Privacy Policy
Last updated: 15/07/2026
Courtesy translation. The Portuguese version prevails.
1. Data controller
This policy applies to the website studiolhairconcept.pt, operated by:
- Controller
- Laurenice Periera Barbosa — Empresário em Nome Individual
- Tax number (NIF)
- 296167215
- Registered address
- R. Luanda 696a, 2775-232 Parede
- laurenice.barbosq@sapo.pt
- Phone
- +351 911 175 045
For any question about your personal data, contact us at laurenice.barbosq@sapo.pt.
2. What data we collect and why
| Data | Purpose | Legal basis |
|---|---|---|
| Name, phone, email | Managing and confirming bookings | Performance of a contract (Art. 6(1)(b) GDPR) |
| Booking and service history | Delivering the service and client history | Performance of a contract |
| Booking notes (free text) | Preferences you provide for the service | Performance of a contract |
| WhatsApp / Instagram messages | Answering requests and arranging bookings | Contract / consent |
| Session and authentication data (essential cookies) | Keeping your session and security | Necessary for the service / legitimate interest |
We do not currently use analytics or marketing cookies, nor do we send marketing communications. We do not collect special categories of data (e.g. health data) — please do not include sensitive information in the booking notes field.
3. How long we keep data
- Booking and client data: for the duration of the relationship and up to 5 years after the last interaction, unless a longer legal retention applies.
- Billing data: for the applicable statutory tax period (generally 10 years).
- Session data: expires at the end of the session or per the technical lifetime of the cookie.
4. Who we share data with
We use processors acting on our behalf, in particular:
- Supabase — hosting of the bookings database and authentication.
- Hostinger — website hosting.
- Resend — sending transactional emails (booking confirmations and reminders).
- Meta Platforms — when you contact us via WhatsApp or Instagram.
We do not sell your personal data.
5. International transfers
Some providers may process data outside the EEA. Where they do, we ensure appropriate safeguards (EU Standard Contractual Clauses or adequacy decisions).
6. Your rights
You have the right to access, rectify, erase, restrict and object to processing, to data portability, and to withdraw consent at any time. To exercise these rights, contact laurenice.barbosq@sapo.pt.
You also have the right to lodge a complaint with the supervisory authority: Comissão Nacional de Proteção de Dados (CNPD) — www.cnpd.pt.
7. Security
We apply technical and organisational measures to protect your data, including role-based access control (Row Level Security) and encrypted communications.
8. Alternative Dispute Resolution
In a consumer dispute, you may turn to an alternative dispute resolution entity. The competent entity is: Centro de Arbitragem de Conflitos de Consumo de Lisboa (www.centroarbitragemlisboa.pt). More information at www.consumidor.gov.pt.
9. Complaints Book
We provide a Complaints Book in physical and electronic format. You may file a complaint at www.livroreclamacoes.pt.