Privacy and Data Protection Policy

WHO WE ARE?

We are BE WE, located in Cascais, Portugal!

Our purpose is to improve marketing and make it more efficient for everyone, and for this, we process your personal data and, consequently, we are responsible for protecting your personal data in order to gain even more trust from our customers.

BE WE is committed to data security, aiming to guarantee privacy and protection of personal data for all those who have any kind of relationship with us, even indirectly.

Therefore, this Privacy Policy formalizes our commitment to transparency so that you can understand in a simple, clear, and objective way what personal information is collected, why we collect it, if we share it, with whom, and for how long.

In addition, this policy aims to inform you about your rights regarding this information and how to exercise them with BE WE.

WHAT YOU WILL FIND IN OUR DATA PRIVACY POLICY?

In this Privacy Policy, you will find all relevant information applicable to the use of personal data of users and customers online. In addition, the Policy aims to help you better understand how our data collection, use, sharing, and storage practices work during the activities inherent to our business.

Definitions

The following terms are used in our Privacy Policy:

  • GDPR: General Data Protection Regulation.

  • Personal Data: Any information relating to an identified or identifiable natural person ("Data Subject"). A natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, electronic identifiers, or one or more specific elements of physical, physiological, genetic, mental, economic, cultural, or social identity.

  • Sensitive Personal Data: Personal data on racial or ethnic origin, religious belief, political opinion, union membership or membership of a religious, philosophical, or political association, data relating to health or sexual life, genetic data, or biometric data when linked to a natural person.

  • Data Subject: The person to whom the personal data refers.

  • Data Protection Officer (DPO): The person responsible for the protection of personal data at BE WE CONCEPT and for communication with CNPD and data subjects, contactable by email: bewe@beweconcept.com.

  • CNPD: The National Data Protection Commission is the government body responsible for ensuring, implementing, and overseeing compliance with the General Data Protection Regulation throughout the national territory.

  • Processing: Any operation performed on personal data, whether automated or non-automated, such as collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, deletion, evaluation, or control of information, modification, communication, transfer, dissemination, or extraction.

  • Consent: Freely given, informed, and unequivocal expression by which the data subject agrees to the processing of their personal data for a specific purpose.

  • Anonymization: Use of reasonable and available technical means at the time of processing by which data loses the possibility of direct or indirect association with an individual.

  • Blocking: Temporary suspension of any processing operation, by storing personal data or the database.

  • Deletion: Deletion of data or a set of data stored in a database, regardless of the procedure used.

  • Sharing: Communication, dissemination, international transfer, interconnection of personal data or shared processing of personal data by public bodies in the performance of their legal competences, or between public and private entities, reciprocally, with specific authorization, for one or more forms of processing allowed by these public entities, or between private entities.

  • International Data Transfer: Transfer of personal data to a foreign country or international organization of which the country is a member.

  • Third Party: Any legal person, as well as any natural person who uses or may use personal data for economic purposes. These include service providers, outsourced workers, business partners, suppliers, and representatives of BE WE.

  • Website: A location on the Internet identified by a domain name, consisting of one or more pages with content that may contain text, graphics, images, photos, videos, and other information. BE WE's institutional website is https://beweconcept.com/.

CAN CHANGES TO THE PRIVACY POLICY OCCUR?

Modifications and updates to this Policy may occur when necessary. If this happens, you will need to visit the Privacy Policy of the website and other documents to review the changes, evaluate them, and possibly opt-out of some of the services.

HOW ARE WE LEGALLY AUTHORIZED TO PROCESS PERSONAL DATA?

The General Data Protection Regulation (GDPR), in Article 6, provides for the conditions for the lawfulness of processing your data. Therefore, we highlight below the legal grounds on which your personal data may be processed when we are in the position of Controller, applied according to the category of data:

  • The data subject has given consent to the processing of their personal data for one or more specific purposes.
  • Processing is necessary for the performance of a contract to which the data subject is a party or for pre-contractual measures taken at the data subject's request.
  • Processing is necessary for compliance with a legal obligation to which the controller is subject.
  • Processing is necessary to protect the vital interests of the data subject or of another natural person.
  • Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
  • Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular if the data subject is a child.

In other words, the cited conditions are legal bases capable of justifying the processing of your data by BE WE.

WHO IS RESPONSIBLE FOR PROCESSING YOUR DATA?

BE WE. We exercise control over your personal data, meaning we are responsible for processing and protecting your personal data.

WHAT DATA DO WE USE?

In order for us to provide our services and carry out our activities, it is essential to collect certain information that concerns you. But what are this data?

The data we use may vary depending on your relationship with BE WE, and we may collect data such as:

  • Personal data provided directly by you: During your relationship with us, you may actively provide us with your personal data by filling out forms and forms, by accessing the areas and functionalities of the website, as indicated below in non-exhaustive examples:

    Website Area

    Purpose

    Personal Data

    Footer of the website

    Digital Marketing Actions

    Email

    Account

    Personal account creation form to make purchases in the store.

    Name, Surname, Email, Password, Company, Phone, Address, City, State, Zip Code.

    Order Payment

    Digital Marketing Actions

    Card Number, Name on the card, Expiry Date, Security Code

WHY DO WE PROCESS YOUR DATA?

BE WE uses your data for various reasons, with the main one being to execute the contract that you enter into with the company when registering and making an online purchase or to manage your registration, service communications, and order deliveries, among others. However, there are various purposes for which we may process your personal data, with the main ones listed below:

  • If BE WE has any legal or regulatory obligations: Your personal data may be used to meet obligations set forth in law, regulations of government agencies, tax authorities, the judiciary, and/or other competent authorities. This treatment may include your complete qualifications, personal documents, and banking data, for example.
  • For the regular exercise of BE WE's rights: Even after the end of the contractual relationship, we may process some of your personal data to exercise our rights guaranteed by law, including as evidence in judicial, administrative, or arbitration proceedings, in responses to legal actions in which BE WE is an interested party or is required by the competent court to comment on a particular fact.
  • In situations of BE WE's legitimate interest: It is possible that your personal data may also be processed for legitimate purposes involving the continuity of our activities, such as promoting BE WE's services, providing information about news, content, news, and other relevant matters to maintain your relationship with BE WE and improve the functionalities, use, and experience on our website and other tools made available as a result of our services.
  • For contract execution: We may use your identification and contact data to enable the execution of the contract we have entered into, whether with customers or partners, enabling, for example, the provision of our services and other acts resulting from the contractual relationship established with BE WE.
  • To conduct activities aimed at preventing fraud: When strictly necessary, we may process your data to verify that you are who you say you are, preventing fraud.
  • With your authorization: If you express your interest and authorize us, whenever necessary, we may use your data to send communications about our products and services, such as during marketing campaigns, by sending emails, SMS, and messages via WhatsApp and/or phone.

HOW LONG DO WE STORE YOUR DATA?

Personal data processed by BE WE will be deleted when it is no longer useful for the purposes for which it was collected, with a maximum period of 3 (three) years, or when the data subject requests its deletion, except if there is a need for maintenance for legal or regulatory purposes, for the exercise of their rights in judicial or administrative proceedings, or in other cases provided for by applicable law.

DO WE SHARE DATA WITH THIRD PARTIES?

BE WE only transmits your personal data when necessary to entities whose collaboration is essential for the provision of requested services for the operation of their activities. We present some hypotheses below, not exhaustive, in which the sharing of your information may occur:

  • With partner companies and suppliers, subcontractors, and independent third parties (acting as processors and data controllers) in the development and provision of services, in accordance with BE WE's privacy and data protection policies and/or information security procedures and as allowed or required by the GDPR.
  • With carriers, partner companies, financial entities, management platforms such as SAGE and Overwan, which may exercise control over the data as well as our company.
  • With authorities, government entities, or other third parties to protect BE WE's interests in any kind of conflict, including legal actions and administrative proceedings.
  • By court order or at the request of administrative authorities with legal competence to request it.

HOW DO WE PROTECT YOUR PERSONAL DATA?

BE WE follows strict standards of security and confidentiality to protect the personal information of our users. If you have any reason to believe that your account, transaction, or information is no longer secure, please contact us via email at bewe@beweconcept.com.

BE WE adopts technical measures to keep personal data secure and protected from unauthorized access and accidental or unlawful destruction, loss, alteration, communication, or any other form of inadequate or unlawful treatment, always in accordance with the applicable data protection and information security rules. This includes, among other measures, internal privacy and information security policies and procedures, periodic monitoring of our systems, and the use of techniques such as firewalls, encryption, intrusion detection, and website monitoring.

However, despite our best efforts to preserve your privacy and protect your personal data, no data transmission is completely secure and is always susceptible to technical failures, viruses, or similar actions. In the unlikely event of such incidents, BE WE will take all appropriate measures to remedy the consequences of the event, always ensuring due transparency to you.

WHAT ARE YOUR RIGHTS?

BE WE is committed to respecting the confidentiality of your personal data and ensuring that you can exercise all your rights. You are allowed to exercise your rights freely and easily, simply by sending an email to our email address bewe@beweconcept.com, stating your request and the right you wish to exercise. In order for us to identify you, please attach a copy of some identification document to the email.

Regardless of the purpose or legal basis under which we process your data, data subjects have certain rights provided for in the General Data Protection Regulation, which can be found on the website https://eur-lex.europa.eu/legal-content/PT/TXT/HTML/?uri=CELEX:32016R0679#d1e2468-1-1.

RIGHT

LEGAL BASIS

The data subject has the right to request and obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed.

Article 15 of the GDPR

The data subject has the right to request and obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by means of providing a supplementary statement.

Article 16 of the GDPR

The data subject has the right to request that we erase his or her data to the extent that they are no longer necessary for the purposes for which we need to continue processing them, as explained above, or when we are no longer legally authorized to process them.

Article 17 of the GDPR

Request the deletion or limitation of the processing of your personal data, which means that in certain cases, you may ask us to temporarily suspend the processing of data or their retention beyond the necessary time.

Article 18 of the GDPR

The controller shall communicate any rectification or erasure of personal data or restriction of processing carried out in accordance with the Regulation to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. If you request it, the controller will provide you with information about these recipients.

Article 19 of the GDPR

The data subject has the right to receive the personal data concerning him or her that he or she has provided to a controller in a structured, commonly used, and machine-readable format and has the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.

Article 20 of the GDPR

The data subject has the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her, and the controller shall cease processing personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defense of legal claims.

Article 21 of the GDPR

INFORMATION ABOUT COOKIES

We use cookies and similar devices to facilitate your navigation on the Platform, understand how you interact with us, and, in certain cases, show you advertising based on an analysis of your browsing habits. Please read our Cookie Policy to better understand the cookies and similar devices we use, their purpose, how to manage your preferences, and other useful information.

HOW TO CONTACT US?

If you have any questions, complaints, requests, or comments about our privacy policy or the processing of your personal data, you can contact us at +351 911 514 804 or via email at bewe@beweconcept.com. You can also contact us and visit us in person at our address: Rua Doutora Iracy Doyle, 40 B - 2750-377, Cascais, Portugal.

Last Updated on July 5, 2021.