Stratwell Consulting Logo

Online Assessment

Stratwell Consulting Logo
Stratwell Consulting Logo

Privacy Policy

Effective Date: 22 February 2026

At Golden Path Investment, we value your privacy and are committed to protecting your personal information in accordance with the EU General Data Protection Regulation (GDPR) and applicable data protection laws. This Privacy Policy outlines how we collect, use, store, share, and safeguard your personal data when you interact with our services, and explains your rights as a data subject.

Information We Collect

We may collect and process the following categories of personal data, depending on how you interact with us:

  • Personal Information: Name, email address, phone number, postal address, and country of residence.

  • Professional and Financial Information: Profession, employment status, and indicative financial information strictly required to assess eligibility for residency-by-investment or similar programmes.

  • Service-Related Information: Investment profile and preferences, jurisdictions of interest, residency or citizenship goals, notes from consultations, and information required for preliminary eligibility assessments.

  • Documents Provided by You: Copies of identification documents, proof of address, financial evidence, and other supporting documents necessary to provide our services, collected and stored securely.

  • Website and Usage Data: IP address, browser type, device information, pages visited, date and time of access, and similar technical data collected via cookies or similar technologies.

We only collect data that is relevant and necessary for the purposes described in this Policy.

How We Use Your Information

We process your personal data only for specified, explicit, and legitimate purposes, and on the basis of a lawful ground under the GDPR:

  • To Provide Services: To respond to enquiries, schedule consultations, assess eligibility, prepare and manage your file, and liaise with partner firms and relevant authorities.

  • Communication: To send updates on the status of your case, important notices, and other service-related information.

  • Marketing: To send newsletters, information on new programmes, webinars, or other promotional content relevant to your profile. You may opt out at any time.

  • Improvement: To analyse website performance and usage, improve user experience, and maintain the security of our systems.

  • Legal Compliance: To comply with obligations relating to tax, accounting, anti-money laundering (AML), know-your-customer (KYC), sanctions, and other legal or regulatory duties.

Sharing Your Information

We do not sell or rent your personal data. We may share your information only where necessary and on a need-to-know basis:

  • Service Providers: IT hosting, email, CRM, marketing, and analytics providers acting on our behalf under written data processing agreements.

  • Professional Partners: Law firms, local agents, banks, and other partners involved in investment and immigration processes, only to the extent required to provide the services you request.

  • Legal Compliance: Where required to comply with legal obligations, court orders, or lawful requests from competent authorities or regulators.

Whenever we share data, we ensure that appropriate contractual and security safeguards are in place.

International Data Transfers

Because we operate in the field of international investment and immigration, your personal data may be transferred to countries outside the European Economic Area (EEA). Where such transfers occur, we will ensure data is transferred only to countries recognised as adequate by the European Commission, or we will put in place appropriate safeguards such as Standard Contractual Clauses approved under the GDPR.

Data Retention

We keep your personal data only for as long as necessary for the purposes for which it was collected, and to comply with legal or regulatory requirements:

  • Contact and enquiry data: typically kept for up to [x] years after your last interaction, unless it leads to a contractual relationship.

  • Client and case-related data: kept for the duration of the contractual relationship and thereafter for applicable statutory retention periods (e.g. tax, accounting, AML/KYC).

  • Marketing data: retained until you withdraw consent or object to further communications, unless a longer period is required by law.

We will securely delete or anonymise data once it is no longer required.

Data Security

We take the security of your personal information seriously and implement appropriate technical and organisational measures to protect it from unauthorised access, loss, destruction, or alteration.

Measures we take:

  • Secure servers and restricted access to systems and databases.

  • HTTPS encryption for data in transit and, where relevant, at rest.

  • Internal access controls based on roles and need-to-know principles.

  • Regular security assessments and updates to identify and mitigate risks.

Despite our efforts, no method of transmission over the internet is 100% secure. If you believe your interaction with us is no longer secure, please contact us immediately.

Cookies and Similar Technologies

Our website may use cookies and similar technologies to ensure basic site functionality, measure performance, and improve content and navigation. Non-essential cookies will only be used with your prior consent, which you can manage or withdraw via your browser settings or any cookie tool we provide.

Your Rights

Under the GDPR, you have the following rights in relation to your personal data, subject to certain conditions and legal limitations:

  • Access: to obtain confirmation of whether we process your personal data and, if so, access to that data.

  • Rectification: to have inaccurate or incomplete personal data corrected.

  • Erasure: to request deletion of your personal data where there is no valid reason for us to continue processing it.

  • Restriction of processing: to request that we limit the processing of your personal data in certain circumstances.

  • Object: to object to processing based on our legitimate interests, and to object at any time to processing for direct marketing.

  • Data portability: to receive your personal data in a structured, machine-readable format and transmit it to another controller where technically feasible.

  • Withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us using the details below. You also have the right to lodge a complaint with the Comissão Nacional de Proteção de Dados (CNPD), the Portuguese data protection authority.

Children's Data

Our services are not directed at minors for investment purposes, and we do not knowingly collect or process personal data of individuals under 18 in this context. Any processing of minors' data that may arise in the context of family applications will only be carried out where there is an appropriate legal basis and, where required, with parental consent or authorisation.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time to reflect changes in law, our services, or internal practices. Any changes will be posted on this page with an updated effective date. We encourage you to review this Policy periodically to stay informed about how we handle your personal data.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact us at:

Golden Path Investment

Rua Paul Harris nº1

Email: enquiries@goldenpathinvestment.com

Website: www.goldenpathinvestment.com

Go to the Homepage