Legal

Privacy Policy

Last updated: May 2026

1. Introduction

LoungeFlow, operated by Tectron Lda, is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store and protect your personal data when you visit our website, use our services, or interact with us in any way.

This policy applies to all personal data processed through our website (loungeflow.org), our contact forms, email communications, and any services we provide in connection with our micro-rest pod services in Portugal.

By using our website or submitting your personal data to us, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this policy, please do not use our website or services.

2. Data Controller

The data controller responsible for your personal data is:

Tectron Lda
Lisbon, Portugal
Email: loungeflow@outlook.com

As the data controller, Tectron Lda determines the purposes and means of processing your personal data and is responsible for ensuring that such processing complies with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the Portuguese Data Protection Act (Lei n.o 58/2019).

3. Information We Collect

We may collect and process the following categories of personal data:

  • Identity data: first name, last name, job title, and company or organisation name, provided when you fill in our contact form or correspond with us.
  • Contact data: email address, telephone number, and postal address, submitted through our contact form or during business communications.
  • Technical data: internet protocol (IP) address, browser type and version, operating system, time zone setting, browser plug-in types and versions, and other technology identifiers on the devices you use to access our website.
  • Usage data: information about how you use our website, including the pages you visit, the time spent on each page, the links you click, and the date and time of your visit.
  • Communication data: any information included in correspondence you send to us, whether via our contact form, email, or other channels, including the content of your messages and any attachments.
  • Marketing and preference data: your preferences regarding receiving communications from us and your communication preferences.

We do not collect any special categories of personal data (such as data revealing racial or ethnic origin, political opinions, religious beliefs, health data, or biometric data).

4. How We Collect Your Data

We collect personal data through the following methods:

  • Direct interactions: when you fill in our contact form, send us an email, request information about our services, or engage in business discussions with us.
  • Automated technologies: as you navigate our website, we may automatically collect technical and usage data through cookies, server logs, and similar technologies.
  • Third parties: we may receive personal data from analytics providers (such as Google Analytics), advertising networks, and search information providers.
  • Business referrals: we may receive your contact details from business partners, airport operators, or industry contacts who refer you to us.

5. How We Use Your Data

We use your personal data for the following purposes, each supported by a lawful basis under the GDPR:

  • To respond to your enquiries: when you contact us through our website or email, we process your data to reply to your questions and provide the information you have requested. (Legal basis: legitimate interest / performance of a contract)
  • To provide our services: if you enter into a business relationship with us, we process your data to fulfil our contractual obligations. (Legal basis: performance of a contract)
  • To improve our website: we analyse usage data to understand how visitors interact with our website, identify areas for improvement, and enhance user experience. (Legal basis: legitimate interest)
  • To send relevant communications: with your consent, we may send you information about our services, industry developments, and partnership opportunities. (Legal basis: consent)
  • To comply with legal obligations: we may process your data to comply with applicable laws, regulations, and legal proceedings. (Legal basis: legal obligation)
  • To protect our interests: we may process data to protect our rights, property, or safety, or those of our clients and partners. (Legal basis: legitimate interest)

6. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data to any third party for their marketing purposes. We may share your data in the following limited circumstances:

  • Service providers: we may share data with trusted third-party service providers who assist us in operating our website, conducting our business, or servicing you, provided they agree to keep this information confidential. These may include web hosting providers, email service providers, and analytics tools.
  • Business partners: in the course of providing our services, we may share relevant business contact information with technology suppliers, where necessary to fulfil service agreements.
  • Legal requirements: we may disclose your data if required to do so by law, court order, or governmental regulation, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
  • Business transfers: in the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity, subject to the same privacy commitments.

7. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA), particularly in connection with our technology suppliers in Finland (an EEA country) and any third-party service providers located outside the EEA.

Where we transfer data outside the EEA, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, or transfers to countries that have been deemed to provide an adequate level of data protection.

8. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements. Specifically:

  • Contact form submissions: retained for up to 24 months after the last interaction, unless an ongoing business relationship exists.
  • Business client data: retained for the duration of the business relationship and for up to 5 years thereafter, as required by Portuguese commercial law.
  • Website usage data: anonymised and aggregated data may be retained indefinitely for analytical purposes.
  • Marketing consent records: retained for as long as you remain subscribed, plus 12 months after unsubscription for record-keeping purposes.

9. Data Security

We have implemented appropriate technical and organisational security measures to protect your personal data against accidental loss, unauthorised access, alteration, or disclosure. These measures include:

  • Encryption of data in transit using SSL/TLS technology
  • Secure storage of data on protected servers
  • Access controls limiting data access to authorised personnel only
  • Regular security assessments and updates
  • Employee training on data protection and security best practices

While we strive to protect your personal data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to maintaining industry-standard protections.

10. Your Rights Under the GDPR

Under the General Data Protection Regulation, you have the following rights regarding your personal data:

  • Right of access: you have the right to request a copy of the personal data we hold about you, along with information about how we process it.
  • Right to rectification: you have the right to request correction of any inaccurate or incomplete personal data we hold about you.
  • Right to erasure: you have the right to request deletion of your personal data where there is no compelling reason for its continued processing.
  • Right to restrict processing: you have the right to request that we limit the processing of your personal data in certain circumstances.
  • Right to data portability: you have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
  • Right to object: you have the right to object to the processing of your personal data where we are relying on a legitimate interest as the legal basis.
  • Right to withdraw consent: where we rely on your consent to process personal data, you have the right to withdraw that consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.

To exercise any of these rights, please contact us at loungeflow@outlook.com. We will respond to your request within 30 days. You also have the right to lodge a complaint with the Portuguese Data Protection Authority (Comissao Nacional de Proteccao de Dados - CNPD) if you believe your rights have been violated.

11. Cookies and Tracking Technologies

Our website may use cookies and similar tracking technologies to enhance your browsing experience. Cookies are small text files stored on your device that help us understand how visitors interact with our website.

We may use the following types of cookies:

  • Essential cookies: necessary for the website to function properly. These cannot be disabled without affecting site functionality.
  • Analytics cookies: help us understand how visitors use our website by collecting anonymous statistical information. We may use Google Analytics or similar tools for this purpose.
  • Preference cookies: allow the website to remember choices you make (such as language preferences) and provide enhanced, personalised features.

You can manage your cookie preferences through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. Please note that disabling cookies may affect the functionality of our website.

12. Links to Third-Party Websites

Our website may contain links to external websites operated by third parties. We have no control over the content or privacy practices of these websites and accept no responsibility for them. We encourage you to review the privacy policies of any third-party websites you visit.

13. Children's Privacy

Our website and services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal data from a child under 16, we will take steps to delete such data promptly.

14. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy at any time to reflect changes in our practices, legal requirements, or operational needs. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this page periodically to stay informed about how we protect your personal data.

If we make material changes to this policy that significantly affect how we process your personal data, we will make reasonable efforts to notify you, such as by posting a prominent notice on our website.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please do not hesitate to contact us:

Tectron Lda (operating as LoungeFlow)
Lisbon, Portugal
Email: loungeflow@outlook.com

We are committed to resolving any concerns you may have about our data processing practices and will make every effort to address your enquiry promptly and thoroughly.