Privacy Policy

Arrow Intermediários de Crédito Lda, as a Tied Credit Intermediary registered with the Bank of Portugal under no. 0008109, values the trust of its clients and is committed to protecting their personal data in accordance with the General Data Protection Regulation (GDPR) and applicable national legislation.

 

1. Data Controller
The Data Controller is Arrow Intermediários de Crédito Lda, a Tied Credit Intermediary registered with the Bank of Portugal under no. 0008109, with its registered office at Rua Jacinto Correia, Bloco A, Loja JLM, Edifício Atrium Lagoa, 8400-398 Lagoa (Algarve), Portugal.

For any matters related to data protection, you may contact us at:

• Email: jm@intermediariosarrow.pt
• Phone: (+351) 924 778 470 (call to national mobile network)

 

2. Personal Data Collected
In the course of its activity, Arrow may collect the following personal data:

• Identification data (name, date of birth, tax identification number, etc.);
• Contact details (address, email, telephone number);
• Financial, professional, and property-related data necessary for credit analysis and intermediation;
• Other data voluntarily provided by the client within the scope of the services provided.

 

3. Purposes and Legal Basis
Personal data are processed for the following purposes:

• Analysis of credit applications and provision of credit intermediation services (contractual performance);
• Compliance with legal and regulatory obligations (e.g. Bank of Portugal, tax authorities);
• Communication of information related to the services provided;
• Sending marketing or informative communications, when consent has been given by the data subject.

 

4. Data Sharing
Personal data may be shared with:

• Credit institutions and financial partners, exclusively for the purpose of credit analysis and contracting;
• Regulatory authorities (e.g. Bank of Portugal, CNPD), when legally required;
• Service providers that support Arrow in fulfilling the purposes described above, always ensuring confidentiality and data security.

 

5. Rights of Data Subjects
Data subjects have the right to:

• Access, rectify, and erase their personal data;
• Restrict or object to the processing of their data;
• Request the portability of their data;
• Withdraw consent, where applicable, without affecting the lawfulness of processing carried out before withdrawal;
• Lodge a complaint with the Comissão Nacional de Proteção de Dados (CNPD), the Portuguese Data Protection Authority.

 

6. Data Retention
Data will be retained only for as long as necessary for the purposes described above, or as long as there is a legal obligation to retain them.

 

7. Security
Arrow adopts appropriate technical and organizational measures to protect personal data against unauthorized access, loss, destruction, or alteration.

 

8. Changes to this Policy
This Privacy Policy may be updated periodically. Any changes will be published on the website.