Privacy Policy

Arvora is the controller for the personal data collected through arvora.eu and for direct enquiries sent to us about our services, support, or future projects.

For contact and accountability purposes, Arvora operates from R. Luís Bívar 16, 8150-156 São Brás de Alportel, Portugal. You can contact us at hello@arvora.eu for privacy questions, access requests, corrections, or general data handling concerns.

We only collect information that is relevant to operating the site, answering enquiries, and delivering work responsibly. That may include your name, email address, phone number, company details, website information, project notes, and any files or content you choose to send us.

Basic technical information may also be processed when you browse the site, such as IP address, browser details, and server logs needed for security, debugging, and reliable delivery of the website.

• Contact and enquiry details you submit directly.
• Project information required to scope, quote, deliver, or support work.
• Essential technical data required to keep the website working and secure.

We use personal data to reply to enquiries, prepare proposals, deliver agreed services, provide support, manage business relationships, maintain security, and meet legal or accounting obligations.

We do not describe every use as marketing. Most data handling on this site exists to run a professional service business clearly, safely, and with minimal friction for clients and prospective clients.

Depending on the context, Arvora relies on one or more GDPR lawful bases: taking steps before entering into a contract, performing a contract, complying with legal obligations, pursuing legitimate interests in running and protecting the business, or consent where consent is actually required.

Where we rely on consent, you may withdraw it. Where we rely on legitimate interests, we aim to keep the processing proportionate, expected, and limited to what is reasonably necessary.

We may share data with service providers who help us operate the site or deliver our services, such as hosting providers, email or communications tools, analytics or security infrastructure, payment processors, and professional advisers where needed.

We do not sell personal data. Where third-party processors are used, they are expected to handle data only for the service purpose involved and under appropriate contractual or legal safeguards.

We retain personal data only for as long as it is reasonably needed for the purpose it was collected, including project delivery, support continuity, accounting records, dispute handling, or legal compliance.

Retention periods vary by context. Enquiry information that does not turn into work may be kept for a limited period so we can continue the conversation or refer back to prior contact. Project records may be kept longer where support, documentation, legal obligations, or commercial continuity require it.

If GDPR applies to your situation, you may have rights of access, rectification, erasure, restriction, objection, portability, and the right not to be subject to certain automated decisions where relevant.

The Portuguese data protection authority explains these rights and the usual response framework in more detail. Arvora aims to respond without undue delay and, where applicable, within the standard GDPR time limits.

• Request a copy of the data we hold about you.
• Ask us to correct incomplete or inaccurate information.
• Ask for deletion where there is no longer a valid reason to keep the data.
• Object to processing or ask for restriction where the law allows it.

Arvora uses essential cookies and basic technical storage where needed to keep the site functioning, remember a consent choice, and support core website delivery. If you actively accept analytics, we may also use basic Google Analytics to understand site performance and improve the website.

If our setup changes materially in the future, this page and the cookie messaging will be updated to reflect that change more clearly.

If you have a privacy concern, please contact Arvora first so we can understand the issue and respond directly. You also have the right to raise a complaint with the Comissão Nacional de Proteção de Dados (CNPD) in Portugal if you believe your data has been handled unlawfully.

As of 28 May 2026, the former EU online dispute resolution platform remains discontinued following its closure on 20 July 2025, so it is not presented here as a current complaints route.