1.1. At AGRC Partners, we take your privacy seriously and are committed to upholding the General Data Protection Regulation (GDPR). This Privacy Policy is a crucial document that outlines how we collect, use, and protect your data. By engaging with our services, you acknowledge and agree to the practices outlined in this policy.

2.1. We collect personal data necessary to provide our consulting services. This may include:

2.1.1. Contact Information: Names, email addresses, phone numbers.

2.1.2. Professional Information: Job titles, company names.

2.1.3. Financial Information: Billing and payment details.

2.1.4. Technical Information: IP addresses, browser type, and access times for website interactions.

3.1. We collect data through various methods, including:

3.1.1. Direct Interactions: When you contact us via phone, email, or our website.

3.1.2. Service Delivery: During the provision of consulting services.

3.1.3. Website Usage: Through cookies and similar technologies.

4.1. We process personal data based on the following legal grounds:

4.1.1. Consent: When you have given explicit consent for us to process your data.

4.1.2. Contract: To fulfill our contractual obligations to you.

4.1.3. Legal Obligation: To comply with legal and regulatory requirements.

4.1.4. Legitimate Interests: To pursue our legitimate interests in providing and improving our services.

5.1. We use personal data for the following purposes:

5.1.1. Service Provision: To deliver GDPR compliance consulting services.

5.1.2. Communication: To respond to inquiries and provide information about our services.

5.1.3. Billing and Payments: To manage transactions and financial records.

5.1.4. Marketing: To send newsletters and promotional materials (with your consent).

6.1. We may share personal data with:

6.1.1. Service Providers: Third-party companies that assist us in delivering our services (e.g., IT support, payment processors).

6.1.2. Legal Authorities: When required by law or to protect our legal rights.

7.1. We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including any legal, accounting, or reporting requirements. The criteria we use to determine retention periods include the nature and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, and the applicable legal requirements.

8.1. Under GDPR, you have the following rights:

8.1.1. Access: To request access to your data.

8.1.2. Rectification: To request correction of inaccurate or incomplete data.

8.1.3. Erasure: To request deletion of your data, where applicable.

8.1.4. Restriction: To request restriction of processing under certain conditions.

8.1.5. Portability: To request data transfer to you or another service provider.

8.1.6. Objection: To object to data processing, particularly for direct marketing.

8.1.7. To exercise these rights, please contact us at info@annapolisgrc.com.

9.1. We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption, access controls, and regular security assessments.

10.1. If we transfer your data outside the European Economic Area (EEA), we ensure that appropriate safeguards, such as Standard Contractual Clauses or other legally accepted mechanisms, are in place.

11.1. Our website uses cookies and similar technologies to enhance user experience and analyze website traffic. You can manage your cookie preferences through your browser settings.

12.1. Our data processing activities do not use automated decision-making or profiling.

13.1. For any questions or concerns about this Privacy Policy or our data practices, please get in touch with our Data Protection Officer at info@annapolisgrc.com