Privacy, Cookies & the GDPR
The Short Version
- We do not use any Flash based cookies or other persistent methods or beacons (such as Google Analytics or Facebook Like buttons) to track your browsing habits even after you leave the site.
- We do not sell any information to anyone.
- We do not share any information with 3rd parties, unless required to do so by law.
- We do not send unsolicited email or make unsolicited telephone calls.
The Long Version
Your browser communicates with our server as follows. Your browser creates a connection to our server and requests a page to view. Our server acknowledges your request and sends the page to your browser. Your browser displays the page and breaks the connection. Next time you want to view a page, it creates a new connection and repeats the entire process. The problem with this procedure is that we then have no way to know what you requested as you navigate through our site.
Enter the Cookie...
Enter the humble cookie. A cookie is a tiny file that our website uses to keep track of your requests only while you are connected to our site. The cookies we set contains a few unique random characters (for example, QW8d3Ef12) that allows us to identify which browser made a request from our database so that we can deliver the requested data back to that browser. These cookies can in no way identify you personally or give us any personal information about you. Since all our data is stored in a database, without your browser accepting cookies, there is no way for us to display our data to you.
A cookie is not a program (or app) and does not run or do anything on your computer. A cookie cannot read other data off your hard drive or read cookie files created by other sites.
Our site uses one persistent and two temporary session cookies to provide site functionality as described above.
Why no annoying cookie-warning-sliding-message thingy? Since we are not using cookies to track, profile and advertise to you, we think No Cookie Law conveys our feelings on this matter succinctly.
EU General Data Protection Regulation (GDPR) Compliance
SeaToSky Homes Lda. is a licensed real estate agency based in Portugal. We do not engage in user tracking and profiling activities nor do we sell or share your data with any 3rd parties who do so. We also do not use web beacons and other persistent tracking technologies for user profiling (such as Google Analytics or Facebook Like buttons).
Data Collected via our Web Sites
• IP Address
We log IP addresses of connections to our site for two reasons.
- Aggregating this information helps us analyse which countries (and languages) make up our client base. The sole purpose of this data usage is to help us fine-tune our services and make our web site better.
- IP addresses are also logged for technical reasons, specifically for use by our denial-of-service attack mitigation as well as rate limiting systems. This data usage is purely to ensure site availability and maintain a high quality of service technically.
• Name, Email Address, Telephone Number
When you contact us via our website, we collect the name, email address and telephone number that you provide so that we may respond to your enquiries. We do not automatically add (subscribe) your email address to our newsletter service.
Our email newsletter has always been strictly opt-in only. If you have chosen to receive our newsletters, each one contains a link where you can unsubscribe from the list at any time.
Internal Client Data and Record Keeping
In the ordinary course of our business of mediating real estate transactions between parties we need to store personal data that clients provide us with.
• StorageDigital client data is stored on our servers located within the EU and is protected behind various separate firewalls as well as malware and intrusion detection systems.
• AccessOur consultants access relevant client data needed to perform their duties via fully encrypted, secure VPN connections.
• BackupAll client data is securely encrypted with a private key before being sent to a zero-knowledge off-site backup service provider. Zero-knowledge means the backup provider does not have the decryption key to our data and therefore has no ability to access to the data.
• Disclosure to 3rd PartiesBy Portuguese law, real estate agencies are required to report full details of every real estate transaction to the responsible government agency (IMPIC).
The information submitted includes client personal data such as names, tax numbers, addresses, residency status, transaction amounts, property details and more.
Should we ever receive a demand from other Portuguese authorities for client data, we may be legally compelled to provide them with that data.
How Long We Keep Your Data
We are required by law to keep your personal data and details of the property transaction for a minimum of 7 years, after which time it will be destroyed.
Data Protection Officer
Should you have any questions related to your data, you may email the Data Protection Officer:
More Information Regarding the GDPR
As a resident of the EU, you may get more information about your rights on the EU GDPR website.