What is a cookie: A “cookie” is a small text file that is placed on a user's web browser or internet device and is used to remember and retrieve information about that user.

Users of our website may receive a cookie when visiting it. In some cases, when permitted by applicable law, cookies may also be used for certain email campaigns.

What types of cookies do we use and how do we use them? We use three main types of cookies, which include:

Functional cookies – these cookies support the use of the website and enable certain features to improve the user experience. For example, we use functional cookies to remember things, such as users' login preferences, preventing you from having to re-enter them.

Performance cookies – these cookies collect information necessary to support the website, allowing us to improve it and identify any problems the user may have experienced when visiting us. For example, performance cookies can provide us with information about how the user arrived at our website and how they navigated it during their visit. We also use these cookies to provide us with certain statistical and analytical information, such as the number of visitors our website has had.

Targeted cookies – these cookies are used to collect information about the Customer to help us improve our products and services, as well as to display targeted advertisements that we believe will be relevant to the Customer. We use targeted cookies across all our websites and applications for various marketing initiatives and campaigns. For more information, please see the “Targeted Advertising” section below.

To learn more about cookies and how they are used, visit: https://www.allaboutcookies.org/

Third-party cookies – As described above, we use various third-party service providers to help us manage, execute, and improve our advertising. These third parties may set cookies as directed by us to help us collect information and display advertisements that we believe would be relevant to you. In some cases, these third parties may also assist us by providing certain statistical and analytical information relating to our marketing practices. We may also share information collected through cookies (and other tracking technologies) with third parties for their own analytics and marketing purposes.

Cookie Management and Cancellation: Users can choose to visit our website without cookies, but in some cases, certain services, features, and functionalities may not be available. To visit the website without cookies, users can configure their browser to reject all cookies or to warn them when a cookie is set. Each browser is different, so the customer should check their browser's "Help" menu to learn how to change their cookie preferences.

This website uses Google Analytics, an analytical service provided by Google Inc. ("Google"). Google Analytics uses cookies, which are text files placed on your computer, to identify user preferences. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information on our behalf for the purpose of identifying your preferences when you use the website, compiling reports on website activity and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where permitted by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google.

You can refuse the use of cookies by selecting the appropriate setting on your browser. However, you should be aware that if you do so you will not be able to use all the features of this website. By using this site, you accept that your registered data will be used by Google in the manner and for the purposes mentioned above.

Garrafeira Grande Escolha takes all necessary technical and organizational security measures to protect your personal data against loss and misuse.

For example, your data is saved in a secure operating environment that cannot be accessed by the public. Your personal data is encrypted using Secure Socket Layer (SSL) technology during transmission. This means that an approved encryption procedure is used for communication between your computer and the Garrafeira Grande Escolha servers, if your browser is SSL-compatible (e.g., Microsoft Internet Explorer and Netscape Navigator). You can verify that you are in secure mode when you see a padlock or key icon in the lower right or lower left corner of your monitor. Additionally, you will see that the first characters of the website URL will be "https," indicating that you are accessing a secure server.

We reviewed our information collection, processing, and storage practices, including physical security measures, to protect against unauthorized access to systems.

We restrict access to personal information to employees, contractors, and agents of Garrafeira Grande Escolha who need to know this information for processing purposes and who are subject to strict contractual confidentiality obligations, and may be subject to disciplinary action or contract termination in case of breach of these obligations.

Garrafeira Grande Escolha does not collect personal data from minors. However, it is not always possible to determine the age of people who access and use the website. In this sense, if a minor provides their data without the consent of their guardians, we ask that they contact Garrafeira Grande Escolha so that this information can be removed and all future communications with the minor can be avoided.

What is this? The Garrafeira Grande Escolha Data Privacy Policy is a corporate standard that encompasses the applicable data protection regime standards within the company and is designed to meet legal data protection requirements. Garrafeira Grande Escolha is obligated to comply with this policy when collecting and processing personal data of members, employees, and suppliers.

Garrafeira Grande Escolha, in addition to its commitment to the continuous improvement of its services and the control and management of risks related to cybersecurity and information privacy, strives to have good practices, knowledge, and tools to create value and meet the needs of citizens.

Therefore, it complies with the principles set out in the GDPR, such as the "limitation of processing" of personal data, enshrining within its organization a rule of "data minimization" (minimizing the data collected in relation to what is necessary for the purposes of the processing) and effective accountability of the data controller (principle of accountability).

Garrafeira Grande Escolha takes privacy risks into account from the initial design phase of a given project, rather than only considering these risks later – privacy by default and privacy by design.

The right to rectify or update personal data can be exercised by the Customer at any time by sending an email to garrafeiragescolha@gmail.com or a letter to the address Avenida da Igreja, 31 Celeirós, 4705-732 Braga.

Garrafeira Grande Escolha requests that, in case of changes to personal data, this be promptly communicated through the same channel.

Garrafeira Grande Escolha retains the data for as long as is reasonably necessary for the fulfillment of the contract and always in accordance with applicable law.

If the Customer wishes to delete their data, Garrafeira Grande Escolha requests that they write to the address referenced above or send an email to garrafeiragescolha@gmail.com.

The Customer has the right to access the personal data held by Garrafeira Grande Escolha and to receive a copy of it. If the Customer wishes to exercise this right, they must contact Garrafeira Grande Escolha at the address mentioned above.

If the Customer has subscribed to any service to receive commercial and promotional information about the products of Garrafeira Grande Escolha and its partners, they may withdraw their consent at any time through the same means already mentioned above.

In cases where Garrafeira Grande Escolha bases the processing of the Customer's personal data on legitimate interest, the Customer may also object to this processing, and should do so by contacting the aforementioned email address.

Garrafeira Grande Escolha aims to achieve high standards and, therefore, its policies and procedures are constantly under review. Garrafeira Grande Escolha may change this privacy policy whenever it deems appropriate and necessary. Therefore, periodic checking of this page is recommended to read and review the most recent version.

If you are dissatisfied with our use of your personal data or with our response after exercising any of the rights provided for in this Policy or in the General Data Protection Regulation, you have the right to lodge a complaint with the responsible supervisory authority.

If you have any questions related to our use of your personal data or wish to exercise any of the rights mentioned in this Policy, you can contact us via the email address garrafeiragescolha@gmail.com.

GDPR: General Data Protection Regulation

Personal Data: Any information, of any nature and regardless of its medium, including sound and image, relating to an identified or identifiable natural person ("data subject"); a person is considered identifiable if they can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number or to one or more factors specific to their physical, physiological, mental, economic, cultural or social identity.

Personal Data Processing (processing): Any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Data controller: The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of processing personal data.

Subcontractor or sub-processor (data processor): The natural or legal person, public authority, agency or any other body that processes personal data on behalf of the data controller.

Third party: A natural or legal person, public authority, agency or any other body that, other than the data subject, controller, processor or another person under the direct authority of the controller or processor, is authorized to process the data.

Recipient: The natural or legal person, public authority, agency or any other body to whom personal data is disclosed, whether or not it is a third party.

Data Subject Consent: Any freely given, specific, informed and explicit indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to or to him or her.

Privacy by design: This means taking privacy risks into account throughout the entire design process of a new product or service, rather than considering privacy issues only afterwards. It involves carefully evaluating and implementing appropriate technical and organizational measures and procedures from the outset to ensure that processing complies with the GDPR and protects the rights of the data subjects concerned.

Privacy by default: This means ensuring that mechanisms are in place within an organization to guarantee that, by default, only the necessary amount of personal data is collected, used, and stored for each task. This obligation applies to the extent of its processing, the retention period, and its accessibility. These measures ensure that personal data is not made available to an indeterminate number of individuals without human intervention.

Restriction of Processing: Inserting a mark on personal data held with the aim of limiting its processing in the future.

Data minimization: This means that the personal data collected should be limited to what is necessary in relation to the purposes for which it is processed.