Privacy Policy – IGA Consulting

In plain language: we collect the minimum data we need to respond to your inquiries and improve our site. We use standard analytics and advertising tools (Google, Meta, LinkedIn) so we understand how visitors find us. We never sell your data. You have full rights under the EU GDPR and the UK GDPR to access, correct, or delete what we hold about you.

1. Who we are (Data Controller)

This website is operated by ABM Korp Investment DOO Skopje, trading as IGA Consulting (“IGA”, “we”, “us”, “our”). We are the data controller responsible for personal data collected through this website.

ABM Korp Investment DOO Skopje

Petar Pop-Arsov 23/1-5, 1000 Skopje, North Macedonia

Email: hello@igaconsulting.com

2. Scope of this Policy

This Policy explains how we collect, use, disclose, and protect personal data when you visit igaconsulting.com, contact us through the site, or otherwise engage with our content. It is written to comply with Regulation (EU) 2016/679 (“EU GDPR”), the United Kingdom General Data Protection Regulation and the Data Protection Act 2018 (together “UK GDPR”), the ePrivacy Directive (2002/58/EC) and its UK equivalent (PECR), and the Law on Personal Data Protection of the Republic of North Macedonia.

3. What data we collect

3.1 Data you provide directly

When you submit our contact form, we collect the information you give us:

Full name
Job title
Company name
Work email address
Phone number
Inquiry type (selected from a dropdown)
Message content (free-text field)

If you email us directly at hello@igaconsulting.com or book a call, we collect whatever information you choose to share in that exchange.

3.2 Data collected automatically

When you visit the site, we and our service providers automatically collect:

IP address (typically truncated by analytics tools)
Device and browser type, operating system, screen size
Referring URL, pages visited, time on page, approximate geographic location (country / city level)
Cookie identifiers set by our analytics and advertising partners (see section 7)

4. Why we use your data (Purposes & Legal Bases)

Purpose	Data used	Legal basis (GDPR Art. 6)
Respond to your inquiry and discuss a potential engagement	Contact form fields, email correspondence	Art. 6(1)(b) — steps prior to entering a contract at your request
Follow up about relevant services if you have previously enquired	Email, name, company	Art. 6(1)(f) — our legitimate interest in business development; you may object at any time
Measure site usage and improve content	Analytics identifiers, page views, device data	Art. 6(1)(a) — your consent (where required), otherwise legitimate interest
Retarget visitors and measure advertising effectiveness	Meta Pixel and LinkedIn Insight Tag identifiers	Art. 6(1)(a) — your consent
Comply with legal, accounting, and tax obligations	Contract, invoicing, and communication records	Art. 6(1)(c) — legal obligation
Protect our site and prevent fraud or abuse	Server logs, IP addresses	Art. 6(1)(f) — legitimate interest in security

5. Who we share data with

We do not sell personal data. We share it only with the service providers we need to operate the site and respond to you, each of whom processes data on our behalf under a written agreement:

Bluehost (web hosting) — server logs, uptime monitoring
Make.com (form automation) — routes your contact form submission to our CRM
HubSpot (CRM) — stores contact information and conversation history
Google LLC (Google Analytics 4) — traffic analytics
Meta Platforms, Inc. (Meta Pixel) — ad measurement and retargeting
LinkedIn Ireland Unlimited Company (Insight Tag) — ad measurement and retargeting
Google Fonts — serves Montserrat typeface; may log IP on font request

We may also disclose personal data to law enforcement, courts, regulators, or legal advisers where we are legally required to do so, or to protect our rights or the safety of others.

6. International transfers

Some of our service providers (for example Google, Meta, LinkedIn, HubSpot, Make.com) are based in, or process data from, the United States. Where personal data is transferred outside the European Economic Area or the United Kingdom, we rely on:

The EU–US Data Privacy Framework and/or the UK Extension, where the recipient is certified, or
Standard Contractual Clauses approved by the European Commission, with supplementary measures where appropriate.

You can request a copy of the relevant safeguards by contacting us at hello@igaconsulting.com.

7. Cookies and tracking technologies

We use three categories of cookies and similar technologies:

Strictly necessary — required for the site to function (e.g. load-balancing, security). These are set without consent.
Analytics — Google Analytics 4 (ID G-60X9YDXJB0) helps us understand how visitors use the site. Data is aggregated and IP addresses are truncated.
Advertising & retargeting — the Meta Pixel (1462406542284210) and the LinkedIn Insight Tag (9911777) let us measure the effectiveness of our campaigns and show relevant content to people who have visited the site.

Where required by EU or UK law, we will ask for your consent before setting analytics or advertising cookies. You can withdraw consent at any time by clearing cookies in your browser, using your browser’s “Do Not Track” or Global Privacy Control signal, or opting out through each provider:

Google Analytics: tools.google.com/dlpage/gaoptout
Meta: facebook.com/settings?tab=ads
LinkedIn: linkedin.com/psettings/guest-controls/retargeting-opt-out

8. How long we keep your data

Contact inquiries: up to 24 months from the last meaningful interaction, then deleted or anonymised.
Active client records: for the duration of the engagement plus 10 years, to meet accounting and tax obligations in North Macedonia.
Marketing preferences: until you unsubscribe or object.
Analytics data: retained by Google Analytics for 14 months by default.
Server logs: up to 12 months.

9. Your rights

Under the EU GDPR and UK GDPR, you have the right to:

Access the personal data we hold about you (Art. 15)
Rectification of inaccurate or incomplete data (Art. 16)
Erasure — “right to be forgotten” (Art. 17)
Restrict processing in certain circumstances (Art. 18)
Data portability — receive your data in a structured, machine-readable format (Art. 20)
Object to processing based on our legitimate interests, including direct marketing (Art. 21)
Withdraw consent at any time where processing is based on consent (Art. 7(3))
Not be subject to decisions based solely on automated processing (Art. 22) — we do not use such processing

To exercise any of these rights, email hello@igaconsulting.com. We will respond within one month. There is no charge unless the request is manifestly unfounded or excessive.

10. Complaints to a supervisory authority

If you believe we have handled your personal data in breach of applicable law, you have the right to lodge a complaint with a data protection authority. You can contact the authority in your country of residence — for example the UK Information Commissioner’s Office (ico.org.uk), the Irish Data Protection Commission (dataprotection.ie), or the Agency for Personal Data Protection of North Macedonia (azlp.mk). We would, however, appreciate the chance to address your concerns first — please email us.

11. Security

We use appropriate technical and organisational measures to protect personal data, including TLS encryption in transit, access controls on our CRM and email accounts, least-privilege permissions, and regular review of our service providers’ security postures. No system is perfectly secure; if a breach occurs that is likely to result in a risk to your rights, we will notify you and the relevant authority within 72 hours as required by the GDPR.

12. Children

This site and our services are intended for business users and are not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided data, please contact us and we will delete it.

13. Changes to this Policy

We may update this Policy from time to time to reflect changes in our practices, our service providers, or the law. We will post the updated version on this page with a new “Last updated” date. If the changes are material, we will highlight them on the site or contact you directly where we have your email.

14. Contact us

For any privacy question, request, or complaint:

ABM Korp Investment DOO Skopje (trading as IGA Consulting)

Petar Pop-Arsov 23/1-5, 1000 Skopje, North Macedonia

Email: hello@igaconsulting.com