Skip to main content
0

No products in the cart.

Privacy Policy

PRIVACY POLICY – CINFÃES DIGITAL COMMERCIAL DISTRICT

The Cinfães Digital platform, managed by the Cinfães Business Association, is committed to protecting the privacy of its users. This privacy policy describes how we collect, use, store, and protect personal data, in accordance with the General Data Protection Regulation (GDPR) and Law No. 58/2019.

  1. Introduction

This policy applies to all personal data collected through our platform and mobile application. By using the platform, the user agrees to the collection and use of information as stipulated in this policy.

2. Collection of Personal Data

2.1. Types of Data Collected

The Cinfães Digital Marketplace may collect the following personal data:

  • Personal Identification Data: Name, surname, email address, phone number.
  • Account Data: Username, password.
  • Payment Data: Bank information (e.g., IBAN), Payment method details.
  • Browsing Data: IP address, cookies, geolocation.
  • Communication Data: Messages sent through customer support, Notes, reviews, and questions left about products.
  • Satisfaction Data: Responses to satisfaction surveys.

2.2. Data Collection Methods

Data collection occurs in the following situations:

  1. Platform Registration: During the account creation process, Users provide necessary personal information;
  2. Browsing and Use of Features: Through cookies and other technologies, the Marketplace collects data on Users’ browsing behavior, including pages visited and time spent in each section;
  3. Interaction with Customer Service: Information is collected during interactions with customer support, including calls, emails, and chats;
  4. Responses to Surveys and Feedback: User satisfaction data is collected through questionnaires and feedback forms sent after purchases or interactions.

3. Purposes of Data Collection

The Cinfães Digital Marketplace uses personal data for:

  • Contract Execution and Management: Management of purchase and sale contracts or service provision contracts;
  • Order Processing: Management and processing of purchase orders;
  • Communication with Clients: Clarification of doubts and effective communication with users;
  • Processing of Information Requests: Responding to requests for additional information;
  • Processing of Complaints: Management of complaints, including regulatory processes, pre-litigation processes or exercise of rights in judicial proceedings;
  • Statistical Analysis Activities: Conducting statistical analyses to improve the services offered;
  • Systems Development: Verification, maintenance and development of systems and statistical analyses;
  • Direct Marketing Communications: Sending marketing communications, if you have consented to the processing of your personal data for this purpose;
  • Fraud Prevention and Combating: Implementation of measures to prevent and combat fraud;
  • Request for Feedback: Request for feedback on products or services purchased;
  • Conducting Customer Satisfaction Surveys: Conducting surveys to assess customer satisfaction;
  • Event and Campaign Management: Managing and participating in events, contests, and promotional campaigns.

4. Who has access to the data?

The Management Team of the Cinfães Digital Marketplace platform takes all precautions to preserve the security of personal data against any loss, unauthorized access, modification, intrusion, alteration, disclosure or destruction of the data it holds.

Access to Information:

  • Platform Management Team: The management team of the Cinfães Digital Marketplace platform has access to information from both merchants and buyers, strictly for the purposes of managing and operating the platform.
  • Sellers: Sellers have access to buyer information, but only to the extent necessary to process orders and provide services. This access is strictly controlled, and sellers are not authorized to use personal data for any purpose other than fulfilling their contractual obligations.

4. Permission Management

Permissions can be managed directly in the device settings or in the application.

5. User Rights

In accordance with the General Data Protection Regulation (GDPR), users have the following rights:

  • Right of Access: This right allows users to consult information about the processing operations that concern them, such as the type of data and the origin of the collection. It also makes it possible to request a copy of all information related to the user, regardless of the legal basis that justifies the processing.
  • Right to Rectification: If there is any error in the data provided or if it is necessary to supplement the information, users have the right to update their data, regardless of the legal basis for the processing.
  • Right to Withdraw Consent: If they have given their consent to the processing of personal data, users have the right to withdraw that consent at any time.
  • Right to Restrict Processing: Users may request the limitation of the processing of their personal data.
  • Right to Data Portability: This right allows users to request that their data be made available when processed based on consent or a contractual relationship. In this case, the responsible entity must provide the data in a technically usable format.
  • Right to Object: Users have the right to object to the processing of their data, especially when the processing is based on the “legitimate interest” of the controller, provided that this interest is not considered “compelling”.
  • Right to Erasure: If the data is processed based on consent or legitimate interest (not compelling), users may request the early deletion of their data. To do so, simply express your intention to withdraw consent or object to the processing.
  • Right to Disposition After Death: Users have the right to set guidelines on the retention, deletion or communication of their personal data that apply after their death.

Users can exercise the aforementioned rights through the Electronic Form (or email) available for this purpose.

Data Retention

Users’ personal data is retained in accordance with the following guidelines:

  • Payment Data: Stored for up to 3 years after the transaction date.
  • Contractual Relationship: Data is retained for a period equivalent to the duration of the contractual relationship between the parties. If there is inactivity exceeding 3 years since the last contact with the Client, the data will be deleted.
  • Exercise of Rights: Data related to requests to exercise rights are retained for 5 years after the response to the request, after which they will be deleted.
  • Fraud Prevention: Data is retained for 7 years from the date of the response to the request, and subsequently archived for an additional 7 years.
  • Reporting Illegal Products: Data related to reports are kept for 3 years from the date of the report, after which they will be deleted.

6. Personal Data Security

We have implemented appropriate technical and organizational measures to protect personal data. However, users should be aware that no data transmission over the Internet is completely secure.

7. Changes to the Privacy Policy

We reserve the right to update this policy, and we recommend that users regularly consult the document for possible updates.

Cinfães Digital
Privacy Overview

This website uses cookies to improve your browsing experience and to ensure the proper functioning of the online store and booking system.

Cookies allow us to recognise your device when you return to our website, save products in your cart, process orders, and understand how visitors use the site.

You may, at any time, accept or reject non-essential cookie categories. You can change your preferences in the cookie settings available on the website.