PRIVACY POLICY
LAST UPDATE: NOVEMBER 2024
PRIVACY POLICY
At Hoopers we value the protection of your personal data and are committed to respecting your privacy.
In this Privacy Policy we let you know how we collect and treat the personal data of users of our website (available at hoopers.club) and our APP (Hoopers Club), hereinafter jointly referred to only as the “Platform”. Throughout this Policy, references to “you” or “your” refer to users of the Platform and references to “our” or “us” refer to Hoopers.
The processing of your Personal Data through our Platform will be done in accordance with this Privacy Policy, with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (hereinafter the “GDPR”) and with Law 58/2019, of August 8, which ensures the implementation, in the Portuguese legal order, of the GDPR.
By visiting our Platform or using any of the services we offer there, you accept and agree to this Privacy Policy.
Who is responsible for your Personal Data?
The entity responsible for processing your personal data is Plantel Protagonista, Lda. (the “Data Controller”), a private limited company registered with the Commercial Registry Office under company identification number 515665282, with its registered office at Rua da Prata, n.º 80, 1.º, 1100-420 Lisboa.
What personal data do we collect?
Personal data is any information, of any nature and regardless of its medium, relating to an identified or identifiable natural person (“data subject”). According to the GDPR, an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to a name, an identification number, location data, an online identifier or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.
We only collect and process personal data that we consider essential for the use of our Platform and our services, as well as to contact you in relation to our services, including to keep you updated on the latest news and offers regarding the provision of our services, if you provide your specific consent to do so. For the purposes and grounds for processing your data, please see the section “Why do we process your data and for what purposes?” below.
Specifically, we process the following categories and types of personal data:
Identification data: e.g. name, date of birth, photograph.
Contact data: email address, telephone number.
Social network data: Instagram identifier.
Connection and geolocation data: device type, browser version, domain name and IP address, country through which you access our Platform (or website from which you did so).
How do we collect your personal data?
We collect your personal data directly from you, when you create an account on our APP and when you interact with its features; when you subscribe to our newsletter available on our Website; when you contact us in any other way (postal or electronic mail, telephone, etc.); or when you contact us through our social media pages.
We use automated technologies on our Platform, which means that we may also automatically collect technical data about your equipment, browsing actions and patterns. To find out more about our use of cookies, please read our Cookie Policy.
Why do we process your personal data and for what purposes?
We collect and process your personal data on the following grounds, in accordance with Article 6 of the GDPR, namely:
- Compliance with contractual obligations or pre-contractual due diligence;
- Compliance with applicable legal obligations;
- For some processing, we will need your consent;
- Hoopers’ legitimate interests, provided that the need to process personal data is balanced with your interests or fundamental rights and freedoms.
We have identified in the table
| Purpose | Data category | Legal basis for processing |
| Creating an account | Identification data and contact data | Execution of a contract or pre-contractual steps |
| Update available fields | Identification data and contact data; social network data | Execution of a contract or pre-contractual steps Consent |
| Book fields | Identification data and contact data | Execution of a contract or pre-contractual steps Consent |
| Create events and invite other players | Identification data and contact data | Execution of a contract or pre-contractual steps Consent |
| Sending newsletters and other communications | Identification data and contact data | Consent Execution of a contract or pre-contractual steps or procedures |
| Management of our contacts and relationship with users | Identification data and contact data | Execution of a contract or pre-contractual steps Our legitimate interests (e.g. improving our services according to users’ needs) To comply with legal obligations |
| Monitor, improve and administer the Platform and the services provided on it | Connection and geolocation data | Our legitimate interests (security purposes and maintaining service availability) To comply with legal obligations |
| Data analysis to improve our website, our services and the relationship with our users | Connection and geolocation data; commercial data | Our legitimate interests |
We will only use your personal data for the purposes for which it was collected, unless we justifiably consider that we need to use that data for another reason and that reason is compatible with the original purpose of collection.
Security measures
We have implemented technical and organizational measures that ensure the confidentiality of your personal data, protecting it from accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access, as well as against other unlawful forms of data processing.
For example, we take the following measures:
- The ability to ensure the permanent confidentiality, integrity, availability and resilience of processing systems and services;
- We have a specific policy on data breaches that describes the procedure for detecting personal data breaches, resolving them in a timely manner and reporting them, in accordance with the applicable legislation;
- The ability to restore availability and access to personal data in a timely manner in the event of a physical or technical incident;
- We have a process for regularly testing, assessing and evaluating the effectiveness of the technical and organizational measures adopted to guarantee the security of processing.
- We keep a written record of all processing activities carried out, ensuring compliance with the requirements of the GDPR;
- We have entered into agreements with all employees who are involved in or will have access to users’ personal data to ensure the non-disclosure and confidentiality of personal data;
- We have drawn up and implemented an internal privacy policy;
- We have implemented security policies and procedures;
- We have defined and implemented a procedure for the secure and confidential destruction of personal data and documents.
Any entity we subcontract will be bound by equivalent security measures, acting at all times under our duly documented instructions.
Data sharing
We are a Community Platform, so we work on the assumption that when you ask us to be part of it, you want your information to be shared with other members. As such, when, for example, you add a new field to our Platform, schedule new games and react to our content, your data will be shared with other users.
Your personal data will never be transferred to third parties for purposes other than those described in this Privacy Policy.
As part of the provision of our services or products, we may use third party service providers (subcontractors) such as email platforms, network service providers or storage companies. However, we ensure that these providers do not use your personal data for their own purposes, but only to provide us with the services we need and which are part of the services we provide to you, for the purposes identified in this Privacy Policy.
We only use entities (natural or legal) that have implemented the appropriate technical and organizational measures and that guarantee compliance with the legislation in force.
These entities will only process your Personal Data for the purposes expressly provided for in this Privacy Policy, and are bound by agreements on the processing of Personal Data which guarantee that it will be processed on the basis of instructions provided by us, expressly and in writing.
In addition, we may also communicate your personal data to third parties if you give your express consent to do so, or at your request and at the request of an authority, in order to comply with a legal obligation or a court order.
International transfers
We will only transfer your personal data outside the European Union or the European Economic Area after ensuring strict compliance with European legislation on the transfer of data to third countries and will provide you with all the necessary information, namely an indication of the guarantees adopted for this transfer, such as:
- Adequacy decisions: when the European Commission determines that a third country offers an adequate level of data protection, personal data may be sent to that country without implementing any other measures mentioned above;
- Standard contractual clauses: we use standard contractual clauses for the transfer of personal data to organizations outside the EEA. These contractual commitments have been adopted by the European Commission and ensure the adequate protection of personal data transferred to countries outside the EEA by binding the recipients of the personal data to certain data protection standards, including the obligation to implement appropriate technical and security measures.
Retention of your data
We will retain your personal data for the period necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required by law. The criteria used to determine our retention periods include:
- The period during which we provide services to you (for example, for as long as you have a registered account or use our services);
- Verifying a legal obligation to which we are subject (for example, in certain jurisdictions we are required to keep records of your transactions for a certain period before we can delete them);
- For defense in legal proceedings (particularly in relation to litigation or for criminal investigation purposes).
At the end of the retention periods, your personal data will be deleted. If there is data that we are unable, for technical reasons, to delete completely from our systems, we will take appropriate measures to prevent any further processing or use, such as anonymizing personal data.
Your rights as a data subject
We make every effort to ensure that your personal data is correct, current and complete, in accordance with the purposes for which we use this information.
You have the right, at any time, to access and object to the processing of your personal data, as well as the right to update, correct and delete data collected by us that is incomplete, incorrect, out of date, or prohibited by law. You can exercise these rights by contacting us at our email address: info@hoopers.club.
Your rights are briefly explained below:
- Right to be informed
You have the right to obtain clear, transparent and easily understandable information about how we use your personal data.
- Data subject’s right of access
You can request a copy of the data we hold about you.
- Right to rectification
You have the right to rectify your personal data if it is incorrect or out of date and/or to complete it if it is incomplete.
- Right to erasure (“right to be forgotten”)
This right is not absolute, as we may have legal or legitimate reasons to retain your personal data.
- Right at any time to object to the processing of data collected on the basis of consent
You may object to the processing of data where such processing is based on consent. Withdrawing consent does not affect the lawfulness of the consent previously given.
- Right to data portability
You have the right to receive personal data concerning you in a structured, commonly used and machine-readable format and the right to transmit this data to another organization. This applies only to the data you have provided whose processing is based on your consent or the contract, and if the processing is carried out by automated means.
- Right to restriction of processing
You can ask us to restrict the use of your data to storage only, to stop using it for all other purposes or to retain data that should be deleted.
- Lodge a complaint with the National Data Protection Commission
You also have the right to lodge a complaint with the data protection regulator in Portugal when your rights have been violated or your personal information is or is being used in a way that you believe does not comply with the applicable legislation. Contact details for the National Data Protection Commission are available here, along with details on how to make a complaint.
Third Party Links
Our Platform may provide links to third-party websites (see our Terms and Conditions). The processing of data by these sites is not our responsibility. As this Privacy Policy does not apply to the processing of personal data by these third parties, we recommend that you read the Privacy Policy of any websites you visit whenever you leave the Hoopers Platform.
Changes to this privacy policy
Bearing in mind that practices regarding the processing of personal data may change from time to time, this Policy should also be updated accordingly and with the same regularity, so we advise you to consult it with some periodicity. If there is a significant change, we will provide you with prior notice or, where legally required, request consent before implementing such changes. We advise you to check this Policy regularly.
Contact us
If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at the following email address: info@hoopers.club
