This policy only applies to the Quinta da Llama website. If you leave our site via a link or otherwise, you will be subject to the policy of that website provider. We have no control over that policy or the terms of the website and you should check their policy before continuing to access the site.
Information we may collect from you
We may collect the following data about you:
Information that you provide by filling in forms on the site, though the Newsletter sign up form, event ticket form, or through the payment form in the shop. We may also ask you for information when you report a problem with our site. If you contact us, we may keep a record of that correspondence.
If you wish to sign up to the Newsletter, we will ask you for you email address and name. These are required to send out our newsletter to you. Your information is stored securely with the newsletter service, Mailchimp. You have the right to unsubscribe from the newsletter at anytime by clicking the unsubscribe link in any newsletter. Unsubscribing will remove all your information from this service.
Google Analytics, IP addresses and cookies
We may collect information about your computer, including where available, your IP address, operating system and browser type for system administration. This is statistical data about our users browsing actions and patterns, and does not identify any individual or personal information. For more information on Google Analytics, and how it accesses data, visit the Google Analytics Website.
Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better service.
If you enter in any information on the site, you may opt-in to saving your name, email address and website in cookies through your browser. These are for your convenience so that you do not have to fill in your details again. These cookies will last for one year. You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may lose some interactivity to the site.
For more information on Cookies and how to remove them, visit the aboutcookies.org website.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Where we store your personal data
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect personal data, we cannot guarantee the security of data transmitted to our site; any transmission is at your own risk.
Uses made of the information
We use information held about you in the following ways:
To ensure that content from our site is presented in the most effective manner for you and for your computer.
To carry out our obligations arising from any contracts entered into between you and us, ie through the shop, tickets or deliver the newsletter.
To notify you about changes to our service.
Disclosure of your information
We will not disclose your personal information to any third parties unless under a duty to disclose your personal data in order to comply with any legal obligation.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
What information do we collect and how do we use it?
No personal information is required to use this website. However, this website does collect anonymous tracking information through Google Analytics to help us see where our users are based around the world This collects information such as your location, browser and operating system. this helps us to provice a better user experiance to people using the website. You can install a browser plugin to stop Google Analytics tracking you on the web.
Other areas of the website do require you to enter in your personal information. These are the newsletter signup form, buying tickets or purchasing products from the shop.
What legal basis do we have for processing your personal data?
Describe the relevant processing conditions contained within the GDPR. There are six possible legal grounds:
Provide detailed information on all grounds that apply to your processing, and why. If you rely on consent, explain how individuals can withdraw and manage their consent. If you rely on legitimate interests, explain clearly what these are.
If you’re processing special category personal data, you will have to satisfy at least one of the six processing conditions, as well as additional requirements for processing under the GDPR. Provide information on all additional grounds that apply.
When do we share personal data?
Explain that you will treat personal data confidentially and describe the circumstances when you might disclose or share it. Eg, when necessary to provide your services or conduct your business operations, as outlined in your purposes for processing. You should provide information on:
how you will share the data
what safeguards you will have in place
what parties you may share the data with and why
Where do we store and process personal data?
If you transfer data outside the European Economic Area, outline the measures you will put in place to provide an appropriate level of data privacy protection. Eg contractual clauses, data transfer agreements, etc.
How do we secure personal data?
Describe your approach to data security and the technologies and procedures you use to protect personal information. For example, these may be measures:
to protect data against accidental loss
to prevent unauthorised access, use, destruction or disclosure
to ensure business continuity and disaster recovery
to restrict access to personal information
to conduct privacy impact assessments in accordance with the law and your business policies
to train staff and contractors on data security
to manage third party risks, through use of contracts and security reviews
Please note this list is not exhaustive. You should record all mechanisms you rely on to protect personal data. You should also state if your organisation adheres to certain accepted standards or regulatory requirements.
How long do we keep your personal data for?
Provide specific information on the length of time you will keep the information for in relation to each processing purpose. The GDPR requires you to retain data for no longer than reasonably necessary. Include details of your data or records retention schedules, or link to additional resources where these are published.
If you cannot state a specific period, you need to set out the criteria you will apply to determine how long to keep the data for (eg local laws, contractual obligations, etc)
You should also outline how you securely dispose of data after you no longer need it.
Your rights in relation to personal data
Under the GDPR, you must respect the right of data subjects to access and control their personal data. In your privacy notice, you must outline their rights in respect of:
access to personal information
correction and deletion
withdrawal of consent (if processing data on condition of consent)
restriction of processing and objection
lodging a complaint with the Information Commissioner’s Office
You should explain how individuals can exercise their rights, and how you plan to respond to subject data requests. State if any relevant exemptions may apply and set out any identity verifications procedures you may rely on.
Include details of the circumstances where data subject rights may be limited, eg if fulfilling the data subject request may expose personal data about another person, or if you’re asked to delete data which you are required to keep by law.
Use of automated decision-making and profiling
How to contact us?
Explain how data subject can get in touch if they have questions or concerns about your privacy practices, their personal information, or if they wish to file a complaint. Describe all ways in which they can contact you – eg online, by email or postal mail.