Privacy Policy

Data Protection and Privacy Commitment 

Wine Crush Consulting complies with all applicable European Union and national legal standards regarding data protection, privacy, and information security.

 

Wine Crush Consulting is implementing a Personal Data Protection System and an Information Security System to ensure regulatory compliance and demonstrate institutional responsibility regarding data protection and information security. We are implementing all necessary technical and organizational measures to comply with the general legal framework of the Law Implementing the General Data Protection Regulation (Law 58/2019 of August 8) and the General Data Protection Regulation, EU Regulation 679/2016 of April 27). 

 

For any clarification, additional information, or to exercise rights in this regard, please contact the Data Protection Officer of Wine Crush Consulting via email at info@winecrushconsulting.com. 

Definitions

“Personal Data” 

 

“Personal data” means information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier. Personal identifiers include, for example, a name, an identification number, location data, electronic identifiers, or one or more specific elements of the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. 

 

“Processing of Personal Data” 

 

“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction. 

 

“Cookies” 

 

“Cookies” are small text files containing information that devices (such as computers, mobile phones, or portable devices) load via a web browser when a user visits an online site. 

Data Controller

Wine Crush Consulting, located at Oeiras Tower, Rua do Silval 37, Office 3.11, 2780-373 Oeiras, Tax Identification Number (NIPC) 517190737, hereinafter referred to as Wine Crush Consulting, is the entity responsible for the online sites and computer applications, hereinafter referred to as channels or applications, through which Users, Service Recipients, or Clients remotely access Wine Crush Consulting services presented or provided at any time through these channels. The entity is considered responsible for the processing of personal data. 

 

The use of channels or applications by any User, Service Recipient, or Client may involve the processing of personal data, which Wine Crush Consulting, as the entity responsible for such processing, ensures is protected, private, and secure in accordance with the terms of this Data Protection Policy. 

Contact Information for Data Controller

For contact purposes with the Data Protection Officer of Wine Crush Consulting, please send an email to info@winecrushconsulting.com or to each specific address identified on the online sites, describing the subject of the request and providing an email address, telephone contact, or mailing address. 

 

For any other purpose, the following general contacts of Wine Crush Consulting may be used: 

 

– Postal Address: Oeiras Tower, Rua do Silval, 37, Office 3.11, 2780-373 Oeiras; 

 

– General Email:info@winecrushconsulting.com; 

 

– General Phone: +351 910 973 738; 

Collection and Processing of Personal Data

Wine Crush Consulting processes personal data strictly necessary for providing information and operating its channels, according to the uses made by Users, Service Recipients, or Clients. This includes data provided for requesting information or registering for services, and data resulting from the use of services provided by Wine Crush Consulting through these channels, such as access, queries, instructions, transactions, and other usage records. 

 

The use or activation of certain channel functionalities may involve the processing of various direct or indirect personal identifiers, such as name, address, contacts, device addresses, or geographical location, whenever the User, Service Recipient, or Client expressly consents to it. 

 

In all cases, Users, Service Recipients, or Clients will be informed of the need to access such data for using the respective channel functionalities. 

 

Personal data collected by Wine Crush Consulting is processed electronically, including automated processing in some cases, including file processing or profile definition, within the framework of pre-contractual, contractual, or post-contractual relationship management with Users, Service Recipients, or Clients, in accordance with current national and community regulations. 

Categories of Processed Personal Data and Data Subjects

The categories or types of personal data that are subject to processing generally include: 

 

– Identification data; 

– Contact data; 

– Professional data; 

– Billing data; 

– Traffic and access control data. 

 

At different Data Controller locations, biometric data may also be processed through video surveillance systems that are installed. 

 

The detailed list of categories of personal data and categories of data subjects are described in the Data Processing Information Sheets. 

Legal Principles

All data processing operations comply with fundamental legal principles in data protection and privacy, including circulation, lawfulness, loyalty, transparency, purpose limitation, minimization, storage, accuracy, integrity, and confidentiality.

 

Wine Crush Consulting is available to demonstrate its responsibility to data subjects or any other third party with a legitimate interest in this matter. 

Legitimacy Grounds

All data processing operations carried out by Wine Crush Consulting are based on legitimacy grounds, whether the data subject has given consent for the processing of their personal data for one or more specific purposes, the processing is necessary for the performance of a contract in which the data subject is a party or for pre-contractual measures at the request of the data subject, the processing is necessary for compliance with a legal obligation to which the data controller is subject, for the performance of a task carried out in the public interest, or the processing is necessary for the purposes of legitimate interests pursued by Wine Crush Consulting or third parties. 

Purpose of Processing

All personal data processed within Wine Crush Consulting channels are exclusively intended for providing information to Users, managing personal information of Service Recipients necessary for relationship management or communication purposes, and providing services to Clients. In general, it is for managing pre-contractual, contractual, or post-contractual relationships with Users, Service Recipients, or Clients. 

 

The collected personal data may also be processed for statistical purposes, informational or promotional activities, and communication actions, particularly to promote the disclosure of new features or services, through direct communication, whether by mail, email, messages, phone calls, or any other electronic communication service. 

 

Users, Service Recipients, or Clients are always informed in advance and asked for explicit authorization for these latter purposes. They can, at any time, exercise their right to withdraw consent or object to the use of their personal data for purposes beyond the management of the relationship with the Data Controller, especially for the pursuit of legitimate interests, sending informative communications, or inclusion in lists or informational services, by sending a written request to the Data Protection Officer of Wine Crush Consulting, following the procedures outlined below. 

Data Processing Information Sheets

In accordance with the principles of loyalty and transparency and to ensure compliance with the obligation to provide information, Wine Crush Consulting directly delivers or publicly provides to all personal data subjects, depending on the method of data collection, the data processing information sheets, which are accessible for consultation at any public service point or with the Data Protection Officer. 

Data Retention Periods

Personal data will only be retained for the period necessary for the purposes that motivated their collection or subsequent processing, ensuring compliance with all applicable legal archiving requirements, with specific retention periods specified in each Data Processing Information Sheet. 

Use of Cookies

Wine Crush Consulting may use two main categories of cookies: cookies within online sites and cookies within direct electronic communication channels, with users or clients being able to disable them in any category. 

  

Wine Crush Consulting uses cookies on its online sites to improve User and Client browsing performance and experience, increasing response speed and efficiency, and eliminating the need to repeatedly enter the same information. 

  

The use of cookies helps online sites recognize User and Client devices on subsequent visits, sometimes being essential for their operation. 

  

Cookies used by Wine Crush Consulting on all its channels do not collect personal information that identifies Users or Clients, storing only generic information such as access format or geographical location and usage patterns. Cookies only retain information related to User and Client preferences, without recording personal identifiers. 

  

Users, Service Recipients, or Clients can, at any time, via their internet browsing application (browser), choose to be notified about cookie receipt and block their entry into the system. 

  

Regarding the intended purposes, Wine Crush Consulting may occasionally, if necessary, use three different types of cookies, with specific functionalities: 

  

(i) Essential cookies – some cookies are essential to access specific areas of online channels, allowing navigation and use of applications, such as accessing secure areas through user registration – without these cookies, required services cannot be provided; 

(ii) Functionality cookies – functionality cookies remember user preferences regarding online site navigation, avoiding the need for reconfiguration with each visit; 

(iii) Analytical cookies – these cookies are used to analyze how users use online sites, highlighting articles or services of interest, monitoring site performance, determining popular pages, or effective linking methods, and identifying reasons for any error messages – these cookies are used only for statistical creation and analysis purposes, without ever collecting personal information. 

  

With these purposes, Wine Crush Consulting can provide a high-quality experience to Users, Service Recipients, or Clients, personalizing information and offers and identifying or correcting any potential issues that may arise during use. 

  

Regarding validity type, there are two types of cookies: 

  

(i) Persistent cookies – cookies stored on devices used to access channels (computers, mobile phones, etc.) within the internet browsing application (browser) and used whenever Users or Clients revisit any channel – generally used to direct navigation according to user or client interests, allowing Wine Crush Consulting to provide a more personalized service; 

(ii) Session cookies – temporary cookies generated and available only until the session is closed, as they will not be stored the next time the Client/User accesses their internet browsing application (browser) – information obtained helps manage sessions, identify issues, and provide a better browsing experience. 

  

Users, Service Recipients, or Clients can disable part or 

  

all cookies at any time – they must follow the instructions available in each internet browsing application (browser) used, although disabling may lead to loss of access to some site functionalities. 

  

Wine Crush Consulting, within direct electronic communication channels, may also use cookies when opening various electronic communications such as newsletters and email, for statistical purposes – allowing them to know if these communications are opened and verify clicks through links or advertisements within these communications. 

 

In this category of cookies, Users, Service Recipients, or Clients always have the option to disable electronic communication by using the specific option in the footer. 

 

Data Communication to Other Entities

Wine Crush Consulting providing information or services to its Users, Service Recipients, or Clients through channels may eventually involve the use of subcontracted third-party services, including entities headquartered outside the European Union, to provide certain services, which may involve these entities accessing such personal data. 

  

In such circumstances, Wine Crush Consulting will only resort to subcontracted entities that provide sufficient guarantees of implementing adequate technical and organizational measures so that the processing meets the requirements of applicable regulations, with such guarantees formalized in contracts signed between Wine Crush Consulting and each of these third-party entities. 

Data Recipients

Except within the scope of legal obligations, contract performance, or legitimate interests, personal data of Users, Service Recipients, or Clients will never be communicated to third-party entities other than subcontracted entities or legitimate recipients, nor will any other communication be made for purposes other than those mentioned above. 

International Data Transfers

Any transfer of personal data to a third country or international organization will only be carried out in compliance with legal obligations or ensuring compliance with applicable European and national legal standards in this matter. 

Security Measures

Considering the most advanced techniques, application costs, the nature, scope, context, and purposes of processing, as well as variable probability and severity risks for Users, Service Recipients, or Clients, Wine Crush Consulting and all subcontracted entities apply appropriate technical and organizational measures to ensure an adequate level of security concerning risks. 

  

For this purpose, various security measures are adopted to protect personal data against dissemination, loss, misuse, alteration, processing, or unauthorized access, as well as against any other unlawful processing. 

  

It is the sole responsibility of Users, Service Recipients, or Clients to keep access codes confidential, not sharing them with third parties, and, particularly concerning internet browsing applications (browser) used to access channels, maintaining and securing access devices and following security practices recommended by manufacturers and/or operators, particularly in terms of installing and updating necessary security applications, including antivirus applications, among others. 

  

If subcontracting services are required by third-party entities that may access personal data of Users, Service Recipients, or Clients, subcontractors of Wine Crush Consulting will be required to adopt the necessary organizational security measures and technical measures to protect the confidentiality and security of personal data and prevent unauthorized access, loss, or destruction of personal data. 

Exercise of Data Subject Rights

Users, Service Recipients, or Clients of Wine Crush Consulting, as data subjects, may, at any time, exercise their data protection and privacy rights, including rights of access, rectification, erasure, portability, restriction, or objection to processing, in accordance with applicable rules and limitations. 

  

Any request to exercise data protection and privacy rights must be made in writing by the data subject to the Data Protection Officer, following the procedure and contact described below. 

Complaints or Suggestions

Users, Service Recipients, or Clients have the right to submit complaints, either through registering a complaint in the Complaints Book or through filing a complaint with regulatory authorities – in the latter case, they can directly submit a petition or complaint to the National Data Protection Commission through the contacts available at www.cnpd.pt. 

  

Users, Service Recipients, or Clients can also make suggestions by sending an email to the Data Protection Officer at info@winecrushconsulting.com. 

Incident Reporting

Wine Crush Consulting has implemented an incident management system concerning data protection, privacy, and information security. 

  

If any User, Service Recipient, or Client wishes to report any personal data breach, resulting accidentally or unlawfully in the destruction, loss, alteration, unauthorized disclosure, or access of personal data transmitted, stored, or otherwise processed, they can contact the Data Protection Officer or use Wine Crush Consulting’s general contacts. 

Changes to Data Protection Policy

To ensure its update, development, and continuous improvement, Wine Crush Consulting may, at any time, make appropriate or necessary changes to this Data Protection Policy, ensuring its publication across different channels to guarantee transparency and information to Users, Service Recipients, and Clients. 

Express Consent and Acceptance

The terms of the Data Protection and Privacy Policy are complementary to the terms and provisions, concerning personal data, specified in the General Terms of Use of Wine Crush Consulting channels. 

  

The voluntary, specific, and informed provision of personal data by the data subject implies knowledge and acceptance of the conditions in this Policy. By using the channels or providing personal data, Users, Service Recipients, or Clients are expressly authorizing their processing, according to the rules defined in each applicable channel or collection tool. 

Special Data Protection Policies

With a commitment to transparency and information to the data subject, Wine Crush Consulting guarantees that specific personal data protection policies will be implemented, namely, a specific policy of processing biometric data concerning surveillance and image capture by video surveillance. 

Data Protection Policy Effective Date

This Data Protection and Privacy Policy is effective from the date of publication on Wine Crush Consulting channels, without prejudice to changes that may be necessary or appropriate for data protection reasons.

 

Oeiras, February 15, 2024 

Contacts
Oeiras Tower Rua Silval 37 Escritório 3.11 2780 – 373 Oeiras
Subscribe our Newsletter
© 2024 Wine Crush. All rights reserved.