Cart 0

No more products available for purchase

Products
Pair with
Is this a gift?
Subtotal Free

View cart
Shipping, taxes, and discount codes are calculated at checkout

Your Cart is Empty

Privacy policy

 

This Privacy Policy was developed to support Conceptica Sisters, Lda, a company with tax identification number 517084236, with registered office at Largo Trindade Coelho NºS 1 e 2 R/C 1200-303 Lisbon – hereinafter Conceptica, owner of the website www.conceptica.me in adapting its activity to the General Data Protection Regulation, approved by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”).


This policy may be supplemented by other security policies that are relevant to Conceptica's business or its relationship with third parties, together describing Conceptica's approach to information security and privacy.


The terms 'Privacy', 'Data Privacy' and 'Data Protection' can be used interchangeably as they are associated with a complex set of legal requirements that apply to Personal Data, which goes beyond the security of data and confidentiality. For example, it includes requirements on transparency of data use and retention.


It is Conceptica's responsibility to define the appropriate mechanisms to achieve compliance with this policy.


Compliance with this policy may be monitored through inspections, audits and/or requests for written confirmations of compliance.


This policy is based on the principles set out in the GDPR. However, there may be differences between countries in the applicability of Conceptica's data protection and privacy policies, particularly when processing personal data outside the EU, when receiving personal data from outside the EU or when processing personal data of non-EU citizens. community.


If you have any questions, please contact Conceptica using the contact details provided.

 

Data Protection Principles

As part of our business, we process Personal Data: whether we receive Personal Data in the course of our business opportunities, our customer engagements, marketing activities or a range of other related and support activities. The data may be received directly from a Data Subject (e.g. in person, via post, email, telephone or other sources), including from our customers, partners, subcontractors, joint Data Controllers, support service providers and credit reference agencies.


All professionals and partners must only request Personal Data from a Data Subject that is relevant and necessary to fulfil a specific business purpose and task.


Conceptica undertakes to comply with the Personal Data protection principles set out in the GDPR, namely:

  • Lawfulness, fairness and transparency: this means that we must have a legitimate reason for processing Personal Data, for example, the Data Subject’s consent, compliance with a legal obligation to which we are subject. It also means that we must clearly inform the Data Subject about the processing;
  • Purpose Limitation: we must only request Personal Data for specific, explicit and legitimate purposes and not process it beyond the purpose for which it was requested;
  • Data Minimisation: the Personal Data processed must be adequate, relevant and limited to what is necessary;
  • Accuracy: we are obliged to ensure that Personal Data is accurate and to update it whenever necessary;
  • Retention Limitation: we must not retain Personal Data for longer than is necessary for the purposes for which it is processed, although we may retain some for historical and statistical purposes;
  • Integrity and Confidentiality: we must have in place appropriate security controls to protect data against unauthorised and unlawful processing, loss, destruction or damage, including technical and organisational measures, such as defined processes, training and awareness;
  • Lawful transfer outside the European Economic Area: we only transfer Personal Data outside the EEA provided that there are appropriate safeguards in place, such as a contractual basis;
  • Data Subject Rights: Data Subjects have a number of rights that we must respect (for example, the right to access a copy of the data we hold and the right to withdraw consent given for direct marketing purposes).

 

Lawfulness and fairness in processing

Whenever Personal Data is collected, it is necessary to have a legal basis for the inherent processing. According to the GDPR, we must identify at least one of the following reasons for processing Personal Data:

  • Consent: The Data Subject has given consent for the same to be processed for one or more specific purposes;
  • Contractual: The processing is necessary for the execution of a contract to which the Data Subject is a party or for pre-contractual steps;
  • Legal: The processing is necessary to comply with a legal obligation to which the Data Controller is subject;
  • Vital interests: The processing is necessary to protect the vital interests of the Data Subject;
  • Public interest: The processing is necessary for the performance of a task carried out in the public interest;
  • Legitimate interests: The processing is necessary for the legitimate interests of the Data Controller, except where such interests or fundamental rights and freedoms of the Data Subject prevail.


When we act as a Data Controller, we must ensure that we have a legitimate basis for collecting and processing Personal Data.


In some situations, we may act as a Processor on behalf of our client, in which case it is the client’s responsibility to ensure that they have a legitimate reason for processing Personal Data, which they must share with us. However, we must take steps to ensure that our contract is clear about our responsibilities in this regard and that, if we collect Personal Data directly from Data Subjects on behalf of the client, we have a legitimate basis for doing so.


Where a Special Category of Data is processed there is an additional set of conditions that must be met. Please contact Conceptica for further guidance.


The GDPR requires that we provide Data Subjects with information about the processing in order to ensure fair and transparent processing. Whenever we collect Personal Data, we must ensure that we adequately explain why we need the information and how we are going to process it. Where information is collected through our website this information is provided via a ‘Privacy Notice’.


Any other information that is required to be provided when collecting personal data must also be provided online. Please see our Privacy Policy and Cookies Policy for further information.

 

Treatment for specific purposes only

Whenever we collect and process Personal Data, we must ensure that we only use it for the specific purposes that have been communicated to the respective holder.


Conceptica shall never process Personal Data for additional purposes that have not been communicated to the Data Subject. Only then will we be clear about the purpose of the processing and we must understand the purposes for which our customers may have collected Personal Data or contact the Privacy Officer.

 

Appropriate, relevant and limited treatment

When we collect and process Personal Data, we must follow the principle of data minimization. This means that we should only collect the minimum Personal Data necessary to perform a specific task.


Additionally, we must ensure that we have an adequate amount of personal data to perform a specific task properly. For example, collecting data only necessary to identify a person.


This also applies to any sharing and other processing activities. It is important to minimize the data held and processed; we must ensure that if we share data internally or externally or if we use it in activities such as testing, we only use/share the minimum amount in each case.

 

Accuracy of personal data

We are obliged to ensure that Personal Data is kept accurate and up to date. We must ensure that appropriate processes are in place to maintain accurate data where necessary (for example, of current and potential professionals or clients held by relevant areas).


When acting as Controller in relation to a client we will not be obliged to implement mechanisms to keep such data up to date; this will be the responsibility of the Controller, that is, our client.

 

Retention of Personal Data

Personal Data should not be retained for longer than necessary. This means that we must define and apply maximum retention periods for the Personal Data we process and implement processes to delete them upon their expiration. Therefore, the following retention periods may apply:

(i) for as long as is necessary for the relevant activity or services;

(ii) any retention period required by law;

(iii) the end of the period in which disputes or investigations may arise in relation to the Services; or

(iv) for the minimum period stipulated in the contract.

 

Data Subjects’ Rights

The GDPR requires us to inform individuals about the Personal Data we collect and the purposes and means for which we process it. Such information is given in the form of a ‘Privacy Notice’.


a) Right of Access

The Data Subject has the right to ask to see the Personal Data we hold about him/her, the purpose of the processing and the categories of data concerned.


We must notify the Data Subject of the recipients with whom we are going to share your data, especially if the recipient is in another country or if it belongs to an international organization.


Where possible, we will define the retention period for data to meet business purposes.


We must communicate to the Data Subject the existence of the right to object to processing and their right to rectification and erasure.


We must communicate to the Data Subject the existence of his/her right to complain to a Supervisory Authority.


When data is collected from someone other than the Data Subject, we must communicate the source of that data to them.


We must ensure that we have processes in place to identify and respond to Data Subject access queries without undue delay and within a maximum of one month.


b) Right of rectification

Data Subjects have the right to rectify inaccurate data, and Conceptica will make every effort to do so immediately.


c) Right to erasure

The Data Subject has the right to obtain from the Controller the erasure of his/her data ('right to be forgotten'). It is Conceptica's responsibility to do everything possible to immediately delete the data held, except when there is a legal requirement for its conservation. If you receive a request from a Data Subject, please contact the Privacy Officer first before erasing any data.


d) Children's rights

All individuals, including children, are protected by the GDPR. For children under 13 years of age, we must not process their Personal Data based on their consent, unless authorized by the respective holders of parental responsibilities.


e) Marketing

We may sometimes send our customers and partners marketing material to inform them of services, upcoming events or other activities of interest to them, in which case we must indicate the right to withdraw consent at any time if they wish not to be contacted again in these terms.


We must also ensure that we have processes in place to ensure that all participation preferences are recorded and respected.


Security of Retained Data

Conceptica will maintain data security by protecting the Confidentiality, Integrity and Availability of Personal Data, and:

Confidentiality means that only authorized people can access the data;

Integrity means that Personal Data must be accurate and appropriate for the purposes inherent in the processing;

Availability means that authorized users must be able to access the data if they need it for authorized purposes.

 

Data Disclosure

All professionals and partners must avoid any inappropriate disclosure of Personal Data and comply with our general duties regarding Confidentiality.


We share your personal information with third parties to help us. For example, our online store is hosted on the Shopify platform. You can read more about how Shopify uses your personal information here: https://www.shopify.com/legal/privacy. We also use Google Analytics to help us understand how our customers use our online store. You can read more about how Google uses your personal information here: https://www.google.com/intl/en/policies/privacy/. You can also opt out of Google Analytics here: https://tools.google.com/dlpage/gaoptout, thereby limiting our access to your data or activity log.


It is allowed:

  • Disclose Personal Data to third parties only upon instruction or where we have a legitimate basis to do so, and there are no restrictions in place.
  • Disclose Personal Data to third parties in the event that we sell or buy any business or assets, or where we are a joint Controller as part of a joint venture.
  • Sharing Personal Data with a third party that is processing data on our behalf, which may include transferring data to a third country.


Generally, Personal Data may be disclosed:

  • To Professionals or agents so that they can perform their functions as such.
  • In cases where non-disclosure may prejudice the prevention or detection of crimes, the bringing of charges against offenders, or the assessment or collection of any tax or duty. Conceptica must have adequate grounds to disclose data under this category in order to avoid criminal prosecution. All disclosures must be justified and documented.


For legal purposes data may be disclosed if:

  • Required by law, statute or court order.
  • For the purpose of obtaining legal advice;
  • Within the scope of or for the purposes of legal proceedings or when necessary to defend a legal right.
  • To safeguard national security.

 


International Transfer of Personal Data

Conceptica may transfer any Personal Data to a third country or international organization. The Personal Data we hold may also be processed by staff operating in a third country or for one of our suppliers.


We must ensure that at least one of the following conditions applies:

  • The country to which the Personal Data is transferred ensures an adequate level of protection for the rights and freedoms of Data Subjects, by decision of the EU Commission.
  • Appropriate safeguards are provided (e.g. standard data protection clauses).
  • The Data Subject has given explicit consent to the transfer after having been informed of the possible risks.
  • The transfer is necessary for one of the reasons set out in the GDPR, including the performance of a contract between Conceptica and the Data Subject, or the protection of the vital interests of the Data Subject.
  • The transfer is legally required for important reasons of public interest or for the purpose of initiating legal actions or defending them.

 


COOKIES POLICY

This website uses cookies to provide better experience for its visitors, as well as to ensure that it is fully functional. This Cookie Policy is part of our Privacy Policy, which you should consult for more information about us and how we protect user information. In order for us to provide a personalized and efficient service to our users, it is necessary to memorize and store information about how this Website should be used. For this purpose, we use reduced text files called cookies that contain reduced amounts of information downloaded to the computer or other devices of our users via a server. Your internet browser then sends these cookies back to the Website on each subsequent visit, enabling us to recognise and remember the identity of our visitors, specifically our users’ usage preferences. You can find more detailed information about cookies and how they work here (aboutcookies.org). Browsing this Website allows the collection of information using cookies and other technologies. By using this website you accept the use of cookies as described in this Cookie Notice.

 

What types of cookies are used and why?

Some of the cookies we use are necessary to allow navigation on this website and to take advantage of its features, such as accessing secure areas and content exclusively for registered users. Our website also uses functional cookies to record information about our users' choices and to allow us to adapt our website to their needs; for example, remembering the source language or region or that a user has already completed a survey. The information recorded is anonymous and is intended only for the purpose indicated above. We may use, directly or indirectly, web analytics services to evaluate the effectiveness of our content and the preferences of our users, which allow us to contribute to optimizing the functioning of this website. Additionally, we use web beacons or tracking pixels to count the number of visitors and performance cookies to monitor how individual users access our website and how often. This information is used for statistical purposes only without identifying any particular user. However, for registered users who are connected to the website, we may use this information in combination with data collected via web analytics services and cookies to analyze how visitors use this website in more detail. This website does not use targeting cookies to deliver targeted advertising to our visitors. Whenever you would like detailed information about the cookies used on our website, please contact us by email.


How to control cookies?

Users of the website accept the introduction of cookies on their computers or devices under the terms indicated above without prejudice to the control and management available. We inform users that removing or blocking cookies may affect their user experience and may limit access to some areas of the website.


In-browser controls

The vast majority of browsers allow our users to view hosted cookies and delete them individually or alternatively block cookies on a specific website or all in general. Please note that any preferences you have set, including opt-out, are lost whenever cookies are deleted. For further information, please consult the websites or cookiecentral.com.


Management of analysis cookies

Our users may choose to de-anonymize their browsing activity within websites monitored by analytics cookies. We use the following service providers where you can obtain more information about their privacy policies and how to delete their cookies by clicking on the following links:


- Shopify: www.shopify.com/legal/privacy

- Google Analytics: google.com/analytics/learn/privacy.html

- Facebook Pixel: facebook.com/business/help/742478679120153

 


Managing the location of shared objects or flash cookies

A local shared object or flash cookie is similar to other browser cookies, differing in that it can store more types of information. These cookies cannot be controlled through the mechanisms identified above. Some areas of our website use this type of cookie to store user preferences for media player functionality and without them the content of some videos may not be displayed properly. These cookies can be manually controlled by visiting the Adobe website.


Social buttons

We use social buttons to allow our users to share or bookmark pages. These buttons relate to social networks which may obtain information about the activities of our visitors on the Internet, including on our website. Understanding how information is used and how you can opt out of its collection should be obtained by reviewing the respective Terms of Use and Privacy Policies of these websites.


Email communications

To assess the relevance of our communications, we may use tracking technologies to determine whether our visitors have read, clicked on links or forwarded certain email communications sent by us. If you disagree with this procedure, our users must unsubscribe, as it is not possible to send these emails without these monitoring mechanisms active. Registered subscribers may update their communication preferences at any time by contacting us via email, or they may unsubscribe by following the instructions in the communication email sent by us to their email address.


This Cookie Policy may be revised at any time at our discretion. When such changes are made, the revision date at the top of the page will change. The amended Cookie Policy will come into effect from the date of revision. We recommend that users of our website review the Cookie Policy periodically to stay informed about our management of cookies.

 

Updated March 25