Legal

Privacy Policy

Last updated: 30 June 2026 · Liliana Gonçalves (trading as Aumnia)

Liliana Gonçalves (trading as Aumnia; hereinafter "Aumnia", "we", "us", "our") is committed to protecting your privacy and personal data. This Privacy Policy clearly describes how we collect, process, store and protect your information when you use our website or services, in accordance with the General Data Protection Regulation (GDPR) and applicable Portuguese law.

1. Data Controller

The controller responsible for processing your personal data is:

Liliana Gonçalves (trading as Aumnia)
Email: info@aumnia.io
Phone: +351 910 537 658
Website: https://aumnia.io

2. Personal Data We Collect

We collect only the data strictly necessary to provide our services:

Identification data: Full name, company name, tax identification number (NIF) for invoicing purposes.
Contact data: Email address, phone number.
Website usage data: IP address (anonymised), browser type, pages visited — collected via cookieless analytics tools without personal identification.
Communications: Messages sent through our contact forms.

3. Purpose and Legal Basis for Processing

We process your data for the following purposes and on the following legal grounds:

Service delivery: To perform the contract agreed with you (Art. 6(1)(b) GDPR).
Legal obligations: To comply with tax and accounting obligations (Art. 6(1)(c) GDPR).
Legitimate interest: For communications about our services related to the existing commercial relationship (Art. 6(1)(f) GDPR).
Consent: For marketing communications, only with your express consent (Art. 6(1)(a) GDPR).

Our legitimate interest consists of maintaining our commercial relationship with existing and prospective clients. We have balanced this interest against your fundamental rights and freedoms. You may object to this processing at any time by contacting info@aumnia.io.

4. Cookies & Analytics

This website does not install third-party cookies. Your consent preferences are stored in your browser's local storage (localStorage) — a mechanism similar to cookies but not transmitted to the server or shared with third parties. With your consent, we may enable anonymous analytics tools:

Vercel Analytics: Collects anonymised visit data, without tracking cookies, without personal identification.
Cloudflare Web Analytics: Cookieless, privacy-first analytics — no personal data stored.

You can manage your cookie preferences at any time via the cookie icon in the bottom-left corner of the site.

5. Sharing Your Data

We do not sell, rent or share your personal data with third parties for commercial purposes. We may share data with:

Technical service providers: Vercel (hosting), Resend (transactional email), ClickUp (project management), Cloudinary (media delivery) — only to the extent necessary to deliver our services, under contractual data protection guarantees.
Competent authorities: When required by law or court order.

6. International Transfers

Our service providers are based in the United States of America: Vercel (hosting), Resend (transactional email), ClickUp (project management), and Cloudinary (media delivery). EU-to-USA transfers are carried out under Standard Contractual Clauses (SCCs) approved by the European Commission, which provide equivalent data protection safeguards.

Australian residents (APP 8): By submitting personal information to us, you acknowledge that it may be processed in the United States of America, where privacy laws may differ from those in Australia.

7. Retention Periods

We retain your data for as long as necessary for the purposes for which it was collected, namely:

Client data (contracts, invoices): 10 years, as required by Portuguese tax and accounting law.
Contact data of prospective clients: up to 2 years after the last contact.
Cookie consents: up to 12 months, after which we request renewal.

8. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

Access: Request a copy of the data we hold about you.
Rectification: Correct inaccurate or incomplete data.
Erasure: Request deletion of your data ("right to be forgotten"), where applicable.
Restriction: Restrict the processing of your data in certain circumstances.
Portability: Receive your data in a structured, machine-readable format.
Objection: Object to processing based on legitimate interest or for marketing purposes.
Withdrawal of consent: Withdraw consent at any time, without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at info@aumnia.io. We will respond within 30 days.

You have the right to lodge a complaint with the competent supervisory authority: Comissão Nacional de Proteção de Dados (CNPD) — www.cnpd.pt.

UK residents may also lodge a complaint with the Information Commissioner's Office (ICO) — ico.org.uk. Aumnia processes UK personal data on an occasional basis and has not appointed a UK representative pursuant to the exception at Art. 27(2) UK GDPR.

Australian residents may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) — oaic.gov.au — if you believe we have breached the Australian Privacy Act 1988.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration or destruction. Our website is served exclusively via HTTPS with HSTS enabled, and data is stored on servers with recognised security certifications.

10. Automated Decision-Making

We do not make automated decisions about you, including profiling, that produce legal or similarly significant effects.

11. California Residents (CCPA)

The California Consumer Privacy Act (CCPA) does not currently apply to Aumnia — we do not meet the applicable annual revenue or data processing thresholds. We do not sell your personal information to third parties. For any privacy enquiries, contact us at info@aumnia.io.

12. Changes to This Policy

We may update this Privacy Policy periodically. When we do, we will update the date at the top of this document. For significant changes, we will notify active clients by email.

13. Contact

For any questions regarding this Privacy Policy or the processing of your personal data, please contact us:

Aumnia
Email: info@aumnia.io
Phone: +351 910 537 658
Website: https://aumnia.io