GoRetire

Privacy Policy

Last updated: 9/18/2025

Introduction

We process personal data on your behalf as a data processor within the meaning of the GDPR. This policy outlines how we handle your data securely and transparently.

A. Types of Data Processed
  • Identity data: Name, date of birth, passport number.
  • Contact details: Email, phone number.
  • Financial and income verification: Bank statements, pension statements.
  • Legal documents: Power of attorney, rental agreements.
  • Sensitive data: Health records (only when strictly necessary and with special protective measures).
B. Purpose of Processing
  • Provision of the agreed services.
  • Communication with authorities and partners.
  • Documentation and archiving (legal retention obligations).
C. Legal Basis (GDPR)
  • Art. 6(1)(b): Performance of a contract.
  • Art. 6(1)(a): Consent (especially for disclosure to third parties such as lawyers).
  • Art. 49: Transfer of personal data to third countries (USA) only with appropriate safeguards and consent.
D. Data Disclosure

We provide a clear list of all partners (e.g., Portuguese lawyers, banks, insurers). We will also declare to which countries data is being transferred, and that disclosure is only made on the basis of a contract/consent.

E. Storage Period

Typically, data is retained for 6 years after completion for tax/legal reasons, after which it is securely deleted.

F. Security Measures
  • Encryption (TLS, AES-256).
  • Access only for authorized employees.
  • Logging of all data access.
G. Data Subject Rights
  • Information, correction, deletion, restriction.
  • Revocation of consent is possible at any time (may result in termination of service).