Last updated: 3 July 2026. This document describes what personal data we process in connection with this website, on what legal basis, and what rights you have under the GDPR (Regulation (EU) 2016/679).
The controller of personal data processed in connection with this website is:
[TO BE COMPLETED: full name / company name, registered address, tax ID] — these details will be added as soon as the business operated under the Greyfield Partners name is formally registered. Until then, any data protection matters can be directed to the address in section 2.
For any question regarding the processing of your personal data, contact us at: bartoszilski@greyfieldpartners.eu.
We only collect personal data when you provide it to us directly, through the contact form on the Contact page. The form collects: name, company, role (optional), email address, subject, and message.
We process this data in order to:
The site has no other mechanism for collecting personal data — we do not operate user accounts, we do not run a newsletter sign-up form, and downloading our published PDF reports requires no personal data.
Only personnel responsible for correspondence at Greyfield Partners have access to messages submitted through the contact form. In addition, due to how the site operates, data may be processed by the following third-party technical service providers:
Beyond the parties listed above, we do not share personal data with any other third party, unless required to do so by applicable law (e.g. at the request of a competent authority).
Data submitted through the contact form is retained for as long as necessary to respond and continue any related correspondence, and thereafter for no more than 3 years from the end of that correspondence, for evidentiary and record-keeping purposes, unless a longer retention period is required by law (e.g. tax or accounting rules, should the correspondence lead to an engagement).
This website does not use cookies for analytics, statistics, or marketing purposes. We do not use Google Analytics, advertising pixels, or any other tracking tools. The only cookies that may be set during your visit are technical cookies related to security and service availability, set by our infrastructure provider (Cloudflare) — these are not used to identify or profile visitors.
Our technical infrastructure providers (Cloudflare and our contact-form processor) may process data on servers or infrastructure located outside the European Economic Area (EEA), including in the United States. Where this occurs, the transfer relies on GDPR-compliant safeguards under Chapter V GDPR, in particular the Standard Contractual Clauses (SCCs) approved by the European Commission, to the extent applied by the relevant provider.
We do not use automated decision-making, including profiling, on personal data submitted through this website.
In connection with the processing of your personal data, you have the right to:
To exercise any of the rights above, contact us at the address given in section 2.
Providing personal data through the contact form is entirely voluntary, but necessary for us to respond to your inquiry. Not providing the required data (name, company, email address, and message) will prevent us from replying.
This privacy policy may be updated periodically, in particular in connection with changes in the law, the scope of our services, or the technical tools we use. The current version is always available at this address, together with the last-updated date shown at the top of the document.