Skip to main content
Oulang International
Oulang International Business Center
Privacy Policy

PrivacyPolicy

Oulang International takes your privacy and data security seriously. This policy explains how we collect, use, share, store and protect personal information while providing immigration, real-estate, business and website services, in line with the EU General Data Protection Regulation (GDPR) and applicable Greek law.

Last updated: February 2026

Information We Collect

Categories of personal data we may collect

  • Identity and contact data: name, phone, email, WeChat and related contact details
  • Service-related data: ID/passport, address, family details where required for specific services
  • Financial and transaction data necessary for investment assessment, contracting and payments
  • Technical data: device/browser details, IP address, logs, cookie identifiers and usage events
  • Communication records from chat, phone, email and booking channels for service quality and compliance

How we collect personal data

  • Directly from you via forms, chat, calls, email or offline communication
  • From authorised third parties (e.g. lawyers, accountants, authorities, partners) where lawful
  • Automatically through cookies and similar technologies (manageable in cookie settings/browser controls)
  • We do not intentionally collect sensitive data that is not necessary for the stated purpose

How We Use Your Information

Purposes and legal bases (GDPR Article 6)

  • Contract performance / pre-contract steps at your request: consultation response, case assessment, application handling and customer support
  • Legal obligations: anti-money laundering, tax/accounting compliance, regulatory reporting and audit retention
  • Legitimate interests: website security, service improvement, fraud/risk prevention and dispute management
  • Consent-based processing: marketing communications, non-essential cookies and selected analytics; you can withdraw consent at any time
  • We apply data minimisation and do not reuse personal data for incompatible purposes

Information Sharing

Who we may share data with (strictly as necessary)

  • Greek immigration and other competent authorities where required for your case
  • Law firms, accountants, translators, notaries, real-estate and technology providers under confidentiality obligations
  • Payment, communications, cloud and analytics providers used to operate and deliver services
  • Third parties you explicitly authorise
  • Regulators, courts or law-enforcement bodies where disclosure is legally required

International transfers and safeguards

  • Where data is transferred outside the EEA, we implement GDPR-compliant safeguards (such as Standard Contractual Clauses)
  • We apply encryption, access control, least-privilege policies and vendor due diligence
  • We do not sell personal data and do not permit unauthorised sharing

Data Protection

Technical and organisational measures

  • Encryption in transit/at rest, authentication controls, audit logs and role-based access
  • Staff confidentiality duties, least-privilege access and regular privacy/security training
  • Security monitoring, periodic testing, patching, backups and disaster recovery procedures
  • If a personal data breach is likely to affect your rights, we will notify relevant authorities/data subjects as required by law

GDPR Compliance

Your rights under GDPR

  • Right to be informed and right of access to your personal data
  • Right to rectification and right to erasure (where legal conditions apply)
  • Right to restriction of processing and right to object in specific circumstances
  • Right to data portability in a structured, commonly used, machine-readable format
  • Right to withdraw consent at any time for consent-based processing
  • Automated decision-making: we do not carry out solely automated decisions producing significant legal effects
  • Response timeframe: we generally respond within 30 days; this may be extended where legally permitted and complexity requires

Cookie Policy

Types of cookies we use

  • Essential cookies: required for core functionality and security
  • Functional cookies: remember language and user preferences
  • Analytics cookies: measure usage and improve performance (e.g. Google Analytics)
  • Marketing cookies: measure campaign performance and personalise content where applicable

Cookie controls and consent withdrawal

  • On first visit, you can choose "Accept All" or "Necessary Only"
  • You can update choices at any time through cookie settings or browser controls
  • Disabling non-essential cookies does not block core access, but some features may be limited

Data Retention

Retention periods and deletion rules

  • Business/contract records: retained per Greek legal and tax requirements, typically at least 7 years
  • Inquiry and customer-service records: typically retained for 3 years after last contact
  • Analytics data: retained according to tool configuration (for example up to about 26 months), with aggregation/pseudonymisation where possible
  • Marketing consent logs: retained while consent is active and then minimised per legal retention requirements
  • After retention expires, data is deleted, anonymised or minimally retained where legally required

Contact Us

If you have questions about this Privacy Policy or want to exercise your data-subject rights (access, rectification, erasure, objection, consent withdrawal), please contact us:

Data Protection Officer: Oulang International Legal Department

Email: privacy@oulang.com

Address: Leof. Mesogeion 2, Athina 115 27, Greece

Phone: +30 210-4408818

Right to complain: If you believe your personal data has not been handled lawfully, you may lodge a complaint with the Hellenic Data Protection Authority (HDPA) or your local data protection authority. We encourage you to contact us first so we can try to resolve the issue promptly. HDPA:www.dpa.gr