Privacy and Data Protection Policy

Last updated: January 9, 2026

 

PRIMARIU (registered trademark of the commercial entity identified below) values the privacy of its clients, partners, and users. This Privacy Policy clearly and transparently describes how personal data is collected, used, stored, and protected within the scope of our consulting and technology activities, in strict compliance with Regulation (EU) 2016/679 – General Data Protection Regulation (GDPR) and Law no. 58/2019, of August 8.

By using our website, submitting forms, or subscribing to communications, you declare that you have read and understood this Privacy Policy.

1. Data Controller

The entity responsible for the processing of personal data is:

  • Commercial Entity: BRATIONAL – Sistemas de Informação, Lda.
  • Trademark: PRIMARIU
  • Tax ID (NIF): PT509444261
  • Headquarters: Rua de S. Mamede, 127, 4800-015 Guimarães, Portugal
  • Contact for privacy matters: [email protected]

2. Collected Data and Purposes of Processing

PRIMARIU collects and processes personal data exclusively for professional, commercial, and legal purposes. We inform you that we do not carry out exclusively automated decision-making, including profiling, that produces legal effects concerning the data subject.

Data is processed for the following purposes:

2.1. Request Management, Diagnostics, and Consulting 

To respond to contact requests, diagnostics, or information submitted via the website, we collect identification and contact data (name, email, phone) and professional data (company, position, website, business information).

Legal basis: Pre-contractual diligence and performance of a contract.

2.2. Marketing Communications and Newsletters 

The sending of commercial communications, informative content, case studies, or newsletters occurs only when the user provides explicit consent through the appropriate forms. Consent can be withdrawn at any time (opt-out).

Legal basis: Consent of the data subject.

2.3. Analysis, Statistics, and Website 

Optimization We use measurement mechanisms to collect statistical data (such as pages visited, traffic source, or technical performance) aimed at improving the user experience and PRIMARIU's digital performance.

Legal basis: Legitimate interest of PRIMARIU in improving its digital services, ensuring that this processing does not override the fundamental rights and freedoms of users.

3. Sharing of Personal Data

PRIMARIU does not sell, rent, or lease personal data to third parties for commercial purposes. Personal data may be shared only in the following strict situations:

  • Service Providers (Processors): Providers of technological infrastructure, web hosting, email servers, and accounting services, who act under our instructions and under a strict duty of confidentiality.
  • Compliance with Legal Obligations: Tax Authority, judicial, police, or administrative entities, whenever legally required.

International Transfers: Whenever the provision of services implies the transfer of data outside the European Economic Area (EEA), PRIMARIU ensures that the transfer takes place under an Adequacy Decision by the European Commission or through the signing of Standard Contractual Clauses (SCCs) approved by the European Commission, guaranteeing a level of protection equivalent to that of the GDPR.

4. Data Retention Periods

Personal data is retained only for the strictly necessary period:

  • Billing and Contractual Data: Retained for a period of 10 years, as required by the Commercial Code and tax legislation (CIVA). This data cannot be deleted before this period due to legal imposition.
  • Commercial Leads: Contact data that does not result in a contractual relationship is kept for up to 2 years after the last contact. After this period, the data will be irreversibly anonymized or securely deleted, unless its retention is necessary for the defense of rights in judicial proceedings.
  • Newsletter Subscribers: Data is retained until the data subject withdraws their consent.

5. Data Security

PRIMARIU implements appropriate technical and organizational measures to protect personal data against destruction, loss, alteration, unauthorized disclosure, or access. These measures include, among others, the use of security protocols (SSL/HTTPS), data encryption, restricted access control, and regular backups.

6. Your Rights

Under the law, you may request the exercise of the following rights at any time:

  • Access, rectification, and erasure of your personal data.
  • Restriction of or opposition to data processing.
  • Data portability to another entity.
  • Withdrawal of previously given consent.

You also have the right to lodge a complaint with the national supervisory authority: CNPD – Comissão Nacional de Proteção de Dados.

To exercise your rights with PRIMARIU, simply send a written request to [email protected].

7. Cookies

PRIMARIU's website uses cookies to ensure its correct functioning and for statistical analysis purposes. Detailed management of consents (accepting or rejecting categories) is available through our Cookie Management Tool, permanently accessible on the website.

8. Changes to the Privacy Policy

PRIMARIU reserves the right to update this Privacy Policy. The latest version will always be available on this page, with the date of the last update indicated at the top.

Services
Case Studies About Insights
EN
Contacts
Menu
Português English
Services
Technology & Systems
Booking Systems & Channel Management Conversion-Focused Websites Automation & Systems Integration
Performance & Direct Bookings
Google Ads Travel SEO Channel & Seasonality Optimisation Dashboards & ROI Tracking
View Services