1. Introduction
Gondomar Sport Clube is committed to protecting the privacy and personal data of its users, in compliance with the General Data Protection Regulation (GDPR) and applicable national legislation.
2. Data Controller
The data controller is Gondomar Sport Clube, NIF 501432434, located at Rua de Pevidal, n.º 1042, 4420-304 Gondomar.
3. Data Collected
The following may be collected:
• Identification data (name, address, email, phone)
• Billing and payment data
• Website browsing data
4. Purposes
Data is processed for:
• Order processing and billing
• Customer account management
• Communication of product and service information
• Compliance with legal obligations
5. Legal Basis
Processing is based on:
• Contract execution
• Compliance with legal obligations
• Data subject’s consent (when applicable)
6. Data Recipients
Data may be communicated to:
• Competent authorities, for compliance with legal obligations
• Service providers acting on behalf of the club (e.g., transport and payment services)
7. Payments and Card Data
Card payments are processed by Easypay, a payment institution authorized by the Bank of Portugal.
• Easypay complies with the PCI DSS standard
• Gondomar Sport Clube does not store card data
• More information on Easypay’s official website
8. Retention
Data is retained for the period necessary for the purposes that motivated its collection and in accordance with applicable legal obligations.
9. Data Subject Rights
The data subject has the right to access, rectify, erase, restrict, port, and object. Rights can be exercised via geral@gondomarsportclube.pt.
10. Security
Appropriate technical and organizational measures are applied to protect personal data.
11. Changes
Gondomar Sport Clube may update this policy, with the latest version always published on the website.
