Privacy Policy
Last updated: 3 July 2026. This policy explains how K.I.E Advisory collects, processes, and stores personal data in accordance with Regulation (EU) 2016/679 (GDPR) and Slovak Act No. 18/2018 Coll. on Personal Data Protection.
1. Data controller
The data controller is Kenechukwu (Donald) Ifeanyi-Ezeaka, operating the independent consultancy K.I.E Advisory from Bratislava, Slovak Republic. Contact: [email protected].
2. What data we collect
We collect only the data required to deliver our services and communicate with prospective and current clients.
- Contact data you provide directly through email, Calendly bookings, or LinkedIn: name, business email address, company name, job title.
- Engagement data during an active project: the business data files you send us (typically CSV or Excel exports containing order, product, cost, carrier, or spend data). This data may include personal data of your customers or staff (for example customer email addresses in order exports).
- Website analytics: standard server logs (IP address, browser type, page requests, timestamps) held by our hosting provider (Cloudflare Pages). We do not use tracking cookies, advertising pixels, or third-party analytics scripts.
3. Legal basis for processing
- Consent when you contact us or book a call.
- Contract performance for data processed during an active engagement.
- Legitimate interest for standard server logs required to operate the site securely.
4. How we use the data
Client business data is used only to deliver the specific engagement contracted for. We do not use client data for training AI models, marketing, or any purpose beyond the deliverable. Contact data is used only to respond to enquiries and manage active projects.
5. Data sharing and processors
We do not sell or share personal data. We use the following processors, each bound by their own GDPR-compliant terms:
- Cloudflare, Inc. (US, with EU data processing) for website hosting, DNS, and email routing.
- Google LLC for Google Workspace email ([email protected]) and Google Search Console.
- Calendly LLC (US) for scheduling calls. Calendly is Data Privacy Framework certified.
- GitHub, Inc. for source code hosting of the static website.
6. Data storage and retention
Client business data is deleted from our systems within 30 days of engagement completion, unless a retainer requires continued storage. Contact data is retained for as long as the business relationship is active, plus 24 months, and then deleted. Server logs are retained by Cloudflare according to their standard retention policy.
7. Data transfers outside the EEA
Some of our processors (Cloudflare, Google, Calendly, GitHub) are US-based. All transfers rely on Standard Contractual Clauses or Data Privacy Framework certification, as required by GDPR Chapter V.
8. Your rights under GDPR
You have the right to access, rectify, erase, restrict, port, or object to the processing of your personal data. You also have the right to withdraw consent at any time and to lodge a complaint with the Office for Personal Data Protection of the Slovak Republic (dataprotection.gov.sk).
To exercise any of these rights, email [email protected]. We respond within 30 days.
9. Security
Client business data is stored in encrypted form at rest and in transit. Access is restricted to the primary consultant delivering the engagement. Files transferred by clients are handled through secure channels agreed at engagement start (typically a private cloud folder or encrypted email).
10. Cookies
This website does not set cookies. We do not use analytics cookies, advertising cookies, or third-party tracking. Standard hosting logs are held by Cloudflare and do not use browser cookies.
11. Changes to this policy
We update this policy when our processing changes. The date at the top reflects the latest revision.