Privacy Policy

Surf in Peniche is committed to protecting the privacy of its customers and website users and has correspondingly drafted this Privacy Policy in order to demonstrate its commitment and respect for the rules on privacy and the protection of personal data.

This Privacy Policy applies exclusively to the collection and processing of personal data carried out by our company and we would recommend you read this document in its entirety.

This Privacy Policy applies to all personal data collected on the website.

Data Controller
The data controller is Surf in Peniche, with its head office at Travessa Salva Vidas 2520-534 Peniche and with the following e-mail address booking@escolasurfpeniche.com

Types of Personal Data

The data collected within the context of professional activities are those contained in the contact forms on our website.

How do we collect your personal data?

Basis and Purposes of Processing

Marketing and sales purposes, for example: marketing campaigns, events, promotions, information on new or current services and/or products, satisfaction surveys;
Pre-contractual due diligence and/or execution of a service provision contract;
Provision of contracted services and client management;
Compliance with legal obligations;
When the processing is necessary for compliance with legal obligations, such as responding to judicial, regulatory and supervisory bodies, among others;
Legitimate interest;
When the processing of personal data corresponds to a legitimate interest, such as processing data to improve service quality, detect fraud, and so on.

Storage Period

We will only store your data for as long as is necessary in accordance with the purpose for which they were collected.

User Rights

Users may at any time exercise their rights of access, updating, erasure, limitation and the right to oppose data utilisation by the company for commercial purposes as well as withdrawing their consent, without this infringing on the legality of the processing carried out under this consent, in addition to the right to data portability by request through any of the means indicated above.

The data subject may also lodge complaints about data processing with the National Commission for Data Protection.

Data Transmission

The processing of user data may be carried out by a reputable service provider contracted by our company. When this happens, appropriate measures are taken to ensure that any entities accessing data ensure the highest guarantees as regards data protection. Thus, any data processor shall only process the personal data of users, in the name and on behalf of our company, in strict compliance with the legal standards on personal data protection, information security and other applicable standards.

International Data Transfers

Our company may, for the purposes described, transfer your data outside the territory of the European Economic Area (EEA). In such cases, we will strictly comply with the applicable legal provisions, in particular for determining the appropriateness of the destination country or countries regarding the protection of personal data and the requirements applicable to such transfers.

Automated Decisions

Our company may develop user profiles which will allow automated decisions to be made based on personal characteristics, preferences, behavioural history, and location. In such cases, users will retain the right to request human intervention in the decision procedure, to express their points of view and to challenge the decisions taken.

Personal Data Protection Measures

Our company applies several appropriate technical and organisational measures to protect the personal data of users.

Changes to the Privacy Policy

From time to time, our company will update this Privacy Policy.
You are requested to regularly review this document to remain updated.