top of page
logo png.png

Privacy Policy

A Legal Disclaimer

Effective date: February 2026
This Privacy Policy explains how “Giorgos Bouronikos” (“we”, “us”) collects and uses personal data when you visit our “Website” or contact us.

Privacy Policy - The Basics 

What we collect

We only collect what is necessary to operate the Website and respond to legitimate requests.

A. Data you provide

  • Identity and contact details (name, email, phone, company, role)

  • Message content (when you contact us)

  • Scheduling information (if you book a call)

  • Billing details (only if you become a client; typically handled by our payment provider)

B. Data collected automatically

  • Technical data: IP address, device/browser information, approximate location (country/city), pages viewed, referring source

  • Cookies and similar technologies (see Section 8)

3) Why we use your data (purposes)

We process personal data for the following purposes:

  • To respond to enquiries and requests

  • To schedule and manage calls/meetings

  • To deliver services and manage client relationships (contracts, invoices, records)

  • To operate, secure, and improve the Website

  • To measure performance of the Website (analytics) only if enabled and where required, with consent

  • To comply with legal obligations (accounting, tax, regulatory)

4) Legal bases (GDPR)

Depending on the context, we rely on:

  • Consent (e.g., optional cookies; newsletter if applicable)

  • Contract / pre-contract steps (e.g., responding to a service request, onboarding a client)

  • Legitimate interests (e.g., Website security, preventing fraud, improving user experience)

  • Legal obligation (e.g., bookkeeping, tax compliance)

These bases align with the transparency requirements in GDPR Articles 13–14. (gdpr-info.eu)

5) Who receives your data

We do not sell personal data.

We may share data with trusted service providers who act as processors, for example:

  • Website hosting and infrastructure providers

  • Email service providers (for reply handling)

  • Analytics providers (if activated)

  • Scheduling tools (if you book a call)

  • Payment/invoicing providers (if you become a client)

  • Professional advisers (e.g., accountant, legal counsel) where necessary

All providers are expected to apply appropriate security and confidentiality measures.

6) International transfers

If we transfer personal data outside the EEA/UK (for example, when using global service providers or when work requires cross-border coordination), we will use appropriate safeguards such as:

  • EU adequacy decisions, where applicable, or

  • Standard Contractual Clauses (SCCs) and additional protections where required.

7) How long we keep your data (retention)

We keep personal data only as long as needed for the purpose it was collected.

Typical retention periods (adjust to your operations):

  • Contact enquiries (no contract): up to [12–24 months] after last interaction

  • Client records (contracts, invoices): as required by applicable accounting/tax rules (often 5–10 years)

  • Website security logs: typically [30–180 days]

  • Cookie/analytics data: per tool settings and consent choices (see Section 8)

8) Cookies and analytics

The Website may use:

  • Strictly necessary cookies (required for core functionality and security)

  • Preference cookies (optional)

  • Analytics cookies (optional; used to understand Website usage)

Where required by law, non-essential cookies are only placed after consent.

9) Your rights

Under the GDPR, you have rights including:

  • Access to your data

  • Rectification (correction)

  • Erasure (deletion), in certain cases

  • Restriction of processing

  • Data portability

  • Objection to processing based on legitimate interests

  • Withdrawal of consent (where processing is based on consent)

To exercise your rights, contact: g.bouronikos@gmail.com.

10) Complaints

If you believe your data has been handled unlawfully, you can lodge a complaint with your supervisory authority.

11) Security

We use technical and organizational measures designed to protect personal data (access controls, encryption where appropriate, least-privilege, secure hosting practices). No system is perfectly secure, but security is treated as an operational requirement—not a checkbox.

12) Changes to this policy

We may update this Privacy Policy to reflect changes in the Website, services, or legal requirements. The “Effective date” at the top shows the latest version.

bottom of page