Privacy Policy

1. Who We Are

wheretoemigrate.io is operated by an independent migration research team based in Portugal. When we say "we," "us," or "our" in this policy, we mean Where to Emigrate as the data controller for this service.

For any privacy-related questions, contact hello@wheretoemigrate.io. For data subject requests (access, rectification, erasure, portability, objection, consent withdrawal), use hello@wheretoemigrate.io — we respond within 30 days per GDPR Article 12(3), and typically within 72 hours where technically feasible.

2. What Data We Collect

We collect data in two ways: information you provide directly, and information collected automatically when you use our site.

Information you provide

• Assessment data: When you complete our free verdict, you provide information about your nationality, age, education, income, savings, profession, language skills, and emigration preferences. This data is used to generate your country match results.
• Email address: If you opt in to receive your results or subscribe to updates, you provide your email address.
• Payment information: If you purchase a report, you are redirected to Stripe's hosted checkout page (checkout.stripe.com). Your card details are entered entirely on Stripe's domain — we never receive, see, or store your payment information. Stripe processes payments under PCI-DSS Level 1 compliance.

Information collected automatically

• Analytics data: We use privacy-friendly analytics to understand how visitors use our site. This includes pages visited, referral source, device type, browser, country, and session duration. We do not track individual users across sessions unless they have opted in.
• Cookies: See our Cookie Policy for details on what cookies we use and why.

3. How We Use Your Data

We use your data for the following purposes:

• To generate your personalized country match results and emigration report
• To process payments for premium reports
• To send you your results and, if you opted in, occasional emigration updates via email
• To improve our assessment algorithm and content based on aggregate, anonymised usage patterns
• To respond to support requests

We do not sell, rent, or share your personal data with third parties for their marketing purposes. Ever.

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), UK, or Switzerland, we process your data under the following legal bases:

• Consent: For email marketing communications. You can withdraw consent at any time by clicking "unsubscribe" in any email.
• Contract performance: To deliver the assessment results and reports you request.
• Legitimate interest: For analytics, fraud prevention, and improving our services, where these interests do not override your rights.

5. Data Sharing

We use the following third-party services to operate wheretoemigrate.io:

• Stripe: Payment processing (USA, PCI-DSS compliant)
• Brevo: Email delivery and marketing automation (EU-based)
• Cloudflare: Hosting, CDN, edge computing, KV storage, R2 storage (global network, GDPR-compliant)
• DigitalOcean: Database hosting for our contact management — EU-Frankfurt cluster, DPA in place.
• Resend: Transactional email delivery (USA-incorporated processor; processing region: AWS EU eu-west-1 for our domain; Standard Contractual Clauses in place via Resend DPA)
• Google Analytics 4: Website analytics, loaded only after cookie consent for EU visitors (USA, Standard Contractual Clauses in place)
• Microsoft Clarity: Session recording and heatmaps, loaded only after cookie consent for EU visitors (USA, Standard Contractual Clauses in place)
• Instantly.ai: Email delivery infrastructure for B2B partnership outreach communications (USA, SCCs in place via Instantly DPA). All current B2B campaigns are paused.
• Sentry: Error monitoring and diagnostic telemetry. Captures stack traces and environmental context (report ID, tier, pseudonymised user context) only when the application fails; used exclusively to diagnose faults. Hosted in the USA under Standard Contractual Clauses. Sentry trust centre.
• PostgreSQL (DigitalOcean): Managed database hosting our marketing contact list, used for outbound cold-email campaigns under a legitimate-interest lawful basis (publicly available business email or prior interaction). Hosted in the EU. You can opt out at any time via the unsubscribe link in any email or by writing to privacy@wheretoemigrate.io.
• Apollo.io: B2B contact sourcing and enrichment of publicly listed professional contacts (USA, SCCs in place via Apollo DPA). Apollo is the upstream source of part of the B2B contact pool we use for partnership outreach. Per GDPR Article 14, you can request notification of what data we hold about you, object to processing, or request erasure at privacy@wheretoemigrate.io.
• SABI (Bureau van Dijk): One-time import of Iberian B2B registry-derived records (EU/UK adequacy). Subscription retired; records are read-only and subject to the same retention + objection rights as Apollo-sourced records.
• html2pdf.app: PDF rendering of paid personalized reports. The report HTML (containing your name, email, and quiz answers) is POSTed to this service for PDF generation and not retained by them beyond the rendering call. EU-based.

Material sub-processor changes: Each processor may use its own sub-processors (AWS, GCP, Azure are commonly used). The up-to-date sub-processor list for each is published in each processor's DPA, linked above where available.

Each provider processes data only as necessary to provide their service and under contractual data protection obligations.

6. International Data Transfers

Some of our service providers operate outside the EEA. Data transfers to the USA are governed by Standard Contractual Clauses (SCCs) and the EU-US Data Privacy Framework.

7. Data Retention

• Assessment data: Retained only as long as necessary to generate and deliver your report, and for limited operational purposes. Data is deleted or anonymised when no longer needed.
• Email addresses: Retained until you unsubscribe, after which they are deleted within 30 days.
• Payment records: Retained for 7 years as required by applicable tax law.
• Analytics data: Retained in aggregate form only. No personally identifiable analytics data is stored beyond the provider's default retention period.

8. Your Rights

Under the EU General Data Protection Regulation (GDPR) and applicable data protection laws, you have the following rights. We respond to verified requests within 30 calendar days (Article 12(3)) at no cost — except where requests are manifestly unfounded or excessive, when we may charge a reasonable fee or refuse to act.

• Right of access (Article 15) — confirmation of whether we process your data, a copy of it, and information about how it is processed.
• Right to rectification (Article 16) — correction of inaccurate or incomplete personal data.
• Right to erasure / "right to be forgotten" (Article 17) — deletion of your personal data when it is no longer necessary, you withdraw consent, or you object to processing.
• Right to restriction of processing (Article 18) — limit how we use your data in defined circumstances (e.g. while accuracy is contested).
• Right to data portability (Article 20) — receive the personal data you provided to us in a structured, commonly used, machine-readable format and transmit it to another controller.
• Right to object (Article 21) — object to processing based on legitimate interests, including direct marketing and profiling. We stop processing unless we can demonstrate compelling legitimate grounds.
• Right to withdraw consent (Article 7(3)) — at any time for any processing based on consent (e.g. newsletter, optional analytics). Withdrawal does not affect the lawfulness of processing before withdrawal.
• Rights related to automated decision-making (Article 22) — we do not use solely automated decision-making with legal or similarly significant effects on you. Our verdict (Eligible / Almost) is a research output for human review, not a binding decision.
• Right to lodge a complaint with a supervisory authority (Article 77) — see §12 below for the Portuguese authority (CNPD) or contact your local EEA authority.

To exercise any of these rights, email privacy@wheretoemigrate.io from the address on file, or include a verification of identity if requesting from another address. We process all requests within 30 calendar days and confirm receipt within 72 hours.

8A. Data Processing for Reports and Guides

When you purchase a report or guide, we process your assessment answers (nationality, age, profession, income range, savings, language skills, and priorities) to generate a personalized document. This data is:

• Stored temporarily in Cloudflare KV (encrypted at rest) for up to 48 hours during report generation
• Used to generate your PDF report via a secure third-party rendering service (html2pdf.app)
• Stored as a completed PDF in Cloudflare R2 (encrypted at rest) for 30 days to allow re-downloads
• Synced to our email platform (Brevo) for order confirmation and download link delivery
• Not shared with any other third party or used for purposes beyond delivering your purchased product

After 30 days, your download token expires. Your assessment answers are automatically deleted from KV storage after 48 hours. The generated PDF remains in R2 storage for up to 90 days and is then automatically purged.

To request immediate deletion of your data and generated reports, email privacy@wheretoemigrate.io with your order email address.

9. Data Security

We implement appropriate technical and organisational measures to protect your data, including HTTPS encryption across the entire site, secure data storage with access controls, and regular review of our data processing practices.

9A. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

• Notify the relevant supervisory authority (CNPD in Portugal) within 72 hours of becoming aware of the breach, as required by GDPR Article 33
• Notify affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms, as required by GDPR Article 34
• Document the breach, its effects, and the remedial actions taken

Notifications will describe the nature of the breach, the categories and approximate number of individuals affected, the likely consequences, and the measures taken or proposed to address the breach.

10. Children

Our services are not directed at individuals under 18 years of age. We do not knowingly collect data from minors. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email to registered users and/or a notice on our website. The "last updated" date at the top reflects the most recent revision.

12. Supervisory Authority

If you are in the EEA and believe we have not addressed your data protection concerns adequately, you have the right to lodge a complaint with your local supervisory authority. In Portugal, the relevant authority is the Comissão Nacional de Proteção de Dados (CNPD) — www.cnpd.pt.

13. Your California Privacy Rights (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), provides you with additional rights regarding your personal information.

Categories of personal information we collect: Identifiers (email address), internet activity (pages visited, referral source), geolocation data (country-level), and professional information (as provided in your assessment).

Your rights under CCPA/CPRA:

• Right to know: You can request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purposes for collection, and the categories of third parties with whom we share it.
• Right to delete: You can request deletion of your personal information, subject to certain exceptions (e.g., completing a transaction, legal obligations).
• Right to correct: You can request correction of inaccurate personal information.
• Right to opt out of sale/sharing: We do not sell your personal information. We do not share your personal information for cross-context behavioural advertising.
• Right to non-discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

To exercise these rights, email hello@wheretoemigrate.io with the subject line "CCPA Request". We will verify your identity and respond within 45 days.

14. Brazil — LGPD (Lei Geral de Proteção de Dados)

If you are located in Brazil, the Lei Geral de Proteção de Dados (LGPD) provides you with specific rights regarding your personal data.

Legal basis for processing: We process your data based on consent (for marketing emails), contract performance (to deliver reports and assessment results), and legitimate interest (for analytics and service improvement).

Your rights under LGPD:

• Confirmation of the existence of processing
• Access to your personal data
• Correction of incomplete, inaccurate, or outdated data
• Anonymisation, blocking, or deletion of unnecessary or excessive data
• Data portability to another service provider
• Deletion of personal data processed with your consent
• Information about public and private entities with which we shared your data
• Information about the possibility of denying consent and the consequences
• Revocation of consent

To exercise these rights, email hello@wheretoemigrate.io with the subject line "LGPD Request". We will respond within 15 business days.

15. India — Digital Personal Data Protection Act (DPDP Act)

If you are located in India, the Digital Personal Data Protection Act, 2023 (DPDP Act) provides you with rights regarding your personal data.

Your rights under the DPDP Act:

• Right to access: You can request a summary of your personal data being processed and the processing activities
• Right to correction and erasure: You can request correction of inaccurate or misleading data, completion of incomplete data, and erasure of data no longer necessary for the purpose it was collected
• Right to grievance redressal: You can raise grievances about our data processing practices
• Right to nominate: You can nominate another individual to exercise your rights on your behalf in the event of your death or incapacity

Consent: We process your personal data based on your consent, which you provide when using our assessment tool, purchasing a report, or subscribing to our newsletter. You may withdraw consent at any time by emailing hello@wheretoemigrate.io. Withdrawal of consent will not affect the lawfulness of processing carried out prior to such withdrawal.

To exercise any of these rights, email hello@wheretoemigrate.io with the subject line "DPDP Request".