This privacy notice explains how Frutíssima collects, uses and stores your personal data. It also gives you information about your legal rights granted under data protection laws.
The controller is Frutíssima – Concentrados de Frutos de Cova da Beira, Quinta da Ferreira de Baixo, Estrada Nacional 346 ao km 21, 6230 – 610 Salgueiro, Portugal.
If you have any questions about this privacy notice, or how your personal data is processed, please contact our Group Data Protection Officer (DPO) at:
C&C Group plc
Cervejaria Wellpark
161 Duke Street
Glasgow G31 1JD
Correio electrónico - gdpr@candcgroup.com
This privacy notice was last updated March 2023. We may amend this notice at any time. The latest version will be made available on this site, and we’ll contact you if we make any significant changes to it.
We won’t be able to respond to your queries, complaints or provide certain services if you don’t provide your personal data. It’s also important that the personal information we hold about you is correct and up to date, so please keep us informed if your personal information changes during your relationship with us.
Information about our use of cookies and similar technologies can be found in our cookie notice.
1. Why we use your personal data, and our lawful basis
To provide and manage our services to you
- Your personal data is used so we can provide goods and services to you and manage any accounts you hold with us. Any such processing is a contractual requirement so we can, for example, fulfil orders you place.
- It’s used to process payments and to prevent fraudulent transactions. We do this as part of our contractual obligations to you, and our legitimate interests to help protect our customers from fraud.
- We’ll respond to your queries and complaints using the contact details you provide. We do this as part of our contractual obligations to you, and our legitimate interests to provide you with the best possible service.
To run our business effectively
The purposes outlined in this section are primarily carried out under the lawful basis of our legitimate interests.
- We’ll use your personal data to make sure we give you and other customers the best possible service, and to run effective and efficient systems and processes. This includes developing, testing and improving our systems, sites and services.
- It’s used for business management, decision-making and planning purposes, to effectively run and protect our business.
- We monitor our network and information security, including preventing unauthorised access to our computer and electronic communications systems and preventing malicious software distribution, namely by using a closed network, as well as installing software for anti-virus and blockage of suspicious emails.
- We maintain and monitor this website including, but not limited to, traffic data, location data, web logs and other communication data.
To comply with our legal obligations
- Your personal data will be used to manage service issues or legal disputes involving you, other customers and suppliers, or our own employees, workers and contractors.
- It’ll be used to help prevent and detect crime,and support the health and safety of our workforce or others. For example, through CCTV systems in place at our site. Signage will be in place to tell you where CCTV is operating.
- We may use it during our accounting and auditing processes and for any regulatory or legal reporting purposes which we must comply with.
2. Passing your information to others
We may have to share your data with other people and organisations. We require these third parties to respect the security of your data and to use it legally. Where a third-party is acting as a data processor, they’ll act solely on our instructions and will only use your information for that specific purpose.
We may share your data:
- With the other entities within our Group (C&C Group plc), as part of our regular reporting activities on company performance, as part of research findings conducted about our brands and products, in the context of a business reorganisation or group restructuring exercise, or for system maintenance support and hosting of data.
- With companies that help us provide our products and services, for example companies that help us process payments, or fulfil orders and deliver products to you.
- With IT system providers, including data storage providers and their technical support teams, if necessary.
- Governmental bodies, regulators, law enforcement agencies, insurers, our accountants, auditors, legal advisors, debt collection agencies, or court or tribunal services where we must do so to comply with legal obligations, exercise or defend our legal rights, to prevent and detect crime or prosecute offenders, or to safeguard and protect our employees, customers or other individuals.
- If we sell or buy any business or assets, we may disclose your information to the prospective seller or buyer of such business or assets. If we’re acquired by a third party, customer information will be one of the transferred assets so they can continue to provide services to you.
3. International transfers
Your personal data may be transferred to and stored in locations outside the European Economic Area (EEA). This will typically occur when we use service providers located outside of these areas. These data transfers require us to follow certain rules under data protection law to ensure that your data will be adequately protected, so we’ll only transfer data to countries that have been confirmed as protecting personal data to UK or EEA standards, or where we have put contractual commitments in place which make sure the data is protected to these standards.
Please contact our DPO if you want to find out more about where personal data is transferred to, or the safeguards we have in place.
4. How long we keep your personal data
Your personal data is only kept for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any operational, legal or reporting requirements, and in order to defend our legal rights. To decide the right retention period, we consider the purposes for which the data is processed, the amount, nature, and sensitivity of it, the potential risk of harm from unauthorized use or disclosure, and any applicable legal requirements.
Your personal data is deleted once it’s no longer needed for these purposes.
5. Your rights
Under data protection law you have the right to:
- Request access to your personal information (commonly known as a data subject access request). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request the correction of incomplete or inaccurate personal information that we hold about you.
- Request erasure of your personal information in certain circumstances. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information in certain circumstances. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another party, known as data portability.
- Withdraw your consent. In circumstances where your consent is the lawful basis for the processing, you have the right to withdraw your consent at any time.
If you want to exercise any of these rights please contact gdpr@candcgroup.com
Your right to complain to a data protection regulator
We aim to collect, use and safeguard your personal information in line with data protection laws and guidance. If you do not believe we have handled your personal data appropriately, please get in touch with our Data Protection Officer at details above so that we can try to resolve your concerns.
While we hope that we can resolve your concerns, you can complain to a data protection supervisory authority regardless of whether you have exhausted our internal procedure.
You can contact the Portuguese supervisory authority at:
Comissão Nacional de Proteção de Dados
Av. D. Carlos I, 134 - 1.º
1200-651 Lisboa
Telefone: +351 21 392 84 00 (call to the national fixed network)
Fax: +351 21 397 68 32
geral@cnpd.pt
www.cnpd.pt