1. Introduction

Welcome to Subedinfo. This Privacy Policy explains how Subedinfo Unip Lda (“we,” “us,” or “our”) collects, uses, protects, and handles your personal data when you visit our website (the “Website”) and use our services. We are committed to protecting your privacy and processing your data in accordance with the EU General Data Protection Regulation (GDPR) and other applicable laws.

Our core mission is to be your end-to-end technology partner for business growth, and that partnership is built on trust and transparency.

2. Data Controller

The data controller responsible for your personal data is:

Company Name: Subedinfo Unip Lda
Company Registration Number: PT515943916
Location: Lisbon, Portugal
Privacy Inquiries: [email protected]

3. Data We Collect

We collect information that you provide to us directly and information that is automatically collected through your use of our Website.

Directly Provided Data: When you use our contact forms (e.g., “Schedule a Free Strategy Call”), request a consultation, or communicate with us, we may collect personal data. While the specific data may vary, this typically includes:

• Full Name
• Email Address
• Phone Number
• Company Name
• Any other information you voluntarily provide in the message fields.

Client Data: To provide our full range of services, from Managed IT & Cybersecurity to Digital Marketing & SEO, we will need to collect further data from our clients, including but not limited to billing information, user account details for helpdesk services, and system access credentials necessary for service delivery. This data is processed through our secure, self-hosted ERPNext system.

Automatically Collected Data: As you navigate our Website, we may use automatic data collection technologies (like cookies and server logs) to collect certain information about your equipment, Browse actions, and patterns. This includes:

• Technical Data: IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
• Usage Data: Information about how you use our website, including pages visited, time spent on pages, and referral sources.

4. How We Use Your Data

We use your personal data for the following purposes, based on a lawful foundation:

• To Provide Services: To respond to your inquiries and fulfill our contractual obligations to you as a client, delivering our integrated IT and digital growth solutions.
• To Communicate: To send you information about your requests, our services, and important administrative updates.
• To Improve Our Website: To understand how our visitors use the Website, allowing us to improve its functionality, performance, and user experience.
• For Security: To monitor for and prevent fraudulent or malicious activity and to ensure the security of our IT systems, a core part of our service offering.
• To Comply with Legal Obligations: To meet our legal, regulatory, and accounting requirements.

5. Legal Basis for Processing

We process your data under the following GDPR lawful bases:

• Consent: Where you have given us clear consent to process your personal data for a specific purpose (e.g., submitting an inquiry form).
• Contract: Where processing is necessary for the performance of a contract to which you are a party (e.g., providing managed IT services).
• Legitimate Interest: Where processing is necessary for our legitimate interests (e.g., for business administration, website security, and service improvement), provided your interests and fundamental rights do not override those interests.

6. Data Retention

We will retain your personal data only for as long as is reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

• For prospective clients, we retain data for a reasonable period to follow up on inquiries.
• For clients, we retain data for the duration of our business relationship and for a period thereafter as required by Portuguese and EU law.
• You may request the deletion of your data at any time, subject to our legal obligations.

7. Data Security

We have implemented a range of robust technical and organizational security measures to protect your personal data from accidental loss, unauthorized access, alteration, or disclosure. These measures include encryption, firewalls, secure server environments, access controls, and regular security audits. Our services, servers, and data processing are contained within the European Union.

8. Your GDPR Rights

Under the GDPR, you have the following rights regarding your personal data:

• Right to Access: You can request a copy of the personal data we hold about you.
• Right to Rectification: You can request that we correct any inaccurate or incomplete data.
• Right to Erasure (“Right to be Forgotten”): You can request that we delete your personal data, subject to legal and contractual restrictions.
• Right to Restrict Processing: You can request that we limit the way we use your personal data.
• Right to Data Portability: You can request a copy of your data in a machine-readable format to transfer to another service provider.
• Right to Object: You can object to our processing of your data where we are relying on a legitimate interest.

To exercise any of these rights, please contact us at [email protected].

9. Third-Party Services & Data Transfers

We utilize trusted third-party services to operate our website. These include:

• Google Site Kit: For website analytics to understand user behavior. This may process your IP address and usage data.
• Cloudflare: For performance and security, which may process traffic data.

While our primary servers and systems are hosted in the EU, the use of such third-party services may involve the transfer of data to servers outside the European Economic Area (EEA). We ensure such transfers are protected by appropriate safeguards, such as Standard Contractual Clauses.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be posted on this page with the effective date.

Effective Date: August 1, 2025