contact@summitrisk.eu +351 21 323 4500

Privacy Policy

Last updated on: January 9, 2026

1. Personal Data Administrator

The administrator of your personal data is Summit Risk Management Solutions, Lda., with its registered office at Praça do Comércio, 1100-148 Lisbon, Portugal. For any matters concerning data protection, you can contact us via email at privacy@summitrisk.eu.

2. Scope and purpose of data processing

We process your personal data for the following purposes:

  • Provision of services: To conclude and perform a contract for consulting services, including client communication, project management, and delivering reports. The legal basis is the necessity to perform a contract (Art. 6(1)(b) GDPR).
  • Payment processing: To issue invoices and process payments for our services. This is a legal obligation related to accounting and tax regulations (Art. 6(1)(c) GDPR).
  • Communication: To respond to your inquiries submitted via our contact form or email, based on our legitimate interest to provide excellent client service (Art. 6(1)(f) GDPR).
  • Analysis and statistics: To analyze website traffic and user behavior to improve our services, based on our legitimate interest in developing our business (Art. 6(1)(f) GDPR).

3. Your rights under GDPR

In relation to the processing of your personal data, you have the right to:

  1. Access your personal data
  2. Rectify (correct) your data
  3. Erase data (right to be forgotten)
  4. Restrict data processing
  5. Data portability
  6. Object to data processing
  7. Withdraw consent for data processing at any time
  8. Lodge a complaint with a supervisory authority (the CNPD in Portugal)

4. Cookies

Our website uses cookies to function correctly and to improve user experience. Cookies are small text files stored on your device.

  • Necessary cookies: These are essential for the website to operate, such as maintaining your session. They do not require your consent.
  • Analytical cookies: These help us understand how visitors use our site by collecting anonymous data. We use these cookies only with your explicit consent.

You can manage your cookie preferences at any time through your browser settings or our on-site cookie management tool.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or destruction. These measures include data encryption, secure servers, and access controls. We regularly review and update our security practices to ensure the highest level of protection.

6. Data Disclosure

We do not sell your personal data. We may share your data with trusted third-party service providers (e.g., accounting, IT hosting) only when necessary for our operations and under strict data processing agreements. Data may be transferred outside the EEA only if adequate safeguards are in place.