Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your information.

Last Updated: January 1, 2025

1. Introduction

ePlusTech ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our ePlusTech Kiosk services, website, and related applications.

Please read this privacy policy carefully. By accessing or using our services, you acknowledge that you have read, understood, and agree to be bound by all the terms outlined in this Privacy Policy.

2. Information We Collect

We collect several types of information in connection with our services:

Personal Information

When you use our kiosk services, we may collect:

  • Identification Data: Full name, date of birth, nationality
  • Contact Information: Email address, phone number
  • Travel Documentation: Passport/ID numbers, visa information, travel dates
  • Accommodation Details: Property name, address, booking information

Automatically Collected Information

  • Device Information: IP address, browser type, operating system
  • Usage Data: Interaction with kiosk, time stamps, features used
  • Location Data: General location data (country/city level)

Biometric and Document Data

In accordance with legal requirements for hospitality sector compliance:

  • Machine Readable Zone (MRZ) data from passports/IDs
  • Document images (for verification purposes only)
  • Biometric data when required for verification (processed locally where possible)

3. How We Use Your Information

We use the collected information for the following purposes:

  • Legal Compliance: To fulfill legal obligations for tourist registration with authorities (AIMA/SEF, INE, Police) as required by Portuguese law
  • Service Provision: To provide, maintain, and improve our kiosk services
  • Verification: To verify guest identities and prevent fraud
  • Communication: To send important service notifications and updates
  • Support: To provide customer support and respond to inquiries
  • Analytics: To analyze usage patterns and improve our services
  • Security: To protect against unauthorized access and maintain system integrity

Legal Basis for Processing

We process your personal data based on:

  • Legal Obligation: Compliance with Portuguese laws requiring tourist registration (Law No. 23/2007, Law No. 62/2017)
  • Contractual Necessity: To provide the services you request
  • Legitimate Interests: To improve our services and prevent fraud
  • Consent: For specific purposes where required by law

4. Data Sharing and Disclosure

We may share your information in the following circumstances:

  • With Authorities: Required information is shared with Portuguese authorities (AIMA/SEF, INE, Police) as mandated by law
  • With Accommodation Providers: Your registration data is shared with the property where you are staying
  • Service Providers: With trusted third-party providers who assist in operating our services (data processors)
  • Legal Requirements: When required by law, court order, or governmental authority
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

We do NOT sell your personal data to third parties.

5. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy:

  • Guest Registration Data: Minimum of 3 years as required by Portuguese tourism regulations
  • Accommodation Account Data: For the duration of the business relationship plus 3 years
  • Backup Data: Up to 1 year in secure backup systems
  • Anonymized Data: Indefinitely for statistical purposes

After the retention period, data is securely deleted or anonymized.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • Encryption: Data in transit and at rest using industry-standard encryption
  • Access Controls: Strict access controls and authentication mechanisms
  • Regular Audits: Security assessments and vulnerability testing
  • Employee Training: Privacy and security awareness training for all staff
  • GDPR Compliance: Adherence to General Data Protection Regulation requirements

7. Your Rights

Under GDPR and Portuguese data protection laws, you have the following rights:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data (subject to legal requirements)
  • Right to Restriction: Limit processing of your data
  • Right to Data Portability: Receive your data in a structured format
  • Right to Object: Object to certain processing activities
  • Right to Withdraw Consent: Withdraw consent where processing is based on consent

How to Exercise Your Rights

To exercise your rights, contact our Data Protection Officer using the contact information below. We will respond within 30 days as required by law.

8. International Data Transfers

Your data is primarily processed within the European Economic Area (EEA). When transfers outside the EEA occur, we ensure adequate protection through:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions for the recipient country
  • Other appropriate safeguards as required by GDPR

9. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Remember your preferences and settings
  • Analyze site traffic and usage patterns
  • Improve user experience
  • Provide personalized content

You can control cookies through your browser settings. However, disabling cookies may affect functionality.

10. Children's Privacy

Our services are not directed to children under 16. However, we do collect data for minors as required by law for tourist registration purposes. This data is collected with parental/guardian consent or through accommodation providers who have obtained necessary consent.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by:

  • Posting the updated policy on our website
  • Sending email notifications to registered users
  • Displaying notices within our application

The "Last Updated" date at the top indicates when revisions were made.

12. Contact Information

If you have questions about this Privacy Policy or our data practices:

Data Protection Officer

Data Protection Officer

Email: dpo@eplustech.eu

Address: Rua de Miragaia 179, 4050-388 Porto, Portugal

General Inquiries: info@eplustech.eu

For complaints about our data handling, you have the right to contact the Portuguese Data Protection Authority (CNPD):

Comissão Nacional de Proteção de Dados
Rua de São Bento, 148-3°
1200-821 Lisboa, Portugal
Telephone: +351 213 928 400
Email: geral@cnpd.pt

Back to Home