The protection of the privacy of personal data is our commitment

Brain One has a fundamental commitment to protect the privacy of its users’ personal data, on the digital platforms where they are present.

This document seeks to explain what personal data are, the type of data collected and for what purposes they are intended, how they are processed, for how long they are kept and also which means of communication to use for users to exercise their rights.


General data protection regulation

The new General Data Protection Regulation (GDPR) establishes rules regarding the processing of data from people from the European Union (EU). Regardless of the technology used to process these data, the GDPR protects personal data, both in automated and manual processing.

It is irrelevant how personal data is stored. However, they are subject to the protection requirements set out in the GDPR.


What is personal data?

Personal data is all information, of any nature and regardless of its support, including sound and image, relating to an identified or identifiable natural person.

An identifiable person is a person who can be identified, directly or indirectly, namely by reference to a name, identification number, location data, identifiers electronically or to one or more elements specific to his physical, physiological, genetic, mental, economic, cultural or social identity.


Who is responsible for data processing?

Brain One, Lda, headquartered at Rua Cidade de Poligny, 13B, RC, 4540-202 Arouca, tax identification number 514 297 867, is responsible for the processing of personal data, under the GDPR.


Treatment of personal data, scope and modification of the privacy policy

When making personal data available to Brain One, the holder consents that it is treated in accordance with this Privacy Policy and with the rules and principles contained in the entity’s Digital Platforms Terms and Conditions.

This Privacy Policy applies to data that has been directly granted by the respective owner or collected in access to Brain One’s digital platforms.

The entity processes the personal data of its users with their consent. It undertakes to treat them in such a way as to guarantee the confidentiality, security and protection of such data against its unauthorized or unlawful treatment and also against its loss, destruction or damage.


What kind of personal data do we process and what is their purpose?

For Brain One to be able to provide services and send communications, it needs to process personal data.

In order to facilitate the understanding of the conditions for the processing of personal data, it was decided to list the necessary information in the following table:

Purpose Purpose Example
Marketing and Sales – Marketing or selling products or services;
– Development of products or services;
– Sending newsletters.
Customer Management and Service Delivery – Management of contacts, information or requests;
– Management of billing, collection and payments.
Accounting, Tax and Administrative Management – Accounting, billing;
– Commission management;
– Tax information.

If eventually there is a need to obtain additional personal data, for these or other purposes, Brain One will always be careful to communicate this situation to the person or entity concerned. For that, it always asks for your consent and provides you with all the necessary information to understand the reason and the conditions of the treatment.


What are the deadlines for processing and preserving personal data?

Brain One processes and keeps the data of its users for the period necessary to fulfill the purposes that motivated their collection. These are treated in accordance with the law, guidance and decision of the CNPD, or whichever is applicable, until the interested party withdraws his consent, exercises his right to object, or to forget.

However, there are situations where the law requires data to be kept for a minimum mandatory period. For example, traffic and location data are stored for a period of 10 years, for the detention and prosecution of serious crimes by the Tax Authority.

After the respective retention period has elapsed, the entity will delete or anonymize personal data.


Rights of the holder of personal data

Within the scope and under the terms of the GDPR and other applicable legislation, the holder of personal data has the right to information, access, rectification or deletion of personal data, as well as the right to data portability, the limitation or opposition to the processing of such data.

The holder may withdraw, at any time, the consent that he has given for the treatment of his personal data, within the framework of the GDPR. The revocation of consent will not affect the lawfulness of the processing of personal data that has been carried out until now, based on the consent that he has previously provided.


What are the security procedures that guarantee the protection of your data?

Brain One takes all necessary and legally required precautions, in order to guarantee the privacy of personal data processed and / or transmitted through its digital platforms. These precautions guarantee the online and offline security of that information.

Whenever sensitive information is collected or used, the data will be encrypted using the SSL protocol. This technology called Secure Socket Layer is used to improve the security of data transmission over the Internet, encrypting and protecting sensitive data and information, using the HTTPS protocol. SSL guarantees to the holder of personal data that the data will not be intercepted in a fraudulent manner and that all information is treated with maximum security.


How we use cookies

A cookie is a small information file that is sent from Brain One’s digital platforms server to the user’s browser and stored on the respective computer. These cookies will only be used by the entity and their use is limited to the following purposes:

  • Allow the proper functioning of all the functionalities of the website;
  • Allow Brain One to know who the user is and, thus, provide a better, more secure and personalized service;
  • Using Google Analytics – a web analytics service provided by Google, Inc. (“Google”). The information generated by the cookie about the use of digital platforms (including your IP address) will be transmitted and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating their use, compiling reports on the activity of websites, apps and other digital platforms for operators and providing other services related to website activities and internet usage. Google may also transfer this information to third parties, whenever required by law, or if they process the information on behalf of Google. Google will not associate the user’s IP address with any other data performed by Google;

At any time, the user can configure his internet browser to accept or reject new cookies, as well as to disable cookies previously stored on his device. The rejection of the use of cookies on Brain One’s digital platforms may limit or prevent access to some areas and content or limit the receipt of personalized information.


Updates to this privacy policy

This Privacy Policy can be revised and updated, which will be disclosed via the Brain One website.

General Regulation on Data Protection (GDPR): Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free circulation of such data and repealing Directive 95/46 / EC (General Data Protection Regulation) (OJ L 119, 4.5.2016).


How to change or delete your data?

To proceed with the rectification or removal of your data, as well as to obtain or obtain information and respect the way Brain One treats the user’s personal data, you must contact the entity through the email

To file complaints, you can display the National Data Protection Commission, the competent supervisory authority in Portugal. For more information, visit