Privacy Policy

May 24, 2024: December 2, 2025

1. Personal Data Controller

The controller of your personal data is Ethos Risk Management S.r.l., with its registered office at Via Monte Napoleone 8, 20121 Milan, Italy. For any inquiries regarding data protection, please contact us at privacy@ethosrisk.it.

2. Scope and purpose of data processing

We process your personal data for the following purposes:

  • Provision of Services: To enter into and perform a contract for our risk management and compliance services, including client communication and project management. The legal basis for this processing is the necessity to perform a contract (Art. 6(1)(b) GDPR).
  • Billing and Accounting: To issue invoices and fulfill our legal obligations under tax and accounting law. The legal basis for this processing is the fulfillment of a legal obligation (Art. 6(1)(c) GDPR).
  • Communication: To respond to your inquiries submitted via our contact forms or email. The legal basis for this processing is our legitimate interest in communicating with potential and existing clients (Art. 6(1)(f) GDPR).
  • Marketing: To send you marketing information about our services, provided you have given your consent. The legal basis for this processing is your consent (Art. 6(1)(a) GDPR), which you can withdraw at any time.

3. Your rights under GDPR

You have the following rights regarding your personal data:

  1. Access your personal data
  2. Rectify (correct) your data
  3. Erase data (right to be forgotten)
  4. Restrict data processing
  5. Data portability
  6. Object to data processing
  7. Withdraw consent for data processing at any time
  8. Lodge a complaint with a supervisory authority

4. Cookies

Our website uses cookies to improve your user experience. Cookies are small text files stored on your device.

  • Essential Cookies: These cookies are necessary for the website to function properly, such as for session management and security. They do not require your consent.
  • Analytical Cookies: These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously. We use them to improve our services.

You can manage your cookie preferences at any time through your browser settings. Disabling cookies may affect the functionality of this website.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, or destruction. These measures include data encryption, access controls, and regular security assessments to ensure a level of security appropriate to the risk.

6. Data Recipients

We may share your data with trusted third parties who provide services on our behalf, such as IT hosting or payment processing. These entities are contractually obligated to protect your data and may only use it for the specified purposes.