Privacy Policy

Last updated: 15th January 2026

Introduction

mysticvector Lda. ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and protect your information when you visit our website at mysticvector.world or use our services. We are the data controller for the purposes of the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Controller Information

The data controller responsible for your personal data is mysticvector Lda., a company registered in Portugal with registration number 958127596. Our registered address is Rua da Prata 41, 4794-833 Braga, Portugal. You can contact us regarding any data protection matters at privacy@mysticvector.world or by phone at +351 251013184.

Data We Collect

The data we collect depends on how you interact with our website and services. We collect the following types of personal information:

  • Contact Information: Name, email address, phone number, company name, and postal address when you contact us or request our services.
  • Website Usage Data: IP address, browser type, device information, pages visited, time spent on pages, and referral sources through cookies and analytics tools.
  • Communication Data: Records of correspondence when you contact us via email, phone, or contact forms, including the content of your messages and our responses.
  • Marketing Data: Your preferences regarding marketing communications and your interactions with our marketing emails.
  • Technical Data: Browser settings, operating system, screen resolution, and other technical specifications for website optimisation purposes.

How We Use Your Information

We use of your data is based on legitimate legal grounds under GDPR. We use your personal information for the following purposes:

  • Service Provision: To provide conversion optimisation consultation services, respond to enquiries, and deliver the services you request from us.
  • Communication: To communicate with you about our services, respond to your questions, and provide customer support.
  • Website Improvement: To analyse website usage patterns, improve user experience, and optimise our website performance.
  • Marketing: To send you relevant information about our services, industry insights, and promotional materials (only with your consent).
  • Legal Compliance: To comply with legal obligations, resolve disputes, and enforce our agreements.
  • Business Operations: To manage our business operations, maintain records, and conduct internal analysis for business improvement.

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Consent: For marketing communications and non-essential cookies, we rely on your explicit consent.
  • Contract Performance: To fulfil our contractual obligations when providing services to you.
  • Legitimate Interests: For website analytics, security, and business operations where our interests do not override your privacy rights.
  • Legal Obligation: To comply with applicable laws and regulations.

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about the cookies we use, please refer to our Cookie Policy.

Data Sharing and Third Parties

We do not sell, trade, or rent your personal information to third parties. We may share your data in the following limited circumstances:

  • Service Providers: With trusted third-party service providers who assist us in operating our website and providing services (e.g., web hosting, email services, analytics providers).
  • Legal Requirements: When required by law, court order, or to protect our legal rights and interests.
  • Business Transfers: In the event of a merger, acquisition, or sale of our business assets.
  • Consent: With your explicit consent for any other purpose.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with legal requirements. Specifically, we retain contact and communication data for up to 7 years for business and legal compliance purposes, website analytics data for up to 26 months, and marketing data until you withdraw consent or for up to 3 years of inactivity. When data is no longer needed, we securely delete or anonymise it in accordance with our data retention policy.

Your Rights

Under GDPR and applicable data protection laws, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete personal data.
  • Right to Erasure: Request deletion of your personal data in certain circumstances.
  • Right to Restrict Processing: Request limitation of how we process your data.
  • Right to Data Portability: Request transfer of your data to another organisation.
  • Right to Object: Object to processing based on legitimate interests or for marketing purposes.
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, please contact us at privacy@mysticvector.world. We will respond to your request within one month of receipt.

Data Security

We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include secure data transmission, encrypted storage, access controls, regular security assessments, and staff training on data protection. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

International Data Transfers

As we are based in the European Union, your data is primarily processed within the EU. If we transfer your data outside the EU, we ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or certification schemes approved by the European Commission. We will inform you of any such transfers and the safeguards in place.

Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

mysticvector Lda.

Data Protection Officer

Rua da Prata 41, 4794-833 Braga, Portugal

Email: privacy@mysticvector.world

Phone: +351 251013184

Supervisory Authority

If you believe we have not handled your personal data in accordance with applicable data protection laws, you have the right to lodge a complaint with the relevant supervisory authority. In Portugal, this is the Comissão Nacional de Proteção de Dados (CNPD). You can contact them at www.cnpd.pt or by phone at +351 213 928 400.