Privacy Policy

This Privacy Policy governs the processing of personal data collected through the website www.visitarazores.com (the “Website”), in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR), and Portuguese Law no. 58/2019 of 8 August, which ensures the implementation of the GDPR in Portugal.

1. Data controller

Nexus Atlantico Gestao, Lda.
NIPC: 519 393 929
Registered office: Rua das Machadas, 17, 9630-194 Nordeste, Sao Miguel, Azores, Portugal
Email: admin@nexusatlantico.pt

2. Data collected and purposes of processing

This Website is an informational travel guide. It does not offer user registration. Personal data is collected only when the user uses the contact form or writes directly by email, in addition to the technical data described below.

  • Browsing data and technical cookies: the server automatically records technical information such as IP address, browser type, pages visited and visit duration, exclusively for statistical and security purposes. This information does not identify the user individually.
  • Analytics cookies (Google Analytics): if accepted by the user, aggregated browsing data is collected to improve the Website content. Please see our Cookie Policy for more information.
  • Contact form and email: when you use the form or write to admin@nexusatlantico.pt, we process your name, email address, subject and message content solely to manage and respond to your request.

3. Legal basis for processing

  • Technical and security cookies: legitimate interest of the controller (Article 6.1.f GDPR).
  • Analytics cookies: user consent (Article 6.1.a GDPR), provided through the cookie banner.
  • Contact form and email communications: user consent and, where applicable, pre-contractual measures requested by the user (Articles 6.1.a and 6.1.b GDPR).

4. Retention period

Data sent through the form or by email will be kept for the time strictly necessary to manage the request and, afterwards, for the legally required period to address any potential liabilities. Cookies have the expiry periods indicated in the Cookie Policy.

5. Data recipients

Your data will not be transferred to third parties except where legally required or where technically necessary through service providers acting as processors, such as web hosting providers or Google Analytics. These providers are subject to GDPR obligations and may not use the data for their own purposes.

6. International transfers

Google Analytics involves data transfers to the United States. Google LLC is certified under the EU-U.S. Data Privacy Framework, adopted by the European Commission in July 2023, which ensures an adequate level of protection. More information is available in Google’s Privacy Policy.

7. Rights of data subjects

Under the GDPR, any person may exercise the following rights regarding their personal data at any time: access, rectification, erasure, restriction of processing, objection, portability and withdrawal of consent.

To exercise any of these rights, please contact us in writing at admin@nexusatlantico.pt, indicating your full name and, where appropriate, a copy of your identification document. We will respond within a maximum period of 30 days.

If you believe your rights have not been properly addressed, you have the right to lodge a complaint with the competent supervisory authority in Portugal: Comissão Nacional de Proteção de Dados (CNPD), Rua de São Bento, 148-3.º, 1200-821 Lisboa, Portugal. Tel.: +351 213 928 400. Web: www.cnpd.pt.

8. Affiliate links notice

Some articles on this Website may contain affiliate links to booking platforms such as Booking.com, Viator, GetYourGuide or others. If you make a booking or purchase through those links, we may receive a commission at no additional cost to you.

Affiliate links are identified as such in the content where they appear. The existence of an affiliate relationship does not influence the selection or assessment of recommended services.

9. Minors

The Website does not intentionally collect data from children under 16. If you become aware that a minor has provided us with personal data without authorization from their legal representatives, please notify us so that we can delete it.

10. Security

We adopt appropriate technical and organizational measures to protect personal data against unauthorized access, loss, destruction or accidental disclosure, including HTTPS protocol, access control and regular system security updates.

11. Changes to this Privacy Policy

This Privacy Policy may be updated due to legislative changes or changes in the operation of the Website. The date of the latest update appears at the end of this document.

Last updated: June 2026