Privacy Policy

Effective Date: May 2, 2026

This Privacy Policy explains how Kolovoz Advisory ("we," "us," or "our") collects, uses, stores, and protects personal information when you visit our website, request advisory services, or submit lead-intake information.

Information We Collect

We collect information you provide directly through forms, email, and calls, including your name, company, role, email, phone number, project details, budget ranges, timing, and communications. We also collect technical data such as IP address, browser type, device and operating system details, referring pages, pages visited, timestamps, and basic interaction logs used for security and performance.

Lawful Basis and Consent

We process personal information based on one or more lawful bases: your consent, performance of pre-contractual steps or contracts, compliance with legal obligations, and our legitimate interests in operating and improving our advisory business. Where consent is required, you may withdraw consent at any time by contacting us.

Purposes of Processing

We use personal information to respond to inquiries, evaluate leads, deliver audits and advisory services, manage client relationships, process transactions, send service updates, maintain records, prevent abuse, improve site performance, and comply with legal, accounting, and contractual obligations.

Anonymized Case Studies and Sales Data

We may use sales and engagement outcome data in anonymized case studies, benchmark summaries, and marketing materials. We do not intentionally publish confidential information, account credentials, or sensitive financial details. You may opt out of any case-study use by sending a request through our Contact page with the subject line "Case Study Opt-Out."

Data Retention

We retain lead-intake data for up to 24 months after last meaningful contact, active client data for the duration of the engagement plus up to 7 years for legal/accounting purposes, and technical logs for generally up to 12 months unless a longer period is required for security or legal reasons.

Cross-Border Processing

We may process or store information in countries other than your own, including the United States, through our team and service providers. When required, we apply reasonable contractual and organizational safeguards for cross-border transfers.

Processors and Subprocessors

We use third-party providers to host our website, manage communications, analytics, payment processing, customer relationship management, and secure infrastructure operations. These providers process data on our behalf under appropriate contractual controls. We do not sell personal information.

Cookies and Minimal Analytics

We may use essential cookies and limited analytics tools to keep the site functional, measure basic performance, and improve user experience. You can manage cookie preferences through your browser settings.

Marketing Communications and Opt-Out

We may send marketing or follow-up communications related to our advisory services where permitted by law. You can opt out at any time by using unsubscribe instructions in messages or by contacting us through our Contact page.

Security Measures

We use reasonable administrative, technical, and organizational safeguards, including access-control practices, environment hardening, and monitoring to protect personal information. No transmission or storage method is guaranteed to be fully secure.

Breach Response

If we become aware of a confirmed data breach affecting personal information, we will investigate promptly, take containment and remediation steps, and provide notifications as required by applicable law.

Your Data Rights

Depending on your location and applicable law, you may request access to your data, correction of inaccurate data, deletion, and withdrawal of consent where processing relies on consent. You may also object to certain processing activities. We may need to verify identity before completing a request.

Children's Privacy

Our services and website are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided personal information, contact us and we will address the issue promptly.

Policy Updates

We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised effective date when required.

Contact

For privacy questions or requests, contact us through our Contact page.