Privacy Policy

Last updated: 12/27/2025

This Privacy Policy explains how the personal data of users of the Servtio platform is collected, used and protected, operated by Miguel Simões, self-employed (“Servtio”), in accordance with Regulation (EU) 2016/679 (GDPR) and other applicable legislation.

This policy applies to the website and services provided by Servtio. By using the platform, the user declares that they have read, understood and accepted this Privacy Policy.

1. Data Controller

The data controller is:
Miguel Simões
Email: migralept@gmail.com

2. Personal data collected

The following categories of data may be collected:

Registration data: name, email address, password.
Provider profile data (where applicable): profession, geographic area, service category and other data the provider chooses to include in their profile (e.g., description).
Usage data: requests created, active subscriptions, interactions with the platform, dates and times of access.
Technical data: IP address, browser type, operating system, session identifiers and activity logs necessary for security and service operation.
Payment data: payment identifiers, references and relevant billing information (full card data is processed directly by the payment service provider, e.g., Stripe).
Technical cookies: cookies strictly necessary for the operation of the site (authentication, session maintenance, CSRF protection).

3. Purposes of processing

Personal data is processed, in particular, for the following purposes:

Management of user accounts and registration/authentication processes.
Connection between Clients and Service Providers and management of requests.
Management of subscriptions, plans and billing, where applicable.
Ensuring platform security and preventing fraud or abuse.
Compliance with legal, tax and accounting obligations.
Service improvement, features and user experience, including error logging and technical statistics (legitimate interest).
Sending communications related to service operation (for example, confirmation emails or important account/service notices).

4. Legal basis for processing

The main legal bases used are:

Performance of a contract — use of the platform, creation of requests, subscription management and provision of the service to the user.
Compliance with a legal obligation — tax, accounting or other obligations imposed by law.
Legitimate interest of Servtio — platform security, abuse prevention, continuous service improvement and response to contact requests.
Consent — whenever optional features requiring consent are used (e.g., marketing communications, if introduced in the future).

5. Sharing data with third parties

Personal data is not sold to third parties. It may only be shared with:

Technical service providers (processors), such as hosting companies, email delivery services, backup services, monitoring services and payment processors (for example, Stripe), strictly to the extent necessary to provide the services.
Public authorities, where required by law or by order of a competent authority.

These third parties process personal data on behalf of Servtio and are bound by contractual confidentiality and security obligations.

6. International data transfers

Some service providers may be located outside the European Union or the European Economic Area. In such cases, Servtio ensures that adequate safeguards are applied under applicable law, such as the Standard Contractual Clauses adopted by the European Commission or equivalent mechanisms.

7. Retention periods

Personal data is retained only for the period strictly necessary for the purposes described above:

User account: for as long as the account remains active. If the user requests deletion, the data will be deleted or anonymised, except where retention is required by law.
Billing and legal records: for the period legally required for tax and accounting purposes.
Technical records and security logs: for the period necessary to ensure the security and integrity of the platform (for example, up to 12 months), unless a longer period is required in the event of security incidents or disputes.

8. Rights of data subjects

Users may, at any time and in accordance with the law, exercise the following rights:

Right of access to their personal data;
Right to rectification of inaccurate or incomplete data;
Right to erasure (“right to be forgotten”), in the cases provided by law;
Right to restriction of processing, in the situations provided by law;
Right to object to processing based on legitimate interests;
Right to data portability, where processing is based on contract or consent and carried out by automated means;
Right to withdraw consent where processing is based on consent, without affecting the lawfulness of processing carried out up to that date.

To exercise any of these rights, the user may contact: migralept@gmail.com. Servtio undertakes to reply, as a rule, within a maximum of 30 days, except in cases of particular complexity.

The user also has the right to lodge a complaint with the Portuguese Data Protection Authority (CNPD), if they believe that the processing of their personal data violates applicable legislation.

9. Cookies

The platform uses strictly necessary cookies for the operation of the service, namely:

session cookies for authentication and maintenance of the user session;
security cookies (for example, protection against CSRF attacks);

These cookies are not used for behavioural advertising or cross-site tracking. If additional cookies are introduced in the future (for example, analytics or marketing), the user will be informed and, where legally required, prior consent will be requested.

10. Security

Servtio adopts appropriate technical and organisational measures to protect personal data against unauthorised access, loss, destruction or misuse, in line with best practices and the scale of the service.

Despite protection efforts, no online platform can guarantee absolute security. The user should also adopt protective measures, namely keeping login credentials confidential and using strong passwords.

11. Use by minors

The platform is not intended for children under 16 years of age. If you become aware that a child under 16 has provided personal data to Servtio, please request its removal via the email above. Steps will be taken to delete this information as quickly as possible.

12. Changes to this policy

Servtio may update this Privacy Policy whenever necessary, namely to reflect legal changes or service improvements.

Whenever the changes are relevant, prominent notice will be provided on the platform and, where appropriate, new consent may be requested. Continued use of the platform after publication of the changes means that the user accepts the updated version.

Contact

Miguel Simões
Operator of the Servtio platform
Email: migralept@gmail.com