Privacy Policy
Last updated: July 2026
Greetix ("we", "us", "our") is committed to protecting your personal data. This policy explains how we collect, use, and safeguard information when you visit our website or engage with our services.
Greetix is a sole proprietorship registered in Luxembourg. For questions about this policy, contact us at privacy@greetix.ai.
1. Data Controller
The data controller responsible for your personal data is:
Greetix
Luxembourg
Email: privacy@greetix.ai
2. Data We Collect
2.1 Website visitors
| Data | Purpose | Legal Basis |
|---|---|---|
| IP address, browser type, pages visited | Site analytics, security | Consent (cookie banner) |
| Name, email, company (contact form) | Respond to your enquiry | Consent (form submission) |
| Cookie preferences | Remember your consent choice | Legitimate interest |
2.2 Outreach recipients (on behalf of our clients)
| Data | Purpose | Legal Basis |
|---|---|---|
| Professional name, job title, work email | B2B outreach campaigns | Legitimate interest (Art. 6(1)(f) GDPR) |
| Company name, industry, public regulatory filings | Prospect qualification | Legitimate interest |
We only contact named professionals at their business email address. We never purchase consumer data or contact personal email addresses.
3. Legitimate Interest Assessment (B2B Outreach)
For each outreach campaign we conduct on behalf of clients, we document a Legitimate Interest Assessment (LIA) that establishes:
- The specific business purpose of the contact
- Why the recipient's professional role makes the communication relevant
- The balance of interests between sender and recipient
- The source of the contact data (LinkedIn, CSSF registry, industry database)
LIA documents are retained for the duration of the campaign plus 12 months.
4. How We Use Your Data
- To respond to enquiries submitted through our contact form
- To deliver outreach services to our clients
- To measure website performance (only with your consent)
- To comply with legal obligations
We do not sell, rent, or share your personal data with third parties for their marketing purposes.
5. Data Processors
We use the following categories of processors, all bound by Data Processing Agreements:
- Email infrastructure — for sending and tracking outreach campaigns
- Analytics — for measuring website performance (only after consent)
- Cloud hosting — for website delivery and data storage
All processors are selected for EU data residency compliance where available.
6. Data Retention
- Contact form submissions: retained for 12 months, then deleted
- Outreach prospect data: non-respondents are removed after 30 days of campaign completion
- Analytics data: aggregated and anonymized after 14 months
- Opt-out records: retained indefinitely to honour your preference
7. Your Rights
Under GDPR, you have the right to:
- Access — request a copy of your personal data
- Rectification — correct inaccurate data
- Erasure — request deletion of your data
- Restriction — limit how we process your data
- Portability — receive your data in a structured format
- Object — object to processing based on legitimate interest
To exercise any of these rights, email privacy@greetix.ai. We respond within 30 days.
8. Opt-Out
Every outreach email we send includes a one-click unsubscribe link. Once you opt out:
- Your email is added to our suppression list within 24 hours
- You will never be contacted again by any Greetix campaign
- Your suppression record is retained indefinitely to prevent future contact
9. Cookies
Our website uses cookies only after you explicitly consent via the cookie banner.
| Cookie | Type | Purpose | Duration |
|---|---|---|---|
| cookie_consent | Functional | Remembers your consent choice | 1 year |
| _ga, _gid | Analytics | Google Analytics (if consented) | Up to 2 years |
| _fbp | Marketing | Meta Pixel (if consented) | 90 days |
| li_sugr | Marketing | LinkedIn Insight (if consented) | 90 days |
If you decline cookies, only the functional cookie_consent preference is stored locally. No tracking scripts are loaded.
10. Security
We implement appropriate technical and organizational measures to protect your data, including:
- HTTPS encryption for all web traffic
- Content Security Policy headers
- EU-based hosting infrastructure
- Access controls limited to authorized personnel
11. Supervisory Authority
If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Luxembourg data protection authority:
Commission Nationale pour la Protection des Donnees (CNPD)
15, Boulevard du Jazz, L-4370 Belvaux, Luxembourg
Website: cnpd.public.lu
12. Changes to This Policy
We may update this policy to reflect changes in our practices or legal requirements. Material changes will be posted on this page with an updated revision date.