top of page

Privacy Policy

A legal disclaimer

Last Updated: November 2025
Golden Key Legal

Golden Key Legal (“we”, “our”, “the Firm”) is committed to protecting the privacy of all visitors to our website and all individuals who contact us through it.
This Privacy Policy explains how we collect, use, store and protect personal data in accordance with:

  • Regulation (EU) 2016/679 (GDPR)

  • Greek Law 4624/2019

  • Greek Law 3471/2006 (ePrivacy)

  • Professional secrecy obligations applicable to attorneys-at-law in Greece

  • Wix.com Ltd. platform policies (hosting provider)

By using this website, you consent to the practices described in this Policy.

​

1. Data Controller

Golden Key Legal
Athens, Greece
Email: goldenkeylegal@gmail.com

The Firm acts as the Data Controller for all personal data submitted through this website.

​

2. Types of Personal Data We Collect

A. Information You Provide Directly

When you contact us, complete forms, or request legal services, we may collect:

  • Full name

  • Email address

  • Phone number

  • Country of residence

  • Information related to your legal matter

  • Documents voluntarily uploaded or emailed to us

B. Information Collected Automatically

When you visit our website:

  • IP address

  • Device identifiers

  • Browser type

  • Operating system

  • Referring URL

  • Pages visited

  • Time and date of access

C. Cookies & Analytics

Our website, hosted by Wix, uses:

  • Essential cookies (security, operation)

  • Analytics cookies (traffic statistics)

  • Preference cookies

Analytics may be provided through Wix Analytics or Google Analytics, depending on configuration.

​

3. Legal Basis for Processing

We process personal data only where permitted by law:

​

A. Article 6(1)(b) GDPR – Contractual Necessity

For communication, legal advice, representation, and conflict checks.

B. Article 6(1)(f) GDPR – Legitimate Interests

For website security, analytics, fraud prevention, and Firm administration.

C. Article 6(1)(c) GDPR – Legal Obligation

Including anti-money-laundering (AML) compliance under Greek Law 4738/2020.

D. Article 6(1)(a) GDPR – Consent

For non-essential cookies and marketing communications (if applicable).

E. Article 9(2)(f) GDPR – Legal Claims

If you submit sensitive data (e.g., criminal, immigration, or human-rights matters), it is processed for the establishment, exercise or defence of legal claims.

​

4. Purpose of Processing

We process your personal data for the following purposes:

  • Responding to inquiries and requests

  • Providing legal services

  • Conflict and background checks

  • AML/KYC verification for clients

  • Website operation and analytics

  • Cybersecurity and fraud prevention

  • Administrative purposes

  • Compliance with legal and regulatory obligations

Your data is never sold.

 

5. Professional Secrecy & Confidentiality

As attorneys-at-law in Greece, we are bound by:

  • Attorney–client privilege

  • Confidentiality obligations

  • Greek Code of Lawyers (Ν. 4194/2013)

All information you submit is treated as strictly confidential
—even if you do not ultimately become a client of the Firm.

 

6. Data Retention

We retain data only as long as necessary:

  • Contact form submissions: up to 12 months

  • Client files: 5–10 years, depending on the case

  • AML/KYC records: 5 years (Law 4738/2020)

  • Analytics data: up to 14 months

  • Cookie data: according to cookie category (detailed in the Cookie Policy)

 

7. Data Sharing with Third Parties

We may share data only with:

  • Wix.com Ltd. (website hosting provider)

  • Email service providers

  • IT support partners bound by confidentiality

  • Courts, authorities, and regulators (only when legally required)

  • Banks and payment institutions (if transactions occur)

We do not share or sell data to advertisers, marketers, or unrelated third parties.

 

8. International Transfers

Since our website is hosted on Wix, data may be stored on servers located in:

  • The European Union

  • The United States

  • Israel

When data is transferred outside the EU, Wix implements:

  • Standard Contractual Clauses (SCCs)

  • Additional GDPR safeguards

More details can be found in Wix’s privacy documentation.

 

9. Data Security

We implement appropriate technical and organisational measures:

  • SSL encryption

  • Restricted access to client files

  • Secure document storage

  • Malware and firewall protection

  • Internal confidentiality controls

  • Principle of data minimisation

Despite these measures, no online transmission is 100% secure.

 

10. Your GDPR Rights

You have the right to:

  • Access your data

  • Correct inaccurate data

  • Request deletion

  • Restrict processing

  • Object to processing

  • Withdraw consent (for cookies/marketing)

  • Request data portability

  • Lodge a complaint with the Hellenic Data Protection Authority (HDPA):
    https://www.dpa.gr/

To exercise any rights, contact: privacy@goldenkeylegal.com

 

11. Cookies

We use cookies to:

  • Ensure secure website operation

  • Measure website performance

  • Improve user experience

You can manage cookie preferences through our website’s cookie banner or through your browser settings.

Full details are available in the Cookie Policy.

 

12. Changes to This Policy

We may update this Privacy Policy periodically.
The “Last Updated” date indicates the latest revision.

 

Contact Us

For privacy questions or data rights requests:

goldenkeylegal@gmail.com
Golden Key Legal
Athens, Greece

bottom of page