Privacy Policy

Carp-Bezverhnii, Unipessoal Lda.

Effective Date: 9 February 2026

Last Updated: 9 February 2026

1. Who we are – Data Controller

Carp-Bezverhnii, Unipessoal Lda.
NIF: 518832511
Registered office: Rua dos Argonautas 5
Email: contact@data4rocket.com
Website: https://data4rocket.com

We are the data controller responsible for the processing of your personal data when you visit and use our website https://data4rocket.com (the "Website").

1.1 Our Role and Client Responsibility

We provide technical consultation, code examples, automation scripts, tools and related assistance to help clients work with publicly available online information in a manner consistent with applicable laws and good practices.

We act solely as a provider of technical means, advisory support and code-level assistance.

We do not:

  • determine the purposes for which any data is collected or used;
  • determine how any data is processed, stored, combined, enriched, shared, published or otherwise handled after our involvement ends;
  • act as a data controller or data processor with respect to any personal data that may be handled by or on behalf of our clients (unless explicitly agreed otherwise in a separate written agreement).

The client remains fully, exclusively and solely responsible for:

  • deciding all purposes and means of any processing of personal data;
  • identifying and establishing a valid legal basis for such processing under applicable data protection law (including the GDPR);
  • complying with the GDPR, national data protection legislation (including Portuguese Law no. 58/2019), terms of service of third-party websites, intellectual property rules and any other relevant legal requirements;
  • respecting the rights and legitimate expectations of data subjects and third parties;
  • any collection, use, storage, analysis, sharing, publication, commercialisation or other handling of data obtained or processed with the assistance of our services, code or advice.

We accept no responsibility or liability for the manner in which clients collect, process or use any data with the help of our technical assistance, code or tools.

We strongly recommend that every client obtains independent legal advice to evaluate the lawfulness of their specific data activities before proceeding.

2. What personal data do we collect?

We collect the following categories of personal data:

A. Data you actively provide to us

  • Name
  • Email address
  • Phone number
  • Company name / position
  • Any other information you voluntarily send us through the contact form, email or any other communication channel

B. Data we collect automatically

  • IP address
  • Date and time of visit
  • Browser type and version
  • Operating system
  • Device type
  • Approximate geographic location (derived from IP address)
  • Pages viewed, time spent on pages, referral source
  • Cookies and similar tracking technologies (see section 7. Cookies and other tracking technologies)

3. Legal basis for processing

We process your personal data on the following legal bases:

  • Answering your contact / consultation request → Contract / pre-contractual steps (Art. 6(1)(b) GDPR – necessary to respond to your inquiry)
  • Providing our services / executing a contract → Contract (Art. 6(1)(b) GDPR)
  • Sending commercial communications / newsletter → Consent (Art. 6(1)(a) GDPR – you can withdraw consent at any time)
  • Analysing website usage (Google Analytics etc.) → Legitimate interests (Art. 6(1)(f) GDPR – improve our website / services)
  • Ensuring website security & fraud prevention → Legitimate interests (Art. 6(1)(f) GDPR – protect our systems and users)
  • Complying with legal obligations → Legal obligation (Art. 6(1)(c) GDPR, e.g. tax, accounting, answering authority requests)

4. How long do we keep your personal data?

We keep personal data only for as long as necessary for the purpose for which it was collected:

  • Contact form / inquiries → until the matter is closed + 12 months (for defence in case of dispute)
  • Newsletter subscribers → until you unsubscribe / withdraw consent
  • Analytics data (anonymised / aggregated) → up to 26 months (Google Analytics default)
  • Server logs / security data → maximum 6–12 months
  • Contract / invoice data → 10 years (legal accounting & tax obligation in Portugal)

After these periods we either delete or anonymise the data.

5. Who do we share your data with? (Recipients)

Categories of recipients

  • IT & hosting providers (EU and/or EEA)
  • Google Ireland Limited – Google Analytics (EU-US Data Privacy Framework + Standard Contractual Clauses)
  • Email marketing / automation platform (normally EU based)
  • Content Delivery Network (CDN) providers
  • Our external accountant / tax consultant (Portugal)
  • Public authorities when we have a legal obligation

We do not sell your personal data to anyone.

6. International data transfers (outside EEA)

Some of our processors (mainly Google) are located outside the European Economic Area.

Whenever we transfer personal data outside the EEA, we ensure an adequate level of protection by using at least one of the following safeguards:

  • Adequacy decision of the European Commission
  • EU Standard Contractual Clauses (SCCs) + supplementary measures when necessary
  • EU-U.S. Data Privacy Framework (for US companies certified under DPF)

You can ask us for more information about the safeguards we use.

7. Cookies and other tracking technologies

We use cookies and similar technologies.

You can manage your preferences through our cookie banner that appears when you first visit the website.

You can also manage cookies through your browser settings at any time.

For more detailed information → please read our Cookie Policy (separate document or section – highly recommended).

8. Your rights under GDPR

As a data subject you have the following rights:

  • Right to access your personal data
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent at any time (when processing is based on consent)
  • Right not to be subject to automated decision making (if applicable)

How to exercise your rights

Send your request to: contact@data4rocket.com

We will normally answer within one month.

9. Right to lodge a complaint

If you believe we are not processing your data in accordance with the law, you have the right to lodge a complaint with the supervisory authority:

Comissão Nacional de Proteção de Dados – CNPD
Website: https://www.cnpd.pt
Email: geral@cnpd.pt

10. Data Security

We implement appropriate technical and organisational measures to protect your data.

However, please be aware that no method of transmission over the internet or electronic storage is 100% secure.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time.

The new version will be published on this page with an updated Last Updated date.

We recommend that you review this page periodically.

12. Contact us

Email (preferred): contact@data4rocket.com
Website: https://data4rocket.com