Privacy and Cookies Policy
WHO ARE WE?
PORTO DA ESPADA” is a restaurant located in São Miguel that serves typical Azorean food with inspirations from Alentejo dishes.
WHY THIS PRIVACY AND PERSONAL DATA PROTECTION POLICY?
This Policy aims to make known to the Clients/Users of “PORTO DA ESPADA” the general rules of privacy and treatment of personal data, which are collected and treated in strict compliance with the provisions of personal data protection legislation in force at any given time, particularly in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”).
“PORTO DA ESPADA” respects best practices in the field of security and protection of personal data, and to this end has taken the necessary technical and organizational measures to comply with the GDPR and ensure that the processing of personal data is lawful, fair, transparent and limited to the authorized purposes.
“PORTO DA ESPADA” is committed to the protection and confidentiality of personal data, having adopted the measures it deems appropriate to ensure the accuracy, integrity and confidentiality of personal data, as well as all other rights to which their holders are entitled.
WHAT DOES THIS POLICY COVER?
This Policy applies exclusively to the collection and processing of personal data for which “PORTO DA ESPADA” is responsible for the respective processing, within the scope of the services and products made available to its Customers/Users and in all situations in which a processing of personal data occurs.
WHAT IS PERSONAL DATA?
Personal data is any information, of any nature and regardless of its support, including sound and image, concerning an identified or identifiable natural person.
An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to a name, identification number, location data, electronic identifiers, or to one or more factors specific to his/her physical, physiological, genetic, mental, economic, cultural or social identity.
WHAT DOES THE PROCESSING OF PERSONAL DATA CONSIST OF?
The processing of personal data consists of an operation or set of operations performed upon personal data or sets of personal data, whether or not by automated means, including collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, dissemination, comparison, interconnection, restriction, erasure or destruction.
WHO IS IN CHARGE OF DATA PROCESSING?
The entity responsible for the processing of personal data is “PORTO DA ESPADA“, which determines the purposes and means of processing them.
To this end, should the holder of the personal data need to contact the data controller, they may do so through the following means and contacts: restaurante@portodaespada.pt
WHAT TYPES OF PERSONAL DATA ARE PROCESSED?
“PORTO DA ESPADA“, within the scope of its activities, processes the personal data necessary for the provision of services and/or supply of products, processing data such as e-mail address, name, telephone number and date of birth, according to information provided by the holders of personal data.
Personal data can also be processed for marketing purposes or dissemination of offers of services of “PORTO DA ESPADA“, if the respective holder has authorized it.
If there is prior consent of the holder, this may be withdrawn at any time, without the lawfulness of the processing carried out on the basis of the consent previously given being compromised.
WHEN AND HOW DO WE COLLECT YOUR PERSONAL DATA?
“PORTO DA ESPADA” collects your personal data, including via telephone, in writing, through its website, ensuring, where necessary, the prior consent of the holder of the personal data.
Some personal data are indispensable to the execution of the contract, without which “PORTO DA ESPADA” cannot provide the service in question.
If the holder of personal data is not a customer/user of “PORTO DA ESPADA“, their personal data will only be treated when they are made available, in which case the rules of this Policy will apply.
The personal data collected can be processed by computer and in an automated or non-automated way, ensuring in all cases the strict compliance with the legislation for the protection of personal data, being stored in specific databases, created for this purpose and, in no situation, the data collected will be used for a purpose other than that for which they were collected or given consent by the data subject.
WHO ARE THE RECIPIENTS OF THE PERSONAL DATA?
Without prejudice to the recipients indicated throughout this Policy, “PORTO DA ESPADA” may communicate the personal data of the Customer/User, for the purpose of compliance with legal obligations, including police, judicial, tax and regulatory entities.
WHAT ARE THE PURPOSES OF PROCESSING OF PERSONAL DATA AND THE RESPECTIVE LEGAL GROUNDS?
In general, the personal data collected is based on and intended for the management of the contractual and commercial relationship, the provision of the contracted services, the adequacy of the services to the needs and interests of the Customer/User, namely for the purposes of access to specific functionalities of the services, information and marketing actions.
Additionally, personal data may also be processed for the purpose of complying with legal obligations.
FOR HOW LONG DO WE KEEP YOUR PERSONAL DATA?
The period of time during which personal data is stored and retained varies according to the purpose for which the information is processed.
In fact, there are legal requirements that oblige us to retain data for a minimum period of time. Thus, and whenever there is no specific legal requirement, the data will be stored and kept only for the minimum period necessary for the pursuit of the purposes that motivated their collection or their subsequent processing, under the terms defined by law.
WHAT ARE YOUR RIGHTS AS A DATA SUBJECT?
As holders of personal data, customers / users are guaranteed at any time the right to access, rectify, update, limitation and erasure of their personal data (except for data that are indispensable to the provision of services by “PORTO DA ESPADA” or compliance with legal obligations to which the controller is subject), the right to oppose the use of them for commercial purposes by “PORTO DA ESPADA” and the withdrawal of consent, without this compromising the lawfulness of the treatment carried out under that consent, as well as the right to data portability.
HOW CAN YOU ACCESS, RECTIFY, UPDATE, LIMIT, DELETE, OPPOSE THE PROCESSING OF YOUR PERSONAL DATA, OR REMOVE CONSENT?
Without prejudice to the provisions of the RGPD, the holder of personal data may do so directly or by written request, addressed to the respective Responsible for processing, through the contacts provided for this purpose in this document, as well as other contacts made available by “PORTO DA ESPADA“.
HOW CAN YOU OPPOSE THE RECEIPT OF CONTACTS FOR MARKETING PURPOSES?
“PORTO DA ESPADA” can promote actions of dissemination to their customers / users, of new products or services, including by telephone, email, SMS or any other electronic communications service, if the holder of personal data has given their consent.
If the holder of the personal data does not wish to continue to receive these communications he/she may, at any time, withdraw his/her consent to the use of his/her data for marketing purposes.
HOW CAN YOU COMPLAIN?
Without prejudice to being able to present complaints directly to “PORTO DA ESPADA” through the contacts made available for this purpose, the Customer/User can complain directly to the Control Authority, which is the National Commission for Data Protection (CNPD), using the contacts made available by this entity for this purpose.
WHAT ARE THE MEASURES ADOPTED BY “PORTO DA ESPADA” TO ENSURE THE SECURITY OF YOUR PERSONAL DATA?
“PORTO DA ESPADA” assumes the commitment of guaranteeing the protection of the security of the personal data that are made available to it, having approved and implemented rigorous rules in this matter. Compliance with these rules is an obligation of all those who legally access them.
Bearing in mind the concern and commitment that “PORTO DA ESPADA” reveals in the defense of personal data, various security measures of a technical and organizational nature have been adopted in order to protect the personal data that are made available to it against diffusion, loss, misuse, alteration, treatment, or unauthorized access, as well as against any other form of illicit treatment.
In addition, third parties who, as part of the provision of services, process the personal data of the Customer/User on behalf of “PORTO DA ESPADA“, are obliged in writing to implement appropriate technical and security measures that, at all times, meet the requirements of the legislation in force and ensure the protection of the rights of the data subject (in particular, the protection of privacy and personal data).
UNDER WHAT CIRCUMSTANCES IS THERE COMMUNICATION OF DATA TO OTHER ENTITIES (THIRD PARTIES AND SUBCONTRACTORS)?
PORTO DA ESPADA“, within the scope of its activity, may use third parties to provide certain services. Sometimes, the provision of these services involves access, by these entities, to the personal data of Clients/Users. When this happens, “PORTO DA ESPADA” takes the appropriate measures to ensure that the entities that have access to the data are reputable and offer the highest guarantees at this level, which is duly enshrined and safeguarded contractually between “PORTO DA ESPADA” and the third entity(ies).
Thus, any entity subcontracted by “PORTO DA ESPADA” will treat the personal data of our customers/users on behalf of “PORTO DA ESPADA” and adopting the necessary technical and organizational measures to protect personal data against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access, and against any other form of unlawful treatment.
In any case, “PORTO DA ESPADA” remains responsible for the personal data made available to it.
In this case, “PORTO DA ESPADA” uses Mailchimp, as a marketing platform. By agreeing to our policies, you acknowledge that your information will be transferred to Mailchimp. Learn more about Mailchimp’s privacy policies here https://mailchimp.com/legal/.
You can unsubscribe at any time by clicking the link in the footer of our emails. For more information about our privacy policies, please visit our website.
UNDER WHAT CIRCUMSTANCES DO WE TRANSFER YOUR PERSONAL DATA?
The provision of certain services by “PORTO DA ESPADA” may involve the transfer of your data outside Portugal, including outside the European Union or to International Organizations.
In such a case, “PORTO DA ESPADA” will strictly comply with the applicable legal provisions, particularly with regard to determining the suitability of the destination country(ies) with respect to the protection of personal data and the requirements applicable to such transfers, including, where applicable, the conclusion of appropriate contractual instruments that guarantee and respect the legal requirements in force.
HOW CAN YOU FIND OUT ABOUT ANY CHANGES TO THE PERSONAL DATA PROTECTION POLICY?
“PORTO DA ESPADA” reserves the right to make readjustments or changes to the present Personal Data Protection Policy at any time.
ABOUT COOKIES
WHAT ARE COOKIES?
“Cookies” are small software tags that are stored in the access equipment through the browser, retaining only information related to preferences, and as such do not include personal data.
WHAT ARE COOKIES USED FOR?
Cookies are used to help determine the usefulness, interest and number of uses of websites, allowing faster and more efficient browsing, eliminating the need to repeatedly enter the same information.
WHAT KIND OF COOKIES ARE THERE?
There are two groups of cookies that can be used:
Permanent cookies – these are cookies that are stored at browser level in the access equipment (PC, mobile and tablet) and are used whenever you make a new visit to one of the “PORTO DA ESPADA” websites. They are generally used to direct navigation to the user’s interests, allowing for a more personalized service.
Session cookies – these are temporary cookies that remain in the cookie file of the browser until you leave the website. The information obtained by these cookies is used to analyze web traffic patterns, allowing us to identify problems and provide a better browsing experience.
FOR WHAT PURPOSES DO WE USE COOKIES?
- Strictly necessary cookies – These allow you to navigate the website and use applications, as well as access secure areas of the website. Without these cookies, necessary services cannot be provided.
- Analytical cookies – These are used anonymously for the purpose of creating and analyzing statistics to improve the functioning of the website.
HOW CAN YOU MANAGE COOKIES?
All browsers allow you to accept, refuse or delete cookies, and also to inform you when a cookie is received, namely by selecting the appropriate settings in your browser. You can configure cookies in the “options” or “preferences” menu of your browser.
It should be noted, however, that by disabling cookies you may prevent some web services from working properly, affecting website navigation in whole or in part.