48H - CUPÃO 25% "CYBER25" EM LEITURAS E SESSÕES
Privacy Policy
PRIVACY POLICY
O Mapa do Tesouro, a brand represented by João Pedro Matos Fernandes, is committed to protecting the privacy and personal data of all users, clients, and prospective clients. This Policy explains how I collect, use, store, and protect your personal data, in accordance with the General Data Protection Regulation (GDPR) and other applicable legislation.
1. Data Controller
Controller
João Pedro Matos Fernandes
Tax Identification Number: 224498444
Temporary Headquarters: Av. 5 de Outubro 148, 3rd floor, Room I, 2900-309 Setúbal
Contact: Talk to me
2. Who This Policy Applies To
This Policy applies to:
Clients
Prospective clients
Visitors to the website omapadotesouro.com
Participants in sessions, courses, workshops, masterclasses, newsletters, and all online or in-person activities associated with Mapa do Tesouro
3. What Personal Data Is Collected
I only collect the data necessary for the proper functioning of services and for maintaining the contractual relationship.
Data provided by the user
Full name
Date, time, and place of birth
Address
Email
Phone number
Tax Identification Number (when applicable)
Payment details (managed via Stripe or PayPal)
Preferences for training or content
Availability for session scheduling
Data Generated During the Services
Video and audio recordings of consultancy and coaching sessions
Working notes and educational materials
Data Collected Automatically
IP address
Browsing data
Strictly necessary cookies
Information provided by external platforms such as WooCommerce, Google Analytics, and Cloudflare
4. Purposes of Data Processing
Data is processed for the following purposes
Provision of Human Design consultancy and coaching services
Sending communications regarding sessions, bookings, and materials
Issuing invoices and managing administrative tasks
Sending newsletters and educational content
Promoting courses, events, and training sessions
Improving website navigation
Conducting aggregated statistical analysis
Complying with legal obligations
Data is not used for purposes incompatible with those listed above.
5. Legal Basis for Processing
Data processing is carried out on the basis of
Performance of a contract or pre-contractual steps
Data subject’s consent (for newsletters and optional communications)
Legitimate interest in service management and improvement
Compliance with legal and tax obligations
6. Data Sharing with Third Parties
Data is not sold or shared for commercial purposes.
It is only shared with essential service providers necessary for the operation of the services, namely:
MailerLite: for sending newsletters
WooCommerce: for product and booking management
WordPress.org: for content management
Stripe and PayPal: for payment processing
Hostinger: for website hosting
Cloudflare: for security and protection against attacks
Google Analytics: for usage statistics
Social media platforms voluntarily used by the user (Instagram, Facebook, LinkedIn,
Each provider processes only the data strictly necessary and in accordance with confidentiality and security rules.
7. Cloudflare and Technical Security Cookies
The website uses Cloudflare security services, which may generate technical cookies such as the _cfuvid cookie or others from challenges.cloudflare.com.
These cookies:
Are strictly necessary to distinguish legitimate access from potential attacks
Do not collect personally identifiable data
Are not used for marketing or tracking
Can be blocked by browsers, but doing so may compromise the website’s functionality and security
More information is available in Cloudflare’s Privacy Policy.
8. Data Retention
Data is retained for:
The legally required period for invoicing and tax obligations
The duration of the contractual relationship
Until the user requests deletion of data that depends on consent
Recorded sessions are made available to the client and automatically deleted after 30 days, unless explicitly requested otherwise
9. Data Subject Rights
Users may exercise the following rights at any time:
Right of access
Right to rectification
Right to erasure
Right to restriction of processing
Right to object
Right to data portability
To exercise any of these rights, simply get in touch through the Talk to Me page.
The data subject may file a complaint with the Portuguese Data Protection Authority (Comissão Nacional de Proteção de Dados).
10. Data Security
Appropriate technical and organizational measures have been implemented, including
Encryption
Backups
Firewalls
Access monitoring
Use of secure networks
Cloudflare protection against attacks and malicious access
Despite these measures, no system is completely invulnerable, and users should also ensure basic security measures are in place on their own devices.
11. Changes to the Privacy Policy
This Policy may be updated whenever necessary to comply with legal obligations or improve services.
The most recent version will always be available at omapadotesouro.com.
