Privacy Policy

1. Who we are

ADDS — AI Data Digital Solutions (“ADDS”, “we”, “us”) is the data controller responsible for the personal data collected through this website.

• Data Controller: João Ricardo Duarte Marques, NIF 277811015
• Contact email: geral@addssolutions.com
• Website: addssolutions.com

2. What data we collect

We only collect data strictly necessary to respond to your requests and improve your experience on our website:

2.1. Data you provide

Through the contact form, we may collect:

• Full name
• Email address
• Company / Organisation (optional)
• Phone number (optional)
• Department of interest
• Message

2.2. Data collected automatically

• Technical cookies: necessary for basic website functionality (session, language preferences).
• Browsing data: IP address, browser type, pages visited and access time, collected through server logs.

3. How we use your data

• Respond to your messages — to follow up on the contact you initiated through the form or booking.
• Commercial communication — only when you explicitly request it (e.g. booking a Discovery Session).
• Improve the website — aggregated browsing analysis to optimise the user experience.
• Legal compliance — when required by law.

4. Legal basis for processing

The processing of your personal data is based on the following legal grounds under the GDPR:

• Consent (Art. 6(1)(a)) — by submitting the contact form, you consent to the processing of the provided data for the purpose of responding.
• Legitimate interest (Art. 6(1)(f)) — to ensure website security and improve the browsing experience.
• Legal obligation (Art. 6(1)(c)) — where applicable for compliance with legal obligations.

5. Who we share your data with

We do not sell, rent or share your personal data with third parties for marketing purposes. Your data may be processed by the following service providers, exclusively for the purposes described above:

• Google Analytics 4 — aggregated browsing analysis to improve the user experience. Only activated after your explicit consent.
• Resend — transactional email delivery (contact form).
• Calendly — session booking (when you use the scheduling widget).
• Hosting provider — server storage and logs.

All providers are bound by data protection agreements and operate in compliance with the GDPR.

6. How long we keep your data

• Contact form data: retained for the time necessary to follow up on the request and, at most, 24 months after the last contact.
• Server logs: retained for a maximum of 12 months.
• Technical cookies: expire at the end of the session or as indicated in the cookies section.

7. Your rights

Under the GDPR, you have the following rights regarding your personal data:

• Access — you can request a copy of the data we hold about you.
• Rectification — you can correct inaccurate or incomplete data.
• Erasure — you can request the deletion of your data (“right to be forgotten”).
• Restriction — you can restrict the processing of your data in certain circumstances.
• Portability — you can request your data in a structured, machine-readable format.
• Objection — you can object to processing based on legitimate interest.
• Withdrawal of consent — you can withdraw consent at any time, without affecting the lawfulness of prior processing.

To exercise any of these rights, email us at geral@addssolutions.com. We will respond within 30 days.

8. Cookies

This website does not use any first-party cookies. Consent preferences are stored locally on your device (via localStorage). We do not use tracking or advertising cookies.

We use Google Analytics 4 for aggregated browsing analysis, activated only after your explicit consent. Other third-party services integrated on the website (such as Calendly) may also set their own cookies. Please refer to their respective privacy policies for details.

9. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss or destruction, including encrypted communications via HTTPS and secure storage.

10. Changes to this policy

We may update this privacy policy periodically. Any significant changes will be published on this page with the corresponding update date.

11. Complaints

If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with the competent supervisory authority:

• CNPD — Comissão Nacional de Proteção de Dados (Portuguese Data Protection Authority)
• Website: www.cnpd.pt (opens in new tab)