At Trendiamo we are committed to protect your privacy, so we have adopted the appropriate technical and organizational measures to ensure a high level of security in the data processing operations.
We assume the responsibility of treating your personal data in a complete and confidential way, considering only clear and precise purposes.
The Data Controller for personal data is Trendiamo, Unipessoal, Lda., with registered office at Rua de São Bernardo, nº 60, R/C dto, Lisbon, with the sole company and tax number 514 849 118, a subsidiary of “Trendiamo GmbH”, with registered office at Ritterstraße 8, 33602, Bielefeld, Germany, company number HRB42919, hereinafter “Trendiamo”.
Personal data collected
When you interact with us, whether by using our website or communicating with us, we collect the following data:
- a) We process the personal data required to manage the online sales contract and to complete and dispatch your purchase, including your name, billing address, delivery address, payment details, mobile number, telephone number and email address.
- b) We collect your email address when you decide to subscribe to our newsletter.
- c) If you register on our website, we collect your name, email address, password, country and additional data regarding your favourite sellers and your marketing preferences.
- d) When you contact our customer care team, we may collect additional data to help us resolve any queries relating to your order, delivery, payments, marketing, the website or any other queries.
- e) We collect and process data about your browsing on www.trendiamo.com, including the pages you visit and how you interact with these pages. If you have registered for an account, we collect browsing data about your access to the dedicated areas of the website.
- f) If you are a customer of www.trendiamo.com, or if you have given us your consent, we collect and process your personal data for direct marketing activities.
Nature of Processing
Most of the data we collect from you is necessary to allow us to fulfil our contract with you or to enter into a contract with you e.g. you provide a billing address and email address when your purchase an item from www.trendiamo.com so that we can process your payment and send you your order confirmation.
In certain circumstances we will ask for your permission or consent to use your personal data e.g. if we would like to send you marketing information about items we believe may be of interest to you via email. If you have given your consent to our use of your personal data, you are entitled to withdraw this consent at any time.
We may also have a legitimate interest in using your personal data e.g. to ensure that the content of our website is presented to you and your device as effectively as possible, or to ensure that our marketing communications are relevant to your interests. If this is our reason for using your data, we must make sure that our interests do not override yours and you are entitled to object to this use of your data.
Lastly, we may be required to use your data to meet a legal obligation or to protect your interests e.g. we will retain financial data long term to meet our statutory obligations.
Methods of Processing and Storing Data
The processing of your personal data is performed by the Trendiamo in compliance with the provisions of the current legislation on Privacy. Trendiamo processes personal data using IT and/or telematic tools and with organizational and logical procedures strictly related to the purposes indicated in this policy, as well as adopting the appropriate security measures to prevent access, disclosure, unauthorized modification or destruction of personal data, its loss and its illicit and incorrect use.
The company also undertakes to process the data according to the principles of correctness, lawfulness and transparency, to collect the data to the extent necessary and exact for processing and to allow its use only by personnel for authorized purposes.
The management and storage of personal data acquired will take place in archives or on servers located within the European Union owned by the Data Controller and/or by third-party companies appointed as External Data Processor for processing and, in any case, currently located in European Union.
In relation to the different purposes for which data is collected, personal data will be kept for the time strictly necessary to achieve that purpose and, in any case, in accordance with the current relevant regulations.
In any case, the company will take care to avoid the use of data indefinitely by proceeding, on a regular basis, to verify appropriately the effective permanence of the interest of the user to which they refer.
Data Processors and Recipients
The data collected will not be disseminated in any way, but will be treated within the limits and for the purposes defined in this policy.
Your information will be made available to third parties appointed as External Data Processors for processing, of which the Data Controller relies on or could be used in the management of the contractual relationship, the provision of services offered and organizational needs of its activities. The data could be communicated to:
- a)People, public and private, that can access the data by the provision of law, regulation or community legislation, within the limits set by these rules;
b)Persons who need access to data for purposes related to the contractual relationship existing between the parties, within the limits strictly necessary for the performance of the contract (sellers from whom you purchase products) and for auxiliary tasks (such as, for example, banks, technical service providers, hosting providers, IT companies, communication agencies, mail carriers and shipping companies);
Transfer of Data Abroad
The management and storage of personal data will be carried out on servers of the owner and/or third-party companies duly appointed as External Data Processors located within the European Union.
Your personal data may be transferred abroad, in accordance with the provisions of current legislation, even to countries outside the European Union.
The transfer to countries outside the EU, in addition to cases in which this is guaranteed by an Adequacy Decisions by the Commission, is carried out in such a way as to provide appropriate and opportune guarantees pursuant to Articles 46, 47 or 49 of the Regulation.
Rights of Interested Party
As the interested party, you may exercise, at any time, the rights provided to you in Articles 15, 16, 17, 18, 20 and 21 of the GDPR which, in particular, confer the rights to:
- a)Obtain from the Data Controller, pursuant to Article 15, confirmation of the existence or not of personal data being processed and, in this case, obtain access to the data and information such as: (i) the purposes of the processing; (ii) the categories of personal data; (iii) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients located in Third Countries or International Organizations; (iv) when possible, the retention period of the personal data provided or, if not possible, the criteria used to determine this period;
b)Obtain from the Data Controller, pursuant to Article 16, the correction of inaccurate personal data without undue delay; considering the purposes of the processing, the data subject has the right to have incomplete personal data completed, by providing an additional declaration;
c)Obtain from the Data Controller, pursuant to Article 17, the deletion of their personal data without undue delay. The Owner has the obligation to cancel, without undue delay, personal data if there is one of the reasons indicated in paragraph 1 of Article 17;
d)Obtain from the Data Controller, pursuant to Article 18, restriction of processing when one of the hypotheses governed by paragraph 1 of Article 18 occurs;
e)Obtain from the Data Controller, pursuant to Article 20, the portability of data or to receive in a structured, commonly used and machine-readable format, their personal data provided to a Data Controller. The Data Subject also has the right to transmit such data to another Data Controller without impediments by the first Data Controller to whom it has provided them, if the conditions indicated in Article 20 paragraph 1 are met. Finally, the Data Subject has the right to obtain the direct transmission of personal data from one Data Controller to another, if technically feasible;
f)Object to, in whole or in part, pursuant to Article 21, the processing of their personal data.
To exercise these rights, the User can send their requests to firstname.lastname@example.org.
It should also be noted that the Data Subject has the right to revoke the consent at any time without prejudice to the lawfulness of the processing based on the consent given prior to the revocation, without prejudice to the consequences indicated above regarding a refusal to provide such personal data. The Data Subject also has the right to lodge a complaint with a Control Authority.
You can make requests regarding these rights by sending an email to email@example.com.
Trendiamo will respond to requests made by the interested party within one month, except in cases of special complexity, for which it may take up to a maximum of three months. In any case, the Data Controller will provide the interested party with the reason for the delayed response within one month of the request. The outcome of the request will be provided in writing or in electronic format. In case of request for rectification, cancellation and limitation of processing, the Data Controller will communicate the results of the requests received by the Data Subject to each of the recipients of their data, unless this proves impossible or involves a disproportionate effort.
The Company specifies that a contribution may be requested from the Interested Party if the applications manifest to be unfounded, excessive or repetitive; in this regard, the Data Controller will provide a register to track the requests for intervention.
Changes to this Policy