Privacy Policy

We are Bellator OSS Portugal, acting as a Data Controller for the purposes of the following Privacy Notice. The purpose of this policy is to provide you with the information required in accordance with Regulation (EU) 2016/679, of the European Parliament and of the Council, on the protection of natural persons with regard to the processing of personal data (the “General Data Protection Regulation” or “GDPR”).

Our website may contain links to other websites that are not operated by us. This Privacy Policy does not address the privacy policy and other practices of any third parties, including any third party operating any website or service that may be accessible via a link on our Website. We strongly advise you to review the privacy policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

We collect only what is strictly necessary.

• (a) Data you submit through our contact form: full name, organization, email, inquiry type and message.
• (b) Server-side technical logs collected automatically by our hosting provider, including IP address, request timestamp, user agent and URL accessed. We do not use cookies, analytics scripts, fingerprinting or any client-side tracking technology.

Contact form data is processed to respond to your inquiry and manage commercial or institutional relations (Art. 6(1)(b) and 6(1)(f) GDPR — performance of pre-contractual steps and legitimate interest). Technical logs are processed for security, fraud prevention and infrastructure integrity (Art. 6(1)(f) GDPR — legitimate interest).

Personal data is accessed only by authorized personnel of Bellator OSS Portugal. Technical logs are processed by our hosting provider Infomaniak Network SA (Switzerland — country recognized as providing adequate protection by EU Commission Decision). No data is sold, rented or transferred for marketing purposes.

No transfers outside the EEA take place beyond the hosting in Switzerland, which benefits from an EU adequacy decision.

Contact form messages are retained for the duration necessary to handle the inquiry and any resulting relationship, and for up to 3 years thereafter for commercial follow-up. Technical server logs are retained for a maximum of 12 months. Data required by legal or tax obligations is retained for the legally prescribed period.

Under GDPR you have the right of access, rectification, erasure, restriction, portability, objection, and the right to withdraw consent. To exercise these rights, contact us at contact@bellator-oss.com. If there is reasonable doubt regarding your identity, Bellator OSS Portugal may request additional proof of identity. You also have the right to lodge a complaint with the Comissão Nacional de Proteção de Dados (CNPD — www.cnpd.pt).

We apply technical and organizational measures appropriate to the sensitivity of the data we handle, including encryption in transit (TLS), access controls, and minimal data collection by design.