1. Introduction
Atallutions ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, process, and protect your personal information when you visit our website or use our services.
This policy complies with the General Data Protection Regulation (GDPR), Portuguese Law No. 58/2019 (data protection), Portuguese Civil Code, and other applicable Portuguese and European data protection laws.
2. Data Controller Information
Atallutions
Email: hello@atallutions.com
For data protection inquiries, please contact our Data Protection Officer at: dpo@atallutions.com
3. What Personal Data We Collect
We may collect and process the following categories of personal data:
3.1 Information You Provide Directly
- Contact Information: Name, email address, phone number, company name, job title
- Communication Data: Messages sent through contact forms, consultation requests, support inquiries
- Business Information: Company size, industry sector, project requirements, budget information
3.2 Information Collected Automatically
- Technical Data: IP address, browser type and version, operating system, device information
- Usage Data: Pages visited, time spent on pages, click-through rates, website navigation patterns
- Cookies and Tracking Data: As detailed in our Cookie Policy
4. Legal Basis for Processing
We process your personal data based on the following legal grounds under GDPR and Portuguese Law No. 58/2019:
- Consent: When you provide explicit consent (e.g., newsletter subscriptions, marketing communications)
- Contract Performance: To provide our IT services and fulfill contractual obligations
- Legitimate Interests: To improve our services, conduct business analysis, and protect our business interests
- Legal Obligation: To comply with applicable laws and regulations
5. How We Use Your Personal Data
We use your personal data for the following purposes:
5.1 Service Delivery
- Responding to your inquiries and consultation requests
- Providing IT services including web development, API integration, and SaaS solutions
- Managing client relationships and project communications
- Processing payments and invoicing
5.2 Business Operations
- Improving our website functionality and user experience
- Analyzing website usage to optimize our services
- Conducting market research and business development
- Maintaining security and preventing fraud
5.3 Marketing Communications (with consent)
In compliance with Portuguese Decree-Law No. 7/2004 (electronic communications privacy):
- Sending newsletters and service updates (with explicit consent)
- Providing information about new services and offerings
- Inviting you to webinars, events, or consultations
- Direct marketing via email or SMS (only with prior consent)
You can withdraw marketing consent at any time using unsubscribe links or contacting us directly.
6. Data Sharing and Disclosure
We may share your personal data in the following circumstances:
6.1 Service Providers
We work with trusted third-party service providers who assist us in:
- Website hosting and maintenance
- Email marketing services
- Payment processing
- Customer relationship management
- Analytics and website optimization
All service providers are contractually bound to protect your data and use it only for specified purposes.
6.2 Legal Requirements
We may disclose your data when required by law, court order, or to protect our legal rights and interests.
6.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new entity.
7. International Data Transfers
If we transfer your personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including:
- Adequacy decisions by the European Commission
- Standard Contractual Clauses (SCCs)
- Binding Corporate Rules
- Certification schemes approved by supervisory authorities
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, in compliance with Portuguese Civil Code and Commercial Code requirements:
- Contact inquiries: 3 years from last contact
- Client data: Duration of contract plus 10 years for Portuguese legal and tax purposes (Portuguese Commercial Code, Article 40)
- Marketing data: Until consent is withdrawn or 3 years of inactivity
- Website analytics: 26 months maximum (as per Portuguese DPA guidelines)
- Accounting records: 10 years as required by Portuguese tax law
- Legal requirements: As required by Portuguese and EU laws
9. Your Rights Under GDPR
You have the following rights regarding your personal data:
9.1 Right of Access
Request a copy of the personal data we hold about you.
9.2 Right to Rectification
Request correction of inaccurate or incomplete personal data.
9.3 Right to Erasure ("Right to be Forgotten")
Request deletion of your personal data under certain circumstances.
9.4 Right to Restrict Processing
Request limitation of how we use your personal data.
9.5 Right to Data Portability
Request transfer of your data to another service provider in a structured format.
9.6 Right to Object
Object to processing based on legitimate interests or for direct marketing purposes.
9.7 Rights Related to Automated Decision-Making
Right not to be subject to decisions based solely on automated processing.
9.8 Right to Withdraw Consent
Withdraw consent at any time where processing is based on consent.
To exercise your rights, contact us at dpo@atallutions.com. We will respond within one month of receiving your request (or two months for complex requests, with notification of the extension).
10. Data Security
We implement appropriate technical and organizational measures to protect your personal data:
- Encryption: Data transmission and storage encryption
- Access Controls: Restricted access to personal data on a need-to-know basis
- Regular Security Assessments: Ongoing evaluation of security measures
- Staff Training: Regular data protection training for all personnel
- Incident Response: Procedures for handling data breaches
11. Contact Information and Complaints
11.1 Contact Us
For questions about this Privacy Policy or our data practices:
Data Protection Officer
Email: dpo@atallutions.com
General Inquiries
Email: hello@atallutions.com
11.2 Supervisory Authority
You have the right to lodge a complaint with your local data protection supervisory authority.
For individuals in Portugal:
Comissão Nacional de Proteção de Dados (CNPD)
Website: https://www.cnpd.pt/
Email: geral@cnpd.pt
Phone: +351 213 928 400
For other EU residents:
You can find your local authority at: https://edpb.europa.eu/about-edpb/board/members_en
12. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will:
- Post the updated policy on our website
- Notify you of significant changes via email or website notice
- Update the "Last Updated" date at the top of this policy
Continued use of our services after policy changes constitutes acceptance of the updated terms.
If you have any questions or concerns about this Privacy Policy, please don't hesitate to contact us using the information provided above.
1. Introduction to Our Cookie Policy
This Cookie Policy explains how Atallutions ("we," "our," or "us") uses cookies and similar tracking technologies on our website. This policy complies with Portuguese Decree-Law No. 7/2004, the EU ePrivacy Directive, and GDPR requirements.
2. What Are Cookies
Cookies are small text files that are placed on your device (computer, smartphone, or tablet) when you visit our website. They help us:
- Remember your preferences and settings
- Understand how you use our website
- Improve your browsing experience
- Provide personalized content and services
3. Types of Cookies We Use
3.1 Strictly Necessary Cookies
These cookies are essential for the website to function properly. They cannot be disabled.
| Cookie Name |
Purpose |
Duration |
| laravel_session |
Maintains user session |
Session |
| XSRF-TOKEN |
Security protection against CSRF attacks |
Session |
| cookie_consent |
Remembers your cookie preferences |
1 year |
3.2 Performance and Analytics Cookies
These cookies help us understand how visitors interact with our website. We only use these with your consent.
| Cookie Name |
Provider |
Purpose |
Duration |
| _ga |
Google Analytics |
Distinguishes unique visitors |
2 years |
| _ga_* |
Google Analytics |
Collects data on website usage |
2 years |
| _gid |
Google Analytics |
Distinguishes unique visitors |
24 hours |
3.3 Functional Cookies
These cookies enable enhanced functionality and personalization. We only use these with your consent.
| Cookie Name |
Purpose |
Duration |
| language_preference |
Remembers your language choice |
1 year |
| theme_preference |
Remembers your theme selection |
1 year |
4. Third-Party Cookies
Some cookies are placed by third-party services that appear on our pages:
4.1 Google Analytics
We use Google Analytics to analyze website usage. Google's privacy policy: https://policies.google.com/privacy
4.2 Google Fonts
We use Google Fonts for typography. This may set cookies for performance optimization.
5. Legal Basis for Cookie Use
Under Portuguese and EU law, we use cookies based on:
- Strictly Necessary: Essential for website operation (no consent required)
- Performance/Analytics: Your explicit consent via our cookie banner
- Functional: Your explicit consent via our cookie banner
- Marketing: Your explicit consent (we currently don't use marketing cookies)
6. Cookie Consent Management
6.1 Giving Consent
When you first visit our website, you'll see a cookie consent banner allowing you to:
- Accept all cookies
- Reject non-essential cookies
- Customize your cookie preferences
6.2 Withdrawing Consent
You can withdraw your consent at any time by:
- Clicking the "Cookie Settings" link in our website footer
- Clearing cookies in your browser settings
- Contacting us at dpo@atallutions.com
6.3 Browser Cookie Settings
You can control cookies through your browser settings. Note that disabling cookies may affect website functionality.
7. Cookie Storage and Security
We implement security measures to protect cookie data:
- Secure Cookies: Transmitted only over HTTPS connections
- HttpOnly Cookies: Protected from client-side scripts
- SameSite Attribute: Protection against CSRF attacks
- Regular Audits: Periodic review of cookie usage and security
8. Data Retention for Cookie Data
Cookie data retention periods:
- Session Cookies: Deleted when you close your browser
- Persistent Cookies: Automatically deleted after specified duration
- Analytics Data: Retained for maximum 26 months (Google Analytics)
- Consent Records: Kept for 3 years for compliance purposes
9. Your Rights Regarding Cookies
Under GDPR and Portuguese law, you have the right to:
- Be informed about cookie usage (this policy)
- Give or withdraw consent for non-essential cookies
- Access data collected through cookies
- Request deletion of cookie data
- Object to cookie-based processing
- Lodge complaints with supervisory authorities
10. International Cookie Data Transfers
Some third-party services may transfer cookie data outside the EU:
- Google Analytics: Data may be processed in the US under adequate safeguards
- Safeguards: Standard Contractual Clauses and adequacy decisions
- Control: You can opt-out of analytics cookies to prevent transfers
11. Contact Information
For questions about our cookie usage:
Data Protection Officer: dpo@atallutions.com
General Inquiries: hello@atallutions.com
Portuguese Data Protection Authority
Comissão Nacional de Proteção de Dados (CNPD)
Website: www.cnpd.pt
Email: geral@cnpd.pt
12. Updates to This Cookie Policy
We may update this Cookie Policy to reflect:
- Changes in our cookie usage
- New legal requirements
- Updates to third-party services
- Improvements to our privacy practices
We will notify you of significant changes through our website or email notifications.