Privacy Policy

Effective Date: 2023-10-27

Grenelle Tax Advisory is committed to protecting the privacy of our clients and website visitors. This Privacy Policy outlines how we collect, use, and protect your personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Data Controller

The data controller responsible for your personal data is:

2. Information We Collect

We may collect and process the following types of personal data:

2.1. Information You Provide to Us:

• Contact Information: Name, email address, phone number, mailing address when you fill out forms on our website, subscribe to our newsletter, or contact us directly.
• Financial Information: Data related to your tax situation, income, investments, and other financial details necessary for providing our tax advisory services.
• Identification Data: Passport details, national ID numbers, tax identification numbers, and other details required for regulatory compliance and identity verification.
• Correspondence: Records of communications when you contact us.

2.2. Information We Collect Automatically:

• Technical Data: IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
• Usage Data: Information about how you use our website, products, and services, including pages visited, links clicked, and the duration of your visit.
• Cookies: Details about cookies used on our website. Please see our Cookie Policy for more information.

3. How We Use Your Information

We use your personal data for the following purposes:

• To provide and manage the tax advisory services you request.
• To communicate with you regarding your inquiries, services, and important updates.
• To comply with legal and regulatory obligations, including anti-money laundering (AML) and know-your-client (KYC) requirements.
• To improve our website and services through analytics and performance monitoring.
• To send you marketing communications where you have opted in to receive them (you can opt-out at any time).
• To ensure the security of our website and services.

4. Legal Basis for Processing

We process your personal data under the following legal bases:

• Performance of a Contract: To fulfill our contractual obligations to you, such as providing tax advisory services.
• Legal Obligation: To comply with legal requirements, such as tax laws and anti-money laundering regulations.
• Legitimate Interests: For our legitimate interests or those of a third party, provided your rights and freedoms do not override those interests (e.g., improving our services, preventing fraud, managing our IT systems).
• Consent: Where you have given explicit consent for specific processing activities (e.g., sending marketing communications). You have the right to withdraw consent at any time.

5. Sharing Your Personal Data

We do not sell your personal data. We may share your data with:

• Trusted third-party service providers who assist us in operating our business and providing our services (e.g., IT support, cloud hosting, client relationship management systems), under strict confidentiality agreements.
• Government authorities and regulators when required by law or to respond to legal processes.
• Professional advisors (e.g., lawyers, accountants) for the purpose of obtaining advice.

We ensure that all third parties respect the security of your personal data and treat it in accordance with the law.

6. International Data Transfers

As an international tax consultancy, your data may be transferred to, and stored at, a destination outside the European Economic Area (EEA). We ensure that any such transfer complies with GDPR by implementing appropriate safeguards, such as standard contractual clauses approved by the European Commission, or by ensuring the recipient country has been deemed to provide an adequate level of protection for personal data by the European Commission.

7. Data Security

We have implemented robust technical and organizational measures to protect your personal data from accidental loss, unauthorized access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security audits, and staff training. While we strive to protect your personal data, no method of transmission over the Internet or method of electronic storage is 100% secure.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

9. Your Data Protection Rights (GDPR)

Under GDPR, you have the following rights regarding your personal data:

• The right to be informed: About how your data is being used.
• The right of access: To your personal data.
• The right to rectification: To have inaccurate data corrected.
• The right to erasure (“right to be forgotten”): To have data deleted in certain circumstances.
• The right to restrict processing: To limit how your data is used.
• The right to data portability: To receive your data in a structured, commonly used, and machine-readable format.
• The right to object: To certain types of processing (e.g., direct marketing).
• Rights in relation to automated decision-making and profiling: To not be subject to a decision based solely on automated processing.

To exercise any of these rights, please contact us using the details provided in Section 1. We will respond to your request within one month. You also have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or place of the alleged infringement.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The updated policy will be posted on this page with an amended “Effective Date.” We encourage you to review this policy periodically.