GDPR Privacy Policy

PRIVACY POLICY (GDPR)

Grafipronto – Silaba Inédita, Lda.

1. DATA CONTROLLER IDENTIFICATION

The website grafipronto.pt is operated by Silaba Inédita, Lda., hereinafter referred to as Grafipronto, acting as the Data Controller under Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR).

Contact email: site@grafipronto.pt
Country: Portugal

2. SCOPE OF THIS POLICY

This Privacy Policy explains how Grafipronto collects, uses, stores, shares and protects users’ personal data when they:

  • visit the website;

  • create a customer account;

  • place orders;

  • use the customer support chat;

  • contact customer support;

  • interact with marketing and advertising campaigns;

  • subscribe to commercial communications.

By using the website, the user declares that they have read and understood this Privacy Policy.

3. PERSONAL DATA COLLECTED

3.1. Data provided by the user

We may collect, among others:

  • first and last name;

  • email address;

  • phone number;

  • billing and shipping address;

  • customer account data;

  • content submitted for product personalisation (files, images, texts);

  • communications exchanged with Grafipronto.

3.2. Automatically collected data

When browsing the website, the following data may be collected automatically:

  • IP address;

  • device type and browser;

  • operating system;

  • pages visited and browsing time;

  • online identifiers;

  • interaction data with ads and campaigns.

4. COOKIES AND TRACKING TECHNOLOGIES

We use cookies and similar technologies to ensure website functionality, improve user experience, analyse performance and display relevant content and ads.

Cookies may be:

  • Essential – required for website operation;

  • Functional – remember user preferences;

  • Analytics – statistical and performance analysis (e.g. Google Analytics 4);

  • Marketing/Advertising – ad personalisation (e.g. Google Ads, Meta);

  • Communication and Support – chat and customer support tools (e.g. Tidio).

Users may manage their consent for non-essential cookies through the cookie banner available on the website.

5. PURPOSES AND LEGAL BASIS FOR PROCESSING

Personal data is processed for the following purposes:

a) Contract performance

  • order processing;

  • production of personalised products;

  • invoicing;

  • delivery and logistics;

  • after-sales support.

Legal basis: performance of a contract.

b) Customer account management

Legal basis: performance of a contract.

c) Customer support and communication

Legal basis: legitimate interest and/or performance of a contract.

d) Marketing and advertising

Legal basis: consent and/or legitimate interest, where applicable.

e) Website analysis and improvement

Legal basis: legitimate interest and/or consent for cookies.

f) Legal obligations

Legal basis: compliance with legal obligations.

6. SHARING DATA WITH THIRD PARTIES

Personal data may be shared with:

Platforms and technology

  • Shopify Inc.

  • Tidio

Payments

  • Shopify Payments
    (including payment methods supported by the platform)

Marketing and analytics

  • Google Analytics 4

  • Google Ads

  • Meta Platforms (Facebook / Instagram)

Logistics and carriers

  • CTT

  • DPD

  • GLS

Public authorities

  • when required by law or judicial decision.

All partners are required to comply with the GDPR.

7. INTERNATIONAL DATA TRANSFERS

Some service providers may process data outside the European Economic Area.

Grafipronto ensures that such transfers are subject to appropriate legal safeguards, in accordance with the GDPR.

8. DATA RETENTION

Personal data is retained only for the period necessary for the purposes for which it was collected:

  • invoicing data: legally required retention period;

  • account data: while the account remains active;

  • marketing data: until consent is withdrawn;

  • support data: as long as necessary to manage the request;

  • cookies: according to the Cookie Policy.

9. DATA SUBJECT RIGHTS

Users have the right to:

  • access;

  • rectification;

  • erasure;

  • restriction of processing;

  • objection;

  • data portability;

  • withdrawal of consent.

Requests may be submitted to site@grafipronto.pt

Right to lodge a complaint

Users may lodge a complaint with the supervisory authority:

CNPD – Comissão Nacional de Proteção de Dados (Portugal)
www.cnpd.pt

10. CHILDREN’S DATA

The website is not intended for children under 13 years of age.
We do not knowingly collect personal data from minors without parental consent.

11. DATA SECURITY

Grafipronto adopts appropriate technical and organisational measures to protect personal data.

12. LINKS TO THIRD-PARTY WEBSITES

The website may contain links to third-party websites. Grafipronto is not responsible for their privacy policies.

13. CHANGES TO THIS PRIVACY POLICY

Grafipronto may update this Privacy Policy at any time.
The current version will always be available on the website.

14. CONTACT

For any data protection-related questions site@grafipronto.pt