Privacy Policy

Purpose of this Privacy Policy

This Privacy Policy explains how Btq - Botique de Eventos, Lda ("BTQ", "we", "us", or "our") collects, uses, stores, and protects personal data in connection with our high-end wedding and event planning services in Portugal.

This Policy applies to:

• All services provided through our website (.pt domain),
• Email, telephone, WhatsApp and other communications,
• Offline agreements and contracts relating to wedding or event planning,
• All interactions with clients, guests, suppliers, and business partners.

We process personal data in accordance with:

• Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR), and
• Lei n.º 58/2019, which implements and complements GDPR under Portuguese law.

Data Controller Identification

Responsible Contact for Data Protection

BTQ has appointed an internal Privacy Officer responsible for data protection matters.

For any questions regarding this Privacy Policy or your personal data, please contact:

Email: info@eventboutique.pt

We process personal data based on the following legal grounds under Article 6 GDPR:

2.1 Contractual Necessity – Art. 6(1)(b)

Processing necessary to:

• Plan, coordinate, and execute wedding and event services;
• Manage bookings with venues and vendors;
• Communicate logistics and timelines;
• Administer contracts and payments.

Without this data, we cannot perform the agreed services.

2.2 Legal Obligation – Art. 6(1)(c)

Processing required to comply with Portuguese law, including:

• Tax and accounting obligations under the Portuguese Tax Code (retention of invoices and accounting records);
• Legal documentation related to civil marriage coordination where applicable;
• Cooperation with Portuguese civil authorities.

2.3 Legitimate Interests – Art. 6(1)(f)

Processing necessary for:

• Service improvement and quality management;
• Fraud prevention and security;
• Managing professional relationships with suppliers and partners;
• Defending legal claims.

We ensure that such processing does not override your fundamental rights and freedoms.

2.4 Consent – Art. 6(1)(a)

We rely on consent for:

• Direct marketing communications (newsletters, promotional updates);
• Use of event photographs or media for promotional purposes;
• Processing of special category data (see below).

Consent may be withdrawn at any time.

To ensure the safety and success of your event, we may process Special Categories of Personal Data, including:

• Dietary requirements (which may reveal health or religious information);
• Religious affiliation or preferences (e.g., for church or religious ceremonies in Portugal);
• Cultural practices relevant to the ceremony.

Legal Basis

Such data is processed strictly on the basis of your explicit consent under Article 9(2)(a) GDPR.

By voluntarily providing this information, you agree to its processing solely for event coordination purposes (e.g., informing catering partners about allergies or arranging religious services).

Protection Measures

• Shared strictly on a need-to-know basis with relevant vendors (e.g., catering companies).
• Subject to heightened internal security controls.
• Deleted immediately after the event unless legal retention is required.

You may withdraw consent at any time; however, this may impact our ability to meet specific health or religious requirements.

4.1 Personal Identification Data

• Full name
• Nationality
• Date of birth
• Passport or ID number (where required for legal procedures)
• Marital status

4.2 Contact Information

• Email address
• Telephone number
• Postal address
• Emergency contacts

4.3 Event-Related Information

• Wedding date and location
• Guest lists
• Vendor preferences
• Accommodation arrangements
• Event logistics

4.4 Financial Data

• Billing address
• Transaction details
• Payment method (processed via secure payment gateways)

We do not store full payment card data; this is handled by PCI-DSS compliant providers.

4.5 Technical Data

When using our website:

• IP address
• Browser type and version
• Device information
• Usage data collected through cookies and analytics tools

4.6 Photographic and Media Data

Photos or videos from events may be used for promotional purposes only with separate, explicit consent.

We collect and process personal data in order to:

• Plan and execute wedding and event services in Portugal;
• Coordinate vendors (venues, catering, florists, photographers, transport, officiants);
• Prepare documentation with Portuguese civil registry authorities;
• Communicate with clients and guests;
• Issue invoices and comply with accounting obligations;
• Conduct marketing communications (with consent).

We retain personal data only as long as necessary:

After expiration of retention periods, data is securely deleted or anonymized.

We share data only when necessary for service delivery.

7.1 Vendors and Service Providers

Including:

• Hotels and venues
• Catering companies
• Florists
• Photographers and videographers
• Transportation providers
• Religious officiants

All partners are contractually bound by confidentiality and GDPR-compliant obligations.

7.2 Legal and Administrative Authorities

• Portuguese Civil Registry Offices (Conservatórias do Registo Civil)
• Tax authorities

7.3 Payment Processors

Secure financial service providers ensuring PCI-DSS compliance.

To provide efficient planning services, we use recognized cloud-based services, including:

• Google Workspace
• WhatsApp
• CRM systems
• Secure cloud storage platforms

Data Location

Your data may be transferred to and stored on servers outside the European Economic Area (EEA), including the United States.

Safeguards

We rely on:

• Standard Contractual Clauses (SCCs) approved by the European Commission (Art. 46 GDPR),
• The EU–U.S. Data Privacy Framework, where applicable.

These mechanisms ensure an equivalent level of protection to that provided within the EU.

By using our services and communicating via these platforms, you acknowledge such transfers as necessary for contractual performance.

You have the following rights:

• Right of Access
• Right to Rectification
• Right to Erasure
• Right to Restriction of Processing
• Right to Object
• Right to Data Portability
• Right to Withdraw Consent

Requests may be submitted to:

📧 info@eventboutique.pt

We will respond within 30 days, as required by GDPR.

What Are Cookies

Cookies are small text files stored on your device when you visit our website. They help us understand how you use our site, improve performance, and deliver relevant content.

Cookie Consent

In accordance with GDPR and the ePrivacy Directive, we request your consent before placing any non-essential cookies. When you first visit our website, a cookie consent banner will appear. No analytics or marketing cookies are loaded until you actively click "Accept." If you click "Decline," only strictly necessary cookies will be used.

Your preference is stored in a cookie called cookie_consent which expires after 12 months. You may change your preference at any time by clearing your browser cookies and revisiting the site.

Categories of Cookies We Use

Strictly Necessary Cookies

These cookies are essential for the website to function and cannot be switched off. They include:

Analytics Cookies (require consent)

These cookies help us understand how visitors interact with our website by collecting anonymous usage data.

Analytics data is collected via Google Analytics 4 (GA4), loaded through Google Tag Manager (GTM). GA4 uses IP anonymization by default. Data is processed by Google LLC under Standard Contractual Clauses (SCCs) and the EU–U.S. Data Privacy Framework.

Marketing Cookies (require consent)

If we run advertising campaigns (e.g., Google Ads), the following cookies may be set after consent:

These cookies are only loaded if you have accepted analytics/marketing cookies via the consent banner.

Google Tag Manager

We use Google Tag Manager (GTM) as a tag management system. GTM itself does not collect personal data, but it manages the loading of other tags (such as GA4 and Google Ads) which may collect data. GTM tags are only activated after you provide cookie consent.

How to Manage Cookies

You can control cookies through:

• Our cookie consent banner — displayed on your first visit and accessible by clearing your cookies
• Browser settings — most browsers allow you to block or delete cookies (refer to your browser's help section)
• Google Analytics opt-out — install the Google Analytics opt-out browser add-on at tools.google.com/dlpage/gaoptout

Third-Party Cookies

Some cookies are set by third-party services embedded on our site. We do not control these cookies. Please refer to the respective providers' privacy policies:

• Google Privacy Policy: policies.google.com/privacy
• Cloudflare Privacy Policy: cloudflare.com/privacypolicy

Cookie Retention

Cookie retention periods vary from session-based (deleted when you close your browser) to a maximum of 2 years, as detailed in the tables above.

Updates

This cookie information may be updated when we add or remove services. The latest version will always be available within this Privacy Policy.

We implement robust technical and organizational safeguards:

• SSL/TLS encryption in transit
• Encrypted storage where applicable
• EU-based secure servers
• Restricted access to authorized personnel only
• Regular software updates
• Staff GDPR training
• Vendor confidentiality agreements

For privacy matters:

Right to Lodge a Complaint

If you believe your data is not processed in accordance with applicable law, you have the right to lodge a complaint with:

We encourage you to contact us first so we can address your concerns promptly and transparently.

This Privacy Policy may be updated periodically to reflect legal, operational, or regulatory changes.

The latest version will always be available on our website.

Last updated: February 2026