Sguest - Welcoming Places For Welcoming People

Privacy policy


The protection of your privacy and your personal data is a permanent commitment for SparkGuest, Lda. (SGest).

The purpose of this Privacy Policy is to state the principles that guide SGest in the collection and processing of personal data provided, through the various channels available, as well as to clarify the exercise of the rights of its holders in this matter, in accordance with the Regulation General on the Protection of Personal Data (Regulation No. 2016/679 of the European Parliament and of the Council, of 27 April 2016) and with the Law nr 58/2019, 8th August, applicable in Portugal.

Definition of Personal Data

Personal data is any numerical, alphabetic, graphic, photographic, acoustic or any other information relating to a person (the data subject) that identifies or makes him identifiable, such as a name, an identification number, data location, identifiers electronically or to one or more specific elements of that person’s physical or social identity.

Controller for processing Personal Data

Sgest is the controller responsible for the collection and processing of personal data that it collects or is communicated by its users.

Sgest assumes that the data collected were provided by the respective owner, being the same true and exact, and that it was guaranteed permission when it was collected.

Personal Data Processing

Personal data are processed by SGest for the following purposes:

Pre-contractual arrangements, execution of contracts or management of the contractual or administrative relationship with the data subject;

Compliance with legal and regulatory obligations to which Sgest is subjected, pursuit of the legitimate interests of SGest other authorities with jurisdiction or reasons of major public interest, pursuant the applicable legislation;

The data subject can, at any time, withdraw his consent, without, however, such decision affecting the lawfulness of the previous processing.

In accordance with the regulation, SGest adopted the minimization principle, collecting only the data strictly necessary to achieve the objective pursued and defined for the interested individual persons, allowing them to exercise any right regarding this.

Personal Data received by other entities or controllers

We receive personal data provided by other entities, for contractual and business reasons.

In this context, SGest uses the same procedures for the protection of privacy and personal data transferred, while that data remains in the applications databases.

Transmission of Personal Data to third parties

Sgest may communicate personal data to third parties provided that for this purpose it has unequivocally obtained the consent of the data subjects, or even when:

Examples of data communication to third parties that we foresee, are the communication of data to recipients like public entities, such as the Tax and Customs Authority, SEF (foreigners and border services authority), the notification of case reports to the various authorities with jurisdiction in Portugal, the communications in which the communication of personal data constitutes a legal or contractual obligation, under penalty of not entering into a contract or legal infraction. Note that SGest does not intend to transfer personal data to a third country out of the European Union or an international organization. However, should this situation arise, the owner of the personal data will be duly notified.

Data Storage

Appropriate data processing actions will be carried out in SGest databases, applying strict control regulations, in accordance with the latest technological advances and with the recommendations of the supervisory authority.

The conservation period depends on the treated activity, the nature of the contact (customer or potential customer, for example). However, SGest undertakes to maintain the processing of its customers personal data only for the time strictly necessary to achieve the contractual purposes and fulfil the legal obligations to which it is bound.

SGest keeps certain mandatory documents (invoices, etc.) during the respective legal conservation period.

The period of retention of personal data must also be adequate, in accordance with the established archival criteria enforced.

The data will be deleted as soon as any of the justifications mentioned above cease to exist or when consent is withdrawn.

Your rights in controlling your data

SGest ensures data subjects the exercise of the rights of the GDPR, namely:

When applicable, it is also guaranteed:

To exercise these rights, data subjects may contact the data protection officer.

If the use of your personal data is based on consent, you have the right to withdraw it, without compromising the validity of the data processing carried out until that moment.

In addition, holders have the right to submit a complaint to the National Data Protection Commission, whenever they consider that the processing of their data violates the provisions of the Regulation.

Security Measures

SGest continuously implements the best physical and logical security practices and measures, which it considers to be indispensable for the protection of its users’ personal data as well as for the prevention of unauthorized access to data, improper use, disclosure, loss or undoing.

Only authorized personnel, subject to professional secrecy, can access personal data, and within their assigned functions and in the course of their work.

Despite the measures adopted by SGest, it is important to warn our users that no website, Internet transmission, computer system or wireless connection guarantees conditions of absolute inviolability and security.


Cookies are small software tags that are stored on devices used to access the internet, through the browser, retaining only information related to your preferences, not including your personal data.

These labels serve to help determine the usefulness, interest and number of uses of websites, allowing for faster and more efficient navigation, eliminating the need to repeatedly enter the same information.

So, it is recommended to use the standard cookie settings in your browser, in order to take advantage of all the features and potential of our portal.

Social Networks

SGest does not use social networks to collect elements for the profiling of our users.

When contacting APL by visiting a company page on a social network, you will not be directly providing any personal data.

It is advisable to consult the Privacy Policies of social networks to better clarify your rights as a user.

Links to third party websites

This website has links to other sites, which may contain useful information / tools for our visitors. This privacy policy is not naturally extended to third party websites, and you should read the privacy policy of those sites visited.

Therefore, SGest cannot be responsible for the privacy policy or content present on those same sites, users should access the privacy policies and terms of use of those sites.

Changes or updates to the SGest Privacy Policy

Sgest reserves the right, at any time, without prior notice and with immediate effect, to modify, add or revoke, partially or totally, this Privacy Policy, always in compliance with the GDPR and other applicable legislation.

Any changes will be immediately posted on this page.