PRIVACY POLICY
GoldNutrition collects some Personal Data of the Users (holders of personal data). In order to comply with Regulation 2016/679 with regards to personal data processing, which entered into force on 25 May 2018, GoldNutrition informs:
Entity responsible for the processing of personal data
GoldNutrition
Rua dos Bem Lembrados, 141, Alcabideche
2645-471 Cascais – Portugal
E-mail Contact of the Data Protection Officer:
– Types of Personal Data processed
The types of Personal Data that GoldNutrition processes, either by itself or through third parties, are: first and last name, telephone number, company name, e-mail address, address, website, Usage Data, Cookie and User Name.
Personal Data may be freely provided by the User or, in the case of the User Data, collected through registration on the site or on GoldNutrition platforms. Unless otherwise specified, all data collected by GoldNutrition is required, and failure to provide such data by you may prevent GoldNutrition from providing its Services to you. In the event that GoldNutrition specifically states that some data is optional, Users are free to stop communicating the Data without any consequences for the availability or operation of the Service.
Users who have doubts about the type of processing, the lawfulness of the processing and the data involved, are invited to contact the Responsible for the data processing through the address indicated above or via email to the person in charge of the data protection (epd@GoldNutrition .pt).
Any use of cookies – or other tracking tools – by this Site or by the owners of third party services used by this Site will be for the purpose of providing the Services requested by the User, in addition to the other purposes described in this document and the Cookies Policy , if available.
– Security in the processing of personal data
The controller ensures that the data are stored in systems with protective measures aimed at ensuring a level of confidence appropriate to the risk, as provided for in Regulation 2016/679, Article 32.
Personal data processing is performed using computers and / or IT enabled tools, following organizational procedures and means strictly related to the purposes indicated. In addition to the controller, in some cases, Data may be accessed internally by the administration, sales, marketing, legal system administration, and GoldNutrition subcontractors (such as outsourced technical service providers, postal service providers, hosting providers, IT companies , communications agencies) appointed, when necessary, as Data Processors by the controller. The updated list of these parts may be requested from the controller at any time.
– Lawfullness of processing of personal data
The Controller may process Personal Data related to the User if one of the following applies (Regulation 2016/679, article 6):
- Users have given their consent for one or more specific purposes;
- The processing of personal data is necessary for the fulfillment of a contract with the User and / or any pre-contractual obligations of the same;
- The processing of personal data is necessary for the fulfillment of a legal obligation to which the Controller is subject;
- The processing of personal data is necessary for the purpose of legitimate interests pursued by the Controller or a third party;
In any case, the Data Protection Officer appointed by the Controller will cooperate willingly to clarify the legal basis for data processing, and in particular if the provision of Data is a mandatory requirement by law or contract, or is a requirement to conclude a contract.
– Place of personal data processing
The personal data are processed at the head office. Depending on the location of the User, the data transfers may involve the transfer of the User Data to another country other than yours.
Users also have the right to be informed of the legal basis for data transfers to countries outside the European Union or to any international organizations governed by public international law or formed by two or more countries and the security measures taken by the Controller. The use of this word may imply that the organization has seized the personal data, that is, it considers that the personal data of the owners belongs to the organization in order to protect the Personal Data of the Users.
If any such transfers occur, the Users may find out more by checking the relevant sections of this document or by asking the Controller using the information provided in the contact section.
– Term of retention of personal data
Personal Data will be kept for as long as necessary for the purposes for which it is collected.
Therefore:
Personal Data collected for purposes related to the execution of a contract between the Controller and the User will be retained until such agreement has been fully complied with.
Personal Data processed for purposes relating to the legitimate interests of the Controller shall be kept for as long as necessary to fulfill such purposes. Users may obtain specific information about the legitimate interests pursued by the Controller within the relevant sections of this document or by contacting the Data Protection Officer.
– The purposes of processing
The User Data is collected to enable the Provider to provide its Services and products, as well as for the following purposes: Contact the User, Spam Protection, Access to third-party service accounts, Statistics, Save and manage backup, Content commenting, Viewing content from external platforms, Payment processing, Interaction with social networks and external platforms, User database management, Interaction with data collection platforms and other third parties, Managing email addresses and messaging, Logging and Authentication, Tag Management, and Traffic Optimization and Distribution.
Facebook Permissions Required by GoldNutrition Website
The GoldNutrition website may request some Facebook permissions that allow you to perform actions with your Facebook account and to retrieve information, including personal information. This service allows the connection with the User account on the social network Facebook, provided by Facebook Inc.
For more information about the following permissions, see the Facebook permissions documentation and Facebook privacy policy.
The permissions that are requested, which aim to collect personal data, are the following: Birthday, E-mail and Basic information.
Detailed information about the processing of Personal Data
Personal Data is collected for the following purposes and using the following services:
– Access to third-party service accounts
This type of service allows GoldNutrition’s website to access your Account Data with a third party service and perform actions with it.
These services are not activated automatically, they need explicit authorization of the User (holder of the personal data).
– Access to Facebook account
This service allows the GoldNutrition website to connect to the User account on the social network Facebook provided by Facebook, Inc.
Permission Request: Anniversary, E-mail Contact and Email.
Processing Location: USA – Privacy Policy.
Content comment
Content commenting services allow users to create and post comments on the content of this service (on the GoldNutrition website).
Depending on the settings chosen by the Data Processing Manager, Users may also leave anonymous comments.
If there is an email address among the Personal Data provided by the User, it may be used to send comment notifications about the same content. Users are responsible for the content of their comments.
If a third-party content commenting service is installed, it may still collect web traffic data for the pages where the comment service is installed, even when users do not use the comment content service.
– Feedback System managed directly (on the GoldNutrition Website)
This Site has its own internal content feedback system.
Personal Data processed: Cookie, e-mail, name, User name, surname and website.
Contact the User
– Contact Form (GoldNutrition Site)
By filling out the contact form on the GoldNutrition website with your Data, users authorize the Data Provider to use such details to respond to requests for information, quotation or any other type of request as indicated by the title of the form.
Personal Data Handled: name, surname, e-mail address, company name, phone number, country and website.
– Mailing list or newsletter (GoldNutrition Site)
The User, when registering for the mailing list or newsletter, acknowledges that the email address will be added to the contact list of those who may receive e-mail messages containing information of a commercial or promotional nature about this Site. Your email address can also be added to this list, as a result of your registration on the GoldNutrition website or after making a purchase.
Personal Data processed: e-mail, first and last name.
– Contact Phone Number (GoldNutrition Site)
Users who provided the telephone number may be contacted for commercial or promotional purposes related to this Site, as well as to fulfill requests for support.
Personal Data Handled: name, surname phone number.
Statistics
The services in this section enable the Controller to monitor and analyze web traffic and may be used to track User behavior.
– Google Analytics (Google Inc.)
Google Analytics is an Internet analytics service provided by Google Inc. (“Google”). Google uses the collected data to track and review the use of this service (this Site) to prepare reports on activities and share them with other Google services.
Google may use the collected data to contextualize and customize the ads in your own ad network.
Personal Data Handled: Cookie and Usage Data.
Place of Processing: USA – Privacy Policy – Opt Out.
– WordPress Stat (Automattic Inc.)
WordPress is an analytics service provided by Automattic Inc.
Personal Data Handled: Cookie and Usage Data.
Processing Location: USA – Privacy Policy.
User database management
These types of services allow the Controller to create user profiles using an email address, personal name, or other information that the User provides on the GoldNutrition website as well as tracking user activity through analytical resources.
This Personal Data may also be combined with publicly available information about the User (such as social networking profiles) and used to construct private profiles that the Controller may view and use to improve the service of the GoldNutrition website.
Some of these services may also be enabled to send scheduled messages to the User such as action-based emails performed on this service on the GoldNutrition website.
E-mail Address and Messaging Management
These types of services allow managing the database of e-mail contacts and telephones for communication purposes with the User.
These services can also be used to process data referring to the date and time the User viewed the e-mail; and also when the User interacted with the e-mail received, such as when the User selected the links included in the e-mail.
– MailChimp (The Rocket Science Group, LLC.)
MailChimp is an email address management and messaging service provided by The Rocket Science Group, LLC.
Personal Data processed: e-mail.
Processing Location: USA – Privacy Policy.
Tag Management
This type of service helps the Controller to manage the tags or scripts required by the GoldNutrition website centrally. As a result of this, the User Data is treated by these services existing and used a posteriori for remarketing campaigns.
– Google Tag Manager (Google LLC)
Google Tag Manager is a management service provided by Google LLC.
Personal Data Handled: Cookie and Usage Data.
Processing Location: USA – Privacy Policy.
Interaction with data collection platforms and other third parties
These types of services allow users to interact with data collection platforms or other services directly from the GoldNutritiom website pages in order to store (save) and reuse data.
If one of these services is installed on the GoldNutrition website, GoldNutrition may collect Usage and browsing data on the pages where they are installed, even if Users do not actively use the service.
Interaction with social networks and external platforms
These types of services allow users to interact with social networks or other external platforms directly from the GoldNutrition website pages. The interaction and information obtained by the GoldNutrition
website is always subject to the User’s privacy settings on every social network. If a service that allows interaction with social networks is installed by the Responsible Party, they may collect traffic data for the pages where the service is installed, even when Users are not using them.
– The Facebook Likes and Social Widgets button (Facebook, Inc.)
The Facebook Like Button and Social Widgets are services that allow user interaction with the Facebook social network provided by Facebook, Inc.
Personal Data Handled: Cookie and Usage Data.
Processing Location: USA – Privacy Policy.
– The +1 button and Google+ social widgets (Google Inc.)
The +1 button and Google+ social widgets are services that allow user interaction with Google+ social network provided by Google Inc.
Personal Data Handled: Cookie and Usage Data.
Processing Location: USA – Privacy Policy.
– LinkedIn button and social widgets (LinkedIn Corporation)
LinkedIn button and social widgets are services that allow users to interact with the LinkedIn social network provided by LinkedIn Corporation.
Personal Data Handled: Cookie and Usage Data.
Processing Location: USA – Privacy Policy.
– The YouTube button and social widgets (Google Inc.)
The YouTube social button and widgets are services that allow users to interact with the YouTube social network provided by Google Inc.
Personal Data Handled: Usage Data.
Processing Location: USA – Privacy Policy.
Payment processing
Payment processing services allow GoldNutrition’s website to process payments by credit card, bank transfer or other means.
In order to protect personal data since the transaction approval, by default, the site only collects (to the user, e.g. personal data holder) and transmits (to financial intermediaries) the information strictly necessary for the payment.
Some of these services may also enable the sending of timely messages to the User of this Site such as invoices based on email and other notifications.
– Paypal (Paypal)
PayPal is a payment service provided by PayPal Inc., which allows Users to make payments online.
Personal Data processed : Various types of Data as specified in the service’s privacy policy.
Anti-spam protection
These types of services analyze traffic potentially containing Users’ Personal Data, in order to filter them from parts of the website traffic, messages and content that are recognized as SPAM.
– Google reCAPTCHA (Google Inc.)
Google reCAPTCHA is a SPAM protection service provided by Google Inc.
Use of reCAPTCHA is subject to Google’s privacy policy and terms of use.
Personal Data Handled: Cookie and Usage Data.
Processing Location: USA – Privacy Policy.
– Akismet (Automattic Inc.)
Akismet is a SPAM protection service provided by Automattic Inc.
Treated Personal Data: Various types of Data as specified in the service’s privacy policy.
Processing Location: USA – Privacy Policy.
Registration and authentication
By registering or authenticating on the website, Users allow the GoldNutrition website to identify them and to assign access to dedicated services to the Users.
Depending on what is described below, the registration and authentication services may be provided by third parties. (e.g. login to GoldNutriton’s website through Facebook credentials).
In this case, the GoldNutrition website may access some Data stored by these third party services for registration or identification purposes.
– Facebook Authentication (Facebook, Inc.)
Facebook Authentication is a registration and authentication service provided by Facebook, Inc. and is connected to the social network Facebook.
Personal Data Processed: Various types of Data as specified in the service’s privacy policy.
Processing Location: USA – Privacy Policy.
Save and backup management
These types of services enable the Responsible to handle, save and manage site backups at the Headquarters. Backups may include source code and content, as well as the data that the User provides on the Site.
View external platform content
These types of services allow the user to view and interact with the content installed by the Controller on external platforms directly on the pages of the GoldNutrition website and to interact with them. If this type of service is installed, it can collect web traffic data for the pages where the service is installed, even when Users are not using it.
– Google Fonts (Google Inc.)
Google Fonts is a type face preview service provided by Google Inc. that allows this Site to incorporate such content into its pages.
Treated Personal Data: Usage data and various types of Data as specified in the service privacy policy.
Processing Location: USA – Privacy Policy.
– Google Maps widget (Google Inc.)
Google Maps is a mapping service provided by Google Inc. that allows this Site to incorporate such content into your pages.
Personal Data Handled: Cookie and Usage Data.
Processing Location: USA – Privacy Policy.
User Rights
Users may exercise certain rights in respect of their Data processed by the Controller.
In particular, Users have the rights to do the following:
- Withdraw the consent at any time. Users have the right to withdraw their consent in cases where they have previously given their consent to the processing of their Personal Data by sending an e-mail to: [email protected].
- Object to the processing of their Data. Users have the right to object to the processing of their Data if the processing is performed on another legal basis than the consent granted.
- Access the personal data. Users have the right to obtain information about the processing of their personal data and to obtain a copy of the Data that is being processed.
- Request the rectification of the personal Data. Users have the right to verify the accuracy of their Data and to request that they be updated or corrected.
- Restrict (limit) the handling of the Personal Data. Users have the right to restrict the processing of their Data in accordance with article 18 of Regulation 2016/679.
- Have the Personal Data deleted. Users have the right to request the erasure of their personal data, in accordance with article 17 of Regulation 2016/679.
- Have the Personal Data transferred to another controller (Portability). Users have the right to receive their Data, in a structured format, commonly used and able to be read by machines and, if technically feasible, have them transmitted to another Controller. This requires the formal exercise of this right by the User.
- File a complaint. Users have the right to submit a complaint to the National Data Protection Commission.
- The exercise of the abovementioned rights on the part of the owners of the personal data must be done to the [email protected] e-mail.
Details of the right of objection to the processing of personal data
In cases where the Personal Data is processed in the public interest, in the exercise of an official authorization in which the Controller is vested in or for purposes of the legitimate interests pursued by the Controller, Users may object to such processing without any necessary justification for such.
Users should be aware, however, that if their Personal Data is processed for direct marketing purposes, they may object to such processing at any time without providing any justification.
These requests can be exercised at no cost and will be attended by the person in charge of data protection as soon as possible and in all cases in less than one month.
Cookies Policy
The Site uses Cookies. To know more and for a more detailed warning about cookies, the User can consult our Cookie Policy.
Additional information about the processing of Personal Data
In addition to the information contained in this privacy policy, GoldNutrition’s website may provide you with additional and contextual information about specific services or about the collection and processing of Personal Data upon request.
System logs and maintenance
For operation and maintenance purposes, GoldNutrition’s Site and any third party services may collect files that record the interaction with this Site (system logs) or use other Personal Data (such as an IP address) for this purpose.
Changes to this privacy policy
The Controller reserves the right to make changes to this privacy policy at any time by communicating to its Users through e-mail, the site or by letter insofar as it is technically and legally feasible – sending a notice to Users through any contact information available to the controller. It is highly recommended that the site be consulted several times in relation to the last modification described at the bottom.
If changes affect the data processing activities performed based on the User’s consent, the User will be requested to give new User’s consent, where required.
Definitions and legal references
Personal Data (or Data)
(1) ‘personal data’ means information relating to an identified or identifiable natural person (‘data subject’); an identifiable person is considered to be identifiable, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, identifiers by electronic means or to one or more specific elements of the identifier, such as physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
(2) ‘processing’ means an operation or a set of operations carried out on personal data or on personal data sets by automated or non-automated means such as collection, registration, organization, structuring, conservation, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of disclosure, comparison or interconnection, limitation, erasure or destruction;
(4) ‘Profile definition’ means any form of automated processing of personal data consisting in the use of such personal data in order to assess certain personal aspects of a natural person, in particular to analyze or predict aspects relating to his professional performance, , health, personal preferences, interests, reliability, behavior, location or travel;
(7) ‘controller’ means a natural or legal person, public authority, agency or other body which, individually or jointly with others, determines the purposes and means of processing personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria applicable to his appointment may be laid down by Union or Member State law;
(8) ‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
(9). ‘recipient’ means a natural or legal person, public authority, agency or other body receiving communications of personal data, regardless of whether or not it is a third party. However, public authorities which may receive personal data in the context of specific investigations under Union or Member State law, shall not be considered as recipients; the processing of such data by such public authorities shall comply with data protection rules applicable to the purposes of the processing;
(10) ‘third party’ means a natural or legal person, a public authority, a service or body other than the data subject, the controller, the processor and persons who, under the direct authority of the controller , are authorized to process personal data;
(11) ‘consent’ of the data subject, means any freely given, specific, informed and unambigous indication of the data subject´s wishes by which he or she, by means of a statement or a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
(21) ‘supervisory authority’ means an independent public authority established by a Member State in accordance with Article 51;
(23) ‘cross-border processing’ means: (a) the processing of personal data occurring in the context of the activities of establishments in more than one Member State of a controller or processor in the Union where the controller or processor is established in more than one Member State; or (b) the processing of personal data occurring in the context of the activities of a single establishment of a controller or a processor in the Union but which substantially affects, or is likely to materially affect, data holders in more than one Member State;
(24) ‘relevant and reasoned objection’ means an objection to a draft decision seeking to establish whether there is an infringement of this Regulation or whether the proposed action with regard to the controller or the processor, is in conformity with this Regulation, clearly demonstrating the significance of the risks arising from the draft decision on the fundamental rights and freedoms of data subjects and, where appropriate, the free movement of personal data within the Union;
(26) ‘international organization’ means an organization and bodies governed by public international law which it administers, or another body set up by an agreement concluded between two or more countries or on the basis of an agreement of that kind.
– Usage Data
The information collected automatically through this Site (or third party services contracted in this Service (this Site)), which may include: the IP addresses or domain names of the computers used by the Users using this Site, the URL (Uniform Resource Locator), the date and time of the request, the method used to submit the request to the server, the size of the file received in response, the numeric code indicating the status of the response server (positive result, error, etc.), the country of origin, the characteristics of the browser and the operating system used by the User, the various details of time per visit (for example, the time spent on each page within the application) and details about the path followed within the application, with particular reference to the sequence of pages visited and other parameters on the user’s operating system and / or IT environment.
– User
The person using this Site who, unless otherwise specified, agrees with the Data Subject.
– Data Subject
The natural person to whom the Personal Data refers.
– Responsible for the processing of personal data:
GoldNutrition
Rua Bem Lembrados, 141
2645-471 Cascais – Portugal
– Contact email of the Guardian for the protection of personal data:
epd @ GoldNutrition .pt
– Service
The service provided by the Site / application as described in the relative terms (if available) and in this site / application.
– European Union (or EU)
Unless otherwise specified, all references made in this document to the European Union include all current member states of the European Union and the European Economic Area.
– Cookie
Small data units stored on the User device.
– Legal information
This privacy statement was prepared on the basis of determinations of multiple laws, including Arts. 13/14 of Regulation (EU) 2016/679 (GDPR – General Regulation on Data Protection).
This privacy policy refers only to this Site, if not stated differently in this document.