Privacy Policy

Last Updated: January 2026

1. Introduction

Welcome to Aggelakakis & Associates (“Company”, “we”, “us”, “our”). We operate the website https://aggelakakis.gr/ (the “Site”).

As a leading Business Management Consulting firm acting as a gateway for investments in Greece, we are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our consulting services, or engage with us for investment opportunities.

We act as the Data Controller for the personal data we process, in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and the applicable Greek legislation.

2. Information We Collect

We collect personal information that you voluntarily provide to us when you express an interest in obtaining information about us or our products and services, when you participate in activities on the Site, or otherwise when you contact us.

A. Personal Data You Provide

Depending on your interactions with us, we may collect:

  • Identity Data: First name, last name, title.

  • Contact Data: Email address, telephone number, billing address, business address.

  • Professional Data: Company name, job title, industry sector.

  • Investment Profile Data: Information regarding your investment interests (e.g., Real Estate, Tourism, Logistics, Renewable Energy), investment budget, and eligibility for EU funding programs (e.g., Development Law/Anaptyxiakos).

  • Correspondence: Details of your enquiries and our communication.

B. Information Automatically Collected

When you visit our Site, we may automatically collect certain information about your device and usage, including:

  • Technical Data: Internet Protocol (IP) address, browser type and version, time zone setting, operating system, and platform.

  • Usage Data: Information about how you use our website (pages visited, time spent, clickstreams).

  • Cookies: Data collected via cookies (see our Cookie Policy for details).

3. How We Collect Your Data

We use different methods to collect data from and about you:

  1. Direct Interactions: You may give us your data by filling in forms (e.g., “Contact Us”, “Schedule a Consultation”) or by corresponding with us by phone, email, or otherwise.

  2. Automated Technologies: As you interact with our website, we may automatically collect Technical Data using cookies, server logs, and other similar technologies (e.g., Google Analytics 4).

  3. Third Parties: We may receive data about you from third parties, such as Trustindex (for reviews) or publicly available sources (e.g., LinkedIn, corporate registers) for due diligence purposes.

4. How We Use Your Information

We process your personal data only when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  1. Service Delivery: To provide our consulting services, manage your investment portfolio, and process EU funding applications.

  2. Communication: To respond to your inquiries, schedule consultations, and provide customer support.

  3. Legitimate Interests: To analyze and improve our website and services, and to protect our business intelligence.

  4. Marketing: To send you newsletters about investment opportunities and funding tools (only if you have opted-in). You can unsubscribe at any time.

  5. Legal Compliance: To comply with legal obligations, such as Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations required for investment consulting.

5. Legal Basis for Processing

Under the GDPR, we rely on the following legal bases:

  • Consent: When you agree to receive our newsletter or accept cookies.

  • Performance of a Contract: When we need your data to fulfill a consulting agreement with you.

  • Legal Obligation: When we are required to keep records for tax or legal purposes.

  • Legitimate Interest: For network security, fraud prevention, and improving our business services.

6. Sharing Your Information

We do not sell your personal data. However, we may share your data with:

  • Internal Parties: Our branch offices in Athens, Munich (Germany), New Jersey (USA), and Mumbai (India) for the purpose of global business coordination.

  • Service Providers: IT and system administration services, hosting providers, and email marketing platforms (e.g., Mailchimp).

  • Professional Advisers: Lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services.

  • Government Bodies: Public authorities in Greece or the EU (e.g., for ESPA/RRF grant applications) if required by law.

7. International Data Transfers

As Aggelakakis & Associates operates a “Global + Local” model, your data may be transferred to, and stored at, a destination outside the European Economic Area (EEA), specifically to our offices in the USA and India.

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We use Standard Contractual Clauses (SCCs) approved by the European Commission which give personal data the same protection it has in Europe.

  • We transfer data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.

8. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

  • Client Data: Kept for the duration of our business relationship and as required by Greek tax law (usually 5-10 years).

  • Marketing Data: Kept until you withdraw your consent (unsubscribe).

9. Your Data Protection Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right to Access: Request a copy of the personal data we hold about you.

  • Right to Rectification: Request correction of inaccurate data.

  • Right to Erasure (“Right to be Forgotten”): Request deletion of your data where there is no good reason for us continuing to process it.

  • Right to Restriction: Request to suspend the processing of your data.

  • Right to Object: Object to processing where we rely on a legitimate interest or for direct marketing.

  • Right to Data Portability: Request the transfer of your data to you or a third party.

  • Right to Withdraw Consent: Withdraw consent at any time where we are relying on consent to process your data.

To exercise any of these rights, please contact us at info@aggelakakis.gr.

10. Third-Party Tools & Links

Our website uses third-party tools to enhance functionality:

  • Google Analytics (GA4): For traffic analysis. IP addresses are anonymized.

  • Trustindex: To display client testimonials.

  • TranslatePress: To serve the website in multiple languages.

  • Mailchimp: For managing our email lists.

This website may include links to third-party websites (e.g., LinkedIn, Instagram). Clicking on those links may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.

11. Data Security

We have put in place appropriate security measures (SSL encryption, firewalls, secure servers) to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way. Access to your personal data is limited to those employees and partners who have a business need to know.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last Updated” date at the top.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Aggelakakis & Associates

  • Headquarters: 27 Dodekanisou str, 8th floor, 546 25, Thessaloniki, Greece

  • Email: info@aggelakakis.gr

  • Phone: +30 2310 500405