Privacy Policy

Effective Date: 27.04.2025
Last Updated: 02.05.2025

This Privacy Policy sets forth the manner in which personal data is collected, processed, and protected by Greetix.ai, a sole proprietorship registered and operated under the laws of the Grand Duchy of Luxembourg, with its principal place of business at 46 rue de Differdange, L-4437 Soleuvre, Luxembourg (hereinafter referred to as “Greetix”, “we”, “us” or “our”), in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“General Data Protection Regulation” or GDPR) and applicable Luxembourgish laws.

1. Data Controller

The data controller within the meaning of Article 4(7) GDPR is:

Kessam Sami
Founder & Sole Proprietor
Email: sami@greetix.ai
Phone: +352 621 319 685
Address: 46 rue de Differdange, L-4437 Soleuvre, Luxembourg

2. Categories of Personal Data Collected

We may collect and process the following categories of personal data:

  • Identity Data: full name, job title

  • Contact Data: email address, phone number

  • Professional Information: company name, role, business website

  • Technical Data: IP address, browser type, operating system

  • Usage Data: interactions with our website, pages visited, time spent

  • Communication Data: content of messages sent via contact forms or emails

  • Payment Data: billing address, last 4 digits of payment methods (processed securely via third-party providers only)

We do not knowingly collect or process any special categories of personal data under Article 9 GDPR (e.g., health data, biometric data, religious beliefs, etc.).

3. Legal Bases for Processing (Article 6 GDPR)

We process your personal data lawfully, in accordance with Article 6 GDPR. Processing is based on:

  • Article 6(1)(a)Consent: when you voluntarily provide information (e.g. newsletter signup, contact form)

  • Article 6(1)(b)Contractual necessity: when processing is required to deliver a service you requested

  • Article 6(1)(f)Legitimate interests: e.g. website security, user analytics, improving our services

  • Article 6(1)(c)Legal obligation: e.g. tax and accounting obligations

4. Purposes of Data Collection

We collect and process your personal data for the following purposes:

  • Responding to inquiries submitted via forms or emails

  • Delivering our automation services to you or your business

  • Managing appointments, onboarding, or demos

  • Ensuring website functionality, stability, and security

  • Performing statistical analysis on site traffic and usage

  • Complying with legal, regulatory, or tax requirements

  • Sending you service-related communications or updates (you may opt out at any time)

5. Data Retention

Your personal data is retained only for as long as necessary to fulfil the purposes for which it was collected, and in accordance with:

  • Statutory limitation periods for contractual liability - 10 years in Luxembourg

  • Legal or regulatory requirements (e.g., invoicing obligations)

After these periods, your data will be securely deleted.

6. Data Transfers

Your data may be stored or processed by trusted third-party providers located within the European Economic Area (EEA) or in jurisdictions providing an adequate level of protection under Article 45 GDPR. In the case of transfers outside the EEA, we ensure appropriate safeguards (e.g. Standard Contractual Clauses, per Article 46 GDPR).

7. Data Recipients

We may share your data with:

  • Our hosting provider (Amazon Web Services – EMEA SARL, Luxembourg)

  • Email service providers (Google, Microsoft)

  • Analytics and performance tools (Google Analytics)

  • CRM and automation tools (Make.com, Zapier)

  • Legal or accounting service providers where required

  • Public authorities, only when legally required (e.g. tax audits)

All processors are contractually bound to comply with Article 28 GDPR.

8. Security of Data

We implement appropriate technical and organisational measures in accordance with Article 32 GDPR, including:

  • TLS/SSL encryption

  • Secure access protocols

  • Regular system updates and security audits

  • Strict access control and authentication procedures

However, while we follow best practices, no system can be 100% secure. Users acknowledge this inherent risk when submitting data online.

9. Your Rights under GDPR (Articles 12–23)

As a data subject, you have the following rights:

  • Right of access (Art. 15 GDPR)

  • Right to rectification (Art. 16 GDPR)

  • Right to erasure / “right to be forgotten” (Art. 17 GDPR)

  • Right to restriction of processing (Art. 18 GDPR)

  • Right to data portability (Art. 20 GDPR)

  • Right to object (Art. 21 GDPR)

  • Right to withdraw consent at any time (Art. 7 GDPR)

  • Right to lodge a complaint with the CNPD (Luxembourg Data Protection Authority)

To exercise your rights, please contact us at: sami@greetix.ai

10. Cookies and Tracking Technologies

Cookies may be used on this website for analytics, functionality, and personalisation. You will be presented with a cookie banner to accept or decline non-essential cookies in accordance with the ePrivacy Directive and Article 5(3) of Directive 2002/58/EC.

A full Cookie Policy is available separately.

11. Updates to This Privacy Policy

We reserve the right to amend this Privacy Policy at any time to reflect legal, regulatory, or operational changes. The date of the last update will always be shown at the top of the page.

12. Supervisory Authority Contact

If you believe your data protection rights have been violated, you may contact the national data protection authority:

Commission nationale pour la protection des données (CNPD)
15, Boulevard du Jazz
L-4370 Belvaux, Luxembourg
Website: https://cnpd.public.lu