Privacy Policy

1. What Is This Policy About?

This Privacy Policy describes how we collect and process personal data necessary to provide the services available through our website. It outlines our practices in compliance with applicable data protection laws.

2. What Are Personal Data?

Personal data means any information relating to an individual that identifies them or makes them identifiable, regardless of form or format.

A person is considered identifiable if they can be recognized directly or indirectly, such as by reference to an identification number or unique attributes linked to their physical, physiological, psychological, economic, cultural, or social identity.

3. How Do We Use Your Personal Data?

Processing personal data is essential to deliver our services and ensure customer satisfaction.
Data will only be processed for legitimate and specific purposes, in accordance with applicable laws and best practices.
We will not reuse your data for unrelated purposes without your consent.

4. Purposes, Legal Basis, and Retention Periods

Summary of Key Processing Activities
Purpose	Legal Basis	Data Collected	Retention Period
Customer account registration	Consent	Name, Email	While registered + up to 2 years after last login
Account management & order history	Consent & Legitimate Interest	Name, Email, Address, Phone	While registered + up to 2 years after last login
Customer support & inquiries	Consent	Name, Email, Phone	1 year
Online purchases & billing	Contract execution	Tax ID, Name, Email, Address, Payment details	Until contract is fulfilled
Marketing & newsletters	Consent	Name, Email	2 years
Website management (cookies, analytics)	Consent & Legitimate Interest	Technical & account data	2 years
Fraud prevention & IT security	Legitimate Interest	Transaction & account data	2 years
Service improvement & campaign analysis	Consent & Legitimate Interest	Name, Email, Phone	2 years

If the law requires longer retention, we will comply. Once retention periods expire, data will be securely deleted.

5. How Do We Collect Data?

Through online forms on our website
Via browser activity, cookies, IP address, and similar technologies
From communications you send us (e.g., by email)

Mavenli does not sell or rent personal data to third parties, except as detailed in this Policy. We do not knowingly process data from minors.

6. Cookies

Cookies are small files stored on your device that help identify your browser and store preferences.
We use cookies to personalize your experience, monitor system security, troubleshoot, and perform analytics.
Non-essential cookies require your consent, which can be withdrawn at any time through your browser settings.

For more details, see our Cookie Policy.

7. How We Protect Your Data

Data is stored securely with technical and organizational safeguards.
Access is restricted to authorized personnel only.
Data is hosted on secure servers (via Shopify), with protections such as TLS encryption and password hashing.
While we take every reasonable precaution, no system is 100% secure. Users should also take measures, such as keeping passwords confidential and logging out after sessions.

8. Your Rights

Under data protection law, you may exercise the following rights:

Access – confirm whether we process your data and obtain a copy.
Rectification – correct inaccurate or incomplete data.
Erasure – request deletion of your data under lawful grounds.
Restriction – request limits on how your data is processed.
Objection – oppose certain processing activities.
Portability – receive your data in a structured, machine-readable format.

To exercise your rights, contact us at: help@mavenli.pt.

Note: If you request deletion of essential data, some services may no longer be available. You may opt out of marketing communications at any time by clicking “unsubscribe” in our emails or updating preferences in your account.

9. Automated Decisions & Profiling

Mavenli does not make fully automated decisions that produce legal or significant effects on you.
Shopify, our service provider, may use limited automated decisions to prevent fraud (e.g., temporary blacklisting of IP addresses or cards after repeated failed transactions).
We do not profile customers based on purchase history or test results.

11. Third-Party Websites

Our website may contain links to third-party sites (e.g., Facebook, Instagram). These sites are not operated by Mavenli, and we are not responsible for their practices or policies.

12. Data Transfers Outside the EU

If data is transferred outside the EU, Mavenli ensures that adequate safeguards are in place, such as adequacy decisions, standard contractual clauses, or equivalent protections.

13. Minors

Our website is not intended for individuals under the age of 18. We do not knowingly collect data from minors.

14. Sensitive Data

We kindly ask you not to send us sensitive personal data (e.g., racial or ethnic origin, political opinions, religious beliefs, union membership, genetic/biometric data, health data, or sexual orientation). Any such data received will be immediately deleted.

15. Changes to This Policy

Mavenli may update this Privacy Policy at any time. Updates will be published on our website.

16. Contact Us

For any questions or requests about this Privacy Policy, please contact us at: help@mavenli.pt.