Privacy Policy – Gdpr & Portugal Compliant

Privacy Policy

Last updated: February 3, 2026

This Privacy Policy explains how Catchylicious Lda, trading as Maiswim ("we", "us", or "our"), collects, uses, and protects your personal data when you use our website https://www.maiswim.pt/ and related services (the "Service").

We are committed to protecting your personal data and complying with:

  • Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR)
  • Law no. 58/2019 (Portugal’s GDPR implementation law)
  • Applicable Portuguese consumer and e‑commerce laws

1. Data Controller

Company name: Catchylicious Lda
Address: Av. André Jordan 8, 2605‑400 Lisbon, Portugal
Email: support@maiswim.pt

Catchylicious Lda is the data controller responsible for your personal data.

2. Personal Data We Collect

We may collect the following categories of personal data:

  • Identification data (name, username)
  • Contact data (email address, phone number, postal address)
  • Account data (login credentials, encrypted passwords)
  • Order and transaction data (products purchased, billing details)
  • Payment data (processed securely by payment service providers; we do not store full card numbers)
  • Technical data (IP address, device type, browser, logs)
  • Marketing and communication preferences

We do not knowingly collect data from children under the age of 13, nor do we allow minors to enter into purchase contracts.

3. Purposes and Legal Bases for Processing

We process personal data only where permitted by GDPR. The legal bases for processing are:

a) Contract performance (Article 6(1)(b) GDPR)

  • Creating and managing user accounts
  • Processing orders and payments
  • Delivering products or services
  • Providing customer support

b) Legal obligations (Article 6(1)(c) GDPR)

  • Accounting and tax compliance
  • Fraud prevention
  • Responding to lawful requests from authorities

c) Legitimate interests (Article 6(1)(f) GDPR)

  • Website security and abuse prevention
  • Service improvement and analytics (where permitted)
  • Internal administrative purposes

d) Consent (Article 6(1)(a) GDPR)

  • Marketing communications
  • Non‑essential cookies and tracking technologies
  • Remarketing and advertising technologies (e.g. Facebook Pixel)

You may withdraw your consent at any time.

4. Cookies and Tracking Technologies

We use cookies and similar technologies to ensure the proper functioning of our website and, with your consent, to analyze traffic and deliver marketing content.

  • Strictly necessary cookies are always active
  • Analytics and marketing cookies are only activated after your explicit consent

You can manage your cookie preferences at any time via our cookie banner or browser settings.

5. Marketing Communications

We only send marketing communications where you have given explicit consent or where permitted by law.

You may unsubscribe at any time by:

  • Clicking the unsubscribe link in emails
  • Contacting us directly at support@maiswim.pt

6. Sharing of Personal Data

We may share personal data with:

  • Payment service providers
  • Hosting and IT service providers
  • Analytics and marketing partners (with consent)
  • Accounting and legal advisors
  • Public authorities where legally required

All third parties are bound by data processing agreements and confidentiality obligations.

7. International Data Transfers

Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards, such as:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs)

You may request further information about these safeguards.

8. Data Retention

We retain personal data only for as long as necessary for the purposes described:

  • Account data: while the account remains active
  • Order and invoice data: up to 10 years (legal obligation)
  • Marketing data: until consent is withdrawn
  • Technical logs: up to 12 months

After retention periods expire, data is securely deleted or anonymized.

9. Data Security

We implement appropriate technical and organizational measures, including:

  • SSL encryption
  • Restricted access controls
  • Secure payment processing
  • Regular security reviews

Despite these measures, no system is completely secure.

10. Your Rights Under GDPR

You have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure (right to be forgotten)
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent at any time
  • Lodge a complaint with the Portuguese Data Protection Authority (CNPD)

To exercise your rights, contact us at support@maiswim.pt.

11. Data Protection Officer

We are not legally required to appoint a Data Protection Officer. Privacy‑related requests can be addressed to the contact details above.

12. Third‑Party Links

Our website may contain links to third‑party websites. We are not responsible for their privacy practices.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be published on this page with an updated revision date.

14. Contact

If you have questions about this Privacy Policy or your personal data, please contact us:

  • Email: support@maiswim.pt
  • Website: https://www.maiswim.pt/pages/contact-us

By using our Service, you acknowledge that you have read and understood this Privacy Policy.