Legal
Privacy Policy
Last updated: 2 June 2026
This Privacy Policy explains how Starter.pt collects, uses and protects personal data in connection with this website, enquiries, client projects, technical support, managed infrastructure and related services. It is written for clarity and applies unless a signed agreement, statement of work or data processing agreement says otherwise.
1. Controller and contact details
The controller for the processing described in this policy is Starter.pt. Business address: Rua do Fundo da Cumieira, 507, 5030-061 Cumeeira SMP, Vila Real, Portugal.
Privacy requests should be sent to hello@starter.pt.
2. Personal data we may process
Depending on the context, we may process:
- name, job title, company name and contact details;
- messages, briefs, support tickets and project communications;
- billing details, tax details and payment records where applicable;
- technical information needed to provide services, such as domains, IP addresses, server access details, logs, diagnostics, repository details and deployment information;
- security findings, audit notes and remediation records;
- website usage and security logs generated by hosting, server or CDN infrastructure;
- any other personal data voluntarily provided through email, forms, meetings or agreed project tools.
3. Purposes, legal bases and retention
| Processing activity | Purpose | Legal basis | Typical retention |
|---|---|---|---|
| Contact forms and enquiries | Reply to requests, qualify needs and propose next steps. | Pre-contractual steps and legitimate interests. | Up to 12 months after the last interaction, unless a client relationship starts. |
| Client projects and support | Deliver web programming, security consultancy, managed VPS, maintenance and support services. | Contract performance and legitimate interests. | For the duration of the relationship, then as needed for records, disputes and continuity. |
| Billing and accounting | Issue invoices, manage payments and comply with tax/accounting obligations. | Legal obligation and contract performance. | For the legally required retention period. |
| Server, security and access logs | Protect systems, investigate incidents, prevent abuse and maintain service reliability. | Legitimate interests and, where applicable, legal obligation. | Usually 6 to 12 months, unless needed for an incident, dispute or legal requirement. |
| Marketing communications | Send updates only where this has been requested or is otherwise lawful. | Consent or legitimate interests, depending on the context. | Until consent is withdrawn, opt-out is requested or the contact becomes inactive. |
4. Service delivery and client data
During technical work, Starter.pt may access client systems, databases, repositories, logs, hosting panels, third-party tools or production data. Where Starter.pt processes personal data on behalf of a client, the client is normally the controller and Starter.pt acts as a processor. In that case, processing is carried out under the client's documented instructions and, when appropriate, a data processing agreement.
5. Sharing with third parties
Personal data may be shared with suppliers only where needed to operate the website, deliver services, manage communication, provide hosting or comply with legal duties. These suppliers may include hosting providers, email providers, accounting tools, project tools, infrastructure providers and professional advisers. Starter.pt does not sell personal data.
6. International transfers
Some suppliers or client-selected tools may process data outside the European Economic Area. Where this happens, Starter.pt relies on appropriate safeguards, such as adequacy decisions, Standard Contractual Clauses or other lawful transfer mechanisms where required.
7. Security measures
Starter.pt applies proportionate technical and organisational measures intended to protect personal data, including access control, secure communication, credential hygiene, least-privilege access, backups where agreed, patching and monitoring appropriate to the service. No system can be guaranteed to be fully secure, but reasonable measures are used to reduce risk.
8. Cookies and website technologies
This website currently does not intentionally use analytics, advertising or behavioural tracking cookies. Technical cookies or similar storage may be used by hosting, CDN or security infrastructure where strictly necessary. More detail is available in the Cookie Policy.
9. Your rights
Subject to legal conditions, you may request access, rectification, erasure, restriction, portability and objection. Where processing is based on consent, you may withdraw that consent at any time without affecting processing already carried out lawfully.
To exercise rights, contact hello@starter.pt. A response will be provided within the legally required timeframe. Identity verification may be requested where necessary.
10. Complaints
You may lodge a complaint with the Portuguese supervisory authority, the Comissão Nacional de Proteção de Dados (CNPD), at www.cnpd.pt.
11. Changes to this policy
This policy may be updated to reflect changes in services, legal requirements or operational practices. The latest version will be published on this page.