Privacy

How we process your personal data.

This Data Protection Policy describes how Direct Hit — Prestação de Serviços de Apoio a Empresas, Lda processes the personal data collected through the website delegadodeprotecciondedatos.eu, in compliance with Regulation (EU) 2016/679 (GDPR) and applicable national law.

Last updated: 13 June 2026.

1. Data controller

Identity: Direct Hit — Prestação de Serviços de Apoio a Empresas, Lda.
Tax number (NIF): PT 504526146.
Registered office: Apartado 43062, Rua Sousa Lopes, 65, 5.º Esquerdo, 1601-301 Lisboa · Portugal.
Phone: (+351) 213 243 750 · E-mail: office@directhit.eu.
Institutional website: www.directhit.eu.

2. Data Protection Officer

The controller has a Data Protection Officer, available for any matter relating to processing and the exercise of rights, at secretariado@delegadodeprotecciondedatos.eu and through the compliance platform directhit.complianceofficer.eu.

3. Data we process

Identification and contact data you provide through the forms (name, organisation, e-mail, phone and the content of your message).
Navigation and technical data (IP address, device and session identifiers), collected through cookies and server logs.

4. Purposes of processing

To respond to your contact, information and proposal requests.
To manage the service relationship and the provision of contracted services.
To send the newsletter, where you subscribe.
To ensure the security, operation and improvement of the website.

5. Lawful basis

Your consent, for the forms, the newsletter subscription and analytics cookies (Art. 6(1)(a) GDPR).
The performance of pre-contractual steps or of the contract, for proposal requests and service provision (Art. 6(1)(b)).
The legitimate interest in the security and proper functioning of the site (Art. 6(1)(f)).

6. Recipients

Data are not disclosed to third parties, except where legally required. Service providers necessary for the operation of the site and the forms (the form platform and the hosting provider) act as processors, processing data under our instructions and Article 28 GDPR.

7. International transfers

The forms are processed through the JotForm platform. Where processing involves a transfer of data outside the European Economic Area, it relies on appropriate safeguards — an adequacy decision or standard contractual clauses — under Chapter V GDPR.

8. Retention period

Data are kept for as long as necessary to handle your request and, where applicable, for the duration of the relationship and the applicable statutory limitation periods. Data processed on the basis of consent are kept until withdrawal.

9. Your rights

You may exercise the rights of access, rectification, erasure, restriction, portability and objection, and withdraw consent at any time, by contacting secretariado@delegadodeprotecciondedatos.eu, evidencing your identity.
You have the right to lodge a complaint with the Agencia Española de Protección de Datos (AEPD), www.aepd.es, and, where applicable, with the supervisory authority of your country of residence.

10. Security

The controller applies appropriate technical and organisational measures to ensure a level of security appropriate to the risk, under Article 32 GDPR.

11. Changes to this policy

This policy may be updated to reflect regulatory or operational changes. The current version is always available on this site.

Detailed policy

The controller's detailed privacy and data protection policy is available on the compliance platform: directhit.complianceofficer.eu/policies