LEGAL

Privacy Policy

Privacy Policy

Privacy Policy

Last updated: July 8, 2026

Last updated: July 8, 2026

Remote Creative Unipessoal, Lda. (“Remote Creative”, “we”, “us”, or “our”), registered at Rua do Rossio, n.º 56, Oliveira do Bairro, 3770-221, Portugal, with tax identification number (NIF) 515836761, is the data controller responsible for the personal data collected through this website and associated channels.

Remote Creative Unipessoal, Lda. (“Remote Creative”, “we”, “us”, or “our”), registered at Rua do Rossio, n.º 56, Oliveira do Bairro, 3770-221, Portugal, with tax identification number (NIF) 515836761, is the data controller responsible for the personal data collected through this website and associated channels.

This Privacy Policy explains, in a clear and transparent manner, how we collect, use, store, and protect your personal data, in compliance with the General Data Protection Regulation (GDPR — Regulation (EU) 2016/679) and Portuguese Law No. 58/2019, of August 8.

This Privacy Policy explains, in a clear and transparent manner, how we collect, use, store, and protect your personal data, in compliance with the General Data Protection Regulation (GDPR — Regulation (EU) 2016/679) and Portuguese Law No. 58/2019, of August 8.

01

Who is the data controller

Who is the data controller

Remote Creative Unipessoal, Lda.
Rua do Rossio, n.º 56, Oliveira do Bairro, 3770-221, Portugal
NIF: 515836761
Contact for privacy matters: info@weremotecreative.com

We have not appointed a Data Protection Officer (DPO), given the nature and scale of the data processing we carry out. Any question, request, or complaint regarding your personal data should be directed to the contact above.

02

What personal data we collect

What personal data we collect

Depending on how you interact with us, we may collect the following personal data:

• Identification and contact data: name, email address, phone number, company/brand represented, job title.

• Business data: website or Shopify store, approximate revenue, current monthly ad spend (Meta/Google Ads), growth goals — collected through our qualification form (Typeform).

• Scheduling data: name, email, and, where applicable, phone number, when booking a call through Calendly.

• Communication data: messages exchanged via Instagram Direct and ManyChat (for example, when interacting with the keyword “AUDIT” or similar).

• Browsing data: IP address, device and browser type, pages visited, time spent on the site, traffic source — collected through cookies and analytics/advertising technologies (see Section 8).

We do not intentionally request or process special categories of personal data (e.g., health data, ethnic origin, or religious beliefs).

03

Purposes of processing and legal basis

Purposes of processing and legal basis

Responding to inquiries and qualifying potential clients

Pre-contractual steps taken at your request (Art. 6(1)(b))

Scheduling and conducting audit/strategy calls

Pre-contractual steps taken at your request (Art. 6(1)(b))

Providing our digital advertising management services, once a contractual relationship is established

Performance of a contract (Art. 6(1)(b))

Marketing communications (newsletter, updates, content)

Consent (Art. 6(1)(a))

Targeted advertising and remarketing (Meta Ads, Google Ads)

Consent, via the cookie banner (Art. 6(1)(a))

Website performance analysis (Google Analytics)

Consent, via the cookie banner (Art. 6(1)(a))

Compliance with legal obligations (e.g., accounting and tax)

Legal obligation (Art. 6(1)(c))

Fraud prevention and website security

Legitimate interest (Art. 6(1)(f))

04

How we collect your data

How we collect your data

We collect personal data through the following channels:

• Qualification form (Typeform): when you fill out our questionnaire so we can assess whether your brand fits the client profile we support.

• Calendly: when you book an audit or strategy call with us.

• Instagram and ManyChat: when you contact us or interact with our direct message automations.

• Website contact form, if applicable, when filled out directly on the site.

• Cookies and similar technologies, through browsing our website (see Section 8).

05

Who we share your data with

Who we share your data with

We do not sell or share your personal data with third parties for purposes unrelated to our business. Your data may, however, be processed by the following service providers, acting as processors, strictly to operate the services described above:

• Typeform (form collection)

• Calendly (meeting scheduling)

• Meta / Instagram / ManyChat (communication and message automation)

• Google (Google Ads and Google Analytics)

• Framer (website hosting and operation)

All these providers act as independent controllers or processors, depending on the service, and are subject to their own privacy policies, which we recommend you review.

We may also disclose personal data when required by law, court order, or a competent public authority.

06

International data transfers

International data transfers

Some of the service providers we use (namely Typeform, Calendly, Meta, and Google) are based, or process data, outside the European Economic Area (EEA), including in the United States.

Whenever personal data is transferred outside the EEA, we ensure this is accompanied by appropriate safeguards, namely:

• European Commission adequacy decisions, where applicable; or

• Standard Contractual Clauses (SCCs) approved by the European Commission; or

• Other mechanisms legally recognized under the GDPR.

07

Data retention periods

Data retention periods

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

• Leads and commercial contacts (that do not progress into a contractual relationship): up to 24 months after the last contact, after which the data is deleted or anonymized, unless the data subject requests earlier deletion.

• Clients with an active contract: for the duration of the contractual relationship and for 10 years thereafter, to comply with legal, tax, and accounting obligations applicable in Portugal.

• Direct marketing data (consent-based): until the data subject withdraws consent, or for a maximum period of 24 months of inactivity.

• Browsing/cookie data: as indicated in Section 8.

08

Cookies and similar technologies

Cookies and similar technologies

Our website uses cookies and similar technologies to improve your experience, analyze traffic, and display relevant advertising. In particular, we use:

• Essential cookies: necessary for the website to function (do not require consent).

• Analytics cookies (Google Analytics): to understand how visitors use our site.

• Advertising cookies (Meta Pixel and Google Ads): to measure the effectiveness of our campaigns and show relevant ads on other platforms.

When you visit our website, a cookie consent banner is displayed, where you can accept, reject, or customize your preferences. You can change your choices at any time through the website’s cookie settings or your browser settings.

Rejecting non-essential cookies does not affect your ability to browse the website, but may limit some functionality.

09

Your rights as a data subject

Your rights as a data subject

Under the GDPR, you have the right to:

• Access your personal data and obtain information about its processing;

• Rectify inaccurate or incomplete data;

• Erase your data (“right to be forgotten”), where applicable;

• Restrict processing in certain circumstances;

• Object to processing, particularly for direct marketing purposes;

• Data portability, receiving your data in a structured, commonly used format;

• Withdraw consent at any time, without affecting the lawfulness of processing carried out before the withdrawal.

To exercise any of these rights, contact us at info@weremotecreative.com. We will respond to your request within 30 days, as required by law.

You also have the right to lodge a complaint with the national supervisory authority:

Comissão Nacional de Proteção de Dados (CNPD)
Av. D. Carlos I, 134, 1.º, 1200-651 Lisbon, Portugal
www.cnpd.pt

10

Data security

Data security

We adopt appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, or improper alteration, including the use of service providers that meet the security requirements required by the GDPR.

11

Changes to this Privacy Policy

Changes to this Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. The date of the last update is always shown at the top of this document. We recommend checking it regularly.

12

Contact

Contact

For any questions related to this Privacy Policy or the processing of your personal data, please contact us:

Remote Creative Unipessoal, Lda.
Rua do Rossio, n.º 56, Oliveira do Bairro, 3770-221, Portugal
Email: info@weremotecreative.com