Last updated: 17th of October 2025
Portopolitan, LDA is committed to protecting the privacy and security of your personal data. This Privacy Policy describes how we collect, use, disclose, retain, and safeguard your personal information when you engage with us (e.g. via our website, contact, or consultation) and your rights in relation to that data.
By interacting with us, submitting inquiries, or using our services, you consent to the practices set out in this policy (or as otherwise agreed).
This policy is governed by applicable Portuguese and EU law, including the General Data Protection Regulation (GDPR) and the Portuguese Data Protection Law (Lei n.º 58/2019).
We collect information in several ways, including:
• Contact information: name, email address, telephone number, postal address
• Transaction / service-related data: details of real-estate interests, preferences,
property requirements
• Communications: messages, feedback, requests, customer support inquiries
• Identity / verification data: where needed under legal or regulatory obligations (e.g.
IDs, tax numbers)
• Technical / device data: IP address, browser type, operating system, device identifiers
• Usage data: pages visited, time spent, click-throughs, referral URLs
• Cookies & tracking technologies: cookies, web beacons, pixel tags, local storage
• Public or commercial registries, corporate databases, real estate data providers
• Analytics / marketing platforms
• Third‑party data augmentation (where permitted)
We process personal data for the following purposes:
| Purpose | Legal Basis | Data Collected |
|---|---|---|
| To respond to your inquiries and deliver real estate advisory services | Performance of contract / Legitimate interest | Name, email address, phone number, company name, job title, area of interest, inquiry content |
| To send insights, research, or marketing communications (e.g. newsletters, updates, event invitations) | Consent / Legitimate interest | Name, email address |
| To communicate with you regarding your inquiry, engagement, or relevant opportunities | Legitimate interest / Consent | Name, email, phone, communication history, engagement details |
| To detect and prevent fraud, misuse, or cybersecurity threats | Legitimate interest | IP address, device ID, browser type, usage patterns |
| To improve our website, content, and services through analytics | Legitimate interest | IP address, device info, browser type, cookies, page visits, clickstream data |
We and our service providers use cookies, web beacons, pixel tags, local storage, and similar technologies to collect technical and usage data.
• Essential / strictly necessary cookies: required for the basic operation of our website
• Performance / analytics cookies: to gauge usage, trends, and improve the site
• Functional / preference cookies: to remember your settings or preferences
• Marketing / advertising cookies: to display relevant content or promotions
We endeavor to anonymize IP addresses or otherwise minimize identifiability (for example, via partial masking).
You may manage or disable cookies via your browser settings or via our cookie consent banner. Note: disabling certain cookies may affect some features or your user experience.
We retain personal data only as long as necessary for the purposes set out above, unless a longer retention period is required or permitted by law.
• Typically, we retain inquiry / client data for up to 5 years after the end of our
engagement (or as legally required), unless there is a legitimate reason to retain it longer
• Data used solely for marketing (e.g. newsletter recipients who did not become clients)
may be retained until consent is withdrawn or for a period (e.g. 2–3 years)
• After the retention period, we securely delete, anonymize, or archive data in a way that it
cannot be re‑identified
We may share your personal data in the following circumstances:
• Service providers / processors: e.g. hosting providers, email platforms, analytics
providers, CRM systems, always under confidentiality obligations.
• Professional partners: where relevant to provide advisory services (e.g. legal,
accounting, financial partners)
• Regulators / authorities / legal demands: when required by law, court order, or
governmental request
• Corporate transactions: in case of merger, reorganization, or sale; with assurances
that the acquirer will maintain data protection
• Affiliates / group entities: within the Portopolitan group or successor entities
When data is transferred outside Portugal / EU, we ensure adequate safeguards (e.g. Standard Contractual Clauses, adequacy decisions) as required by applicable data protection law.
We do not sell your personal information to third parties for marketing purposes without your explicit consent.
Under applicable data protection laws (e.g., GDPR), you have the following rights, subject to conditions:
• Right of access: obtain a copy of the data we hold about you
• Right to rectification: correct inaccurate or incomplete data
• Right to erasure (“right to be forgotten”): request deletion under certain conditions
• Right to restrict processing: request a limitation on certain uses of your data
• Right to object: notably to processing based on legitimate interest or direct marketing
• Right to data portability: receive your data in a structured, machine‑readable format
(where applicable)
• Right to withdraw consent: for processing based on consent
• Right to lodge a complaint: with your local supervisory authority (e.g. CNPD in
Portugal)
To exercise any of these rights, contact us using the details below. We will respond without undue delay and within statutory timelines (e.g. one month, extendable where justified)
We employ technical and organizational measures to protect your personal data against unauthorized access, alteration, loss, or destruction. These measures include:
• Encryption (in transit / when stored)
• Access control and authentication
• Regular security audits, penetration tests
• Staff training and confidentiality obligations
• Secure backup, disaster recovery, and monitoring
However, no internet transmission or electronic storage is completely secure. We cannot guarantee absolute security, and you should guard against unauthorized access to your devices and credentials.
Our services are directed to adults (18 years and over). We do not knowingly collect personal data from minors without parental consent. If you believe we have collected data from a minor, contact us and we will delete it.
Our site may contain links to third‑party websites, plug‑ins, or services. This Privacy Policy does not apply to those external sites. We are not responsible for their privacy practices. We encourage you to review their policies before submitting personal data.
We may update this Privacy Policy from time to time to reflect changes in our practices, services or legal requirements. We will post a revised version with the “Last updated” date. Where required by law or material change, we may notify you directly (e.g. email).
If you have questions or wish to exercise your rights, contact:
Portopolitan
Email: legal@portopolitan.com
Address: Rua de Júlio Dinis 728, 8th Floor, Room 813, 4050-012 Porto
You may also lodge a complaint with the Portuguese Data Protection Authority (Comissão Nacional de Proteção de Dados, CNPD) or other applicable supervisory authority.