Privacy Policy

Effective Date: March 14, 2025

We adhere to the principles outlined below to manage our websites. Our commitment is to comply with all relevant data protection laws—particularly the EU General Data Protection Regulation (GDPR)— and to take into account the concepts of data minimization and data avoidance wherever feasible.

1. Name and Address of the Controller and the Data Protection Officer

a) Controller
Under the GDPR, as well as other Member State data protection laws and regulations, the “controller” is:

APPNUMA UNIPESSOAL, LDA
Rua Principal n38
2350-479 Torres Novas
Email: support@youragent24.com
Website: youragent24.com

b) Data Protection Officer
If you have questions regarding this Privacy Policy, wish to learn more about how we handle your personal information, or want to exercise any data protection rights under the GDPR, please contact our Data Protection Officer (DPO):

Filipe Vieira
Rua Principal n38
2350-479 Torres Novas
Email: support@youragent24.com

2. Definitions of Terms

We strive to make our privacy policy transparent and easy to understand. However, if any terminology (such as “personal data,” “processing,” “controller,” “processor,” etc.) is unclear, please refer to the definitions in Article 4 of the GDPR.

3. Legal Basis for Data Processing

We process your personal data (e.g., name, email address, IP address, etc.) only when there is a lawful basis under the GDPR. The main legal grounds we may rely on are as follows:

Art. 6(1)(a) GDPR: You have consented to the processing of your personal data for one or more specified purposes.
Art. 6(1)(b) GDPR: Processing is necessary for a contract to which you are party, or to take steps at your request before entering into a contract.
Art. 6(1)(c) GDPR: Processing is required to fulfill a legal obligation imposed on us.
Art. 6(1)(d) GDPR: Processing is necessary to protect your vital interests or those of another individual.
Art. 6(1)(e) GDPR: Processing is required to perform a task in the public interest or in exercising an official authority vested in the controller.
Art. 6(1)(f) GDPR: Processing is necessary to pursue our legitimate interests or those of a third party, except where such interests are overridden by your fundamental rights and freedoms.

When we rely on a specific legal basis, we will make that clear at the relevant point in this Privacy Policy.

Consent for Minors Under 16 (Art. 8(1) GDPR): If a minor under 16 years of age is providing personal data based on consent, a parent or guardian must give or confirm this consent. You may withdraw consent at any time by sending a written notice (e.g., email) to the contact details of the controller. Processing carried out prior to revocation remains lawful.

4. Types of Data We Collect

We may gather and handle the following categories of personal data:

Contact Information: Such as your email address, name, or any other relevant details you provide.
Usage Data: Details on how you navigate our website or interact with any chatbot features, including which pages you visit, the amount of time spent, and your interactions.
Device Information: Your IP address, browser type, operating system, and device identifiers.
Uploaded Files: Any documents, images, or other files you send via our contact form or other website features.

Certain data may be collected automatically (e.g., your IP address and log files) when you visit our website. This information helps us ensure the security and functionality of our platform and is typically stored only for a short duration to enable system and error analysis.

5. How We Use Your Data

Based on the legal grounds mentioned in Section 3, we process your personal information for the following purposes:

Service Provision (Art. 6(1)(b) GDPR): We operate and maintain our website, including generating chatbot responses (potentially via third-party tools such as OpenAI). We also use your information to respond to your inquiries or requests.
Communication (Art. 6(1)(a) or (b) GDPR): To address your questions, provide assistance, and send updates or promotional content—either based on your consent or to fulfill contractual or pre-contractual steps.
Service Enhancement (Art. 6(1)(f) GDPR): We analyze usage patterns to improve our website’s functionality and user experience. Our legitimate interest lies in maintaining a high-quality, user-friendly platform.
Compliance (Art. 6(1)(c) GDPR): We may process data to meet legal obligations, enforce our policies, or protect our rights.

6. Data Storage and Transfers

Your personal information is kept in secure data centers located within the European Union (EU). We make sure that all storage providers comply with the data protection standards of the GDPR.

If we use external providers—such as OpenAI in the United States—to produce chatbot responses, certain information might be transferred to their servers. We rely on appropriate safeguards (like Standard Contractual Clauses) to ensure your data remains protected during these transfers.

By using our services, you acknowledge that some data may be transferred outside the European Economic Area (EEA) if this is necessary to provide the service. We only carry out such transfers if the conditions in Articles 44 et seq. GDPR are fulfilled.

7. Data Security Measures

We have put in place various safeguards to protect your personal data, including:

Encrypting sensitive data (using SSL/TLS technology).
Regular security updates and checks on our systems.
Restricting access to data to authorized personnel only.
Enforcing internal policies and offering training on data protection to relevant staff.

If we engage processors under Article 28 GDPR, we ensure they also meet stringent data protection requirements.

8. Cookies and Other Tracking Tools

We utilize cookies and similar technologies to boost your browsing experience, study usage patterns, and refine our services. Some cookies are essential for the site’s functionality (relying on Art. 6(1)(f) GDPR, representing our legitimate interest), while others require explicit consent (Art. 6(1)(a) GDPR).

You can manage your cookie preferences through our cookie banner or your browser’s settings. Bear in mind that disabling certain cookies may affect how parts of our site perform.

9. Sharing Personal Data with Third Parties

We only share personal information with third parties when there is a valid legal basis under the GDPR (see Section 3). This may involve:

Processors (Art. 28 GDPR): Trusted service providers who act on our behalf (e.g., hosting, analytics). We have strict contractual arrangements ensuring they handle data securely and legally.
Legal Requirements (Art. 6(1)(c) GDPR): Disclosing data to authorities or other entities when mandated by law.
Legitimate Interests (Art. 6(1)(f) GDPR): Where data sharing is essential to claim, uphold, or defend our legal rights.

10. Retention and Erasure

We hold onto your personal data only for as long as necessary to fulfill the original purpose(s) of collection, unless legal obligations (e.g., tax or commercial rules) compel us to store it longer. If that is the case, we limit processing until the retention timeframe expires.

11. GDPR Data Subject Rights

Under the GDPR, you are entitled to the following rights:

Access (Art. 15 GDPR): Request details about the personal data we hold about you.
Rectification (Art. 16 GDPR): Request corrections to incorrect or incomplete personal data.
Erasure (Art. 17 GDPR): Ask for your data to be deleted under certain circumstances (e.g., no longer needed, unlawful processing, revoked consent).
Restriction (Art. 18 GDPR): Seek to limit the processing of your data in certain cases.
Data Portability (Art. 20 GDPR): Obtain a structured, commonly used format of your data for yourself or another controller.
Objection (Art. 21 GDPR): Challenge data processing based on legitimate interests, including processing for direct marketing.
Withdraw Consent (Art. 7(3) GDPR): If processing relies on consent, you may revoke it at any time without affecting previous lawful processing.

Please contact us or our Data Protection Officer (see Section 1) if you wish to exercise any of these rights.

In addition, you may lodge a complaint with the relevant supervisory authority (Art. 77 GDPR) if you believe our data practices violate the law.

12. Third-Party Services

We may engage third-party providers for various tasks (e.g., website hosting, analytics, or chatbot services). These providers process personal data strictly on our instructions and solely for the purposes we specify. They must not disclose or use the data for any other purpose, and they are legally bound to keep it confidential.

13. Policy Updates

We reserve the right to modify this Privacy Policy periodically to reflect changes in our operations or comply with legal obligations. Any revisions will appear on this page with an updated effective date. We recommend reviewing this Policy regularly to stay aware of how we safeguard your data.

14. Contact Information

For questions regarding this Privacy Policy or your data protection rights, please reach out:

Email: support@youragent24.com
Address: Rua Principal n38, 2350-479, Torres Novas, Portugal

Last updated: March 14, 2025