This policy describes how Rui Vieira S.A. handles the personal data provided by the user when using the monseo.com website, in accordance with the rules of Regulation (EU) 2016/679 of 27 April 2016 (General Regulation on Personal Data Protection) and Law No. 58/2019 of 8 August.
1. Who is responsible for the processing of my personal data?
The entity responsible for processing the personal data made available on the online store monseo.com ("Store") is the company Rui Vieira Joalheiros, S.A., with registered office at Rua Dr. Alves da Veiga, 73/75 4000-073 Porto - Portugal, registered in the Commercial Registry Office of Porto under registry number and VAT number 504 603 477, which operates in the market under the Monseo trademark.
If you have any questions or complaints regarding the processing of personal data on this online store, you can contact Rui Vieira Joalheiros, S.A. by email firstname.lastname@example.org or telephone +351 225 898 700 (national landline call).
2. What personal data can Monseo process?
In addition to the data you provide us with, we may also receive data about you from other companies collected under service contracts, such as payment services.
Monseo may process your data for the following purposes:
To buy products on our Store, you will have to create an account, providing the necessary data for shipping and billing, such as name and shipping address (address, post code, city, country) and name for billing, email, telephone, VAT number, address, post code, city and country.
We use this data to process your order, issue the invoice, deliver the products to you and reply to any requests for support after the sale. The legal basis for the processing of this data is the purchase contract that we have concluded with you.
To buy on our Store it is necessary to register as a customer, filling in the form fields with the information indicated as compulsory and defining an access password. The customer account can be created at any time, up to the stage of finalizing an order.
The data we collect are name, email and password and the data necessary for shipping and billing, such as name and shipping address (address, postcode, city, country) and name for billing, email, telephone, TIN, address, postcode, city and country.
This data will be stored and used to automatically fill out the checkout form on future orders and to give you access to features such as Store order history, update your personal information and address, change your password and view credit notes for canceled orders.
In your account, we also store information about orders placed, products added to the shopping cart and messages exchanged with the online Store via the contact form.
The legal basis for processing this data is the legitimate interest of our Store in meeting the needs and expectations of its customers, in order to improve their browsing experience on our online Store and facilitate the purchase and support processes after the sale.
To delete your account and personal data associated with it, please contact us at email@example.com.
Contact and scheduling forms
When you send us a message using one of the contact forms available on the website, for example to request information about personalised products or to schedule a visit to our shop in Porto, we store on our server your name, surname, email address and mobile phone number, the date and time you wish to schedule, as well as your comments or information placed in the text field regarding the reason for your visit.
This data will be used to manage your contact request, based on the legal grounds of the need to carry out pre-contractual diligence at your request or Monseo's legitimate interest in responding to your contact requests, depending on the purpose of your communication.
If you make purchases on our Store worth more than €15,000.00, you will have to fill in an identification form, with data related to your identity (full name, signature, date of birth, nationality, ID document number, other nationalities not mentioned in the ID document, nationality, VAT number, profession, employer, full address of permanent residence and, when different, of tax residence), the purpose and nature of the business relationship and the identification of the purchased item(s).
These data will be sent by Monseo to the Portuguese authorities, in compliance with the duties of identification and diligence that the Store has, within the scope of preventing and combating money laundering and the financing of terrorism. The legal basis for the processing of this data is the existence of a legal obligation.
3. How long does Monseo keep my personal data?
The data we collect will be processed for the period of time strictly necessary to fulfil the purposes for which they were obtained. When the maximum period is reached, your personal data will be anonymised or securely deleted.
The most relevant deadlines are as follows:
Purchases - We will process your data for as long as necessary to manage the purchase of the products or services you have purchased, including any returns, complaints associated with the purchase of the product or provision of warranty support services, for a period of 5 years. Data required to meet legal obligations, such as invoicing data, will be kept for the period required by law (which is 10 years).
Account - We will process your data for as long as you remain a registered user, i.e. until you decide to delete your account.
Contact form and scheduling - We will process your data for as long as necessary to respond to your requests. This data will then be archived together with the documentation relating to the purchase you make or, if there is no order, it will be deleted after a period of 6 months.
Identification form - We will retain your data for the period required by law (which is 7 years).
4. With whom can Monseo share my data?
The personal data we process may be made available to our employees and to entities we outsource to provide support to us, on our behalf and under our responsibility and supervision. Such entities include:
- Technology service providers and their subcontractors and partners;
- Partners and providers of marketing and advertising services, such as email marketing platforms, traffic analysis and social media;
- Banking and payment management and processing entities;
- Accounting service providers, logistics, insurance, transport and parcel delivery services.
5. Does Monseo transfer my data outside the european union?
In most situations, your data will be processed in Portugal or in Europe. But it is possible that some of these entities that participate in the management and operation of the Store may be located outside the European Economic Area.
In order to transfer data to these providers, we require that they provide us with adequate guarantees of security and protection of personal data comparable to those in the European Union, in particular that they sign a contract with the Standard Contractual Clauses approved by the European Commission.
6. Is my data protected by security measures?
Monseo uses physical, technological and organizational security measures to protect personal data against destruction, loss, alteration, unauthorized disclosure or access.
Among these measures, we highlight the following:
- Information captured through the website is transmitted over the internet using secure SSL protocol, a type of communication that complies with the best practices available in the market;
- We store data in encrypted databases and make periodic backups to reduce the possibility of information loss in the event of system failure;
- The number of persons having access to your data is restricted and limited to the purposes indicated above;
- We monitor access to the website to prevent, detect and stop improper access;
- We require partners and sub-contractors who handle personal data to provide evidence that they practice a similar level of security.
7. What are my rights as a data subject and how can i exercise them?
Depending on the purpose and legal basis on which your data is processed, you may exercise the following rights:
- Access, update or correct inaccurate data we have about you. If you have created an account on our Store, you can do so directly in your account by logging in with your email address and password.
- To ask us to delete your personal data when it is no longer necessary for the purposes for which it was collected or when we no longer have legal grounds to process it;
- To ask us to cancel or limit the use of your data where it may not be accurate or is no longer needed for the original purpose of processing, but you cannot or do not wish it to be deleted;
- When data is processed on the basis of your consent, you have the right to withdraw it at any time. How to withdraw the consent granted for sending the newsletter is explained in the "Newsletter" section.
- In cases where the legal basis for processing the data is consent or a contract concluded with the Store, you can also ask us for the portability of the personal data you have provided to us, in a structured, commonly used and machine-readable format, in order to be able to transmit them to another entity.
- Where data is processed on the basis of our legitimate interest, you may object to the processing of your data;
- You also have the right to lodge a complaint with the National Commission for Data Protection - CNPD regarding any matter relating to the processing of your personal data, if you consider that your rights have not been adequately guaranteed or if you are not satisfied with our reply to a request to exercise your rights. You may contact the CNPD, through the email address firstname.lastname@example.org or using the forms available at https://www.cnpd.pt/.
8. How can i contact Monseo if i have questions or wish to exercise my rights?
If you have any questions, require any further information regarding the processing of personal data we carry out or if you wish to exercise your rights as a data subject, you may contact us through the email address email@example.com or by letter addressed to Rui Vieira, S.A., Rua Dr. Alves da Veiga, 73/75 4000-073 Porto - Portugal.