Gullia Filing

Legal

Privacy Policy

Gullia Filing LLC ("Gullia Filing", "we", "us" or "our") respects your privacy. This policy explains what personal information we collect, why we collect it, how we use and share it, and the rights you have under applicable data protection laws including the EU GDPR, UK GDPR, CCPA/CPRA and PIPEDA.

Effective date: 10 June 2026 · Last updated: 10 June 2026

1. Overview & Scope

This Privacy Policy applies to information we collect through gulliafiling.com, related subdomains, our client portal, our emails and any service we provide to clients in the US, UK, Canada and the UAE. It should be read together with our Terms of Service.

2. Who We Are (Data Controller)

Gullia Filing LLC is the data controller of personal information processed in connection with our Services, except where we process information on behalf of a client (for example, beneficial owners of an entity we are forming for you) in which case we act as data processor on your instructions.

3. Information We Collect

We collect the following categories of personal information:

  • Identity & contact data: full name, date of birth, nationality, residential address, email and phone number.
  • Government identification: passport, national ID, driver's licence, tax identification numbers (SSN, ITIN, EIN, UTR, BN, TRN), proof of address documents, where required for entity formation, KYC and beneficial ownership reporting.
  • Business information: entity name, jurisdiction, ownership structure, directors, officers, registered agent, business activity, financial summaries you submit for accounting or tax filings.
  • Payment data: billing address and the last four digits of your card. Full card numbers are processed directly by our PCI-DSS-compliant payment processors and are not stored on our servers.
  • Communications: messages, attachments and call recordings (where disclosed) between you and our concierge team.
  • Technical & usage data: IP address, device identifiers, browser type, pages visited, referring URL and timestamps, collected via cookies and similar technologies.

4. How We Use Your Information

  • To create, file and maintain your business entity with the relevant authority.
  • To perform KYC, anti-money-laundering, sanctions and beneficial ownership checks required by law.
  • To process payments, issue invoices and prevent fraud.
  • To provide customer support, send service-related notices and respond to your requests.
  • To improve and secure the Services, including troubleshooting, analytics and product development.
  • To send marketing communications about our Services (you can unsubscribe at any time).
  • To comply with legal obligations and enforce our Terms.
  • Contract: to provide the Services you have requested.
  • Legal obligation: to meet KYC, AML, tax, accounting and reporting requirements.
  • Legitimate interests: to operate, secure and improve our business, provided your interests and fundamental rights do not override these interests.
  • Consent: for non-essential cookies and marketing emails. You can withdraw consent at any time.

6. How We Share Information

We share personal information only as needed and only with:

  • Government and regulatory authorities: Secretaries of State, IRS, Companies House, HMRC, CRA, FTA, FinCEN, FINTRAC and equivalent bodies, to make your filings.
  • Service providers: payment processors, cloud hosting, identity verification, e-signature, email delivery, analytics and customer support tools, under written data-processing agreements.
  • Professional advisers: lawyers, accountants and auditors bound by confidentiality.
  • Successors in interest: in connection with a merger, acquisition or sale of assets, subject to equivalent privacy protections.
  • When legally required: to comply with a subpoena, court order or other lawful request.

We do not sell your personal information.

7. International Data Transfers

We operate globally and may transfer personal information to countries other than the one in which you reside, including the United States. Where we transfer personal information from the EEA, UK or Switzerland, we rely on adequacy decisions or Standard Contractual Clauses (together with the UK International Data Transfer Addendum where relevant) to provide an appropriate level of protection.

8. Data Retention

We retain personal information for as long as your account is active and for as long as needed to provide the Services, meet our legal obligations (typically 7 years for filing and financial records), resolve disputes and enforce our agreements. When no longer required, data is deleted or irreversibly anonymised.

9. Security

We use industry-standard administrative, technical and physical safeguards including TLS 1.2+ in transit, AES-256 at rest, role-based access controls, multi-factor authentication for staff, vendor security reviews and continuous monitoring. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security but we work continuously to protect your information.

10. Your Privacy Rights

Depending on where you live you may have the right to access, correct, delete, restrict or object to the processing of your personal information, to data portability, to withdraw consent and to lodge a complaint with a supervisory authority (such as the ICO in the UK or your local EU data protection authority). To exercise these rights, email privacy@gulliafiling.com. We will respond within the time limits set by applicable law (usually 30 days).

11. Cookies & Tracking

We use strictly necessary cookies to operate the Services and, with your consent, analytics and marketing cookies (such as Google Analytics, Meta Pixel and LinkedIn Insight). You can manage cookie preferences through your browser settings or our cookie banner.

12. Children's Privacy

Our Services are not directed to children under 16 and we do not knowingly collect personal information from them. If you believe a child has provided us with personal information, contact us and we will delete it.

13. California Residents (CCPA / CPRA)

California residents have the right to know what personal information we collect, the right to delete, the right to correct, the right to opt out of "sale" or "sharing" of personal information, the right to limit the use of sensitive personal information, and the right not to be discriminated against for exercising these rights. We do not sell or share personal information as those terms are defined in the CCPA/CPRA.

14. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent revision. If changes are material we will notify you by email or through an in-app notice before they take effect.

15. Contact & Data Protection Officer

Privacy questions and rights requests can be sent to privacy@gulliafiling.com or by post to Gullia Filing LLC, Attn: Data Protection Officer, 1209 Orange Street, Wilmington, Delaware 19801, United States.