Privacy Policy


On May 25th 2018, a new European Union data protection law, the General Data Protection Regulation (GDPR) takes effect. The GDPR gives individuals in the EU more control over how their data is used and places certain obligations on businesses that process information of those individuals. Our Privacy Policy takes into account The new GDPR requirements. The purpose of this document is to clarify what information is collected from users on our website and its services – and how that data is manipulated and used. After reading this policy and using the website and associated services, you agree and accept it, as well as the respective processing of personal data.

Who we are.
Our website address is: 

What personal data we collect and why we collect it.
In order to book and pay for a dive or diving experience online, we require your name, address, email and payment details. Payment will normally be processed via SIBS. Please find below the links to the Privacy Policies for each organisation, which we encourage you to read in order to understand how they manage your information. All data shared with the following websites is encrypted.


Zoho mail

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms
The contact forms we use are designed to send the information direct to our e-mail address: [email protected] The information is used for booking purposes only and is deleted once the booking date has passed.  Arraia Divers employees may use the information you provide in the contact forms to discuss diving and course packages with you. When visitors contact us we  collect the data shown in the contact form and the book a dive form, and also the visitor’s IP address and browser user agent string to help spam detection. An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here:

Site navigation information
– When you visit our website, a cookie is placed on your browser through the Google Analytics software, to identify how many times you return to our address. Information such as IP address, geographic location, reference source, type of browser, duration of the visit and pages visited are anonymously collected.

Embedded content from other websites.
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with.
Only Arraia Divers employees can see your personal information. No personal information will be disclosed publicly. Arraia Divers also undertakes not to sell, rent or provide your information to third parties.The only exception is in cases where such information is required by law.  As a School and Diving Center Arraia Divers  is obliged to adhere to the Legal Regime applicable to recreational diving, Decree Law no. 24/2013 of March 20, Article 28. In addition, although we work with good security and protection practices, no web service has a 100% guarantee against intrusion and we cannot be held liable if it occurs. We do not use your information for direct to customer marketing purposes.

About the Use of your personal information.
We collect the data in order to make bookings and to have our own statistics on the divers who dive with us.  Our statistics are in the form of aggregated data which may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your age   to calculate the percentage of customers in each age group. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice. Once  your diving has been completed all data that you complete within our dive centre is filed in compliance with  PADI standards and requirements.

Sharing content on social media networks
By clicking on the share content buttons on the social networks available on our pages, you will be publishing the content through your profile on the selected network. Arraia Divers does not have access to users’ login and password on those networks, nor will it publish content on behalf of the user without it performing this action.

How long we retain your data
We retain your paper data that you complete within our dive centre for 7 years in compliance with  PADI standards and requirements.  After this time all your data is destroyed.

Safeguarding your information.
We take keeping your personal information safe and secure, very seriously. All online data is deleted as soon as relevant paper copies have been printed and to further ensure your data protection, appropriate data protection/virus software is installed on our business laptops and will be updated as required. Please read the Privacy Policies for the above companies in order to check if the data held is encrypted.

Request to know what information we have on you.
You are welcome to contact us at anytime to enquire (free of charge), what information we are currently storing about you. We promise to respond within one month of your enquiry.

Where we send your data
Visitor comments and contact form information may be checked through an automated spam detection service.

Changes to the Privacy Policy.
This Privacy Policy may be updated. Therefore, we recommend periodically visiting this page so that you have knowledge about the modifications. Before using information for purposes other than those defined in this Privacy Policy, we will ask for your authorization. Should you wish to complain about how we are holding or using your information, you have the right to complain to a higher authority namely the CNPD, contact details below:

CNPD – National Commission for Data Protection
Rua de São Bento, nº 148 – 3rd
1200-821 Lisbon
Telephone +351 213928400; Fax: +351 213976832
Comissão Nacional de Proteção de Dados (CNPD)