Privacy Policy

KS Law Consultancy LLC — Effective: 12.04.2026

1. Introduction and Purpose

This Privacy Policy and Personal Data Protection Notice ("Policy") has been prepared to explain the principles under which personal data obtained through the kosovainvestment.com website, associated subdomains, client portal, application modules, digital document upload areas, online payment pages, contact forms, quote request screens, account creation processes, and all related digital service channels are collected, processed, stored, protected, and, where necessary, shared with individuals or institutions.\n\nThis Policy applies to all natural persons who visit the platform, create accounts, fill out forms, upload documents, request information, receive quotes, make payments, purchase services, or in any way establish digital or electronic contact with the Company.\n\nThe Company considers user privacy and protection of personal data as an integral part of service quality.

2. Identity of the Data Controller

The data controller for personal data processed within the scope of this Platform:\n\nKS Law Consultancy LLC\nPrishtinë, Republic of Kosovo\nEmail: [email protected]\nPhone / WhatsApp: +383 44 578 468\n\nThe Company may work with external service providers, technology infrastructure providers, payment systems, accounting experts, translators, notaries, courier services, consultants, or professional solution partners in certain processes.

3. Scope of the Policy

This Policy covers the following data processing areas:\n\nwebsite visits, contact forms, quote request processes, account creation and user login, order and payment processes, client portal usage, document and file upload operations, service-related emails, messages and correspondence, technical access records and security logs, customer support processes, post-service records, invoicing and archiving, data retention for legal compliance and defense purposes.

4. Categories of Personal Data That May Be Processed

Personal data that may be processed by the Company varies depending on the type of service:\n\n4.1. Identity Data: name, surname, date of birth, citizenship, passport number, ID number, signature specimen, photograph.\n4.2. Contact Data: email, phone, WhatsApp, address.\n4.3. Customer Transaction Data: purchased package/service, order details, transaction status.\n4.4. Financial Data: payment status, transaction amount, invoice information.\n4.5. Company Data: company name, registration number, ownership structure, tax number.\n4.6. Document Data: passport copies, lease agreements, company documents.\n4.7. Communication Data: email content, support messages.\n4.8. Technical Data: IP address, device information, browser type, cookies.\n4.9. Verification Data: document consistency checks, identity verification results.

5. Notice Regarding Sensitive Documents

Some services offered by the Company may require the processing of more sensitive documents by nature: passport copies, residence documents, tax documents, company ownership structures, powers of attorney, notarized documents. The Company processes this data solely for service fulfillment, verification, and legal compliance purposes.

6. Methods of Collecting Personal Data

Personal data may be collected through: website forms, quote request screens, account creation, order and payment steps, document uploads to client portal, email, WhatsApp, phone, physical document delivery, technical cookies and access logs, verification information from payment infrastructure.

7. Purposes of Processing Personal Data

The Company may process personal data for the following purposes:\n\n7.1. Service Delivery: account creation, order processing, document preparation, process tracking.\n7.2. Communication: contacting users, document deficiency notifications, support.\n7.3. Payment: collection, payment verification, invoice issuance.\n7.4. Legal Compliance: regulatory compliance, responding to official requests.\n7.5. Security: fraud detection, system security.\n7.6. Quality: platform performance, user experience.\n7.7. Rights Protection: dispute defense, evidence creation.

8. Legal Bases for Processing

The Company processes personal data based on specific legal grounds:\n\n8.1. Establishment and performance of contracts.\n8.2. Fulfillment of legal obligations.\n8.3. Legitimate interests.\n8.4. Explicit consent or user request.

9. Sharing of Personal Data

The Company does not sell personal data. Parties with whom data may be shared as required by service:\n\n9.1. Official Authorities: trade registry, tax administration, municipalities, notaries.\n9.2. Professional Service Providers: accountants, lawyers, translators.\n9.3. Technical Infrastructure: cloud hosting, email, CRM, security, payment providers.\n9.4. Legal Obligation: court orders, administrative requests.

10. Cross-Border Data Transfers

Due to digital service infrastructure, data may occasionally be processed on servers outside Kosovo. The Company takes reasonable technical and organizational measures.

11. Retention Period

Personal data is retained for the duration required by the processing purpose. When the need for retention ceases, data may be deleted, anonymized, or archived.

12. Data Security

The Company takes reasonable technical and administrative measures to protect personal data: access controls, password security, backups, firewall, SSL/TLS, logging, data minimization.

13. User Rights

Within the framework of applicable legislation, the user has the right to: learn whether data is processed, request information, request correction, request deletion, request restriction of processing, object, and withdraw consent. These rights are not absolute; they may be limited due to legal obligations.

14. Method of Exercising Rights

For data protection requests: [email protected]\n\nApplications should include name, contact information, and subject of request.

15. Data Relating to Children

The platform is designed for adult users. The Company does not knowingly intend to collect data from children.

16. Marketing Communications

The Company may send operational notifications related to services. Separate consent mechanisms may be applied for marketing communications.

17. Third-Party Links

The platform may link to third-party websites. The Company is not responsible for the privacy practices of these sites.

18. Log Records

The Company may maintain access records, session logs, and IP information for security and transaction tracking purposes.

19. Data Minimization

The Company aims to collect only necessary data whenever possible.

20. User Responsibility

Users should only upload necessary documents, protect account information, and not submit false data.

21. Post-Service Archive

After service completion, the Company may archive certain data for accounting, tax, dispute, and security purposes.

22. Data Breach

If the Company detects that the security of personal data has been compromised, it takes reasonable steps: isolates the incident, examines systems, restricts access.

23. Policy Changes

The Company may update this Policy. The current text becomes effective from the date of publication on the website.

24. Contact

KS Law Consultancy LLC\nPrishtinë, Republic of Kosovo\nEmail: [email protected]\nPhone / WhatsApp: +383 44 578 468

25. Final Provision

By using the platform, the user acknowledges that their personal data may be processed within the framework of this Policy.

Legal Documents

Privacy Policy

KS Law Consultancy LLC — Effective: 12.04.2026

1. Introduction and Purpose

This Privacy Policy and Personal Data Protection Notice ("Policy") has been prepared to explain the principles under which personal data obtained through the kosovainvestment.com website, associated subdomains, client portal, application modules, digital document upload areas, online payment pages, contact forms, quote request screens, account creation processes, and all related digital service channels are collected, processed, stored, protected, and, where necessary, shared with individuals or institutions.\n\nThis Policy applies to all natural persons who visit the platform, create accounts, fill out forms, upload documents, request information, receive quotes, make payments, purchase services, or in any way establish digital or electronic contact with the Company.\n\nThe Company considers user privacy and protection of personal data as an integral part of service quality.

2. Identity of the Data Controller

The data controller for personal data processed within the scope of this Platform:\n\nKS Law Consultancy LLC\nPrishtinë, Republic of Kosovo\nEmail: [email protected]\nPhone / WhatsApp: +383 44 578 468\n\nThe Company may work with external service providers, technology infrastructure providers, payment systems, accounting experts, translators, notaries, courier services, consultants, or professional solution partners in certain processes.

3. Scope of the Policy

This Policy covers the following data processing areas:\n\nwebsite visits, contact forms, quote request processes, account creation and user login, order and payment processes, client portal usage, document and file upload operations, service-related emails, messages and correspondence, technical access records and security logs, customer support processes, post-service records, invoicing and archiving, data retention for legal compliance and defense purposes.

4. Categories of Personal Data That May Be Processed

Personal data that may be processed by the Company varies depending on the type of service:\n\n4.1. Identity Data: name, surname, date of birth, citizenship, passport number, ID number, signature specimen, photograph.\n4.2. Contact Data: email, phone, WhatsApp, address.\n4.3. Customer Transaction Data: purchased package/service, order details, transaction status.\n4.4. Financial Data: payment status, transaction amount, invoice information.\n4.5. Company Data: company name, registration number, ownership structure, tax number.\n4.6. Document Data: passport copies, lease agreements, company documents.\n4.7. Communication Data: email content, support messages.\n4.8. Technical Data: IP address, device information, browser type, cookies.\n4.9. Verification Data: document consistency checks, identity verification results.

5. Notice Regarding Sensitive Documents

Some services offered by the Company may require the processing of more sensitive documents by nature: passport copies, residence documents, tax documents, company ownership structures, powers of attorney, notarized documents. The Company processes this data solely for service fulfillment, verification, and legal compliance purposes.

6. Methods of Collecting Personal Data

Personal data may be collected through: website forms, quote request screens, account creation, order and payment steps, document uploads to client portal, email, WhatsApp, phone, physical document delivery, technical cookies and access logs, verification information from payment infrastructure.

7. Purposes of Processing Personal Data

The Company may process personal data for the following purposes:\n\n7.1. Service Delivery: account creation, order processing, document preparation, process tracking.\n7.2. Communication: contacting users, document deficiency notifications, support.\n7.3. Payment: collection, payment verification, invoice issuance.\n7.4. Legal Compliance: regulatory compliance, responding to official requests.\n7.5. Security: fraud detection, system security.\n7.6. Quality: platform performance, user experience.\n7.7. Rights Protection: dispute defense, evidence creation.

8. Legal Bases for Processing

The Company processes personal data based on specific legal grounds:\n\n8.1. Establishment and performance of contracts.\n8.2. Fulfillment of legal obligations.\n8.3. Legitimate interests.\n8.4. Explicit consent or user request.

9. Sharing of Personal Data

The Company does not sell personal data. Parties with whom data may be shared as required by service:\n\n9.1. Official Authorities: trade registry, tax administration, municipalities, notaries.\n9.2. Professional Service Providers: accountants, lawyers, translators.\n9.3. Technical Infrastructure: cloud hosting, email, CRM, security, payment providers.\n9.4. Legal Obligation: court orders, administrative requests.

10. Cross-Border Data Transfers

Due to digital service infrastructure, data may occasionally be processed on servers outside Kosovo. The Company takes reasonable technical and organizational measures.

11. Retention Period

Personal data is retained for the duration required by the processing purpose. When the need for retention ceases, data may be deleted, anonymized, or archived.

12. Data Security

The Company takes reasonable technical and administrative measures to protect personal data: access controls, password security, backups, firewall, SSL/TLS, logging, data minimization.

13. User Rights

Within the framework of applicable legislation, the user has the right to: learn whether data is processed, request information, request correction, request deletion, request restriction of processing, object, and withdraw consent. These rights are not absolute; they may be limited due to legal obligations.

14. Method of Exercising Rights

For data protection requests: [email protected]\n\nApplications should include name, contact information, and subject of request.

15. Data Relating to Children

The platform is designed for adult users. The Company does not knowingly intend to collect data from children.

16. Marketing Communications

The Company may send operational notifications related to services. Separate consent mechanisms may be applied for marketing communications.

17. Third-Party Links

The platform may link to third-party websites. The Company is not responsible for the privacy practices of these sites.

18. Log Records

The Company may maintain access records, session logs, and IP information for security and transaction tracking purposes.

19. Data Minimization

The Company aims to collect only necessary data whenever possible.

20. User Responsibility

Users should only upload necessary documents, protect account information, and not submit false data.

21. Post-Service Archive

After service completion, the Company may archive certain data for accounting, tax, dispute, and security purposes.

22. Data Breach

If the Company detects that the security of personal data has been compromised, it takes reasonable steps: isolates the incident, examines systems, restricts access.

23. Policy Changes

The Company may update this Policy. The current text becomes effective from the date of publication on the website.

24. Contact

KS Law Consultancy LLC\nPrishtinë, Republic of Kosovo\nEmail: [email protected]\nPhone / WhatsApp: +383 44 578 468

25. Final Provision

By using the platform, the user acknowledges that their personal data may be processed within the framework of this Policy.