Privacy Policy

This Privacy Policy describes how dataluxis S.A. collects, uses, and protects your personal information when you visit our website or use our services. We are committed to protecting your privacy and ensuring transparency about our data practices.

Last updated: 15 January 2026

Data Controller

dataluxis S.A. is the data controller responsible for your personal data. Our registered office is located at Rua Augusta 79, 1064-226 Lisbon, Portugal. Registration Number: 526341798, VAT Number: PT527496385.

Data Collection

We collect personal data that you voluntarily provide to us when you visit our website, contact us, or use our services. The data we collect includes:

• Contact information such as name, email address, phone number, and company details
• Communication data including messages sent through our contact forms
• Technical data such as IP address, browser type, device information, and website usage patterns
• Cookie data and tracking information as detailed in our cookie policy
• Service usage data when you use our restaurant menu personalisation platform

How We Use Your Information

We use the personal data we collect for the following purposes:

• To provide and maintain our services and respond to your enquiries
• To communicate with you about our services, updates, and promotional offers
• To improve our website functionality and user experience
• To analyse website traffic and usage patterns for business insights
• To comply with legal obligations and protect our legitimate business interests
• To personalise your experience and deliver relevant content

Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

• Consent: When you provide explicit consent for specific processing activities
• Contract: When processing is necessary for the performance of a contract with you
• Legitimate interests: For our legitimate business interests, such as improving our services
• Legal obligation: When we are required to process data to comply with legal requirements

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please refer to our Cookie Policy.

Data Sharing and Disclosure

We do not sell your personal data to third parties. We may share your information in the following circumstances:

• With service providers who assist us in operating our website and providing services
• With analytics and advertising partners, subject to your consent preferences
• When required by law or to protect our legal rights
• In connection with a business transaction such as a merger or acquisition

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected or as required by law. Contact form submissions are typically retained for 3 years, while website analytics data may be retained for up to 26 months. Service-related data is retained for the duration of our business relationship and up to 7 years thereafter for legal compliance purposes.

Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Right of access: Request copies of your personal data
• Right to rectification: Request correction of inaccurate or incomplete data
• Right to erasure: Request deletion of your personal data
• Right to restrict processing: Request limitation of data processing
• Right to data portability: Request transfer of your data to another organisation
• Right to object: Object to processing based on legitimate interests
• Right to withdraw consent: Withdraw consent for specific processing activities

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and staff training on data protection principles.

International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When such transfers occur, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions by the European Commission.

Contact Information

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us using the following information:

• Email: privacy@dataluxis.pro
• Phone: +351 213 221 717
• Address: dataluxis S.A., Rua Augusta 79, 1064-226 Lisbon, Portugal

Supervisory Authority

You have the right to lodge a complaint with the Portuguese Data Protection Authority (Comissão Nacional de Proteção de Dados) if you believe our processing of your personal data violates applicable data protection laws.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date.