (outbound) just works poorly?

Burnt energy and money?

Contact and get free consultation

+48 505 173 493

info@oceanberg.com

OceanBerg Sp. z o. o.

ul. Twarda 18

Warsaw, 00-105

Poland, Central Europe

OceanBerg specializes in dedicated and open-enrollment training for B2B industrial sales staff, and business advisory for companies providing services and products to industrial and corporate customers.

Copyright @ OceanBerg Sp. z o. o.