Easy Lisbon Relocation
en·pt
Plan my move!

Privacy Policy

Last updated: 2026-06-29. This Privacy Policy explains how Easy Lisbon Relocation collects, uses and protects your personal data when you use easylisbonrelocation.com or engage our services. We are an English company that delivers services in Portugal, so this policy reflects both UK GDPR and EU GDPR (Regulation (EU) 2016/679), whichever applies to you.

1. Data Controller

EASY LISBON RELOCATION LTD, a company registered in England and Wales. Registered office: 553 High Road, Wembley, England, HA0 2DW. Day-to-day operations and client meetings take place in Portugal. Contact: joao@easylisbonrelocation.com.

2. What personal data we collect

When you submit one of our forms (Plan my move, Request a callback, Contact) we collect: name, email, phone number, country of origin, region of interest in Portugal, indicative budget, timeline, family composition, and any message you choose to send. When you browse the site we may also collect technical data: IP address, browser type, pages visited and referrer, in line with the cookies you authorise.

3. Why we use your data (legal basis)

Pre-contract enquiry and service delivery: to respond to your enquiry, prepare a proposal, and provide the relocation, buyer’s agent, or property management services you request (Article 6(1)(b) UK/EU GDPR).

Legitimate interest: to keep records of our communications and to improve our services and website (Article 6(1)(f)).

Consent: where we use analytics or marketing cookies, the basis is your explicit consent (Article 6(1)(a)). You can withdraw it at any time via the cookie settings link in our footer.

Legal obligation: to keep accounting records and respond to lawful requests from UK or Portuguese authorities competent over us (Article 6(1)(c)).

4. How long we keep your data

Lead enquiries that do not convert to a paid engagement: up to 24 months from the last contact, then deleted.

Client records: for the duration of our engagement and 6 years after, in line with UK Companies Act 2006 and HMRC retention requirements. Where Portuguese tax records also apply to a specific engagement, we keep them for 10 years.

Cookie consent records: 12 months from the last update of your preferences.

5. Who we share your data with

We share data only with the processors strictly needed to deliver the service: Neon (database hosting, EU region — Frankfurt), Resend (transactional email, EU region), HubSpot (CRM for lead tracking; HubSpot Inc. is based in the US and processes data under the EU-US Data Privacy Framework and UK equivalent), Cloudflare (DDoS protection and bot mitigation), and any legal, tax or property partner we introduce you to with your prior approval.

We never sell your data. We never share it for third-party marketing.

6. International transfers

Our infrastructure and primary data storage are located in the European Union (Frankfurt). Data flows between the UK and EU are covered by the UK-EU Adequacy Decision. The only systematic transfer outside that area is to HubSpot (US), covered by Standard Contractual Clauses, the EU-US Data Privacy Framework, and the UK equivalent (Data Bridge). If you prefer that we do not use HubSpot to process your lead, tell us at joao@easylisbonrelocation.com and we will store your data only in our EU systems.

7. Your rights

You have the right to: access your data, correct it, delete it, restrict its processing, port it to another provider, and object to processing based on legitimate interest. You also have the right to withdraw consent at any time.

If you live in the United Kingdom, you may lodge a complaint with the Information Commissioner’s Office (ICO, ico.org.uk). If you live in Portugal or another EU/EEA country, you may lodge a complaint with your local supervisory authority — in Portugal, the Comissão Nacional de Proteção de Dados (CNPD, cnpd.pt).

To exercise any right, write to joao@easylisbonrelocation.com. We will reply within 30 days.

8. Cookies

For details on the cookies we use and how to manage them, see our Cookies Policy.

9. Security

We use industry-standard measures to protect your data: encrypted connections (HTTPS), encrypted database at rest, restricted access on a need-to-know basis, and regular backups. No system is fully immune to risk; if a breach affects you, we will notify the relevant supervisory authority within 72 hours and inform you without undue delay where required.

10. Changes to this policy

We may update this policy. The version in force is always the one published on this page, with the date at the top.

11. Applicable law

This Privacy Policy is governed by the law of England and Wales and by UK GDPR, without prejudice to the EU GDPR rights of data subjects located in the European Union. Disputes will be heard before the courts of England and Wales, save for any non-waivable consumer protection rights you have under the law of your country of residence.