Pipeline Media← Back to home

Privacy Policy

Effective Date: January 1, 2026 Last Updated: January 1, 2026

1. Introduction

This Privacy Policy describes how ONELIFE — Consultoria Marketing Digital Unipessoal Lda. ("Pipeline Media", "we", "us", "our") collects, uses, shares, and protects personal information when you:

  • Visit our website at usepipelinemedia.com
  • Request a free website preview
  • Become a client and use our services
  • Communicate with us via email, WhatsApp, phone, or social media

We are committed to protecting your privacy and complying with applicable data protection laws, including:

  • The General Data Protection Regulation (GDPR) in the European Union
  • The California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) in California, USA
  • Other applicable US state privacy laws (Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and others, as applicable)

If you are located in a jurisdiction with specific privacy rights, the section "Your Rights" describes what those rights mean for you.

2. Data Controller

The data controller responsible for your personal information is:

ONELIFE — Consultoria Marketing Digital Unipessoal Lda. Rua do Vimal, Montelavar 2715-712, Portugal NIPC: 516421212

For privacy-related inquiries, contact us at: geral@usepipelinemedia.com

We are not required to appoint a Data Protection Officer (DPO) under GDPR, but our designated privacy contact is the company itself.

3. What Personal Information We Collect

3.1 Information You Provide Directly

When you interact with us, we may collect:

  • Contact information: name, email, phone number, WhatsApp number, business name, industry
  • Business information: business type, current website (if any), business goals, project requirements
  • Communication content: emails, messages, chat conversations, call recordings (where applicable and disclosed)
  • Payment information: billing details (processed by our payment provider, not stored by us — see Section 4)
  • Identification information (for clients only): tax identification number, billing address (required for invoicing)

3.2 Information Collected Automatically

When you visit our website, we may collect:

  • Technical data: IP address, browser type, operating system, device type, screen resolution
  • Usage data: pages visited, time spent on pages, clicks, scroll depth, referral source
  • Cookies and similar technologies: see our Cookie Policy for details

3.3 Information from Third Parties

We may receive information about you from:

  • Social media platforms (if you contact us via Instagram, LinkedIn, Facebook)
  • Analytics services (Google Analytics, Meta Pixel, others — see Cookie Policy)
  • Payment processors (Stripe, others)
  • CRM tools we may use to manage client relationships

4. How We Use Your Personal Information

We use your personal information for the following purposes:

4.1 To Provide Our Services

  • Deliver the free preview you requested
  • Design, develop, and launch your website
  • Host and maintain your website
  • Provide ongoing support and updates
  • Process payments and manage billing

Legal basis (GDPR): Performance of a contract, or pre-contractual steps at your request.

4.2 To Communicate With You

  • Respond to inquiries and provide customer support
  • Send service-related communications (invoices, updates, important changes)
  • Send marketing communications (only if you opt in, or where permitted by law)

Legal basis (GDPR): Performance of a contract; legitimate interests; or your consent (for marketing).

4.3 To Improve Our Services

  • Analyze website usage to improve user experience
  • Develop new features and offerings
  • Conduct research and analytics

Legal basis (GDPR): Legitimate interests in improving our business.

4.4 To Comply With Legal Obligations

  • Maintain accounting records as required by Portuguese tax law (typically 10 years)
  • Respond to legal requests, court orders, or regulatory inquiries
  • Prevent fraud and abuse

Legal basis (GDPR): Legal obligation; legitimate interests.

4.5 To Protect Our Rights and Operations

  • Enforce our Terms of Service
  • Protect our security and prevent unauthorized access
  • Defend against legal claims

Legal basis (GDPR): Legitimate interests.

5. Who We Share Your Personal Information With

We do not sell your personal information. We share personal information only with:

5.1 Service Providers (Data Processors)

We use third-party services to operate our business. These providers process data on our behalf under written agreements that require them to protect your information:

  • Hosting providers: Lovable Cloud
  • Email and CRM: Google Workspace
  • Payment processing: Stripe
  • Analytics: None at this time
  • Communication: WhatsApp
  • Scheduling: Not used at this time

For services located outside the European Economic Area (EEA), we ensure appropriate safeguards (Standard Contractual Clauses, adequacy decisions, etc.) are in place.

5.2 Legal and Compliance

We may disclose information when required by law, court order, or to:

  • Comply with legal obligations (tax authorities, regulators)
  • Protect our rights, property, or safety
  • Respond to lawful requests by public authorities

5.3 Business Transfers

If Pipeline Media is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you and give you choices before your information becomes subject to a different privacy policy.

5.4 With Your Consent

We may share information with other parties when you give us explicit consent to do so (e.g., featuring your project in our portfolio).

6. International Data Transfers

Pipeline Media operates from Portugal (European Union). Some of our service providers may be located outside the EU/EEA, including in:

  • United States: providers like Google, Meta, Stripe (Standard Contractual Clauses + Data Privacy Framework certifications, where applicable)
  • Other jurisdictions: as needed for service delivery

For transfers outside the EEA, we rely on:

  • EU Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission
  • EU-US Data Privacy Framework (for certified US providers)

You may request a copy of the safeguards in place by contacting us.

7. How Long We Keep Your Personal Information

We retain personal information only as long as necessary for the purposes described in this Policy:

  • Inquiry/preview requests (no client relationship): up to 24 months after last contact
  • Active clients: throughout the engagement
  • Former clients: up to 10 years after termination (required for Portuguese tax and accounting compliance)
  • Marketing communications: until you unsubscribe or withdraw consent
  • Website analytics data: as specified by each analytics provider (typically 14 months to 26 months for Google Analytics)
  • Backups: data in backups is deleted on a rolling basis according to backup retention policies

After applicable retention periods, we delete or anonymize personal information.

8. Your Rights

8.1 Rights Under GDPR (EU/EEA Residents)

If you are in the European Union or European Economic Area, you have the right to:

  • Access: Request a copy of personal information we hold about you
  • Rectification: Request correction of inaccurate or incomplete data
  • Erasure ("right to be forgotten"): Request deletion of your data, subject to legal exceptions
  • Restriction: Request limitation of how we process your data
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests, including direct marketing
  • Withdraw consent: Where processing is based on consent, withdraw it at any time
  • Lodge a complaint: File a complaint with the Portuguese Data Protection Authority (CNPD) at www.cnpd.pt, or your local supervisory authority

8.2 Rights Under CCPA / CPRA (California Residents)

If you are a California resident, you have the right to:

  • Know: Request disclosure of personal information we collect, use, and share
  • Delete: Request deletion of your personal information
  • Correct: Request correction of inaccurate personal information
  • Opt out of sale or sharing: We do not sell your personal information. We may share personal information for "cross-context behavioral advertising" only if you have not opted out (see "Do Not Sell or Share My Personal Information" link in our footer or contact us)
  • Limit use of sensitive personal information: We do not use sensitive personal information for purposes other than providing our services
  • Non-discrimination: We will not discriminate against you for exercising your rights

You may also designate an authorized agent to make requests on your behalf, with proper verification.

8.3 Rights Under Other US State Laws

If you are a resident of Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, or other US states with comprehensive privacy laws, you have similar rights to access, delete, correct, and opt out of certain processing activities. Contact us at geral@usepipelinemedia.com to exercise these rights.

8.4 How to Exercise Your Rights

To exercise any of these rights, contact us at:

Email: geral@usepipelinemedia.com Subject line: "Privacy Rights Request"

We will respond within:

  • 30 days for GDPR requests (extendable by 60 days for complex requests)
  • 45 days for CCPA/CPRA requests (extendable by 45 days)
  • 45 days for most other US state requests

We may need to verify your identity before processing requests, especially for sensitive actions like deletion. There is no fee for exercising your rights, unless requests are excessive or repetitive.

9. Cookies and Tracking

Our website uses cookies and similar technologies for essential functionality, analytics, and (with your consent) marketing.

For full details, see our Cookie Policy.

You can manage cookie preferences via the cookie banner shown on first visit, or through your browser settings.

10. Security

We implement reasonable technical and organizational measures to protect personal information against unauthorized access, alteration, disclosure, or destruction, including:

  • Encryption in transit (HTTPS/TLS)
  • Encryption at rest where appropriate
  • Access controls and authentication
  • Regular security reviews
  • Service provider agreements requiring data protection standards

However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but commit to notifying affected individuals and authorities of any data breach as required by law.

11. Children's Privacy

Our services are not directed to individuals under the age of 16 (under GDPR) or under 13 (under COPPA in the US). We do not knowingly collect personal information from children. If we discover we have collected such information, we will delete it promptly.

If you believe a child has provided personal information, contact us at geral@usepipelinemedia.com.

12. Third-Party Links

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. Please review their privacy policies separately.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do:

  • We post the updated Policy with a new "Last Updated" date
  • For material changes, we notify affected users via email or through a prominent notice on our website
  • Continued use of our services after changes take effect constitutes acceptance

We encourage you to review this Policy periodically.

14. Contact Us

For privacy-related questions, requests, or complaints:

ONELIFE — Consultoria Marketing Digital Unipessoal Lda. Rua do Vimal, Montelavar 2715-712, Portugal Email: geral@usepipelinemedia.com Phone: +1 (available via WhatsApp)

For complaints to a supervisory authority:

  • Portugal: Comissão Nacional de Proteção de Dados (CNPD) — www.cnpd.pt
  • Other EU/EEA countries: Your local data protection authority
  • California: California Attorney General — oag.ca.gov/privacy

This Privacy Policy is provided in English (primary version). A Portuguese translation is available at /politica-de-privacidade. In case of conflict between versions, the English version prevails for international users, except where Portuguese or EU law specifically grants rights that require the Portuguese version to prevail.