PRIVACY POLICY

This Privacy Policy explains how [● legal entity name] (the “Controller”, “we”, “us”, “our”) collects and processes personal data when you visit or interact with pillariumchambers.eu (the “Website”) and when you contact us using Website channels. “Personal data” means any information relating to an identified or identifiable natural person.

This Policy is designed to meet the transparency requirements of the EU General Data Protection Regulation (GDPR), applicable national implementing laws, and applicable ePrivacy rules regarding cookies and similar technologies.

1. Controller and contact details

Controller: [● legal entity name]

Registered address: [●]

Company registration no.: [●]

Email (privacy): [privacy@●]

Telephone (optional): [●]

If you have appointed a Data Protection Officer (DPO), include: DPO: [● name], [● email]. If not, remove the DPO reference.

2. How we collect personal data

We collect personal data:

  • directly from you when you submit inquiries or otherwise contact us through Website channels;
  • automatically when you use the Website (technical and usage data); and
  • in limited cases from third parties (for example, certain security/hosting providers or social media platforms when you interact with embedded features).

3. Categories of personal data we process

Depending on your interaction with the Website, we may process:

3.1 Data you provide

  • Identity/contact data: name, surname, organisation, role/title, email address, phone number, and any other details you include in your message.
  • Correspondence data: the content of your message and any attachments.
  • Preferences: communication preferences (e.g., marketing preferences if the Website offers subscriptions).
  • Event/meeting data (if offered): scheduling details, attendance preferences.

3.2 Data collected automatically

  • Technical data: IP address, device type, browser type/version, operating system, language settings, approximate location derived from IP.
  • Usage data: pages visited, time spent, interaction logs, referral URLs, and general traffic patterns.
  • Security data: logs that help detect and prevent fraud, abuse, or technical incidents.

3.3 Cookies and similar technologies

We may use cookies and similar technologies. Details and controls are set out in Section 7.

Important: Please do not provide special category data (e.g., health data) via the Website unless we explicitly request it and confirm the legal basis and safeguards.

4. Purposes and legal bases for processing

We process personal data only where we have a lawful basis. The main purposes and legal bases are:

4.1 Handling inquiries and communications

Purpose: to respond to your requests, communicate with you, and (where relevant) take steps prior to entering into a contract.

Legal basis: legitimate interests (GDPR Art. 6(1)(f)) in responding to communications and managing operations; and/or pre-contractual steps (Art. 6(1)(b)) where you request information with a view to an engagement.

4.2 Operating and securing the Website

Purpose: Website operation, performance, troubleshooting, security monitoring, prevention of fraud and abuse, and ensuring integrity of systems.

Legal basis: legitimate interests (Art. 6(1)(f)); and where applicable legal obligation (Art. 6(1)(c)).

4.3 Analytics and improvement

Purpose: to understand how the Website is used and improve performance, structure, and content.

Legal basis: consent (Art. 6(1)(a)) where required under ePrivacy rules for non-essential cookies/trackers; in limited cases, legitimate interests (Art. 6(1)(f)) may apply only where permitted by law and configured in a privacy-protective manner.

4.4 Marketing/newsletters

Purpose: sending updates, publications, invitations, or announcements.

Legal basis: consent (Art. 6(1)(a)) where required by marketing laws; or legitimate interests (Art. 6(1)(f)) where permitted (e.g., limited B2B communications), always with an opt-out.

4.5 Compliance and legal claims

Purpose: compliance with legal obligations, handling disputes, establishing/exercising/defending legal claims, and record-keeping.

Legal basis: legal obligation (Art. 6(1)(c)) and/or legitimate interests (Art. 6(1)(f)).

5. Legitimate interests

Where we rely on legitimate interests, those interests typically include: operating and securing the Website, responding to inquiries, preventing abuse, improving the Website, and maintaining business records. We consider and balance these interests against your rights and freedoms and apply appropriate safeguards (such as data minimisation, access controls, and limited retention).

6. Who we share personal data with

We share personal data only where necessary and proportionate:

6.1 Service providers

We may use providers for hosting, IT support, Website maintenance, security, email delivery, cookie consent management, and (where used) analytics or CRM. These providers process data on our instructions under written contracts that include confidentiality and GDPR-required protections.

6.2 Professional advisers

We may share data with advisers (lawyers, auditors, insurers, consultants) where necessary.

6.3 Authorities and legal disclosures

We may disclose data where required by law or where necessary to protect rights, safety and security, or to respond to lawful requests.

6.4 Corporate changes

If we undergo a merger, acquisition, restructuring, or asset sale, personal data may be transferred subject to appropriate protections.

We do not sell personal data.

7. Cookies, SDKs, and Similar Technologies

We and our partners may use cookies, SDKs, pixels (including clear GIFs/pixel tags), local storage, and similar technologies on web and app environments to:

  • enable core functionality and keep you signed in;
  • remember preferences;
  • conduct analytics and performance monitoring;
  • help secure the Service and prevent fraud;
  • deliver and measure ads where ads are shown.

Cookies are small data files stored on your Device that help websites and apps function, remember preferences, and understand usage. Some cookies are set by (…), and others are set by third parties for functions such as analytics, advertising, and measurement. Certain technologies may be used to understand engagement and measure performance.

Depending on your settings and how you access the Service, we may use:

  • Essential Cookies. Such cookies are technically necessary to provide website functionality. They act as a basic form of memory, used to store the preferences selected by a user on a given website or application. They are essential to browsing functionality and cannot be disabled by users. As an example, an essential cookie may be used to recognize a past user from having to log in each time they visit a new page in the same session.
  • 1-Pixel Images. Clear GIFs, pixel tags, or web beacons, which are generally 1-pixel, are transparent images located on a webpage or in an e-mail or other trackable source and may be used on our website in addition to any other communication offered by us. They are often used in connection with advertisements served to you that are interacted with, whether on our website or another online service and shared with us. This type of tracking is specifically meant to recognize users, assess traffic patterns, and measure site or campaign engagement.
  • Flash Cookies. Local Shared Objects, sometimes known as “flash cookies,” may be stored on your Device using a media player or other software. Flash cookies are similar to cookies in terms of their operation but may be managed in your browser in the same manner.
  • First (1st) Party & Third (3rd) Cookies. First (1st) party cookies are stored by a domain (website) you are visiting directly. They allow us to collect analytics data, remember preferred settings (e.g., language, currency, etc.), and perform related functions. Third (3rd) party cookies are created by domains other than those you are visiting directly, hence its name “third (3rd) party.” They may be used for cross-tracking, retargeting, and ad-serving.
  • Performance and Function Cookies. Such cookies are used to enhance the performance and functionality of a website but are not essential to its use. However, without these cookies, certain functions (like videos) may become unavailable. Essential cookies/technologies required for core functionality and security;
  • Advertising and measurement where ads are shown, to deliver and measure ads and prevent fraud.

Depending on how you access the Service, you may be able to:

  • control cookies via browser settings (including deleting or blocking cookies);
  • limit advertising IDs via Device settings (mobile and some connected TV platforms);
  • use platform privacy controls (e.g., iOS/Android and connected TV privacy settings);
  • opt out of certain disclosures/processing as described in Sections 11 and 13.

If you block cookies or tracking technologies, parts of the Service may not function properly.

If you would like to know more about cookies and how they are used, please visit.

You can set your browser not to accept cookies, and the above website tells you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result. 

Some browsers transmit “Do Not Track” signals. Because there is no uniform standard, we will not respond to Do Not Track signals. Where required by law we will honor applicable opt-out signals as described below.

Opt-out preference signals (e.g., Global Privacy Control). Where required by applicable law, we will recognize supported opt-out preference signals as a request to opt out of certain processing, such as “sale/sharing” or targeted advertising. Where required by law, we will also honor opt-out requests made through any “Your Privacy Choices” or similar link we provide. 8. International transfers

If we transfer personal data outside the European Economic Area (EEA) (or outside the UK/Switzerland, if applicable), we will ensure a lawful transfer mechanism such as:

  • an adequacy decision; and/or
  • Standard Contractual Clauses (SCCs) with supplementary measures where required; and/or
  • another GDPR-compliant transfer solution.

You may request information about safeguards by contacting [privacy@●].

9. Data retention

We retain personal data only for as long as necessary for the purposes described, taking into account legal requirements and limitation periods. Typical retention (adjust to match your operations):

  • Inquiries/correspondence: up to [12–24 months] after the last interaction, unless a longer period is needed for legal claims or an engagement follows.
  • Marketing subscriptions: until you unsubscribe/withdraw consent, plus limited suppression data to ensure we respect your opt-out.
  • Security logs: typically [6–12 months], unless needed for investigation or defence.

10. Your rights under GDPR and how to exercise them

You may have the following rights in relation to your personal data, subject to the conditions, limitations and exceptions set out in the GDPR and applicable national law.

Right of access. You may request confirmation as to whether we process your personal data and, where we do, access to that data and certain information about the processing (including the purposes, categories of data, recipients, retention periods, and safeguards for international transfers). Where permitted, we will provide a copy of your personal data. Additional copies may be subject to a reasonable administrative fee.

Right to rectification. You may request that we correct inaccurate personal data or complete incomplete personal data.

Right to erasure (“right to be forgotten”). You may request deletion of your personal data where, for example, it is no longer necessary for the purposes for which it was collected, you withdraw consent (where processing is based on consent), or you successfully object to processing. Please note we may need to retain certain data where required by law, to establish/exercise/defend legal claims, or for other lawful grounds under GDPR.

Right to restriction of processing. You may request that we restrict processing of your personal data in certain circumstances, including where you contest accuracy (for a period enabling us to verify), where processing is unlawful but you prefer restriction instead of deletion, or where you need the data for legal claims. During restriction, we will store the data but generally not use it (except as permitted by law).

Right to data portability. Where processing is based on your consent or a contract and carried out by automated means, you may request that we provide your personal data to you in a structured, commonly used and machine-readable format, and (where technically feasible) transmit it to another controller.

Right to object.

  • Objection to direct marketing: where we process your personal data for direct marketing purposes, you have the right to object at any time. If you object, we will stop processing your personal data for direct marketing.
  • Objection based on legitimate interests: where we rely on legitimate interests, you may object to processing on grounds relating to your particular situation. If you object, we will stop processing unless we demonstrate compelling legitimate grounds that override your interests, rights and freedoms, or the processing is needed for legal claims.

Right to withdraw consent. Where we rely on your consent (for example, certain cookies or marketing subscriptions), you can withdraw it at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.

Right to lodge a complaint. You have the right to lodge a complaint with a supervisory authority in the EU Member State of your habitual residence, place of work, or where the alleged infringement occurred. We encourage you to contact us first so we can try to resolve your concern promptly.

How to exercise your rights. You can submit requests by contacting [privacy@●]. To protect you and your data, we may ask for reasonable information to verify your identity and clarify your request. If you act through an authorised representative, we may request evidence of authorization (and still verify your identity where appropriate).

Response times and refusal in limited cases. We aim to respond without undue delay and in any event within one month of receiving your request. This period may be extended by up to two further months where necessary, taking into account the complexity and number of requests, in which case we will inform you. We may refuse or charge a reasonable fee for requests that are manifestly unfounded or excessive, or where we are legally entitled to refuse (for example, where disclosure would adversely affect the rights and freedoms of others, conflict with legal privilege, or be prohibited by law). In such cases, we will explain our position as required by law.

11. Complaints

You may lodge a complaint with a supervisory authority in the EU Member State of your habitual residence, place of work, or the place of the alleged infringement. We encourage you to contact us first so we can address your concerns: [privacy@●].

12. Security

We implement appropriate technical and organizational measures to protect personal data, including access controls, least-privilege access, logging/monitoring, and security controls suitable for the Website context. No system is completely secure, but we take reasonable steps to reduce risk.

13. Children

The Website is not intended for children. We do not knowingly collect personal data from children. If you believe a child has provided personal data, contact us and we will take appropriate steps.

14. Automated decision-making

We do not use personal data collected via the Website for solely automated decision-making (including profiling) that produces legal effects or similarly significant effects.

15. External links

The Website may link to third-party sites. We are not responsible for their privacy practices. Please review their privacy policies.

16. Updates to this Policy

We may update this Policy from time to time. Any changes will be posted on the Website with an updated “Last updated” date.