Privacy Policy

Last updated 31.08.2023

1. PREAMBLE AND SCOPE

We respect your right to privacy and take the protection of Personal Data extremely seriously, as we would like to provide you with the highest level of protection of your Personal Data. We are committed to protecting the privacy and security of the information we collect and to being transparent about the ways in which we collect and process your information.

This Privacy Policy sets forth our policies and practices for handling the information we collect from or about you. It defines ways of collecting your Personal Data, the purposes for which we collect it, the security measures we use to protect it, the persons with whom we share it and your rights regarding the protection of Personal Data.

This Privacy Policy applies to all Personal Data collected and stored by us from Individuals visiting the Website, Conference and/or Venues, and users of our Services.

This Privacy Policy is based on applicable relevant legislation on the protection of Personal Data, in particular the General Data Protection Regulation of the EU (“GDPR”).

2. INTRODUCTORY INFORMATION

When we refer to “we”’, “our” or “us” in this Privacy Policy, we refer to GM MURO Global LDA, a limited liability company being organized under the laws of Portugal, operating and maintaining the website http://muro.art/. 

We are the Data Controller and we shall be responsible for processing and storing your Personal Data in accordance with the Applicable Law.

When we refer to “you” or “your” we mean those individuals whose Personal Data we collect through the Services, or whose Personal Data we receive from other organizations that we work with.

We reserve the right to change and/or update this Privacy Policy at any time. When we make changes and/or updates to this Privacy Policy, we will revise the “last updated date” above and post the new Privacy Policy on the Website.

3. COLLECTING AND PROCESSING OF PERSONAL DATA

We process your Personal Data solely on the basis of clearly stated and legitimate purposes, securely and transparently.

3.1. TYPE OF PERSONAL DATA WE COLLECT

In principle we only process Personal Data of our clients/users when it is deemed necessary to provide a functional website as well as to ensure the availability of our service and purposes and also when it is governed by legal requirements. 

The following data is hereby collected:

  1. Name and Surname;
  2. E-mail address.

We use the personal information stated above for the purpose of sending newsletters about our Product. 

3.2. LEGAL BASIS FOR COLLECTING AND PROCESSING OF PERSONAL DATA

We mainly process your Personal Data to perform our obligations under the Terms and Conditions (i.e. we process your data on a contractual or pre-contractual basis), for marketing purposes (i.e. sending you newsletters about our products) and whereby in certain cases, we may also rely on an alternative legal basis.

We base our data processing on the execution of an individually agreed Consent with the data subject for clients that share their own Personal Data. We base our data processing on the legitimate interest of our clients in case they contact us via a contact form on our website or receive an Order or following a mailing newsletter request/consent as determined in Terms and Conditions.

We may also invoke our legal obligations as a valid ground for sharing your information with judiciary or law enforcement authorities, if we are ever obliged to do so and according to the Applicable Law.

3.3. PROCESSING PURPOSE FOR COLLECTING PERSONAL DATA

We will only process your Personal Data for specified, explicit and legitimate purposes. We undertake not to process your Personal Data in a manner incompatible with the purposes defined in this Privacy Policy.

The purposes for which we can use your Personal Data are defined below. We may use your Personal Data for one or more of the purposes:

  • processing purposes related to usage of our website,
  • processing purposes related to communication with us,
  • processing purposes related to security and administration, 
  • processing purposes related to marketing activities.

If there is a need for further processing of your Personal Data (for a different purpose than for the purpose for which Personal Data were originally obtained), we will inform you in advance and, when necessary, request your Consent. You are entitled to revoke any processing of your Personal Data at any time, which was obtained by us, based on your Consent. You can notify us of the revocation of the Consent over the email as provided in the Contact section. The Controller shall process, retain, and store the Personal Data of the Individual for as long as reasonably necessary to achieve the purposes for which Personal Data was collected. In any event, the collected Personal Data will be routinely erased every two years. The purpose of storing Personal Data for two years is to notify Individuals of any updates to the services offered by Us.

4. PROTECTING PERSONAL DATA

4.1. DATA PROTECTION AND SECURITY

We use technical and organizational measures, such as ensuring the regular updating and maintenance of the hardware, software and application equipment that we use for the processing of Personal Data, to protect your Personal Data against the risks of unauthorized access and against unintentional loss, destruction or damage, in accordance with the Applicable Law. We undertake all measures according to our technological capabilities (including the cost of implementing certain measures) and the impact assessment on your privacy.

4.2. AGE LIMITATION

We will not knowingly collect or sell any Personal Data about children under 18 years old / as defined by the Applicable Law without parental Consent or as otherwise permitted by the Applicable Law. Unless the Terms and Conditions state otherwise, the Services are intended for users who are of legal age for Personal Data protection purposes according to the Applicable Law. In this regard, we will not consider the laws of other countries.

4.3. PERSONAL DATA BREACH

In the event of a Personal Data breach, we will notify the competent supervisory authority without delay about any such breach. In the event of a breach that may cause a high risk to the rights and freedoms of individuals, we will inform you of such an event without undue delay. In the event that there is a suspicion of a criminal offense regarding the Personal Data breach, we will also report such breach to the police and the competent state prosecutor's office.

5. TRANSMITTING OF PERSONAL DATA

5.1. TRANSMITTING OF PERSONAL DATA TO THIRD PARTIES

We might share data with Third parties such as aggregators and distributors. Any third party to whom we transmit Personal Data is bound to comply with the Applicable Law as well as to the provisions of this Privacy Policy. With external processors, however, the protection of Personal Data is further defined by the contract.

We may transmit your Personal Data to third parties for the purposes and pursuant to legal basis highlighted in this Privacy Policy (see Section 3) based outside the EU and EEA, where Personal Data processing occurs.

 Our current  (third party) processor is Google Inc. for mail.

6. DISCLOSING OF PERSONAL DATA

We are committed to maintaining your trust, and we want you to understand when and with whom we may share the information we collect.

We may disclose your Personal Data to:

  1. legal purposes: We may disclose any of the information we collect to respond to subpoenas, court orders, legal process, law enforcement requests, legal claims or government inquiries, and to protect and defend the rights, interests, safety, and security of us, users, visitors, or the public (including responding to illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or violations of our Terms and Conditions
  1. consent: We may share any of the information we collect for any other purposes disclosed to you at the time we collect the information or pursuant to your Consent.

We do not sell your information to third parties. We do permit third parties to collect the information described above through our Service and discloses such information with third parties for business purposes as described in this Privacy Policy. The information practices of these third parties are not covered by this Privacy Policy.

7. ACCESS TO SOCIAL NETWORKS

On the Website we offer you the ability to use the following social networks: Twitter and Telegram. The mentioned social networks operate in accordance with their terms of use and privacy policy, where the usage of personal data for each social network is also defined. We do not assume any responsibility for the use of social networks.

8. SECURITY AND INTEGRITY

We maintain appropriate and reasonable technical and organizational measures to safeguard Personal Data, which include, but are not limited to:

  1. pseudonymisation and encryption of personal data;
  2. the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
  3. the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
  4. a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.

We maintain reasonable procedures to help ensure that Personal Data is reliable for its intended use and is accurate, complete, and current.

You acknowledge that no Personal Data storage system or transmission of Personal Data over the Internet or any other public network can be guaranteed to be 100 percent secure, accurate, complete, or current.

We take steps to ensure that any natural person acting under our authority who has access to personal data does not process them except on our instructions, unless he or she is required to do so by Union or Member State law.

9. DATA PROTECTION RIGHTS

Although we own the code, databases, and all rights to our platform and services, Individual retains all rights to his/her data. The Individual has the following rights regarding the Personal Data processing:

9.1. RIGHT OF ACCESS

Each Individual shall have the right to obtain from the Controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data listed in article 15 (1) of the GDPR.

The Controller shall provide free information about the Individual’s Personal Data stored at any time and a copy of this information.

Furthermore, the Individual shall have a right to obtain information as to whether Personal Data is transferred to a third country or to an international organization. Where this is the case, the Individual shall have the right to be informed of the appropriate safeguards relating to the transfer.

9.2. RIGHT TO RECTIFICATION (CORRECTION)

Each Individual shall have the right to obtain from the Controller without undue delay the rectification of inaccurate Personal Data concerning him or her. Taking into account the purposes of the processing, the Individual shall have the right to have incomplete Personal Data completed, including by means of providing a supplementary statement.

9.3. RIGHT TO BE FORGOTTEN (RIGHT TO ERASURE, DELETION)

Each Individual shall have the right to obtain from the Controller the erasure of Personal Data concerning him or her without undue delay, and the Controller shall have the obligation to erase Personal Data without undue delay where one of the following listed in Article 17 (1) of the GDPR applies, as long as the processing is not necessary.

Where the Controller has made Personal Data public and is obliged pursuant to Article 17 (1) of the GDPR to erase the Personal Data, the Controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform other Controllers processing the Personal Data that the Individual has requested erasure by such Controllers of any links to, or copy or replication of, those Personal Data, as far as processing is not required. Our staff will arrange the necessary measures in individual cases.

9.4. RIGHT OF RESTRICTION OF PROCESSING

Each Individual shall have the right to obtain from the Controller restriction of processing in situations listed in article 18 (1) of the GDPR.

9.5. RIGHT TO PRINTOUT OF DATA (DATA PORTABILITY)

Each Individual shall have the right to receive the Personal Data concerning him or her, which was provided to a Controller, in a structured, commonly used and machine-readable format. He or she shall have the right to transmit those data to another Controller without hindrance from the Controller to which the Personal Data have been provided, as long as the processing is based on Consent pursuant to point (a) of Article 6 (1) of the GDPR or point (a) of Article 9 (2) of the GDPR, or on a contract pursuant to point (b) of Article 6(1) of the GDPR, and the processing is carried out by automated means, as long as the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller.

Furthermore, in exercising his/her right to data portability pursuant to Article 20 (1) of the GDPR, the Individual shall have the right to have Personal Data transmitted directly from one Controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others.

9.6. RIGHT TO OBJECT

Each Individual shall have the right to object, on grounds relating to his/her particular situation, at any time, to processing of Personal Data concerning him or her, which is based on point (e) or (f) of Article 6 (1) of the GDPR. This also applies to profiling based on these provisions.

If we process Personal Data for direct marketing purposes, the Individual shall have the right to object at any time to processing of Personal Data concerning him or her for such marketing. This applies to profiling to the extent that it is related to such direct marketing.

In addition to exercising the rights in accordance with Section 10, the Individual is free in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, to use his/her right to object by automated means using technical specifications.

9.7. AUTOMATED DECISION MAKING (INCLUDING PROFILING) 

We do not use any form of automated processing of personal data or profiling.

10. HOW TO EXERCISE YOUR RIGHTS

10.1. UNSUBSCRIBE FROM OUR MARKETING COMMUNICATIONS

To unsubscribe from our marketing communications, you can adjust your settings in your user account or click on the link displayed at the bottom of our marketing communications. You can also contact us directly at info@[domain].com. 

10.2. LODGE A COMPLAINT

You have the right to file a complaint against us with the competent authority for the protection of Personal Data  for unresolved complaints.

In case of exercising any of Data Protection Rights, we may require additional Personal Data (such as name, surname, e-mail address) for identification purposes. We will only need additional information when the information you provide is not sufficient for reliable identification (in this way, we want to prevent your Personal Data from being transmitted to a third party due to unreliable identification).

In case of exercising any of Data Protection Rights, we will not discriminate against you.

11. CONTACT US

Any questions regarding this Privacy Policy, the use of this Privacy Policy, our privacy practices, or exercising of your rights arising from this Privacy Policy, should be addressed to info@muro.art.

You can contact us in case of any requests referring to Data Protection Rights. In such a case, the Individual shall, for verification purposes, use the email associated with an account registered at the Website. You may also contact us in case of questions related to this Privacy Policy or regarding the exercise of your rights arising from this Privacy Policy. In such a case, the Individual shall, for verification purposes, use the email associated with an account registered at the Website.

The integrity of Personal Data processed, and regular updating is our priority. Please kindly inform us of any change of your Personal Data to the above contacts. We will take care of the correction or supplementing your Personal Data in the shortest possible time.

We reserve the right to decline a request referring to Data Protection Rights irrespective of fulfilled legal conditions if the request made to us is manifestly unfounded or excessive.

By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.