Privacy Policy of DIG-IN

Controller: ZMTEUROPE, S.A.
Address: Av. 24 de Julho, 102E, 1200-870 Lisbon, Portugal
Email: geral@dig-in.io

This Privacy Policy applies exclusively to:
• Visitors to the DIG-IN website
• Individuals who interact with the website (e.g. browsing, analytics, cookies, advertising)

This Policy does not govern:
• Client, partner, or platform data processed under commercial agreements
• Restaurant, venue, or market intelligence data processed by DIG-IN on behalf of clients

Such processing is regulated by separate Data Processing Agreements (DPAs) and contractual terms.

Depending on usage, DIG-IN may process the following categories of Personal Data:
• Usage Data (e.g. pages visited, session duration, interactions)
• Technical Data (e.g. IP address, device type, browser, operating system)
• Online Identifiers and Trackers (e.g. cookies, pixels, tags)
• Advertising Data (e.g. conversion events, interests, aggregated demographic signals)

DIG-IN does not intentionally collect special categories of Personal Data under Article 9 GDPR.

4.1 Website Analytics and Statistical Analysis
Services: Google Analytics 4, Meta Events Manager
Legal Basis: Consent (Article 6(1)(a) GDPR) / Legitimate interest (Article 6(1)(f)) for aggregated or anonymised data

4.2 Traffic Distribution, Security, and Performance
Service: Cloudflare
Legal Basis: Legitimate interest (Article 6(1)(f) GDPR)

4.3 Display of External Content
Services: Google Maps, Google Fonts, Font Awesome
Legal Basis: Consent (Article 6(1)(a) GDPR)

4.4 Tag Management
Services: Google Tag Manager, Google Publisher Tag
Legal Basis: Consent

4.5 Advertising and Conversion Measurement
Services: Meta Ads Conversion Tracking (Meta Pixel), AXIS, Microsoft Advertising
Legal Basis: Consent

DIG-IN does not carry out automated decision-making with legal or similarly significant effects under Article 22 GDPR.

DIG-IN uses cookies and similar technologies.

Users may manage preferences or withdraw consent at any time via the Cookie Policy available on the website.

Personal Data is retained only for as long as necessary for the stated purposes:
• Analytics and advertising data: retained according to tool configurations or until consent is withdrawn
• Technical and security data: retained for limited, proportionate periods

Where possible, data is anonymised or aggregated.

Some service providers may process data outside the European Economic Area (EEA), including the United States.

DIG-IN ensures appropriate safeguards, including:
• Adequacy decisions of the European Commission
• Standard Contractual Clauses (SCCs) under Article 46 GDPR

DIG-IN applies appropriate technical and organisational security measures, including:
• Secure hosting infrastructure
• Access control and least-privilege principles
• Supplier assessment and contractual safeguards

Users have the right to:
• Access their Personal Data
• Rectify inaccurate data
• Request erasure
• Restrict processing
• Object to processing
• Withdraw consent at any time
• Request data portability
• Lodge a complaint with the Portuguese Data Protection Authority (CNPD)

CNPD: https://www.cnpd.pt
Contact: geral@dig-in.io

DIG-IN may update this Privacy Policy at any time.

The current version will always be available on this page.