New projects starting before June 30th: 15% off
Elevate Together Solutions

Privacy

Privacy Policy

Last updated: June 1, 2026

Elevate Together Solutions respects your privacy. This policy explains what personal data we collect, the purposes for which we process it, the legal bases we rely on, and your rights under the EU General Data Protection Regulation (GDPR, Regulation (EU) 2016/679).

1. Data controller

The controller of your personal data is Elevate Together Solutions, operating in Portugal and Spain. For any data protection enquiry, contact us at hello@elevatetogethersolutions.com.

2. Personal data we collect

We only collect data strictly necessary to handle your request and provide our services. The categories are:

  • Identification and contact data: name, email, phone — provided by you in our contact form.
  • Message content you send via the form or by direct email.
  • Technical and usage data: IP address, device type, browser, pages visited, traffic source — collected automatically for statistical and security purposes.
  • Cookies and similar identifiers — described in detail in our Cookie Policy.

3. Purposes and legal bases

We process your data on one of the following legal bases under Article 6 of the GDPR:

  • Pre-contractual steps and contract performance (Art. 6(1)(b)) — to respond to quote requests and deliver contracted services.
  • Consent (Art. 6(1)(a)) — for analytics and marketing cookies, commercial communications and the newsletter. Consent can be withdrawn at any time.
  • Legitimate interests (Art. 6(1)(f)) — site security, fraud prevention and aggregated statistical analysis.
  • Legal obligation (Art. 6(1)(c)) — retention of tax and accounting records.

4. Data sharing and sub-processors

We do not sell your personal data. To operate the site and deliver our services we rely on carefully selected sub-processors, all bound by contractual security and GDPR-compliance guarantees:

  • AWS (infrastructure hosting, European region)
  • Google Analytics (usage statistics)
  • Plausible Analytics (privacy-friendly usage statistics)
  • Meta Pixel (campaign measurement)
  • Resend (transactional email delivery)

5. Data retention

We retain data only for as long as strictly necessary to fulfil the purposes for which it was collected. As a general rule: commercial contact data — up to 3 years after the last interaction; contractual and tax data — 10 years as required by law; marketing data — until consent is withdrawn.

6. International transfers

Some of our sub-processors are located outside the European Economic Area. In those cases we ensure an adequate level of protection through Standard Contractual Clauses approved by the European Commission or equivalent frameworks.

7. Your rights

As a data subject you have the right to access, rectify, erase, restrict or object to processing, as well as the right to data portability. You can also withdraw consent at any time without affecting the lawfulness of prior processing. To exercise these rights, write to hello@elevatetogethersolutions.com — we respond within 30 days.

8. Security

We apply appropriate technical and organisational measures to protect personal data against unauthorised access, loss or alteration: TLS on every connection, access controls, audit logging, encrypted backups and periodic security reviews.

9. Complaints

If you believe the processing of your data infringes the law, you have the right to lodge a complaint with the competent supervisory authority: Comissão Nacional de Proteção de Dados (CNPD) in Portugal (www.cnpd.pt) or Agencia Española de Protección de Datos (AEPD) in Spain (www.aepd.es).

10. Changes to this policy

We may update this policy to reflect changes in law or in our practices. The version in force is always the one published on this page, with the date of the last update shown at the top.