Privacy Policy
Last updated: February 1st, 2026
This is the Privacy Policy of the jonas.io web site and its related websites (collectively referred to as the “Site”), which are owned and operated by Jonas Schmedtmann, Unipessoal Lda (which may be referred to in the Terms as “we”, “us”, “jonas.io” or “Jonas Schmedtmann”). It describes the information that we collect from users of our Site (“Users”) as part of the normal operation of our Site, and how we use and disclose this information.
Company: Jonas Schmedtmann, Unipessoal Lda (established in Portugal)
NIPC/VAT number: PT513845518
Email: [email protected]
1. Data we collect
We collect only the minimum data required to operate this website and communicate with you:
- Email address – collected when you subscribe to our newsletter or updates.
- Server logs – containing IP addresses and browser data, used for security, error diagnosis, and anti-fraud purposes.
- Aggregated analytics data – anonymized, collected server-side to understand general traffic and performance.
- Local storage – certain preferences or generated data may be stored locally in your browser (light/dark mode, generated course paths). This data never leaves your device and is used solely for functionality. If non-essential local storage is ever introduced, we will request prior consent.
We do not use cookies and do not track users across other websites.
2. How we use your data and lawful bases
- To send newsletters and marketing communications (based on your consent).
- To maintain website security and prevent misuse (based on legitimate interest).
- To measure site performance with aggregated analytics (based on legitimate interest).
You may withdraw consent or object to processing at any time.
3. Direct marketing
Email marketing is always opt-in. We may rely on the soft opt-in exception for our own similar products or services to existing subscribers. You can object to direct marketing at any time by unsubscribing or contacting us. We keep proof of consent for all subscribers.
4. Data retention
- Email addresses: kept until you unsubscribe or request deletion.
- Server logs: retained for up to 12 months.
- Analytics data: stored only in aggregated form.
- Legal purposes: data may be retained up to five years to defend legal claims.
5. International transfers
If any processor stores data outside the EEA, transfers rely on either the EU-US Data Privacy Framework (for certified providers) or the European Commission’s Standard Contractual Clauses ensuring adequate protection.
6. Security
We apply appropriate technical and organizational measures to protect your data, including encryption (HTTPS), restricted access, and secure storage through trusted processors.
7. Your rights
You have the right to access, rectify, erase, or port your data, restrict or object to processing, and withdraw consent at any time. We will respond within one month of receiving your request. To exercise your rights, contact [email protected].
You may also contact the Comissão Nacional de Proteção de Dados (CNPD):
- Website: www.cnpd.pt
- Email: [email protected]
- Address: Av. D. Carlos I 134 – 1.º, 1200-651 Lisboa
8. Children
In Portugal, parental consent is required for users under 13 years old. We do not knowingly collect data from children under 13.
9. Updates
We may update this Privacy Policy from time to time. The latest version will always be published on this page with a new “last updated” date.
10. Contact
For any questions about this Privacy Policy, please contact us at [email protected].