Data Privacy Policy

Last updated: 15th January 2026

Introduction

lambdatrixum S.A. ("we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website lambdatrixum.top or use our restaurant customer loyalty analytics services.

Data Controller Information

The data controller for your personal information is:

  • Company: lambdatrixum S.A.
  • Registration Number: 251436798
  • VAT Number: PT259685743
  • Address: Avenida da Liberdade 137, 1058-562 Lisbon, Portugal
  • Email: privacy@lambdatrixum.top
  • Phone: +351 214 043 272

Data Collection

We collect information that you provide directly to us and information that is automatically collected when you use our services. The data we collect may include:

  • Contact Information: Name, email address, phone number, company name, and postal address
  • Account Information: Username, password, and account preferences for our analytics platform
  • Business Information: Restaurant details, POS system information, and operational data for analytics purposes
  • Communication Data: Records of communications between you and lambdatrixum, including support enquiries
  • Technical Information: IP address, browser type, device information, and website usage patterns
  • Customer Analytics Data: Anonymised customer behaviour data processed through our analytics platform

How We Use Your Information

We use the collected information for various purposes, including how we use your data for business operations and service delivery:

  • Providing and maintaining our restaurant analytics services
  • Processing and fulfilling service requests and transactions
  • Communicating with you about our services, including support and updates
  • Improving our website and services based on your feedback and usage patterns
  • Ensuring the security and integrity of our systems and data
  • Complying with legal obligations and protecting our legitimate business interests
  • Developing new features and services for restaurant analytics

Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

  • Contract Performance: To provide our analytics services as agreed in our service contracts
  • Legitimate Interests: For business operations, service improvement, and security purposes
  • Consent: Where you have provided explicit consent for specific processing activities
  • Legal Obligation: To comply with applicable laws and regulations

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please refer to our Cookie Policy.

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

  • Service Providers: With trusted third-party service providers who assist in delivering our services
  • Legal Requirements: When required by law, regulation, or legal process
  • Business Protection: To protect our rights, property, or safety, or that of our clients
  • Business Transfers: In connection with a merger, acquisition, or sale of business assets

Data Retention

We retain your personal data for as long as necessary to fulfil the purposes outlined in this policy, unless a longer retention period is required by law. Specifically:

  • Account information is retained for the duration of your service contract plus 7 years for legal compliance
  • Analytics data is retained according to your service agreement, typically 3-5 years
  • Communication records are kept for 3 years for quality assurance and legal purposes
  • Website usage data is typically retained for 26 months in line with analytics platform standards

Your Rights

Under GDPR and applicable data protection laws, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data under certain circumstances
  • Right to Restrict Processing: Request limitation of processing in specific situations
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent: Withdraw consent for processing where consent is the legal basis

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication mechanisms
  • Staff training on data protection and security practices
  • Incident response procedures for data breaches

International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions by the European Commission.

Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date.

Contact Information

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us using the following information:

Supervisory Authority

You have the right to lodge a complaint with the Portuguese Data Protection Authority (Comissão Nacional de Proteção de Dados) if you believe we have not handled your personal data in accordance with applicable data protection laws.