Privacy Policy
- Identification of the Data Controller
This Privacy Policy governs the processing of personal data carried out via the website https://felippalobato.com.
The data controller is:
Filipa Lobato, who works as a visual artist under the name Felippa Lobato (hereinafter referred to as the “Data Controller”).
Contact email: felippalobato.contacto@gmail.com - Legal Framework
The processing of personal data is carried out in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation – GDPR), as well as with applicable national legislation. - Categories of Personal Data
In the context of using the website, the following personal data may be collected and processed:
a) Identification data (name)
b) Contact details (email address)
c) Content of communications sent by the data subject
d) Browsing data (including IP address, device type, browser, pages visited), where applicable - Purposes of Processing
Personal data is processed for the following purposes:
a) Contact management and responding to requests for information
b) Communication with users
c) Website management and security
d) Compliance with legal obligations - Legal Basis for Processing
The processing of personal data is based on the following legal grounds:
a) Consent of the data subject (Article 6(1)(a) of the GDPR)
b) Taking steps prior to entering into a contract at the request of the data subject (Article 6(1)(b))
c) Compliance with legal obligations (Article 6(1)(c))
d) Legitimate interests of the controller (Article 6(1)(f)), in particular to ensure the security and operation of the website - Data Retention
Personal data will be retained only for the period strictly necessary for the purposes for which it was collected, without prejudice to applicable statutory retention periods. - Recipients and Processors
Personal data may be processed by processors (namely web hosting and technical support service providers), acting on behalf of and for the account of the Data Controller, in accordance with Article 28 of the GDPR.
Such entities are obliged to comply with confidentiality and security obligations. - International Data Transfers
In the event of data transfers to third countries outside the European Economic Area, the appropriate safeguards provided for in Articles 44 et seq. of the GDPR shall be ensured, namely through standard contractual clauses approved by the European Commission. - Rights of the Data Subject
Under applicable legislation, the data subject has the following rights:
• Right of access (Article 15 GDPR)
• Right to rectification (Article 16)
• Right to erasure (Article 17)
• Right to restriction of processing (Article 18)
• Right to object (Article 21)
• Right to data portability (Article 20)
These rights may be exercised by sending a written request to:
felippalobato.contacto@gmail.com - Withdrawal of Consent
Where processing is based on consent, the data subject has the right to withdraw consent at any time, without affecting the lawfulness of processing carried out prior to such withdrawal. - Data Security
The Data Controller implements appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including protection against:
• Unauthorised or unlawful processing
• Accidental loss, destruction or damage - Cookies and Similar Technologies
The website uses cookies, and compliance with applicable regulations is ensured, including obtaining prior consent for non-essential cookies.
For further information, please refer to the Cookies Policy. - Right to Lodge a Complaint
The data subject has the right to lodge a complaint with the competent supervisory authority.
In Portugal:
National Data Protection Commission (CNPD)
https://www.cnpd.pt - Changes to the Privacy Policy
This Privacy Policy may be revised and updated at any time.
Any changes will be duly published on the website. - Contact
For any questions regarding the processing of personal data:
Email: felippalobato.contacto@gmail.com