Privacy Policy

Last updated: 23 April 2026

Balurca Advisory is a boutique cross‑border advisory firm with offices in London (United Kingdom) and Lisbon (Portugal). We advise internationally minded companies - particularly UK‑headquartered businesses - on structuring, investment, and expansion strategies involving Portugal and other European jurisdictions.

This Privacy Policy explains how we collect, use, disclose, and protect personal data when you visit our website or interact with us professionally, in accordance with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR), and applicable data protection laws.

1. Who We Are (Data Controller)

Balurca Advisory acts as the data controller for personal data processed through this website and through our professional communications.

Contact details:
Balurca Advisory
Email: privacy@balurca.com

2. Personal Data We Collect

We only collect personal data that is relevant to a legitimate business purpose. This may include:

a) Information you provide voluntarily

• Name, job title, and company name

• Business email address and telephone number

• Information shared via contact forms, emails, or professional enquiries

• Information provided during advisory discussions or introductions

b) Information collected automatically

When you visit our website, we may collect limited technical data, such as:

• IP address

• Browser type and version

• Device information

• Pages visited and time spent on the site

This information is collected using cookies and similar technologies (see Section 8).

3. How We Use Your Personal Data

We use personal data for the following purposes:

• To respond to enquiries and requests

• To provide advisory services and professional insights

• To manage and maintain client and prospective client relationships

• To share relevant publications, briefings, or event invitations (where appropriate)

• To improve the performance, security, and content of our website

• To comply with legal, regulatory, or professional obligations

We do not sell personal data and do not use it for automated decision‑making or profiling.

4. Legal Bases for Processing

We process personal data on one or more of the following legal bases:

• Legitimate interests – for professional communications and advisory relationships

• Consent – where you have expressly chosen to receive communications

• Contractual necessity – where processing is required to provide services

• Legal obligation – where required by law or regulation

5. Sharing of Personal Data

We may share personal data only where necessary and proportionate, including with:

• Professional advisers (legal, tax, compliance) acting under confidentiality

• Service providers supporting our IT, communications, or website operations

• Public authorities or regulators, where legally required

All third parties are required to handle personal data securely and in compliance with applicable data protection laws.

6. International Data Transfers

As a cross‑border firm operating in the UK and the EU, personal data may be processed in both jurisdictions.

Where data is transferred outside the UK or European Economic Area, appropriate safeguards are in place, including:

• Adequacy decisions, or

• Standard Contractual Clauses approved by regulators

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this policy, including professional, legal, and regulatory requirements. When data is no longer required, it is securely deleted or anonymised.

8. Cookies and Website Analytics

Our website may use cookies to ensure basic functionality and to understand how visitors use our content. Cookies do not identify you personally unless you choose to provide personal data.

You can manage or disable cookies through your browser settings.

9. Your Rights

Under UK GDPR and EU GDPR, you have the right to:

• Access your personal data

• Request correction of inaccurate or incomplete data

• Request erasure of your data (where applicable)

• Restrict or object to processing

• Request data portability

• Withdraw consent at any time (where processing is based on consent)

To exercise your rights, please contact us at privacy@balurca.com.

10. Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or disclosure. Access to personal data is limited to those who need it for legitimate business purposes.

11. Professional Context

Balurca Advisory primarily engages with founders, executives, investors, and corporate decision‑makers in a professional capacity. This website is not intended for children, and we do not knowingly collect personal data from individuals under 18 years of age.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, regulation, or our business practices. Any updates will be posted on this page with an updated revision date.