Privacy Policy

Introduction

This Privacy Policy outlines how Digital Gang Studio (“we,” “our,” “us”) collects, uses, and protects your personal data when you interact with our website and services. We are committed to safeguarding your privacy and ensuring transparency in how your personal information is handled.

​

By using our services, you agree to the terms of this Privacy Policy and consent to the collection, processing, and storage of your data as described herein.

Global Jurisdictions and Applicable Laws

Digital Gang Studio operates globally, and as such, complies with various international privacy laws and regulations. These include, but are not limited to:

​

• General Data Protection Regulation (GDPR) (EU)

• California Consumer Privacy Act (CCPA) (USA)

• Brazilian General Data Protection Law (LGPD) (Brazil)

• Personal Data Protection Law (China)

• Personal Information Protection and Electronic Documents Act (PIPEDA) (Canada)

• Australian Privacy Principles (APPs) (Australia)

• Personal Data Protection Act (Singapore)

• Protection of Personal Data Law (Mexico)

​

This policy adheres to the principles set forth by these global data protection laws and other relevant jurisdictions to ensure compliance.

Personal Data We Collect

We may collect the following types of personal data:

​

• Identifying Information: Name, email address, phone number, company name

• Transactional Information: Billing information, purchase history, payment details

• Device and Usage Information: IP address, browser type, device type, operating system

• Communication Information: Emails, messages, and other correspondence

• Cookies and Tracking Technologies: See our Cookie Policy for more details.

Purpose of Data Collection

We collect your data for the following purposes:

​

• To provide and improve our services, including customer support and communications

• To process payments and manage transactions

• To personalise and enhance your user experience

• To comply with legal obligations and enforce our terms and agreements

• To send marketing communications (with your consent where applicable)

User Responsibilities

Users are responsible for ensuring that the personal information they provide is accurate and up-to-date. If your information changes, please notify us promptly to maintain accuracy.

Data Minimisation Principle

We are committed to collecting only the personal data that is necessary for the purposes outlined in this policy. We regularly review our data collection practices to ensure compliance with this principle.

Data Anonymisation & Pseudonymisation

To enhance privacy protection, we may anonymise or pseudonymous personal data for business purposes such as analytics and research. This ensures that data cannot be linked back to any individual without additional information.

Automated Decision-Making & Profiling

We do not engage in automated decision-making or profiling that has legal or similarly significant effects on individuals. If we introduce such processes in the future, we will notify you and provide mechanisms to object or challenge these decisions.

Children’s Privacy

Our services are not directed at individuals under the age of 16 (or the legal age in the applicable jurisdiction), and we do not knowingly collect personal information from children. If we discover that we have inadvertently collected personal data from a child, we will take steps to delete the information as quickly as possible.

Data Retention

We will retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce agreements. Data retention periods will vary depending on the type of data and legal requirements in different jurisdictions.

Security of Personal Data

We employ a range of technical and organisational measures to safeguard your personal data against unauthorised access, disclosure, alteration, or destruction. These include encryption, firewalls, secure servers, and regular audits.

However, no security system is 100% secure, and while we strive to protect your data, we cannot guarantee absolute security.

Rights of Data Subjects

Depending on your jurisdiction, you may have specific rights in relation to your personal data, including the right to:

​

• Access your personal data and obtain information about how it is processed

• Rectification of incorrect or incomplete data

• Erasure of your data (right to be forgotten), subject to certain conditions

• Restriction of processing of your data in certain situations

• Portability of your data to another service provider

• Objection to processing, including profiling

​

To exercise your rights, please contact us at info@digitalgangstudio.com

Data Breach Notification

IIn the unlikely event of a data breach that compromises your personal information, we will notify you promptly, in accordance with applicable laws. We will describe the nature of the breach, the affected data, and the steps we are taking to address the situation. Relevant authorities will also be notified as required under applicable laws.

​

Data Transfers

As part of our global operations, your personal data may be transferred to and processed in countries outside of your jurisdiction, including the United States, the European Union, and other locations. We will ensure that appropriate safeguards are in place to protect your data during these transfers, such as:

​

• Use of Standard Contractual Clauses (SCCs) approved by the European Commission for international transfers

• Privacy Shield Framework (for transfers between the EU and the U.S. under certain conditions)

• Compliance with Binding Corporate Rules (BCRs) or other mechanisms for secure data transfer.

​

Cross-Border Data Transfers

Personal data may be transferred to, and processed in, countries outside your jurisdiction, including countries that may not have data protection laws as comprehensive as those in your home country. By using our services, you agree to this cross-border transfer, and we will take the necessary steps to ensure that your data is adequately protected in accordance with applicable laws.

​

Third-Party Service Providers

We may use third-party vendors to perform services on our behalf, such as processing payments, hosting data, or sending marketing communications. We ensure that these vendors adhere to strict data protection standards and only process personal data in accordance with our instructions. For a list of third-party vendors or for more details about their data processing practices, please contact us at info@digitalgangstudio.com

​

We may also enter into Data Processing Agreements (DPAs) with these providers to guarantee compliance with applicable laws.

​

Exit and Data Deletion

If you wish to stop using our services or request that all of your personal data be deleted, you may contact us directly at info@digitalgangstudio.com

​

 We will comply with your request within the legally mandated time frame, unless we are required to retain certain data for legal or business reasons.

​

Cookies Policy

We use cookies and similar technologies to improve your experience on our website. For more details on how we use cookies and how you can control them, please refer to our Cookies Policy.

​

User Consent and Withdrawal

If you have provided your consent for certain activities, such as receiving marketing communications, you can withdraw this consent at any time. To withdraw consent or manage your preferences, please  contact us directly at  info@digitalgangstudio.com.

​

Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

​

• Performance of a contract: Where processing is necessary to fulfil a contract with you.

• Consent: Where you have given us explicit consent to process your data for specific purposes.

• Legitimate interests: Where processing is necessary for our legitimate business interests, provided these do not override your rights and freedoms.

• Legal obligations: Where processing is necessary for us to comply with legal obligations.

​

Jurisdiction-Specific Rights

• European Union (GDPR): Users in the EU have the right to access, rectify, delete, restrict, object, and port their personal data. For more information on how to exercise these rights, see the "Your Rights" section of this Privacy Policy.

• California (CCPA): California residents have specific rights regarding their personal information under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, to request its deletion, and to opt-out of the sale of personal data. For more information, see the "Your Rights" section of this Privacy Policy.

• Brazil (LGPD): In accordance with the General Data Protection Law (LGPD), Brazilian residents have the right to access, correct, delete, and request the transfer of personal data. For more information, see the "Your Rights" section of this Privacy Policy.

• Australia (Privacy Act 1988): Users in Australia are entitled to access their personal data and request corrections. For more information, see the "Your Rights" section of this Privacy Policy.

​

Global Data Protection Complaints

If you believe that your personal data has been processed in a way that does not comply with applicable privacy laws, you have the right to lodge a complaint with the data protection authority in your jurisdiction.

For EU residents, complaints can be filed through the supervisory authority in your country of residence, with further information available through their official website. Additionally, consumers in the EU can submit online complaints through the European Commission’s dispute resolution platform: Online Dispute Resolution Platform.

​

In Portugal, consumers can use the Resolução Alternativa de Litígios de Consumo (RAL) mechanisms, which include mediation, conciliation, and arbitration, as outlined in Lei nº 144/2015. Portuguese consumers are encouraged to first contact the service provider directly to resolve any issues. If unresolved, they may then approach an authorized RAL entity, such as:

​

• CNIACC – Centro Nacional de Informação e Arbitragem de Conflitos de Consumo
  Rua D. Afonso Henriques, 1 4700-030 Braga
  Phone: 253 619 107
  Email: geral@cniacc.pt
  Website: www.cniacc.pt

​

• CACCL – Centro de Arbitragem de Conflitos de Consumo de Lisboa
  Rua dos Douradores, nº 112 - 2º 1100 - 207 Lisboa
  Phone: 218 807 030
  Email: juridico@centroarbitragemlisboa.pt
  Website: www.centroarbitragemlisboa.pt

​

• CICAP – Centro de Informação de Consumo e Arbitragem do Porto
  Rua Damião de Góis, 31, Loja 6, 4050-225 Porto
  Phone: 225 508 349 | 225 029 791
  Email: cicap@cicap.pt
  Website: https://cicap.pt

​

For consumers outside the EU, relevant contacts include:

​

• United States: The Federal Trade Commission (FTC), for fraud and privacy issues, and eConsumer.gov for international online complaints.

  • FTC: Complaint Assistant

  • eConsumer.gov: International Complaint Filing

​

• Brazil: The National Consumer Secretariat (SENACON) and the Consumidor.gov.br platform.

  • SENACON: National Consumer Secretariat

  • Consumidor.gov.br: Consumer Complaint Portal

​

• China: The State Administration for Market Regulation (SAMR) and the China Consumers Association (CCA) for consumer resources.

  • SAMR: State Administration for Market Regulation

  • CCA: Consumer Resources

​

For global assistance, you can also visit ICPEN (International Consumer Protection and Enforcement Network), which connects consumers with consumer protection agencies worldwide: ICPEN Resources.

​

Regular Review and Updates

We regularly review our privacy practices and may update this Privacy Policy to reflect changes in our services, technology, or applicable laws. When we make significant updates, we will notify you via email, by posting a notice on our website or other appropriate methods to ensure you are aware of the changes. We encourage you to periodically review this Privacy Policy to stay informed about how we are protecting your data.

​

Data Protection Officer (DPO)

If you have any concerns regarding our data processing practices or wish to contact our Data Protection Officer, please reach out at:

​

DPO Contact Information:

• Email:  info@digitalgangstudio.com

​

Employee Training

We provide training to our employees on data protection principles to ensure that they understand and respect the privacy rights of our users.

​

Employee and Contractor Data

Personal data from our employees and contractors is processed in accordance with applicable employment laws and this Privacy Policy.

​

Language and Accessibility

This Privacy Policy is available in Portuguese and English languages and formats to ensure accessibility for all users. Please contact us if you require assistance.

​

Privacy by Design

We are committed to the principle of Privacy by Design, ensuring that data protection is considered from the inception of our services and projects.

​

Data Impact Assessments

We conduct Data Protection Impact Assessments (DPIAs) for new projects involving significant personal data processing to identify and mitigate privacy risks.

​

Social Media and External Links

Our website may contain links to third-party websites or social media platforms. We are not responsible for the privacy practices or content of these websites. Please refer to their privacy policies for more information.

​

User Account Security

If you create an account with us, you are responsible for maintaining the confidentiality of your login information and for any activities that occur under your account. Please notify us immediately of any unauthorised use of your account.

​

Version History

• Last Updated: 13th November 2024

• Version: 1.0

​

Contact Us

If you have questions or concerns about your data, or want to exercise your rights, please contact us at:

• Email: info@digitalgangstudio.com

​