About Us
Our MissionWhat do we do?TeamAssociation StatusMembers
Knowledge
POLSIF InterviewsPODCAST POLSIF Talks
Reports and WebinarsDefinitions
Knowledge
GlossaryPublicationsTrainingsWebinars
NewsPOLSIF AwardsSustainable Finance Forum
Member Area
Become a Member
Platform
Log in
Polski
English
Contact

Privacy Policy

Last updated: July 16, 2026

This Privacy Policy describes how the SIF Poland Association processes the personal data of visitors to the polsif.org website and users of the forms available on it. We have prepared this document based on Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR) and the Act of 12 July 2024 on Electronic Communications.

1. Who is the controller of your data

The data controller is:

SIF Poland Association (also using the abbreviated name "POLSIF" and the name "SIF Polska")

Nowy Świat 33/13, 00-029 Warsaw

National Court Register (KRS) number: 0001062118

Tax ID (NIP): 5252975330

Registration court: District Court for the Capital City of Warsaw in Warsaw, 12th Commercial Division of the National Court Register

For all matters concerning personal data protection, you can contact us at: biuro@polsif.org or in writing at the Association's registered office address.

The controller has not appointed a data protection officer. This means that you should direct any requests or questions regarding personal data directly to us at the email address provided above.

2. What data we collect, for what purpose, and on what basis

We only collect data that you provide to us yourself via the forms available on the website, as well as basic technical data generated automatically while using the site.

2.1. Contact form

Data scope: first and last name, email address, and optionally, organization name, phone number, and the content of the message.

Purpose: to respond to your inquiry and conduct further correspondence on the matter.

Legal basis: Article 6(1)(f) of the GDPR – our legitimate interest in handling inquiries directed to us and maintaining contact with individuals interested in the Association's activities.

Retention period: for the time necessary to handle the matter, and subsequently for up to 3 years after the correspondence has ended, in order to demonstrate how it was handled and for potential defense against claims.

2.2. Newsletter subscription

Data scope: email address, and optionally, first name.

Purpose: to send information about the Association's activities, publications, events, and regulatory changes regarding sustainable investment and finance.

Legal basis: Article 6(1)(a) of the GDPR – your consent, provided at the time of subscription. Commercial information is also sent based on the consent referred to in Article 398 of the Electronic Communications Law.

Retention period: until you withdraw your consent or unsubscribe. After consent is withdrawn, we will retain the record of your consent and its withdrawal for up to 3 years, solely for the purpose of demonstrating compliance with regulations.

You may withdraw your consent at any time by clicking the unsubscribe link in the footer of any email or by writing to biuro@polsif.org. Withdrawing your consent does not affect the lawfulness of processing based on consent before its withdrawal.

2.3. Application form and event registration

Data scope: first and last name, email address, organization name and job title, and any additional information required by the event organizer.

Purpose: handling your registration, confirming participation, organizational communication, and preparing the attendee list.

Legal basis: Article 6(1)(b) of the GDPR – taking steps at your request prior to entering into a contract and the performance of an event participation agreement; and for accounting and documentation purposes – Article 6(1)(c) of the GDPR, i.e., compliance with a legal obligation.

Retention period: for the duration of the event organization and execution, and subsequently for up to 3 years (the statute of limitations for claims). If participation involved payment, we store accounting documents for 5 years, counting from the end of the calendar year in which the tax payment deadline expired.

2.4. Automatically collected data

Scope of data: IP address, browser type and version, operating system, device type, approximate location, date and time of visit, pages visited, and referral source.

Purpose: ensuring the proper operation and security of the website (technically necessary data) and analyzing traffic statistics, if you provide your consent.

Legal basis: for technically necessary data – Article 6(1)(f) of the GDPR (our legitimate interest in ensuring the operation and security of the website). For analytics – Article 6(1)(a) of the GDPR, i.e., your consent provided via the consent banner.

Retention period: in accordance with the periods indicated in the section regarding cookies.

3. Is providing data mandatory

Providing data is voluntary but necessary to use specific features of the website. Without providing an email address, we will not be able to respond to your inquiry, sign you up for our newsletter, or register your participation in an event.

4. Who we share data with

Personal data may be shared with entities that process it on our behalf and strictly in accordance with our instructions, based on data processing agreements (Article 28 of the GDPR). These are:

Webflow, Inc. – website hosting and the handling and storage of data submitted via forms. Processing takes place in the United States.

Enzuzo Inc. – consent management platform (cookie banner), recording and storing your consent choices. Processing takes place in Canada.

Google Ireland Limited – website visit statistics (Google Analytics 4), only after you have provided your consent. Processing takes place in Ireland, with the possibility of transfer to the United States.

Furthermore, data may be shared with entities providing accounting, legal, or IT services to us, as well as with public authorities if required by law. We do not sell personal data, nor do we transfer it to third parties for their own marketing purposes.

5. Transfer of data outside the European Economic Area

Because we use tools from providers outside the European Economic Area, your data may be transferred to third countries. This is done exclusively by applying the safeguards provided for in Chapter V of the GDPR:

Webflow, Inc. (USA) – The company is certified under the EU-U.S. Data Privacy Framework (https://www.dataprivacyframework.gov/participant/6365), for which the European Commission issued an adequacy decision on July 10, 2023. Additionally, the data processing agreement concluded with Webflow includes the standard contractual clauses adopted by the European Commission.

Enzuzo Inc. (Canada) – The European Commission has issued an adequacy decision for Canada (Decision 2002/2/EC), covering organizations subject to the Canadian PIPEDA act.

Google Ireland Limited – the data controller in the EEA is an Irish entity; any transfers to the United States are based on the EU-U.S. Data Privacy Framework and standard contractual clauses.

You can obtain a copy of the security measures implemented by writing to biuro@polsif.org.

6. Cookies and similar technologies

The polsif.org website uses cookies, which are small text files stored on your end device. In accordance with Article 399 of the Electronic Communications Law, storing information or accessing information already stored on your device requires your prior consent. The exception is cookies necessary to provide a service requested by you – these function without consent.

We manage consents using the Enzuzo platform. The consent banner appears during your first visit to the website and allows you to accept or reject individual cookie categories. Consent is voluntary, and rejecting it does not block access to the website's content.

6.1. Cookie categories

Essential cookies – these ensure the basic operation of the website, security, form handling, and remembering your choices in the consent banner. They do not require consent.

Analytical cookies – these allow us to count visits and understand which content is useful. We use Google Analytics 4 for this purpose. They require your consent.

6.2. How to change or withdraw consent

You can change your choices at any time by reopening the consent settings panel available on the website. You can also delete or block cookies in your browser settings. Instructions for the most popular browsers can be found here:

Google Chrome: https://support.google.com/chrome/answer/95647?hl=en

Mozilla Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer

Microsoft Edge: https://support.microsoft.com/en-us/microsoft-edge/delete-cookies-in-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09

Safari: https://support.apple.com/en-us/guide/safari/sfri11471/mac

Please note that blocking essential cookies may hinder the use of certain website features, including forms.

6.3. Google Analytics 4

If you consent to analytical cookies, we use Google Analytics 4, a service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). This tool collects information about how you use the website, including pages visited and referral sources. IP addresses are not stored in Google Analytics 4. For more information, please see Google's privacy policy (https://policies.google.com/privacy?hl=en) and their documentation on data collection (https://support.google.com/analytics/answer/11593727?hl=en). You can also opt out of Google Analytics data collection by installing the Google Analytics Opt-out Browser Add-on (https://tools.google.com/dlpage/gaoptout?hl=en).

7. Your rights

In connection with the processing of your data, you have the following rights:

Right of access (Article 15 GDPR) – you can find out what data we process about you and receive a copy of it.

Right to rectification (Art. 16 GDPR) – you may request the correction of incorrect data or the completion of incomplete data.

Right to erasure (Art. 17 GDPR), known as the right to be forgotten.

Right to restriction of processing (Art. 18 GDPR).

Right to data portability (Art. 20 GDPR) – applies to data processed based on consent or a contract, in an automated manner.

Right to object (Art. 21 GDPR) – you may object at any time to processing based on our legitimate interests, for reasons related to your particular situation.

Right to withdraw consent (Art. 7(3) GDPR) – at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

To exercise any of these rights, please write to biuro@polsif.org. We will respond without undue delay, no later than one month after receiving your request. In justified cases, this period may be extended by a further two months, of which we will inform you.

Right to lodge a complaint

If you believe that we are processing your data unlawfully, you have the right to lodge a complaint with the supervisory authority:

President of the Personal Data Protection Office

ul. Stawki 2, 00-193 Warsaw

https://uodo.gov.pl/

8. Data security

We apply technical and organizational measures appropriate to the risk to protect your data from unauthorized access, loss, or disclosure. The website uses an encrypted HTTPS connection, and access to data from forms is restricted to authorized personnel on our side. We only work with providers who offer adequate data protection guarantees.

9. Automated decision-making

Your data is not used for automated decision-making, including profiling that produces legal effects concerning you or similarly significantly affects you.

10. Links to external sites

The website may contain links to sites operated by other entities, including the Association's partners. We are not responsible for their privacy policies or how these entities process data. We encourage you to review the policies applicable to those sites.

11. Changes to the Privacy Policy

We may update this Policy, for example, due to changes in regulations or the tools we use. The current version is always available here, with the date of the last update indicated at the beginning of the document. We will notify you of any significant changes in a visible manner on the website.

12. Legal basis and sources

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR): https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32016R0679

Act of 12 July 2024 - Electronic Communications Law (Journal of Laws 2024, item 1221): https://isap.sejm.gov.pl/isap.nsf/DocDetails.xsp?id=WDU20240001221

Act of 10 May 2018 on the Protection of Personal Data (Journal of Laws 2018, item 1000): https://isap.sejm.gov.pl/isap.nsf/DocDetails.xsp?id=WDU20180001000

Webflow - Privacy FAQs (information on data storage location and DPF certification): https://webflow.com/legal/privacy-faqs

Webflow - Data Processing Addendum: https://webflow.com/legal/dpa

Webflow - list of subprocessors: https://webflow.com/legal/subprocessors

EU-U.S. Data Privacy Framework - Webflow, Inc. entry: https://www.dataprivacyframework.gov/participant/6365

European Commission - adequacy decisions: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en

Google - privacy policy: https://policies.google.com/privacy?hl=en

Enzuzo - privacy policy: https://www.enzuzo.com/privacy-policy

Personal Data Protection Office: https://uodo.gov.pl/

Newest __________

News

Przedłużamy termin zgłoszeń do POLSIF Awards 2026!
News

Przedłużamy termin zgłoszeń do POLSIF Awards 2026!

Docierają do nas sygnały, że lipcowy okres urlopowy w pełni i wielu z Was potrzebuje dodatkowej chwili na domknięcie formalności – zwłaszcza na uzyskanie niezbędnych zgód od Waszych klientów i partnerów transakcyjnych.
Read more
The latest episode of POLSIF Talks: "Brown discount" and the role of CAPEX in the energy transition of real estate.
Podcast

The latest episode of POLSIF Talks: "Brown discount" and the role of CAPEX in the energy transition of real estate.

The latest episode of POLSIF Talks: "Brown discount" and the role of CAPEX in the energy transition of real estate.
Read more
POLSIF officially supports the 30% Club Poland campaign
News

POLSIF officially supports the 30% Club Poland campaign

The Sustainable Investment Forum Poland (POLSIF) is proud to announce that it has officially joined the group of institutions supporting the prestigious 30% Club Poland campaign.
Read more
EBOR: Polska ma ogromny problem.
Wywiady

EBOR: Polska ma ogromny problem.

Dlaczego Polska przegrywa wyścig we wdrażaniu sztucznej inteligencji? Kto zyska na zielonej transformacji, a kto straci? I dlaczego bez silnego rynku kapitałowego nie sfinansujemy zmian?
Read more
Dyrektor / Dyrektorka ds. Rozwoju Programowego i Relacji Instytucjonalnych
News

Dyrektor / Dyrektorka ds. Rozwoju Programowego i Relacji Instytucjonalnych

Stowarzyszenie POLSIF poszukuje kandydatów i kandydatki do roli Dyrektora / Dyrektorki ds. Rozwoju Programowego i Relacji Instytucjonalnych.
Read more
The second edition of the POLSIF Awards has launched!
Event

The second edition of the POLSIF Awards has launched!

This is the only competition in Poland entirely dedicated to sustainable finance – we recognize institutions, funds, companies, and individuals who are genuinely driving the climate and energy transition and a responsible economy.
Read more
See more
SIF Poland

Nowy Świat 33/13
00-029 Warsaw

SIF Poland
About usAssociation StatusTeamHow to become a memberPlatformLog inContact
Quick access
newsWebinarsDefinitionsPOLSIF Talks — podcastPolsif AwardsSustainable Finance ForumPrivacy Policy
©2026 Sustainable Investment Forum Poland. All rights reserved.