Legal

Privacy Policy

Last updated: June 2025

Mentat Advisors SRL (“Mentat Advisors”, “we”, “us”) is committed to protecting your personal data and complying with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable national data protection legislation.

This Privacy Policy describes how we collect, use, store, and protect your personal data when you visit mentatadvisors.eu or contact us through any form on this website.

1. Data Controller

The data controller is Mentat Advisors. For data protection inquiries, contact us at info@mentatadvisors.com.

2. Data We Collect

  • Contact form: name, email address, organisation name, subject, message.
  • Advisor applications: full name, email, phone, LinkedIn URL, country, current role, industry, years of experience, areas of expertise, availability, uploaded CV and diploma documents.
  • Usage data: IP address, browser type, pages visited, date and time of access (standard server logs, retained for up to 30 days).
  • Cookies: see our Cookie Policy.

3. Legal Bases for Processing

  • Legitimate interest (Art. 6(1)(f) GDPR): responding to inquiries, operating the website, security, fraud prevention.
  • Consent (Art. 6(1)(a) GDPR): where explicitly requested, for marketing communications and non-essential cookies.
  • Contract performance (Art. 6(1)(b) GDPR): processing advisor applications and delivering agreed advisory services.

4. How We Use Your Data

  • To respond to your contact enquiries.
  • To review and process advisor applications.
  • To improve website functionality and user experience.
  • To comply with legal obligations.
  • To protect the security and integrity of our platform.

5. Data Retention

Contact enquiries are retained for 24 months from submission. Advisor application data is retained for the duration of the application process and up to 3 years thereafter. Server access logs are retained for 30 days.

6. Data Sharing

We do not sell your personal data. We may share data with:

  • Hosting providers and technical service providers acting as data processors under a Data Processing Agreement.
  • Professional advisors where required by law.
  • Law enforcement when required by applicable legislation.

7. International Transfers

Our hosting infrastructure is based in the European Economic Area (“EEA”). Where any data is transferred outside the EEA, we ensure appropriate safeguards are in place as required by GDPR (e.g., Standard Contractual Clauses).

8. Your Rights

Under GDPR, you have the following rights:

  • Right of access (Art. 15)
  • Right to rectification (Art. 16)
  • Right to erasure (Art. 17)
  • Right to restriction of processing (Art. 18)
  • Right to data portability (Art. 20)
  • Right to object (Art. 21)
  • Right to withdraw consent at any time (Art. 7(3))

To exercise any of these rights, contact us at info@mentatadvisors.com. We will respond within 30 days. You also have the right to lodge a complaint with your national data protection supervisory authority.

9. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction, including HTTPS encryption, access controls, and regular security reviews.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by updating the “Last updated” date above. Continued use of the website after changes constitutes acceptance of the updated policy.