The controller of the processing of the personal data is: Romão & Mendes Unipessoal LDA , located in Calçada do Sacramento 14, 1200-394 Lisboa, Portugal. If you have any questions or remarks, please contact our team (firstname.lastname@example.org).
WHAT PERSONAL DATA DO WE COLLECT ON OUR WEBSITE?
. When you register in order to buy products or wish to receive information from our company, we ask you to register or give us your personal information.
. We ask you to provide the following personal data for providing our services as:
– First and last name
– Phone number
– E-mail address
– Purchase history
We do not use your sensitive information about your financial details like number of credit cards.
If you send us an email with your request for information, we process the personal data and information provided in your email.
We may combine the information you have provided with other information we have collected about you, both online and offline, including, for example your purchase history, your address, gender or purchase date.
AUTOMATICALLY GENERATED DATA
When using our website, your IP address can be registered or cookies or other technologies can be used. With this data, sometimes personal data is stored or consulted. On the basis of this information you can be recognised on a later visit.
FOR WHICH PURPOSE DO WE PROCESS THE PERSONAL DATA?
We process personal data received from you, for the following purposes:
– to fulfil our obligations with respect to the agreement for the sale of goods (for example for shipping and invoicing the ordered goods), including invoicing
– to contact you, by phone or by e-mail, and to answer your questions or remarks and/or provide you with the requested information or advice
– to secure your account and order information
– to secure and improve our services:
. for data analysis, for example to improve the efficiency of the services
. for fraud and security checks, for example for cyber attacks
. to supplement, improve or change our website or our products and services
We will carry out the above listed activities to manage our contractual relationship with you, to fulfil a legal obligation, and/or because of our legitimate interests.
. to analyse personal data (purchase history, shipping country and/or city, language, gender) in order to provide personalised offers of our services
We will provide personalised offers of our Services with your permission or because of our legitimate interests.
– to comply with various legal obligations, including tax obligations
We will only make personal data available to third parties that are involved in the execution of the user’s order. We do not pass on your personal data to other third parties unless we are legally obliged to do so.
AGE OF USERS
If you are younger than 18 years old, you cannot make use of the Services. If your child has unexpectedly submitted personal information to us and you wish to request that the same personal data be removed, please contact us.
HOW LONG DO WE STORE AND PROCESS THE PERSONAL DATA?
Óptica do Sacramento process the personal data for a period of two years after your last order, or for as long as legally required or necessary and allowed for the purpose for which it was obtained. After these periods we will destroy the personal data.
The periods that we store your personal data may change according the duration of our ongoing relationship with you and the services we offer you if there is a legal obligation to which we are subject, such as applicable limitation period, a court case or investigations by a supervisor.
Óptica do Sacramento may process the personal data for a longer period if you ask us to keep data for a new two-year period, in order to comply with statutory retention periods or in order to prove that it complies with applicable statutory obligations, for example with respect to the GDPR or e-mail marketing legislation.
HOW DO WE PROTECT THE PERSONAL DATA?
We take appropriate measures to safeguard and protect the personal data against any accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access or against any other unlawful or unauthorised processing of such personal data. Taking into account the state of technology and the costs of execution, these measures guarantee an appropriate level of security given the risks that come with processing and the nature of the data to be processed. For example, we make use of a secure SSL and Plugin Sucuri connection during the order process and when completing the registration form.
DO WE SHARE THE PERSONAL DATA?
We don’t transfer any personal or personal data to any third party without your explicit permission, unless it is obliged to do so under applicable legislation or by order of the competent supervisory authority.
YOUR PERSONAL INFORMATION
You have the right to obtain our confirmation as to whether or not we process your personal data. You may view or change the personal details you provide when registering a client with us at anytime, on your account on the website. You also may send a request to receive such information to our team (email@example.com).
You may send to us (firstname.lastname@example.org) a request to access, receive, rectify or erase your personal data. We will process your request immediately and in accordance with the GDPR and we will send you a response without undue delay, at least within one month after the receipt of your written request.
You are entitled to object to our processing of your personal data at any time. We shall no longer process the personal data, unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. We will send you a response at least within one month after the receipt of your written request.
If you have any complaints about our processing of your personal data or your request, you can contact us (email@example.com). If you have any further questions or remarks, please contact us.