top of page
Nimbus-logo

Privacy Policy

Last updated: 26 April 2026

Nimbus Cyber ("we", "us", "our") is a specialist cybersecurity advisory firm based in Greece and serving clients across Europe. We take privacy and data protection seriously. This Privacy Policy explains how we collect, use, store and protect personal data when you visit our website, contact us, or engage our advisory services.

1. Who we are

Nimbus Cyber is a cybersecurity advisory firm focused on identity-first security architecture, identity governance and related advisory services. Our registered office is in Athens, Greece. If you have any questions about this Privacy Policy or how we handle personal data, you can contact us at info@nimbuscyber.eu.

2. What data we collect

We may collect and process the following categories of personal data:

  • Contact details such as name, job title, company, business email address and phone number.
  • Information you provide when you request a consultation, complete a form, register for a workshop or contact us directly.
  • Technical information such as IP address, browser type, device information and pages visited, collected through cookies or similar technologies.
  • Communication records such as emails, meeting notes and messages exchanged with us.

We do not intentionally collect special categories of personal data (such as health data or information about political opinions) through this website.

3. How we use personal data

We use personal data for the following purposes:

  • To respond to enquiries, schedule and deliver consultations and workshops, and manage our client relationships.
  • To send you information you have requested, such as insights, resources or event details.
  • To operate, secure and improve our website and services, including understanding how visitors use our site.
  • To meet our legal, regulatory and contractual obligations.

We only process personal data where we have a lawful basis, such as your consent, our legitimate interests in running and growing our advisory business, or to perform a contract with you.

4. How we share personal data

We do not sell personal data. We may share personal data with:

  • Trusted service providers who support our operations (for example, IT, hosting, email and collaboration tools), under appropriate data protection terms.
  • Professional advisers such as legal, accounting or insurance providers where necessary.
  • Public authorities or regulators where we are legally required to do so.

We take steps to ensure that any third parties who process personal data on our behalf protect it in line with applicable data protection laws.

5. International transfers

Nimbus Cyber is based in Greece and serves clients across Europe. Where personal data is transferred outside the European Economic Area (EEA), we will take appropriate measures to ensure an adequate level of protection, such as using standard contractual clauses or relying on other lawful transfer mechanisms.

6. Data retention

We keep personal data only for as long as necessary for the purposes described in this Privacy Policy, including to meet legal, regulatory, accounting or reporting requirements. When personal data is no longer needed, we will delete or anonymise it in a secure manner.

7. Your rights

Depending on your location and applicable law, you may have rights in relation to your personal data, including the right to:

  • Access a copy of your personal data.
  • Request correction of inaccurate or incomplete data.
  • Request deletion of your personal data in certain circumstances.
  • Object to or restrict the processing of your personal data.
  • Withdraw consent where we rely on your consent.

To exercise your rights, please contact us at info@nimbuscyber.eu. We may need to verify your identity before responding to your request.

8. Cookies and similar technologies

Our website may use cookies and similar technologies to help us understand how visitors use the site and to improve performance and security. You can usually control cookies through your browser settings. For more information about cookies used on this site, please refer to any cookie banner or settings tool displayed when you visit the site.

9. Security

We take appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse or alteration. While no system can be completely secure, we design our processes and controls with security and confidentiality in mind, consistent with our role as a cybersecurity advisory firm.

10. Updates to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements or services. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this page periodically to stay informed about how we handle personal data.

If you have any questions or concerns about this Privacy Policy or how we handle personal data, please contact us at info@nimbuscyber.eu.

bottom of page