Privacy Policy

Last Updated: January 20, 2026

Introduction

ENVOY CONSULTING EE (“we,” “us,” or “our”) provides risk management and digital strategy consultancy services. We are committed to protecting your personal data and being transparent about how we collect and use it. This policy explains our practices in accordance with the EU General Data Protection Regulation (GDPR) and Greek Law 4624/2019.

Data Controller

For the purposes of the GDPR, the data controller is:

  • Company Name: ENVOY CONSULTING EE
  • Address: El. Venizelou 20, 15351, Pallini
  • Email: info@envoyconsulting.gr
  • Phone: +30 211 401 9115

Data We Collect

We collect information that allows us to provide our professional services, including:

  • Identity Data: Name, job title, and company affiliation.
  • Contact Data: Business email address and phone number.
  • Technical Data: IP address, browser type, and usage data via cookies when you visit our website.
  • Client Data: Information provided during the course of our risk or digital strategy engagements (often governed by specific Non-Disclosure Agreements).

How We Use Your Data (Lawful Basis)

We only process data when we have a legal reason to do so:

  • To Perform a Contract: To deliver the consultancy services you have requested.
  • Legitimate Interests: To improve our website, respond to inquiries, and market our services to business professionals (B2B).
  • Consent: Where you have explicitly opted-in to receive our newsletter or strategy insights.
  • Legal Obligation: To comply with Greek tax or regulatory reporting requirements.

Data Retention

We keep your data only as long as necessary.

  • Inquiries: 12 months from the last contact.
  • Contractual Data: 7–10 years as required by Greek fiscal law.
  • Marketing Data: Until you withdraw your consent or “unsubscribe.”

International Transfers & Third Parties

As a digital strategy firm, we use high-quality tools (e.g., Google Analytics, CRM systems). If data is transferred outside the European Economic Area (EEA), we ensure Standard Contractual Clauses (SCCs) or adequacy decisions are in place to maintain EU-level protection.

Your Rights

Under the GDPR, you have the following rights:

  1. Access: Request a copy of your data.
  2. Rectification: Correct inaccurate data.
  3. Erasure: Request that we delete your data (“Right to be forgotten”).
  4. Object/Restrict: Limit how we process your data.
  5. Data Portability: Move your data to another service.
  6. Withdraw Consent: At any time.

Security

We implement technical and organizational measures (encryption, access controls) to protect your data. Given our expertise in risk, we treat your data with the same rigor we apply to our strategic client projects.

Contact & Complaints

If you have questions, contact us at info@envoyconsulting.gr. You also have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA):

  • Website: www.dpa.gr
  • Address: Kifissias 1-3, 115 23, Athens, Greece.