PRIVACY AND DATA PROTECTION POLICY
Who We Are
DBdesign has been operating in the graphic arts market since 1989, allowing us to perfect our techniques, invest in technological innovation, and, most importantly, create and present the best solutions in printing, communication, and promotion of products, services, or events, tailored to the needs of each client.
The privacy policy is intended to inform how we collect, process and protect personal data provided online, which we collect and process in strict compliance with national and European Union legislation applicable to the processing of data by all those who in any way interact with DB design.
DBdesign is committed to ensuring respect for the rights of personal data subjects and would like to inform you about how it collects, uses, and protects personal data, the information data subjects provide, and the rights they can exercise. We work constantly to ensure that your information is secure.
Introduction
Through this Privacy Policy, DBdesign intends to inform data subjects of the rules for using this website, provide users and customers with information and sell products and services offered by DBdesign, and explain the terms of processing their personal data and how it is protected.
The rules in the following statement apply solely and exclusively to DBdesign's websites and brands and govern all information collected about its users and their contact or quote requests. DBdesign reserves the right to modify the information and commercial offers presented on this website at any time, and may limit or prohibit access.
Using this website confers the status of user to anyone doing so and implies acceptance of all the conditions contained in this Privacy Policy. Some aspects of this website, due to their specific nature, may be subject to specific conditions or rules that may replace, supplement, or modify this Privacy Policy, and therefore must also be accepted by the user who uses or accesses them. By browsing the website and using its features or requesting quotes through it, the user accepts the policies and terms and conditions contained in this website and consents to the use of their data as defined below.
Users should carefully read this Privacy Policy each time they use this website. By accessing one of our websites, providing your personal data implies knowledge and acceptance of the terms and conditions set forth herein. Therefore, by providing your personal data, you authorize its collection, use, and disclosure in accordance with the rules defined herein. DBdesign reserves the right to modify, at any time and without prior notice, the presentation and configuration of this website, as well as the General Terms and Conditions or the Privacy Policy.
What does this Privacy Policy cover?
This document applies exclusively to the collection and processing of personal data carried out by DBdesign.
Data controller
The entity responsible for collecting and processing personal data collected during use and/or registration on this website is DJRB – Design de Comunicação, Unipessoal Lda, with registered office at Zona Industrial Várzea Do Monte, Lt.2- Aptd. 68, Porto, 4780-584 Santo Tirso, which provides the service and, in this context, decides which data is collected, the means of processing the data and for what purposes it is used, as well as using third parties to provide external services and adopts all security measures in the processing of data to guarantee security, including protection against unauthorized or unlawful processing and against its loss, destruction, alteration, dissemination, unauthorized access or accidental damage.
DB design's obligations arising from these terms and conditions, including the duty of confidentiality, extend to all its employees and subcontractors, regardless of the nature of their employment relationship, which continues after the end of the contract or their duties.
You may clarify any doubts or obtain additional information about this Privacy Policy and the Processing of Personal Data by simply sending your questions or complaints by letter to:
DBdesign
C/O Privacy Officer
Várzea Do Monte Industrial Zone, Lt.2- Apt. 68, Porto, 4780-584 Santo Tirso
or to the email address: geralcomercial@dbdesign.pt
What is Personal Data?
Any information relating to an identified or identifiable natural person, whether by an identification number or other specific element that identifies them. A user is considered identifiable if they can be identified directly or indirectly, for example, by their name, identification number, location data, online identifier, or other information that allows the identity of that natural person to be determined.
Personal Data Holders
The data subject is the customer or user, an individual, to whom the data relates and who has used DB design's services or products. The user is the person who uses DB design's services or products, and the customer is the person who enters into the contract with DB design.
Collection of Personal Data
When and how do we collect personal data?
DB design applies the principle of lawfulness and respects the right to privacy of users of this website. It does not collect any personal information about users without the prior consent of the data subject. Therefore, personal data is collected with the user's consent, with the purpose of processing personal data when requesting more information, purchasing DB design products or services, or subscribing to electronic communications. By continuing to browse this website and selecting a checkbox in an online consent process, the user confirms that they have read the terms and conditions of use and privacy policies and accepts the binding contract between the user and DB design.
Data collection may be carried out orally, in writing, or through one of DB design's websites. Personal data will be processed exclusively for the purposes for which it was collected and will only be processed for other purposes when legally permitted and upon provision of information to the data subject.
DB design collects information for statistics regarding the use of our website and its features, such as device information (hardware model, operating system version, among others), registration and location information (browser type, browser language, IP address – Internet Protocol , among others), pages visited on the website and cookies .
DB design may collect personal data from private entities that store relevant information about the creditworthiness of personal data subjects, provided that these databases comply with current data protection rules.
DB design may also access , collect or confirm personal data on websites of the Public Administration and private entities, in particular to verify the veracity of the identification and contact data provided by the user.
The user can access, browse, and use this website without providing any personal information. However, to initiate a real-time conversation, make contact requests, clarify doubts, obtain personalized quotes by submitting forms, or even save products to the recommended list, the data subject must provide adequate, relevant, and non-excessive personal data.
Therefore, personal data is requested and provided only when the user gives their consent and submits a form, contacts us via the real-time chat system, requests a quote (quick or shopping cart) or requests further information (forms available on this website). Personal data will be processed for the time strictly necessary, and we apply the principle of proportionality and storage limitation.
Any personal data provided by users will be treated with the security and confidentiality guarantees required by the Data Protection Law.
DB design collects the following information from and about you in the indicated locations/features:
|
Location/Functionality |
Data requested and collected |
|
New Registration Information |
The user provides the email address, password and name. |
|
Contact Form Submission |
It is necessary to provide the name, email address, mobile phone number and location, and filling in the company field is optional. |
|
Request a Quote (cart) |
It is preceded by a process of collecting information about the user, registration information, and it is necessary to provide the email address, password, name, country, tax number, address, postal code and telephone number. It is optional to fill in the field corresponding to the company, location, mobile phone and fax number. |
|
Request a Quote (quick) |
It is mandatory to provide the name, email address and tax number, the address and telephone number are optional fields. |
|
Real-time conversation ( chat) |
It is mandatory to provide your name and email address. |
|
Subscription to Electronic Marketing Communications ( newsletter ) |
You must provide your email address, customer type (company or individual), language and select the newsletter(s) you wish to subscribe to. Filling in the name and company field is optional. |
What categories of personal data do we process?
|
Identification Data |
Examples |
|
Identification and contacts |
Civil or tax identification number, company name, billing address, delivery address, telephone number and email address. |
|
Service |
Product and/or services purchased. |
What usage data do we process?
|
Service usage data |
Examples |
|
Location |
Geographical reference of the user or equipment at a given time |
|
Usage profile |
Data resulting from browsing our website. |
The information collected about the user and their purchases will be used solely and exclusively by DB design. DB design guarantees that this information will not be used or shared with third parties for promotional purposes via email or telephone.
Purpose of collecting Personal Data
In general, the personal data collected is intended for managing the contractual relationship, providing requested services or products, responding to user queries and needs, providing information and marketing, and adding users to subscriber lists. However, you may provide us with personal data for other purposes, such as submitting complaints and suggestions, disseminating institutional information, and/or informing you about campaigns, promotions, advertising, and news about DB design products and/or services. When collecting your data, you will be provided with more detailed information about how we will use your data.
The data collected is essential for responding to questions and requests for quotes, suggestions or complaints from the user, and may also be used for invoicing of products or services awarded and for marketing actions by DB design and the brands that are part of DB design.
|
Purposes |
Examples of purposes (non-exhaustive) |
|
Marketing and Sales |
Marketing or selling new products or services; |
|
Customer Management |
Management of contacts, information or requests; |
|
Accounting Management, |
Accounting, billing; |
|
Litigation Management |
Judicial and extrajudicial collection; |
|
Fraud detection, protection |
Detection of fraud and illegal practices; |
|
Fulfillment of obligations |
Court requests for interception of communications; |
|
Security control |
Access management, logs; |
|
Physical security control |
Video surveillance on premises. |
Basis, Purposes and Duration of Personal Data Processing
Processing is considered to be an operation or set of operations performed on personal data, through automated or non-automated means, such as collection, recording, storage, alteration, retrieval, consultation, use, disclosure, erasure or destruction.
On what grounds can MBA process your personal data?
Consent: DB design obtains the user's express consent to process their personal data for one or more specific purposes – in writing, orally or by validating an option – and in advance, if this consent is free, informed and specific;
or
Performance of contract and pre-contractual diligence: when the processing of personal data is necessary for pre-contractual diligence or for the conclusion and performance of the contract entered into with DBdesign. For example, to prepare a proposal for products, services, or information regarding the delivery address, to manage contacts, information, and requests, and to manage billing, collections, and payments;
or
Compliance with a legal obligation: when the processing of personal data is requested to comply with a legal obligation to which DB design is subject, such as the communication of identification or traffic data to judicial, police, tax or regulatory entities;
or
Legitimate interest: when the processing of personal data corresponds to a legitimate interest of DB design or third parties, such as the processing of data to improve the quality of service provided by DBdesign and fraud detection.
What are the processing and storage periods for personal data?
DB design does not process or store personal data for longer than is necessary for the purpose for which it is processed.
In some cases, the law requires data to be processed and retained for a minimum period, namely: one year for traffic and location data for the purposes of investigation, detection, and prosecution of serious crimes by the competent authorities, or 10 years for data required to inform the Tax Authority for accounting or tax purposes. According to Law No. 2/2014, Article 123, No. 4, "Books, accounting records, and their supporting documents must be kept in good order for a period of 12 years."
In the absence of a specific legal obligation, users' personal data is processed only for the period necessary to fulfill the defined purpose for which it was collected and stored, and always in accordance with the law or, as applicable, until they exercise their right to object, right to be forgotten, or withdraw their consent. Therefore, DB design will process and retain users' personal data during and after the commercial relationship, taking into account the period necessary to provide further information and provide products or services.
Regarding video surveillance (without sound) of its facilities, DB design keeps image recordings and respective personal data for a maximum period of 30 days.
DB design may retain personal data for periods longer than the duration of the commercial relationship, whether based on the client's consent, to ensure rights or obligations related to the contract, or because it has legitimate interests to do so, but always for the period necessary to achieve its respective purposes. Such as contact for marketing and sales purposes, data preservation for invoice claim, debt collection, warranty claims, and after-sales service.
Rights of the holder of personal data
Procedure for the Exercise of Rights by Data Subjects
Data subjects have the right to request information about the personal data that DB design holds and processes. They may, at any time, access information about their data, restrict its processing, rectify it if it is inaccurate, delete it, and/or request deletion of their data for marketing or telemarketing purposes.
Information must be provided in writing by sending a message to DB design via email to geralcomercial@dbdesign.pt or a letter addressed to DB design, Privacy Officer, Zona Industrial Varzea Do Monte, Lt.2- Aptd. 68, Porto, 4780-584 Santo Tirso. It is essential to identify the data subject and indicate the intended action. The data subject may also exercise their rights orally, and DB design must verify their identity by means other than oral means. DB design facilitates the exercise of the data subject's rights, unless it demonstrates that it is unable to identify the data subject.
If a data subject submits manifestly unfounded or excessive requests, in particular due to their repetitive nature, DB design may require payment of a reasonable fee taking into account the administrative costs of providing the information or may refuse to comply with the request.
Right of Access
The data subject has the right to obtain confirmation as to whether or not their personal data is being processed and, if it is being processed, the right to access information about it, such as the purpose of the data processing, the category of data in question, retention periods, among others. The data subject has the right to see/hear or obtain a copy, for example, of invoices and written agreements. The data subject must request access by letter or electronically, and DB design will respond to the request no later than one month from the date of receipt of the request, and may state its reasons if it intends to refuse the request. This period may be extended up to two months, when necessary and taking into account the complexity of the request and the number of requests. DB design will inform the data subject of any extension and the reasons for the delay within one month of receiving the request. The data subject has the right to lodge a complaint with a competent supervisory authority and the competent courts of the Member States, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement, if the data subject considers that the processing of personal data concerning him or her infringes the General Data Protection Regulation.
Right to Rectify or Change Data
The data subject, through a formal request, has the right to rectify or change their personal data that is inaccurate or request that incomplete personal data be completed, such as address, NIF, email, telephone contacts, among others.
Right to be Forgotten or Erased
The data subject may request the right to be forgotten, and the data will cease to be processed if it is no longer necessary for the purpose for which it was collected or processed, without undue delay, provided that there are no valid grounds for its retention in the case of legal obligations.
Right to Limitation of Processing
The data subject may request the limitation of the processing of his/her personal data, if one of the following situations applies:
– contest the accuracy of personal data, for a period that allows the data controller to verify its accuracy;
– the processing is unlawful and the data subject opposes the erasure of personal data and requests, instead, the restriction of their use;
– the controller does not need the data for processing purposes but such data are required by the data subject for the purposes of declaring, exercising or defending a right in legal proceedings;
– if you have objected to the processing until it is verified that the legitimate grounds of the controller override those of the data subject.
The data subject to whom the restriction of processing has been granted has the right to be informed by the controller before the restriction of processing is lifted.
Right to Data Portability
The data subject has the right to receive, in a structured format, the personal data concerning him or her that he or she has provided to a data controller, and the right to transmit such data to another data controller. The data subject has the right to have personal data transmitted directly between data controllers, but in this case only if technically feasible.
When a data subject exercises their right to data portability, they do so without prejudice to any other right, and may continue to use and benefit from the services and products of the data controller even after data portability.
Right to Withdraw Consent or Right to Object
The data subject may object or withdraw his or her consent at any time to the processing of personal data concerning him or her, such as in the case of data processing for marketing purposes or when the processing is for purposes other than those for which the data were collected, provided that there are no compelling and legitimate reasons or for the purposes of declaring, exercising or defending a right in legal proceedings.
Obligation to Notify Compliance with the Data Controller's Duties
The controller shall communicate to each recipient to whom personal data have been transmitted any rectification or erasure of personal data or restriction of processing, unless such communication proves impossible or involves a disproportionate effort.
Automated Individual Decisions, Including Profiling
DB design adopts appropriate measures to safeguard the rights and freedoms and legitimate interests of the data subject, and informs the user that it can profile the same based on their preferences and interests, through Google Analytics and Facebook Pixel, with the aim of understanding their interests so that we can provide services and improve the quality of products and services, always after informing and obtaining the consent of the data subject or if such processing is essential for the conclusion of the contract between DB design.
The data subject has the right not to be subject to any decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her. If you do not wish DB design to do so, you may opt out by consulting the information on behavioral advertising and online privacy at the following links: NAI (English version),Aboutads (English version), and for users in the European Union, Your Online Choices .
Right to Complain
The data subject has the right to lodge a complaint with DB design using the contact details available in this document and with the supervisory authority.
Responsibility of Data Subjects
Data Subjects are responsible for providing accurate information to DB design.
Transmission of Personal Data
The data subjects' data may be transmitted to subcontractors, natural or legal persons, public authorities or other bodies that process the data subjects' data on behalf of DB design, which will take the legally required measures to ensure that the subcontracted entities offer guarantees that the data subject's personal data are respected and protected.
As part of its activity, DB design uses third parties to provide the following services:
– electronic communications, which implies access by this subcontractor to the information provided by subscribers and subscribers;
– payment processing via PayPal, where your name and email address are requested;
– payment processing through Meo Wallet, where the name and email of the data subject will be made available so that he or she can pay for his or her order using a multibanco reference, VISA or MasterCard card or Meo Wallet Balance. In the latter case, it is necessary to create an account where it is mandatory to fill in, in addition to the data already mentioned, the date of birth, type, number and expiration date of the identification document and place of birth;
– transportation and delivery of orders and related documents;
– internet hosting and technical services.
Personal Data Breach
In the event of a personal data breach that is likely to pose a risk to the rights and freedoms of individuals, DB design will notify the competent supervisory authority as soon as possible, but in no case more than 72 (seventy-two) hours after becoming aware of the breach. If the breach poses a high risk to the rights and freedoms of individuals, DB design will notify the data subject of the personal data breach without undue delay.
Exposure of Personal Data
Users should exercise caution when disclosing their personal data and when circulating it online. To this end, they should adopt security measures, keep their equipment and programs up-to-date, and configure firewalls and antivirus software. Your username and password identify your login and give you access to your personal registration information, your quote history, favorites, and other DB design features.
It's recommended that you choose a password that's difficult to guess, preferably alphanumeric and longer than 10 characters. Avoid disclosing your website identification information at all costs.
Logging out is just as important as logging in. Be sure to log out to prevent other users from viewing and purchasing products with improper identification. It's recommended that you avoid forgetting to log out, especially when:
› Finalize a budget;
› Consult your data;
› Step away from the computer, among other situations.
Responsibility for DB design and Third Party Services and Websites
We recommend reading the terms and conditions of use as well as the cookie policy on this website.
This website includes hyperlinks to other websites or third-party services, and these websites do not operate under this privacy policy. Therefore, DB design recommends that users consult the terms and conditions of the website they are visiting, as well as those of third-party entities (Google, Facebook, YouTube, Instagram, Issuu, and Meo Wallet), to understand their procedures regarding the processing of defined personal data.
See third party privacy policy:
› Issuu (English version)
› Tawk (English version)
› PayPal
Analysis of the website and its users
Our website uses Google Analytics , a website analytics service provided by Google (Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States) and Facebook Pixel (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland). This service measures the effectiveness of DB design ads by understanding the actions users take on this website. You can disable the use of cookies in your browser's settings/options.
Personal Data of Minors
Our products are intended for adults (over 18 years of age) or with express authorization from adults (over 13 years of age).
Procedural and Technical Security Measures
DB design respects best practices in the field of security and protection of information and personal data, has implemented logical measures, with the use of firewalls and intrusion systems, appropriate, necessary and sufficient organizational and security measures to protect users' personal data against alteration, destruction, loss, dissemination or unauthorized access as well as any other form of accidental or unlawful processing.
Payment Security
The security of your order payments is regulated by the Meo Wallet and Paypal payment services.
Electronic Communications
The user can receive information from DB design of 2 types:
› Information and responses related to requests for information or quotes from one of the DB design brands. Users can receive email clarifications to their questions, sales proposals, order confirmations and updates, order payment, order shipping, order acknowledgements, and payment terms;
› Periodic information about the website, products and/or services, news, promotions and DB design campaigns, requiring the user to subscribe.
Subscription to Electronic Communications
DB design's newsletter service is a free service available to any user of our website.
By subscribing to any of DB design's electronic communications, the user acknowledges and accepts that DB design may contact them via email to keep users, partners and customers informed and updated about DB design products, services, campaigns, promotions or news.
The user agrees that they may cancel at any time and that the information provided through this website is stored and processed for marketing communication purposes as well as market research. Your personal data is treated confidentially in accordance with current data protection laws.
DB design reserves the exclusive right to remove any user's newsletter subscription at any time and without prior notice if it suspects that the subscription is false.
DB design requires all subscribers to confirm their subscription to the newsletter(s). Confirmation occurs when the user clicks on the hyperlink sent to the email address provided at the time of subscription, thus providing double confirmation of their express wish to subscribe to one of DB design's newsletters .
The user may change, withdraw and/or revoke their consent at any time, through the unsubscribe link available at the end of all electronic communications or by written request via the email address where they wish to exercise their right to object, rectify, cancel or delete, to the contacts indicated in this policy.
Frequency of Electronic Communications
DB design's electronic communications are sent periodically to communicate and inform subscribers. Typically, newsletters for each brand, service, or product are sent weekly or biweekly, except when DB design's Marketing Department decides to change the frequency in the subscribers' interest. This will not exceed two newsletters per week, nor will it be permanent.
Limitation of Liability for Electronic Communications
DB design reserves the right to modify or discontinue sending electronic communications at any time, as well as the exclusive right to unsubscribe from the newsletter at any time and without prior notice.
Unsubscribe from Electronic Communications
The newsletter service is continuous, has no set expiration date, and can be canceled by the user at any time. To do so, click the unsubscribe link available at the bottom of all electronic communications sent by DB design. If the user has problems unsubscribing, they should send an email to geralcomercial@dbdesign.pt requesting cancellation.
Privacy Policy Updates
This statement is effective upon DB design's commencement of operations. DB design reserves the right to review and update its privacy policy at any time by posting an updated notice on its website. Users can check the date at the end of this policy to verify the date of its last revision.
Contact us
If you have any questions or require clarification, please contact us by phone +351 252 415 731 or by email geralcomercial@dbdesign.pt
Last updated date: This information was updated on May 23, 2018.