Ler em Português: Política de Privacidade

Rentsy

Privacy Policy

Last updated: 19 May 2026

This Privacy Policy for EnduringRealm Lda ("we", "us", or "our"), operator of the Rentsy website, describes how and why we access, collect, store, use, and share ("process") your personal information when you use our services ("Services"), including when you:

Scope of this policy. This policy applies to processing carried out in connection with our website and initial enquiries. If you become a client of EnduringRealm Lda under a services agreement, additional and more detailed processing terms apply under the "Proteção de Dados Pessoais" section of that agreement, which governs processing related to identity verification, financial transactions, and contractual administration.

If you do not agree with our policies and practices, please do not use our Services. For any privacy-related questions, contact us at dpo@rentsy.pt.


Summary of Key Points

TopicSummary
What we collectNames, email addresses, phone numbers, and the contents of your messages when you contact us. Technical data (IP address, submission metadata) when you submit a form.
Sensitive dataNot through the website. Identity documents and financial data are processed only under separate client services agreements.
Third-party sourcesWe do not obtain personal information about you from external sources or data brokers.
Why we processTo respond to enquiries, provide information about our Services, comply with legal obligations, and protect our legitimate interests.
With whom we shareA limited set of service providers acting on our behalf as processors. We do not sell your information.
International transfersYes — some processors are based outside the EEA. Safeguards are in place.
Your rightsAccess, rectification, erasure, restriction, portability, objection, withdrawal of consent, and the right to lodge a complaint with the CNPD.
How to exercise rightsEmail dpo@rentsy.pt. We respond within one month.

For full details, read the complete notice below.


Table of Contents

  1. What information do we collect?
  2. How do we process your information?
  3. What legal bases do we rely on?
  4. When and with whom do we share your information?
  5. International data transfers
  6. How long do we keep your information?
  7. How do we keep your information safe?
  8. Do we collect information from minors?
  9. What are your privacy rights?
  10. Controls for Do-Not-Track features
  11. Do we make updates to this policy?
  12. How can you contact us?

1. What Information Do We Collect?

In short: We collect the personal information you provide to us through our website forms and any communications you initiate, plus limited technical information necessary for the website to function.

Information You Provide

When you submit a form on our website or contact us, we collect:

Technical Information Collected Automatically

When you submit a form, our forms provider (Formspree) automatically records your IP address and basic technical metadata about the submission (such as the time of submission) for spam prevention and abuse detection.

Our website serves fonts from Google Fonts. When your browser loads a font, Google may receive your IP address and basic request data as part of standard HTTP communications.

Sensitive Information

We do not process sensitive or special-category personal data through the website. Identity documents, tax identification numbers (NIF), and financial data such as IBANs are processed only after a services agreement is signed, under the terms set out in the "Proteção de Dados Pessoais" section of that agreement.

Information From Third Parties

We do not obtain personal information about you from external sources, enrichment tools, or data brokers.

You must ensure the personal information you provide is accurate, and notify us of any changes by contacting dpo@rentsy.pt.


2. How Do We Process Your Information?

In short: We process your information to respond to your enquiries, to provide information about our Services, to comply with the law, and to protect our legitimate interests.

We process personal information for the following purposes:


In short: We process your personal information only when we have a valid legal basis under Article 6 of the GDPR.

The legal bases we rely on are:

You may withdraw your consent at any time by contacting dpo@rentsy.pt. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.


4. When and With Whom Do We Share Your Information?

In short: We share information only with a limited number of service providers acting on our behalf. We do not sell your information.

We share personal information with the following categories of processors and service providers, each of which is bound by a Data Processing Agreement or equivalent contractual safeguards:

ProviderRoleLocation
Netlify, Inc.Website hosting; processes server logs including IP addressesUnited States
Formspree, Inc.Form submission handling; receives form data, IP address, and technical metadataUnited States
Google LLC (Google Fonts)Font delivery; may receive IP address during font requestsUnited States
Infomaniak Network SAEmail hosting; stores correspondence sent to and from our email addressesSwitzerland

We may also share personal information:


5. International Data Transfers

In short: Some of our service providers are located outside the European Economic Area (EEA). We rely on appropriate safeguards for these transfers.

You may request a copy of the safeguards applied to these transfers by contacting dpo@rentsy.pt.


6. How Long Do We Keep Your Information?

In short: Only as long as needed to fulfil the purposes set out in this policy, or as required by law.

When information is no longer needed and no legal obligation requires retention, we delete or anonymise it. Where deletion is not immediately possible (for example, due to backups), we isolate the data from further processing until deletion is possible.


7. How Do We Keep Your Information Safe?

In short: We use reasonable technical and organisational measures to protect your information.

These measures include access controls, encryption in transit (HTTPS), and the use of reputable service providers with their own security commitments. However, no system can be guaranteed 100% secure, and you should transmit information through our Services with this in mind.

In the event of a personal data breach, we will notify the Comissão Nacional de Proteção de Dados (CNPD) within 72 hours of becoming aware of it. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay.


8. Do We Collect Information From Minors?

In short: We do not knowingly collect data from individuals under 18 years of age.

Our Services are intended for adults. If we become aware that we have collected data from an individual under 18 without parental consent, we will delete it promptly. If you believe we may have collected such data, contact dpo@rentsy.pt.


9. What Are Your Privacy Rights?

In short: Under the GDPR, you have specific rights regarding your personal information.

You have the right to:

How to Exercise These Rights

Email dpo@rentsy.pt. We will respond within one month of receiving your request. Where the request is complex or numerous, we may extend this period by up to two further months, in which case we will inform you within the first month and explain the reasons.

Exercising these rights is free of charge, unless the request is manifestly unfounded or excessive.

Right to Lodge a Complaint

If you believe we have processed your personal data unlawfully, you have the right to lodge a complaint with the Portuguese supervisory authority:

Comissão Nacional de Proteção de Dados (CNPD)

Av. D. Carlos I, 134, 1.º
1200-651 Lisboa, Portugal

Email: geral@cnpd.pt

Website: www.cnpd.pt


10. Controls for Do-Not-Track Features

Most web browsers include a Do-Not-Track ("DNT") setting. No uniform technology standard for recognising DNT signals has been finalised. As we do not use tracking or analytics on our website, DNT signals are not relevant to our current processing. If we introduce tracking technologies in the future, we will update this policy accordingly.


11. Do We Make Updates to This Policy?

In short: Yes, when needed to remain compliant or to reflect changes in our processing.

The updated version will be indicated by an updated date at the top of this policy. If we make material changes, we will notify you by prominently posting a notice or by direct communication where appropriate. We encourage you to review this policy periodically.


12. How Can You Contact Us?

For any questions about this policy or your personal data:

EnduringRealm Lda

Rua Dona Estefânia 135, 3.º Dto
1000-153 Lisboa, Portugal

Email: dpo@rentsy.pt

To request access to, correction of, or deletion of your personal data, email dpo@rentsy.pt. We will respond within one month.