Privacy Policy

Last updated: January 12, 2026

Frame The Plan is committed to protecting the personal data of its clients, employees, and partners, ensuring respect for fundamental privacy principles and complying with applicable legal standards, specifically Regulation (EU) 2016/679 – the General Data Protection Regulation (GDPR).

Frame The Plan ensures that personal data is collected and processed in a lawful, fair, and transparent manner, exclusively for specified, explicit, and legitimate purposes.

1. Use of Personal Data

Frame The Plan uses the personal data of its Clients and/or Potential Clients within the scope of its planning, project management, and associated service activities. The data collected is used, namely, for:

  • Preparation and delivery of quotes and commercial proposals;
  • Conclusion and execution of service provision contracts;
  • Administrative management, invoicing, and project monitoring;
  • Compliance with legal, tax, and regulatory obligations;
  • Direct communication regarding services, updates, or information relevant to the client.

2. Data Controller

The personal data collected is processed by:

  • Entity: Frame The Plan
  • Responsible Person: Sara Monteiro
  • Phone: (+351) 969 271 213 (Call to national mobile network)
  • Email: s.monteiro@frametheplan.pt

Frame The Plan is the entity responsible for the processing of personal data, from its collection to its final deletion.

3. Purposes and Legal Basis for Processing

Personal data is processed only when there is a valid legal basis, including:

  • Performance of a contract or pre-contractual measures (e.g., quote requests);
  • Compliance with legal obligations (e.g., tax reporting to the Tax Authority);
  • Legitimate interest of the company for service improvement and client relationship management;
  • Consent of the data subject (where applicable, such as for marketing communications).

Frame The Plan does not share personal data with third parties, except when strictly necessary to fulfill the indicated purposes or legal obligations.

4. Security Measures

Frame The Plan adopts appropriate technical and organizational measures to ensure the security, integrity, and confidentiality of data, preventing loss, alteration, or unauthorized access.

  • Implementation of security protocols (SSL) on the website;
  • Restricted access to data only by authorized personnel;
  • Storage in secure and monitored systems.

5. Data Retention Period

Personal data is kept only for the period necessary to fulfill the purposes for which it was collected, respecting legal and contractual retention periods (such as the 10-year requirement for accounting and tax documents in Portugal). For website contact forms, data will be kept for the time necessary to respond to the user’s request.

6. Rights of Data Subjects

Under the GDPR, data subjects may, at any time, exercise the following rights:

  1. Access: The right to know what data is being processed;
  2. Rectification: The right to update incorrect or incomplete data;
  3. Erasure: The right to be “forgotten,” provided there are no overriding legal obligations;
  4. Limitation and Objection: The right to contest how data is used;
  5. Portability: The right to receive data in a structured, commonly used format.

To exercise these rights, please contact us via email at: s.monteiro@frametheplan.pt.

7. Right to Lodge a Complaint

If you believe your personal data is not being processed in accordance with applicable legislation, you have the right to lodge a complaint with the national supervisory authority: CNPD – Comissão Nacional de Proteção de Dados Rua de São Bento, n.º 148, 3.º, 1200-821 Lisboa, Portugal Web: www.cnpd.pt