Privacy Policy

We thank you for visiting our website and for your interest in Encci Carvoeiro. In the following, we provide information about the type, scope, and purpose of the collection and use of your personal data on our websites. Personal data is any information relating to an identified or identifiable natural person. This includes in particular your name, address, and email address. If provisions of the General Data Protection Regulation (GDPR) are named in this Privacy Policy, these shall apply in accordance with Art. 3 GDPR. Otherwise, the respective country-specific legal provisions on data protection apply.

1. Provider of the website and the controller within the meaning of data protection law

The provider of the website and the controller within the meaning of data protection law is

sevencollection F & B, unipessoal Lda.

Urbanização Algarve Sol Rampa

Mato Serrão 12 8400-536 Carvoeiro

PORTUGAL

tel: +351 96 57 444 25

email: geral@encci.pt

Managing Director: Mr. Reinfried Pohl

2. Data processing to enable website usage

Every time you access content on our website, connection data is transferred to our web server (see Section 3). This data includes:

  • the IP address (Internet Protocol address) of the respective users
  • the date and time of the query
  • the referer URL
  • device numbers such as your unique device identifier (UDID) and comparable device numbers, device information (e.g., device type)
  • the browser type/version

This connection data is neither used to determine a user’s identity nor is it combined with data from other sources. Rather, it serves to make the website available. The legal basis for processing your data is Art. 6 para. 1 sentence 1 lit. f GDPR. After no more than seven days, the connection data is anonymized by truncating the IP address at the domain level.

3. Webhosting
For the hosting of this website, we use the web hosting service of Variomedia AG August-Bebel-Straße 68, 14482 Potsdam, Germany (Variomedia).

In order to offer a website, it is necessary to commission a web hosting service. The legal basis for processing your data is Art. 6 para. 1 sentence 1 lit. f GDPR. The webhosting service is used because of our legitimate economic interest in making our services available on this website. In connection with the hosting service, Variomedia processes personal data on our behalf, which are generated while using the website. Variomedia uses servers only in Germany.

4. Use of session cookies
We use so-called session cookies on our website to provide our website technically and to record the use of our website statistically. The legal basis for processing your data is Art. 6 para. 1 sentence 1 lit. f GDPR. The session cookies are deleted as soon as you leave our website or end your browser session.

5. Data processing on request
It is generally possible to use our website without providing specific personal data. However, it is necessary to provide personal data, e.g. to contact us by e-mail or telephone. If you contact us via the aforementioned communication channels, your details will be stored so that they can be used to process your request. The legal basis for the processing of your data is based on Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest then lies in responding to your request. In the case of the implementation of any pre-contractual or contractual measures, the legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR.

6. Social media presences

6.1 Links to social networks
Our website may contain links to social networks (Facebook and Instagram). These websites are operated exclusively by third parties. If you click the links, the respective provider may process your personal data. Please refer to the providers’ privacy policies for further information in this regard.

6.2 Data processing by us and legal basis
Our social media presences (Instagram) are intended to provide you with information about us as well as about our new developments and service. Depending on the provider’s offer, you have the option to interact in different ways (comments, recommendations, etc.), for example, in connection with our social media presence. The interaction of users is an important criterion for us in order to carry out targeted marketing. For example, we can determine which posts users prefer to read. We therefore also use the statistics determined by the providers in this regard for our own purposes. If we process the users’ personal data, the legal basis for this is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest thus lies in particular in targeted information/advertising. The providers will inform you separately about the legal basis on which they process your data for their own purposes.

6.3 Joint responsibility
In individual cases, we may share responsibility for the processing of your personal data with social media providers. In this case, you may assert your rights both against us and against the social media provider (see Section 11). However, the first point of contact is always the social media provider.

We have concluded an agreement with Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland, (Meta) on joint responsibility for the processing of personal data with regard to Instagram. You can view our agreement with Meta by clicking the following link: https://www.facebook.com/legal/terms/page_controller_addendum

Please note that Meta also processes your data outside the EU/EEA. Insofar as a decision of the European Commission on the existence of an adequate level of protection (see Art. 45 para. 3 GDPR) exists in relation to the third country, no additional measures are required for the data transfer. If data is transferred to recipients based in the USA, this is done on the basis of the EU-U.S. Data Privacy Framework, provided the recipient has appropriate certification. A list of currently certified companies is available here: https://www.dataprivacyframework.gov/list. Meta is an active participant in the EU-U.S. Data Privacy Framework, which guarantees the secure transfer of personal data to the USA.

With regard to the storage period for your data processed by us for our own purposes, please refer to our explanations provided under Section 9. Otherwise, please observe the respective social media provider’s privacy policy.

7. Data transfer
We will only transfer personal data to third parties or other recipients if this is necessary for the provision of services, if you have given your consent, if there is a legal obligation to do so, or if the transfer of data is permitted on another legal basis. Where necessary, we have concluded data processing agreements with the recipients of your data in accordance with Art. 28 GDPR.

8. Data transfer to countries outside the EU
Unless otherwise described in this privacy policy, no data is transferred outside the EU.

9. Storage period for personal data/criteria for determining the storage period
We will store your personal data for as long as this is necessary for the aforementioned processing purposes or in case of an objection that no compelling reasons worthy of protection exist for us. In certain cases (e.g., if there is a legal obligation to store data), your personal data will not be deleted immediately, but rather blocked initially. For example, the storage period for messages sent via the contact form with business-related content can be ten years.

10. Security measures to protect your personal data
We use technical and organizational measures to protect your data from unauthorized access, loss, or destruction. Our security measures are continuously adapted in line with technical developments. Our employees and all persons involved in data processing are obliged to comply with data protection laws and to treat personal data confidentially. Our employees are trained accordingly.

To protect your personal data on this website, we use a secure online transmission procedure known as “Secure Socket Layer” (SSL) transmission. This can be recognized by the closed lock symbol displayed on the https:// address. Click on this symbol for details of the SSL certificate used. Display of this symbol depends on the browser version used.  SSL encryption guarantees the encrypted and complete transmission of your data.

11. Your rights
Within the framework of the legal requirements, you are in principle entitled to request from us:

  • confirmation of whether we are processing your personal data
  • information about this data and the circumstances of processing
  • correction if this data is incorrect
  • deletion if there is no justification for processing and no obligation to store your personal data (any longer)
  • restriction of processing in certain cases specified by law
  • objection in case of data processing based on Art. 6 para. 1 sentence 1 lit. f GDPR
  • transfer of your personal data – insofar as you have provided it – to you or a third party in a structured, common and machine-readable format

If you have given your consent to the processing of your personal data, you have the right to withdraw your consent again at any time. Processing of your personal data will then not be allowed in the future. However, this will not affect the lawfulness of the processing carried out with your consent before you withdrew your consent.

Please address your specific request in writing or via email, clearly identifying your person to:

sevencollection F & B, unipessoal Lda.

Urbanização Algarve Sol Rampa

Mato Serrão 12 8400-536 Carvoeiro

PORTUGAL

tel: +351 96 57 444 25

email: geral@encci.pt

Managing Director: Mr. Reinfried Pohl

Insofar as we use your data in joint responsibility with third parties in the sense of Art. 26 GDPR, the third party is primarily responsible for the exercise of all data subject rights. However, you are also free to assert your rights against us.

Finally, we would like to draw your attention to your right to lodge a complaint with a supervisory authority.

12. No automated individual decisions
We do not use your personal data to make automated individual decisions.

13. Changes to the Privacy Policy
New legal requirements, business decisions, or technical developments may make changes to our Privacy Policy necessary. The Privacy Policy will then be amended accordingly. The latest version can always be found on our website.