Privacy Policy
At Quinta da Llama, we value your online privacy and want you to stay safe online while enjoying the products and services that we offer. This privacy policy contains information that may affect your operation of this website, so it’s important that you read it carefully. It covers your personal information, analytics, and cookies. If you have any concerns or questions, please contact us at [email protected]
This policy (together with our terms of use) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. We keep certain basic information when you visit our website and recognise the importance of keeping that information secure and letting you know what we will do with it.
This policy only applies to the Quinta da Llama website. If you leave our site via a link or otherwise, you will be subject to the policy of that website provider. We have no control over that policy or the terms of the website and you should check their policy before continuing to access the site.
Information we may collect from you
We may collect the following data about you:
Information that you provide by filling in forms on the site, though the Newsletter sign up form, event ticket form, or through the payment form in the shop. We may also ask you for information when you report a problem with our site. If you contact us, we may keep a record of that correspondence.
If you wish to sign up to the Newsletter, we will ask you for you email address and name. These are required to send out our newsletter to you. Your information is stored securely with the newsletter service, Mailchimp. You have the right to unsubscribe from the newsletter at anytime by clicking the unsubscribe link in any newsletter. Unsubscribing will remove all your information from this service.
Booking a ticket through the website will require us to ask for you name and email address. These are required to deliver your ticket to you. Payment information is handled securely by PayPal. Please also read the Paypal privacy policy for more information on how this service handles your information. We do not store any bank or card information on our server. Your information is stored from the time of booking until the event booked, after which it is deleted.
Purchasing any products though our shop will require us to collect you name, address, phone number and email address. We require this information in order to process the order and ship out the products to you, as well as contact you should there be a problem with your order. Payment information is handled securely by PayPal. Please also read the Paypal privacy policy for more information on how this service handles your information. We do not store any bank or card information on our server. After your order has been processed, we will hold your information for a period of 28 days before this is removed from our server. This is to make sure that any problems with your order can be dealt with quickly and effectively. After this time, all information will be deleted.
Google Analytics, IP addresses and cookies
We may collect information about your computer, including where available, your IP address, operating system and browser type for system administration. This is statistical data about our users browsing actions and patterns, and does not identify any individual or personal information. For more information on Google Analytics, and how it accesses data, visit the Google Analytics Website.
Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better service.
If you enter in any information on the site, you may opt-in to saving your name, email address and website in cookies through your browser. These are for your convenience so that you do not have to fill in your details again. These cookies will last for one year. You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may lose some interactivity to the site.
For more information on Cookies and how to remove them, visit the aboutcookies.org website.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Where we store your personal data
Data that we collect may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). By submitting any personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect personal data, we cannot guarantee the security of data transmitted to our site; any transmission is at your own risk.
Uses made of the information
We use information held about you in the following ways:
To ensure that content from our site is presented in the most effective manner for you and for your computer.
To carry out our obligations arising from any contracts entered into between you and us, ie through the shop, tickets or deliver the newsletter.
To notify you about changes to our service.
Disclosure of your information
We will not disclose your personal information to any third parties unless under a duty to disclose your personal data in order to comply with any legal obligation.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Changes to our privacy policy
Any changes we may make to our privacy policy in the future will be posted on this page. However, we advise that you check this page regularly to keep up to date with any necessary changes.
Contact
Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to [email protected]
What information do we collect and how do we use it?
No personal information is required to use this website. However, this website does collect anonymous tracking information through Google Analytics to help us see where our users are based around the world This collects information such as your location, browser and operating system. this helps us to provice a better user experiance to people using the website. You can install a browser plugin to stop Google Analytics tracking you on the web.
Other areas of the website do require you to enter in your personal information. These are the newsletter signup form, buying tickets or purchasing products from the shop.
What legal basis do we have for processing your personal data?
Describe the relevant processing conditions contained within the GDPR. There are six possible legal grounds:
consent
contract
legitimate interests
vital interests
public task
legal obligation
Provide detailed information on all grounds that apply to your processing, and why. If you rely on consent, explain how individuals can withdraw and manage their consent. If you rely on legitimate interests, explain clearly what these are.
If you’re processing special category personal data, you will have to satisfy at least one of the six processing conditions, as well as additional requirements for processing under the GDPR. Provide information on all additional grounds that apply.
When do we share personal data?
Explain that you will treat personal data confidentially and describe the circumstances when you might disclose or share it. Eg, when necessary to provide your services or conduct your business operations, as outlined in your purposes for processing. You should provide information on:
how you will share the data
what safeguards you will have in place
what parties you may share the data with and why
Where do we store and process personal data?
If applicable, explain if you intend to store and process data outside of the data subject’s home country. Outline the steps you will take to ensure the data is processed according to your privacy policy and the applicable law of the country where data is located.
If you transfer data outside the European Economic Area, outline the measures you will put in place to provide an appropriate level of data privacy protection. Eg contractual clauses, data transfer agreements, etc.
How do we secure personal data?
Describe your approach to data security and the technologies and procedures you use to protect personal information. For example, these may be measures:
to protect data against accidental loss
to prevent unauthorised access, use, destruction or disclosure
to ensure business continuity and disaster recovery
to restrict access to personal information
to conduct privacy impact assessments in accordance with the law and your business policies
to train staff and contractors on data security
to manage third party risks, through use of contracts and security reviews
Please note this list is not exhaustive. You should record all mechanisms you rely on to protect personal data. You should also state if your organisation adheres to certain accepted standards or regulatory requirements.
How long do we keep your personal data for?
Provide specific information on the length of time you will keep the information for in relation to each processing purpose. The GDPR requires you to retain data for no longer than reasonably necessary. Include details of your data or records retention schedules, or link to additional resources where these are published.
If you cannot state a specific period, you need to set out the criteria you will apply to determine how long to keep the data for (eg local laws, contractual obligations, etc)
You should also outline how you securely dispose of data after you no longer need it.
Your rights in relation to personal data
Under the GDPR, you must respect the right of data subjects to access and control their personal data. In your privacy notice, you must outline their rights in respect of:
access to personal information
correction and deletion
withdrawal of consent (if processing data on condition of consent)
data portability
restriction of processing and objection
lodging a complaint with the Information Commissioner’s Office
You should explain how individuals can exercise their rights, and how you plan to respond to subject data requests. State if any relevant exemptions may apply and set out any identity verifications procedures you may rely on.
Include details of the circumstances where data subject rights may be limited, eg if fulfilling the data subject request may expose personal data about another person, or if you’re asked to delete data which you are required to keep by law.
Use of automated decision-making and profiling
Where you use profiling or other automated decision-making, you must disclose this in your privacy policy. In such cases, you must provide details on existence of any automated decision-making, together with information about the logic involved, and the likely significance and consequences of the processing of the individual.
How to contact us?
Explain how data subject can get in touch if they have questions or concerns about your privacy practices, their personal information, or if they wish to file a complaint. Describe all ways in which they can contact you – eg online, by email or postal mail.