Privacy Policy

This Privacy Policy applies to the website https://madeirasleiria.pt (hereinafter referred to as the “Site”) and is published by Boas Soluções Lda, headquartered at Rua Luís de Freitas Branco, no. 42 D, 1600-491 Lisbon, VAT number 517790939, registered at the Lisbon Commercial Registry Office under number 517790939.

For the purposes of data protection legislation, namely Regulation (EU) 2016/679 (GDPR) and Law no. 58/2019, Boas Soluções Lda is the data controller responsible for processing personal data.

Personal Data We Collect

We collect the following types of personal data:

a) Data provided directly by the user:

• 

  Full name, address, email, mobile phone number, VAT number (for invoicing), payment details (processed securely)

• 

  Messages sent through contact forms or by email.

b) Data collected automatically:

• 

  IP address, browser type and version, operating system, date and time of access, pages visited, and other technical data

• 

  Cookies and similar technologies (see the section “Cookie Policy”).

c) Data obtained from third parties (where applicable):

• 

  Payment or transport platforms (only data necessary for service execution).

Purposes and Legal Basis for Processing

The personal data collected by Boas Soluções Lda are processed for the following purposes, under the legal bases set out in Article 6 of the GDPR:

• 

  Order processing, payments, and deliveries based on the performance of a contract between the customer and the company (Art. 6(1)(b) GDPR)

• 

  Customer account management and after-sales support based on contract performance and, where applicable, the company’s legitimate interest in ensuring efficient and quality service

• 

  Sending newsletters and promotional communications based on the user’s prior explicit consent (Art. 6(1)(a) GDPR), which may be withdrawn at any time

• 

  Compliance with legal obligations, particularly tax and accounting requirements based on Art. 6(1)(c) GDPR

• 

  Website improvement and user experience optimization based on the company’s legitimate interest in analyzing website usage statistics and improving its services

Data Sharing and Subcontracting

Data may be shared with carefully selected service providers, including:

• 

  Transport and logistics services (for product delivery)

• 

  Online payment platforms (for secure transaction processing)

• 

  Web hosting and technical maintenance services

• 

  Email marketing and CRM services (only with user consent)

All subcontractors operate under a data processing agreement ensuring confidentiality and GDPR compliance.

Data are not transferred outside the European Economic Area (EEA) unless the provider ensures an adequate level of protection (e.g., Standard Contractual Clauses approved by the European Commission).

Data Security

We implement appropriate technical and organizational measures, including:

• 

  Encryption

• 

  Secure connections (HTTPS)

• 

  Access control

• 

  Regular backups

• 

  Internal data protection policies

• 

  These measures are designed to protect personal data against unauthorized access, loss, alteration, or destruction.

Cookies and Similar Technologies

The Site uses the Cookiebot system to manage cookie consent, allowing users to select their preferences.

What are cookies?
Cookies are files stored on the user’s device that help the Site function correctly and improve the browsing experience.

Types of cookies used:

• 

  Necessary: ensure essential site functionality

• 

  Preferences: store options such as language or region

• 

  Statistics: help understand user interaction with the Site (e.g., Google Analytics)

• 

  Marketing: personalize advertising and measure its effectiveness

Users can manage or withdraw consent at any time through the cookie banner or browser settings.

Consent Management
The user may change their preferences through:

• 

  the cookie banner displayed on the first visit

• 

  the browser settings

• 

  the Cookiebot consent panel available on the Site

Data Retention

Data is retained only for the period necessary to:

• 

  Execute the contractual relationship

• 

  Comply with legal obligations (e.g., tax documents: 10 years)

• 

  Respond to enquiries or complaints

• 

  Maintain valid consent (e.g., newsletters)

• 

  When the data is no longer needed, it will be deleted or anonymised.

Data Subject Rights

Under the GDPR, users may exercise the following rights at any time:

• 

  Access: to confirm whether their data are being processed

• 

  Rectification: to correct inaccurate or incomplete data

• 

  Erasure (“right to be forgotten”)

• 

  Restriction of processing

• 

  Data portability

• 

  Objection to processing

• 

  Withdrawal of consent (when processing is based on consent)

To exercise any of these rights, please contact us at:
geral@madeirasleiria.pt

If the user believes that data processing violates the GDPR, they have the right to lodge a complaint with the Portuguese Data Protection Authority (CNPD) — www.cnpd.pt

Contacts

Boas Soluções Lda
Rua Luís de Freitas Branco, n.º 42 D, 1600-491 Lisboa
geral@madeirasleiria.pt
+351 926 067 177