Facebook Instagram LinkedIn
Subscribe to our newsletter
Free shipping on purchases > 75€
0

Privacy Policy

Vilela, Cardoso & Morais, Lda (hereinafter referred to as “Soresa”) is committed to protecting the privacy of users of the soresa.pt website. This Privacy Policy explains how we collect, use, store and protect your personal data, in accordance with the General Data Protection Regulation (GDPR - Regulation (EU) 2016/679) and other applicable legislation.

1. Responsible for Treatment

  • Entity: Vilela, Cardoso & Morais, Lda
  • NIPC: 513 724 990
  • Address: Rua do Prado, 1, 5445-052 Santa Maria de Émeres, Valpaços
  • Email: geral@soresa.pt

2. Personal Data Collected

In connection with the use of the website and online store, we may collect the following personal data:

  • Identification data: name, billing and delivery address, VAT number
  • Contact details: email, phone number
  • Payment details: payment method used (card data is processed directly by the payment entity and never stored in our systems)
  • Navigation data: IP address, browser type, pages visited, duration of visit and cookies (see our Cookie Policy)
  • Account details: email and password (encrypted) for registering in the store

3. Purposes of processing

Personal data is processed for the following purposes:

  • Order processing and management, including shipping, invoicing and after-sales support
  • Creating and managing customer accounts in the online store
  • Communication regarding the status of orders and support requests
  • Sending newsletters and marketing communications (only with prior consent)
  • Compliance with legal and tax obligations
  • Improving the website and user experience through analytical data

4. Legal basis for treatment

The processing of your personal data is based on the following legal grounds:

  • Execution of contract: order processing and customer account management
  • Legal obligation: compliance with tax and accounting obligations
  • Consent: sending of marketing communications and use of non-essential cookies
  • Legitimate interest: website improvement, fraud prevention and security

5. Data Sharing

Your personal data may be shared with the following entities, exclusively for the purposes indicated:

  • CTT Expresso: name, address and contact for processing shipments
  • Payment processors: data needed to complete transactions (MB WAY, ATM, credit card)
  • Tax authorities: billing data, when legally required
  • Website hosting and maintenance service providers

We do not sell, transfer or share your personal data with third parties for marketing purposes.

6. International transfers

Your data is stored and processed within the European Economic Area (EEA). Should any transfer outside the EEA be necessary, an adequate level of protection under the GDPR will be ensured.

7. Data retention

Personal data is kept for as long as necessary for the purposes for which it was collected:

  • Order and billing data: 10 years (tax obligation)
  • Customer account details: while the account is active, or until the deletion request
  • Marketing data: until consent is withdrawn
  • Browsing data and cookies: see Cookie Policy

8. Data Subject Rights

Under the terms of the GDPR, you have the following rights with regard to your personal data:

  • Right of access: obtain confirmation and information on the data processed
  • Right of rectification: correct inaccurate or incomplete data
  • Right to erasure: request the deletion of data, where applicable
  • Right to restriction of treatment: restrict processing in certain circumstances
  • Portability rights: receive data in a structured and commonly used format
  • Right to object: object to processing based on legitimate interest or direct marketing
  • Right to withdraw consent: at any time, without affecting the lawfulness of the previous processing

To exercise any of these rights, please contact us at geral@soresa.pt. We will reply within a maximum of 30 days.

You also have the right to lodge a complaint with the National Data Protection Commission (CNPD) — www.cnpd.pt.

9. Data Security

Soresa adopts appropriate technical and organizational measures to protect personal data against unauthorized access, loss, alteration or destruction, including SSL encryption on the website, restricted access and encrypted passwords.

10. Minors' data

The Soresa online store is not intended for minors under the age of 16. We do not knowingly collect personal data from minors. If we become aware that we have collected data from a minor without the appropriate parental consent, we will delete it.

11. Changes to the Privacy Policy

Soresa reserves the right to update this Privacy Policy at any time. Changes will be published on this page with the date of the update. We recommend that you check this page regularly.

Last updated: April 2026

Select a Pickup Point