Privacy Policy – iPrivacy.eu

Last updated: 22 April 2026

1. Introduction

This Privacy Policy describes how iPrivacy Europe, a registered trademark and business unit managed by Contemporary Constellation Lda, responsible for the website iPrivacy.eu, collects, uses, shares, stores and protects personal data in connection with the use of this website, commercial and institutional contacts, information requests, meetings, proposals, demonstrations and the potential provision of services.

iPrivacy.eu is committed to protecting privacy and personal data, adopting appropriate measures to ensure that processing is carried out lawfully, fairly, transparently and only to the extent necessary for clearly defined purposes.

2. Data Controller

The controller responsible for the processing of personal data is:

Contemporary Constellation Lda
Rua Mouzinho da Silveira, 32
1250-167 Lisboa
Portugal

Email: [email protected]
Telephone: +351 210 210 036

For any question relating to privacy and data protection, data subjects may contact us using the details above.

3. Scope of Application

This Privacy Policy applies to the processing of personal data in the context of:

  • browsing the website iPrivacy.eu;
  • completing forms;
  • submitting contact requests;
  • scheduling meetings, diagnostics, demonstrations or consultations;
  • requesting commercial proposals;
  • exchanging communications by email, telephone or other professional channels;
  • the provision of services;
  • compliance with legal, regulatory and contractual obligations.

This Policy does not govern the processing of personal data carried out by third-party websites or services that may be accessed through links available on our website.

4. Categories of Personal Data Processed

Depending on the applicable purpose, we may collect and process the following categories of personal data:

4.1. Identification and contact data

  • name;
  • email address;
  • telephone number;
  • company;
  • job title or role.

4.2. Professional and commercial data

  • information related to the data subject’s organisation;
  • professional role or context;
  • content of commercial, technical or institutional requests;
  • information necessary to assess needs and prepare proposals.

4.3. Communication data

  • content of messages sent through forms, email or other contact channels;
  • history of interactions;
  • records associated with request handling, support or commercial follow-up.

4.4. Technical and browsing data

  • IP address;
  • technical identifiers;
  • date and time of access;
  • pages visited;
  • source of access;
  • device type;
  • operating system;
  • browser;
  • language;
  • data relating to cookie preferences and consent;
  • interactions with embedded website functionalities.

4.5. Administrative, contractual and billing data

Where applicable, we may process data necessary for the conclusion, performance and management of contracts, invoicing, accounting, support and compliance with legal obligations.

5. How Data Is Collected

Personal data may be collected:

  • directly from the data subject;
  • through forms available on the website;
  • through email, telephone or other professional communications;
  • automatically, through website browsing, cookies, technical logs and similar technologies;
  • in the context of preparing, entering into or performing contractual or pre-contractual relationships.

6. Purposes of Processing and Legal Basis

We process personal data only where there is a legitimate purpose and an appropriate legal basis.

6.1. Contact management, information requests and clarifications

We process data to respond to requests submitted by the data subject, provide clarifications, assess needs and follow up on enquiries.

Legal basis: pre-contractual steps, performance of measures requested by the data subject and, where applicable, legitimate interest in managing institutional and commercial contacts.

6.2. Scheduling meetings, diagnostics, demonstrations and commercial interactions

We process data to organise meetings, diagnostics, demonstrations, presentations and interactions related to our services.

Legal basis: pre-contractual steps and legitimate interest.

6.3. Preparing proposals and managing the pre-contractual relationship

We process data to prepare proposals, assess requests and manage commercial interactions prior to contracting.

Legal basis: pre-contractual steps and legitimate interest.

6.4. Service provision and contract management

We process data to enter into, perform, monitor and manage the contractual relationship with clients and partners.

Legal basis: performance of a contract.

6.5. Compliance with legal, tax, accounting, regulatory and administrative obligations

We process data where necessary to comply with applicable legal or regulatory obligations.

Legal basis: compliance with a legal obligation.

6.6. Administrative management, support, internal organisation and defence of rights

We process data for operational management, support, internal control, audit, risk prevention and the exercise or defence of rights in judicial, extrajudicial or administrative proceedings.

Legal basis: legitimate interest and, where applicable, compliance with a legal obligation.

6.7. Website security, integrity and operation

We process technical data to ensure website security, prevent unauthorised access, detect incidents, maintain platform availability and ensure proper system operation.

Legal basis: legitimate interest.

6.8. Statistical analysis, website improvement and browsing experience

We process browsing-related data to understand how the website is used and to improve content, performance, usability and user experience.

Legal basis: legitimate interest for strictly necessary metrics and, where legally required, user consent through cookie management.

6.9. Informational communications, content and direct marketing

Where applicable, we may process data to send informational content, newsletters, invitations, institutional or commercial communications.

Legal basis: consent where required, or legitimate interest where there is a prior relationship compatible with applicable law and the right to object is always guaranteed.

7. Mandatory or Optional Nature of Data

The provision of certain personal data may be necessary in order to:

  • respond to requests;
  • assess enquiries;
  • schedule meetings;
  • prepare proposals;
  • enter into and perform contracts;
  • comply with legal obligations.

If data marked as necessary is not provided, we may be unable to respond to the request, provide the intended service or continue the relevant commercial, contractual or pre-contractual relationship.

8. Recipients and Data Sharing

Personal data may be disclosed, to the extent strictly necessary, to the following categories of recipients:

  • hosting, infrastructure and technical support providers;
  • providers of website security, monitoring and protection tools;
  • providers of forms, communication and contact management tools;
  • providers of consent management, analytics and technical optimisation tools;
  • web development, maintenance, content and translation service providers;
  • consultants, lawyers, accountants, auditors, insurers and financial entities where necessary;
  • public authorities, regulators, courts, criminal investigation bodies or other legally competent entities where there is a legal obligation or lawful request.

Where we rely on processors, we ensure the adoption of appropriate contractual, technical and organisational measures to guarantee confidentiality, security and compliance.

9. International Data Transfers

As a rule, we seek to process personal data within the European Economic Area. However, certain services, platforms, embedded content, technical tools or technology providers used on the website may involve processing or access to data from third countries.

Where this occurs, we will ensure that such international transfers take place only on the basis of legally valid mechanisms, namely:

  • adequacy decisions of the European Commission;
  • Standard Contractual Clauses approved by the European Commission;
  • or any other legally admissible mechanism under the General Data Protection Regulation.

Where applicable, additional measures appropriate to the nature of the processing and the associated risk may also be adopted.

10. Data Retention

Personal data is retained only for as long as necessary for the purposes for which it was collected, without prejudice to applicable legal retention periods or the need to retain data for the exercise or defence of rights.

As a general rule, we apply the following criteria:

10.1. Contact requests, information requests and interactions without contracting

Up to 12 months after the last relevant interaction, unless there is a legal basis or legitimate need to retain the data for a longer period.

10.2. Commercial requests, proposals and pre-contractual steps

Up to 24 months after the last relevant interaction, unless the relationship develops into a contractual one or there is a legitimate basis for a different retention period.

10.3. Contractual and service provision data

During the term of the contractual relationship and afterwards for the period necessary to comply with legal, regulatory, accounting, tax obligations or for the exercise and defence of rights.

10.4. Billing, accounting and legal compliance data

For the legally required retention periods.

10.5. Data for informational communications and marketing

Until consent is withdrawn, the data subject objects or, in the absence of prolonged interaction, for a maximum period of 24 months from the last relevant interaction, without prejudice to the minimum retention of data strictly necessary to ensure that communications are no longer sent.

10.6. Technical logs, security and monitoring

Up to 12 months, unless a longer retention period is necessary for incident investigation, fraud prevention, information security or defence of rights.

10.7. Consent records

For the period necessary to demonstrate the collection, management and updating of consent, in accordance with applicable requirements.

At the end of the applicable retention period, data will be deleted, anonymised or retained in a blocked form, where legally admissible.

11. Cookies and Similar Technologies

The website uses cookies and similar technologies to ensure essential functionalities, store preferences, strengthen security, manage consent, analyse website usage and support certain embedded functionalities and content.

Some cookies are strictly necessary for the platform to function. Others are activated only after user consent where legally required.

For more detailed information about cookie categories, purposes, technologies used and how preferences can be managed, please consult the website’s Cookie Policy.

12. Data Security

We adopt appropriate technical and organisational measures to protect personal data against destruction, loss, alteration, disclosure, unauthorised access or any other unlawful or improper form of processing.

These measures may include, depending on the nature of the processing and the associated risk:

  • access controls;
  • segregation of profiles and permissions;
  • authentication and logical protection measures;
  • technical and security monitoring;
  • regular backups;
  • system updates and maintenance;
  • internal confidentiality and organisational measures.

Despite the adoption of appropriate measures, no electronic transmission or storage system can be guaranteed to be completely invulnerable. Users should therefore also adopt appropriate security practices when using their devices and communication channels.

13. Data Subject Rights

Under applicable law, data subjects may exercise, where applicable, the following rights:

  • right of access;
  • right to rectification;
  • right to erasure;
  • right to restriction of processing;
  • right to object;
  • right to data portability;
  • right to withdraw consent where processing is based on consent;
  • right not to be subject to solely automated decisions where applicable.

The withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent before its withdrawal.

14. Exercising Your Rights

Data protection rights may be exercised through the following contact:

Email: [email protected]

The request should identify as clearly as possible the right the data subject wishes to exercise and the relevant situation.

Where necessary, we may request additional reasonable information to confirm the identity of the requester, in order to protect personal data against unauthorised access.

Requests will be handled without undue delay and, as a rule, within the legally applicable period.

15. Complaints

Without prejudice to any other administrative or judicial remedy, data subjects have the right to lodge a complaint with the competent supervisory authority, in Portugal the Portuguese Data Protection Authority (CNPD), if they believe that the processing of their personal data infringes applicable law.

16. Automated Decision-Making and Profiling

As a rule, we do not adopt solely automated decision-making, including profiling, that produces legal effects concerning data subjects or similarly significantly affects them.

If this were to occur in any specific processing activity, additional information would be provided to the data subject in accordance with the law.

17. Children’s Data

The website and services of iPrivacy.eu are not specifically directed at children. We do not knowingly collect personal data relating to children without an appropriate lawful basis.

If you become aware that a child’s data has been transmitted improperly, please contact us so that we can assess the situation and, where applicable, adopt appropriate measures.

18. Links to Third-Party Websites

The website may contain links to third-party websites, platforms or services. This Privacy Policy does not apply to those external websites or services.

We recommend reading their privacy policies before providing any personal data to third parties.

19. Changes to This Privacy Policy

We reserve the right to update or amend this Privacy Policy at any time, in particular to reflect legal, regulatory, technical, operational or functional changes.

Any relevant changes will be published on this page, together with the date of the latest update.

20. Contact

For any question about this Privacy Policy or the processing of your personal data, you may contact:

Contemporary Constellation Lda
Rua Mouzinho da Silveira, 32
1250-167 Lisboa
Portugal

Email: [email protected]
Telephone: +351 210 210 036