EasyFin

Privacy Policy

Last updated: 06 February 2026

EasyFin.pt — Company Data Platform

Last updated: February 2026

1. Data Controller

The data controller responsible for processing your personal data is:

Bezkonechnost II, Lda Madeira Free Trade Zone Rua do Sabão, N.º 65/67, Room 3-B 9000-056 Funchal, Portugal Tax ID (NIF): PT517644827 Privacy inquiries email: go@easyfin.pt

2. Scope and Application

This Privacy Policy applies to all personal data collected through the EasyFin.pt platform, including the website, applications, and any associated services.

Bezkonechnost II, Lda is committed to protecting the privacy of its users in compliance with the General Data Protection Regulation (GDPR – EU Regulation 2016/679) and Portuguese Law No. 58/2019 of August 8.

3. Personal Data Collected

3.1. Data Provided by the User

  • Identification data: name, tax ID, fiscal address, email, phone number;
  • Authentication data: access credentials (email and encrypted password);
  • Business data: information about commercial activity, customers, suppliers, and financial transactions;
  • Billing data: information necessary for invoice issuance and payment processing.

3.2. Automatically Collected Data

  • Browsing data: IP address, browser type, operating system, pages visited;
  • Usage data: features used, session duration, platform interactions;
  • Cookies and similar technologies: as described in the specific section below.

3.3. Data Obtained Through Integrations

When the User authorizes integration with third-party software (e.g., TocOnline), the platform may access billing data, including information about issued invoices, customers, and amounts.

4. Purposes of Processing

Personal data is processed for the following purposes:

  1. Contract performance: account creation and management, provision of contracted services, customer support;
  2. Legal obligations: billing, tax obligations, fraud prevention;
  3. Legitimate interests: service improvement, usage analysis, platform security;
  4. Consent: sending marketing communications, newsletters (when expressly authorized).

5. Legal Basis for Processing

The processing of personal data is based on the following legal grounds:

  • Article 6(1)(b) GDPR: performance of a contract to which the data subject is party;
  • Article 6(1)(c) GDPR: compliance with legal obligations;
  • Article 6(1)(f) GDPR: legitimate interests of the data controller;
  • Article 6(1)(a) GDPR: data subject’s consent for specific purposes.

6. Data Sharing with Third Parties

Personal data may be shared with the following categories of recipients:

  • Service providers: hosting companies (cloud), payment processors, email service providers;
  • Integration partners: billing software (TocOnline) upon express User authorization;
  • Public authorities: when legally required (e.g., Tax Authority, courts).

All service providers are bound by confidentiality and data processing agreements in compliance with GDPR.

7. International Data Transfers

Data is preferably stored and processed within the European Union. Should any transfer to third countries be necessary, appropriate legal mechanisms will be adopted, including:

  • European Commission adequacy decisions;
  • EU-approved Standard Contractual Clauses;
  • Binding Corporate Rules.

8. Data Retention Period

Personal data is retained for the following periods:

  • Account data: during the account’s validity and up to 30 days after closure;
  • Billing data: 10 years after the end of the fiscal year (legal obligation);
  • Browsing data: maximum of 12 months;
  • Marketing data: until consent is withdrawn.

9. Data Subject Rights

Under the GDPR, the User has the following rights:

  • Right of access: obtain confirmation and access to your personal data;
  • Right to rectification: correct inaccurate or incomplete data;
  • Right to erasure: request deletion of data (“right to be forgotten”);
  • Right to restriction: restrict processing under certain circumstances;
  • Right to data portability: receive data in a structured, machine-readable format;
  • Right to object: object to processing for direct marketing or legitimate interest purposes;
  • Right to withdraw consent: at any time, without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at geral@rudokvas.pt. We will respond within a maximum of 30 days.

10. Cookie Policy

The platform uses cookies and similar technologies for:

  • Essential cookies: necessary for platform operation (authentication, session);
  • Preference cookies: store user settings (language, theme);
  • Analytics cookies: usage analysis for service improvement;
  • Marketing cookies: only with express user consent.

Users can manage cookie preferences through the banner displayed on first access or through browser settings. Disabling essential cookies may affect platform functionality.

11. Security Measures

Bezkonechnost II, Lda implements technical and organizational measures to protect personal data:

  • Encryption of data in transit (TLS/SSL) and at rest;
  • Secure authentication with encrypted passwords (bcrypt/Argon2);
  • Role-based access control;
  • Monitoring and intrusion detection;
  • Regular backups and disaster recovery plan;
  • Periodic security audits.

12. Personal Data Breaches

In the event of a personal data breach that may result in a risk to the rights and freedoms of data subjects, Bezkonechnost II, Lda will notify the Portuguese Data Protection Authority (CNPD) within 72 hours and, where applicable, communicate to affected data subjects.

13. Children’s Data

The EasyFin.pt platform is intended exclusively for users aged 18 or older. We do not intentionally collect data from minors. If you become aware that a minor has provided personal data, please contact us so we can proceed with its deletion.

14. Changes to the Privacy Policy

This policy may be updated periodically. Significant changes will be communicated through the platform or by email with a minimum of 30 days’ notice. The date of the last update is indicated at the beginning of this document.

15. Right to Lodge a Complaint

Without prejudice to any other administrative or judicial remedy, the User has the right to lodge a complaint with the competent supervisory authority:

Portuguese Data Protection Authority (CNPD) Rua de São Bento, n.º 148-3.º 1200-821 Lisbon, Portugal Phone: +351 213 928 400 Website: www.cnpd.pt

16. Contact Information

For any questions regarding the protection of your personal data, please contact us:

Email: go@easyfin.pt

Phone: +351 968 793 794

Address: Rua do Sabão, N.º 65/67, Room 3-B, 9000-056 Funchal, Portugal

© 2026 Bezkonechnost II, Lda — All rights reserved