NAIVEST believes in maximum endeavour and transparency for all its stakeholders. As such, the privacy and security of the data entrusted to us by our customers is a priority for us.
The use and protection of Customers’ personal data that is under our responsibility complies with Regulation (EU) 2016/679.
If you have any doubts about why your personal data are collected, we are here to answer your queries by e-mail: firstname.lastname@example.org
1. Who collects your personal data and who is responsible for processing them?
The entity responsible for the collection and processing of your personal data is NAIVEST.
NAIVEST is a brand that sells clothing and accessories for the Hotel and Catering sector, supplying a broad range of high-quality products.
2. What kind of personal data are collected and how will NAIVEST collect them?
NAIVEST may collect your personal data in different ways, namely when you subscribe to our newsletter, fill in the customer form, register an account to buy our products, make a purchase, request a return or communicate with our staff. To carry out such actions we may request personal data such as your name, date of birth, address/billing address, district, country, e-mail, telephone number, tax identification number.
In order to provide our users with a faster and more personalised service, NAIVEST may user browser cookies, which allow us to tailor our products, services and website to suit your interests and needs, leading to a better experience when you use the NAIVEST website. Therefore, data relating to your IP address or general location data may be collected. When you visit the NAIVEST website we may also use software tools to measure and collect information about your navigation session, including page response times, download errors, duration of visits to certain pages, information about your interaction with such pages and methods used to leave them. We may also collect technical information to help us identify your device for purposes of fraud prevention and diagnostics.
3. What will your personal data be used for?
NAIVEST uses your personal data for the following purposes:
- Payment processing – to process your payments when you acquire our products;
- Customer Account Management – to facilitate your purchase and make it possible to manage your Customer account and be notified about where your order is located;
- Marketing and direct marketing – to disseminate news and offers that may interest you through our Newsletter;
- Issue of documents – to issue invoices relative to purchase of goods and services; Home deliveries – to allow us to deliver your purchases to your home;
- Customer support contacts – to provide customer support, before, during and after the sale;
- Guarantees and post-sale support – to enable you to exchange/return articles in the event of a change of mind/non-satisfaction.
4. How long will NAIVEST keep your personal data?
We store your personal data for a period of 10 years only (if you are no longer our customer).
Upon reaching the maximum storage time limit, your personal data will be anonymised or erased using a safe method.
5. With whom can NAIVEST share your personal data?
The personal data collected will be communicated:
- to the NAIVEST company, which is responsible for processing the data;
- to outsourcers providing services to NAIVEST.
To provide a more complete offer to our customers, NAIVEST has established partnerships with outsourcers who provide services on behalf of NAIVEST, such as embroidering/stamping companies, firms who host or operate the NAIVEST website, or delivery companies. Third-party access to your personal data is restricted, and is only permitted to fulfil an order, process a delivery, or provide customer support.
6. How does NAIVEST protect your personal data?
NAIVEST takes all precautions possible to protect the confidentiality and security of your personal data, making every effort and implementing security measures to protect your personal data from improper use, interference, loss, unauthorised access, modification or disclosure.
In particular, the entire process of selecting and using a payment means, as well as the insertion of data inherent to the payment process of your orders is duly protected, with all the information encrypted and managed with advanced security tools.
Although transmission of data through the internet or a website cannot guarantee total security against intrusion, NAIVEST and its service providers make every effort to implement and maintain physical, electronic and procedural security measures to protect your personal data in compliance with the applicable data protection requirements.
7. Does NAIVEST transfer your personal data outside the EU?
If personal data is transferred outside the EU, NAIVEST will make sure the data is protected in the same way it would be if used in the EU. To do so, we use one of the following safeguards:
– Transfer to a country that does not belong to the EU whose privacy laws guarantee a suitable level of protection of personal data similar to the levels in the EU; Implementation of a contract with the foreign entity that stipulates protection of the personal data in line with the standards used in the EU; Transfer of personal data to organisations that have specific international data transfer agreements in place with the European Union (e.g. Privacy Shield, a structure that defines privacy standards for data shared between the United States and European countries).
8. What are your rights?
As the owner of your personal data, you are guaranteed a set of rights regarding your personal data and how they are processed, as follows:
- right to object (i.e. the right to object to the processing of your personal data, at any time, because of particular circumstances, under the terms of the GDPR);
- right to information (i.e. the right to be given concise, transparent, understandable and easily accessible information, using clear and simple language, about how we use your personal data and about your rights);
- right of access (i.e. the right of access your personal data at any time);
- right to rectification (i.e. the right to rectify inaccurate personal data pertaining to you, or to complete them if they are incomplete);
- right to restriction (in certain conditions, the data subject has the right to restrict how his/her personal data is processed);
- right to erasure (in certain conditions, the data subject has the right to instruct the data controller to erase his/her personal data, without justified delay);
- right to portability of the personal data (i.e. the right to receive the personal data pertaining to him/her that he/she has provided, in a structured format, which is currently used and can be automatically read, as well as the right to transmit these data to another data controller, in certain conditions).
The data subject also has the right to make a complaint to the supervisory authority (Comissão Nacional de Proteção de Dados – National Data Protection Commission | Rua de São Bento, n.º 148 – 3.º, 1200-821 Lisbon | Tel: +351 213928400 | Fax: +351 213976832 | email: email@example.com) regarding how we process your personal data, the right to withdraw your consent (in this case, the withdrawal of consent does not compromise the legality of processing the data based on the previously given consent), as well as the right to not be subject to decisions solely based on automated processes that produce legal effects or other significant effects.