Imersive Museum of Madeira
Rua dos Aranhas 98, 3rd Floor
São Pedro – Funchal
open
MONDAY — SATURDAY
10:00 — 20:00
SUNDAY
10:00 — 18:00
e-mail
Hello@imom.pt
phone
+351 961 369 745
PRIVACY POLICY
Imom Museum, Lda. (hereinafter “IMOM”) is committed to the ongoing protection of the personal data of the individuals with whom it interacts — namely visitors, partners, and job applicants — ensuring that such data is processed in compliance with the applicable legislation. This Privacy Policy describes the data processing practices adopted by IMOM, in accordance with Regulation (EU) 2016/679 of 27 April 2016 (General Data Protection Regulation – GDPR) and Law No. 58/2019 of 8 August, which ensures its implementation in the Portuguese legal system.
DATA CONTROLLER
IMOM is the entity responsible for the processing of personal data.
Imom Museum, Lda.
NIPC: 518758672
Address: Rua dos Aranhas, nº 98, 3rd floor, 9000042 Funchal
Email: Hello@imom.pt
Telephone: +351 961 369 745
The Data Protection Officer (DPO) may be contacted:
In writing, at IMOM’s registered address
By email: dataprotection@imom.pt
SCOPE OF APPLICATION
This Policy applies to the processing of personal data carried out within the scope of IMOM’s activities, particularly through the use of its website.
CATEGORIES OF PERSONAL DATA
The following categories of personal data may be collected:
For customers/visitors:
Identification data: name.
Contact data: email address, mobile/telephone number, postal address.
Payment data: bank card information, tax identification number (NIF).
Data collected through cookies.
Image data: video recordings captured by the museum’s CCTV system.
For employees/applicants:
Identification data: name, date of birth, place of birth, nationality, NIF, ID/Passport number, gender.
Contact data: mobile/telephone number, address, email.
Academic data: educational qualifications, employment status, profession.
Contractual and employment information.
Special category data: health data.
Bank data: IBAN.
PURPOSES AND LEGAL BASES FOR PROCESSING
Personal data will only be processed when supported by one of the lawful bases established in the GDPR and national law, namely:
Compliance with legal or contractual obligations, for purposes such as:
Processing tickets, reservations, and museum entry;
Responding to information requests;
Recruitment and human resources management,
IMOM’s legitimate interests, for purposes such as:
Statistical operations;
Video surveillance.
DATA COLLECTION
IMOM collects personal data through forms available on its website (online ticketing). The data collected is adequate, relevant, and limited to what is necessary for the purposes for which it is processed, such as processing purchases and sending tickets, in accordance with the principles of transparency and fairness. By providing their personal data to IMOM, the data subject acknowledges and accepts that the processing will be carried out as described in this document.
DATA SUBJECT RIGHTS
Data subjects include individuals who purchase tickets, visitors, employees, and job applicants. Under the GDPR, data subjects have the following rights:
Access: the right to obtain confirmation of the personal data processed by IMOM
Rectification: the right to correct or update inaccurate or incomplete data
Objection: the right to object to processing, except where legal or public interest grounds prevail
Restriction: the right to limit processing to certain categories or purposes, subject to legal exceptions
Erasure (“right to be forgotten”): the right to request deletion of data, except where legal obligations or public interest require retention
Withdrawal of consent: the right to withdraw consent when processing is based on it
Portability: the right to receive data in a commonly used digital format or request its transfer to another entity, where technically feasible
Data subjects may exercise these rights by contacting the Data Protection Officer (DPO).
DATA SHARING
IMOM may share personal data with platforms that manage ticket sales and act as processors, namely Tickera (website ticketing extension) and Stripe (payment processing). Data may also be shared with other contracted service providers and with public or judicial authorities when legally required.
For processors, IMOM applies strict selection criteria and ensures, through data processing agreements, that processors: Implement appropriate technical and organisational measures, Process data only for the agreed purposes
Delete or return personal data to IMOM after completing the services
DATA RETENTION PERIODS
Retention periods vary depending on the purpose for which the data was collected. In some cases, legal requirements impose minimum retention periods. Where no such requirements exist, data will be retained only for the minimum period necessary to fulfil the purposes for which it was collected and processed.
SECURITY MEASURES
IMOM ensures that all necessary technical and organisational security measures are implemented to mitigate risks associated with data processing. These include antivirus and firewall systems, regular backups, pseudonymisation or anonymisation, among others, to protect personal data against loss, disclosure, alteration, unauthorised access, or any other unlawful processing. Regarding processors, IMOM ensures that they comply with privacy and data protection legislation, guaranteeing confidentiality, integrity, and availability of the data, and preventing loss, unauthorised access, or improper disclosure.
INTERNATIONAL DATA TRANSFERS
Transfers of personal data to countries or entities outside the European Union may only occur if the destination ensures an adequate level of data protection. Additionally, such transfers require appropriate safeguards, such as data protection clauses, or must be necessary for lawful bases under the GDPR, such as contract performance, protection of vital interests, public interest, or the exercise or defence of legal claims.
COMPLAINTS
Data subjects may lodge complaints regarding the processing of their personal data with:
IMOM’s Data Protection Officer: via email or postal address
The Portuguese Data Protection Authority (Comissão Nacional de Proteção de Dados): www.cnpd.pt
The courts of the Funchal district shall have exclusive jurisdiction to resolve any disputes arising from the interpretation or application of this Privacy Policy.
COOKIES
With the aim of providing a personalized and efficient browsing experience, the IMOM Museum website uses its own and third-party cookies to collect and store data about users. For more information, it is recommended to read the Cookie Policy.
REVIEW OR AMENDMENTS TO THE PRIVACY POLICY
This Privacy Policy may be amended or updated at any time, without prior notice, due to legislative or regulatory requirements. All significant changes will be communicated to individuals with access to IMOM’s systems.
When changes are published, the “last updated” date will be modified accordingly.
PRIVACY POLICY
Imom Museum, Lda. (hereinafter “IMOM”) is committed to the ongoing protection of the personal data of the individuals with whom it interacts — namely visitors, partners, and job applicants — ensuring that such data is processed in compliance with the applicable legislation. This Privacy Policy describes the data processing practices adopted by IMOM, in accordance with Regulation (EU) 2016/679 of 27 April 2016 (General Data Protection Regulation – GDPR) and Law No. 58/2019 of 8 August, which ensures its implementation in the Portuguese legal system.
DATA CONTROLLER
IMOM is the entity responsible for the processing of personal data.
Imom Museum, Lda.
NIPC: 518758672
Address: Rua dos Aranhas, nº 98, 3rd floor, 9000042 Funchal
Email: Hello@imom.pt
Telephone: +351 961 369 745
The Data Protection Officer (DPO) may be contacted:
In writing, at IMOM’s registered address
By email: dataprotection@imom.pt
SCOPE OF APPLICATION
This Policy applies to the processing of personal data carried out within the scope of IMOM’s activities, particularly through the use of its website.
CATEGORIES OF PERSONAL DATA
The following categories of personal data may be collected:
For customers/visitors:
Identification data: name.
Contact data: email address, mobile/telephone number, postal address.
Payment data: bank card information, tax identification number (NIF).
Data collected through cookies.
Image data: video recordings captured by the museum’s CCTV system.
For employees/applicants:
Identification data: name, date of birth, place of birth, nationality, NIF, ID/Passport number, gender.
Contact data: mobile/telephone number, address, email.
Academic data: educational qualifications, employment status, profession.
Contractual and employment information.
Special category data: health data.
Bank data: IBAN.
PURPOSES AND LEGAL BASES FOR PROCESSING
Personal data will only be processed when supported by one of the lawful bases established in the GDPR and national law, namely:
Compliance with legal or contractual obligations, for purposes such as:
Processing tickets, reservations, and museum entry;
Responding to information requests;
Recruitment and human resources management,
IMOM’s legitimate interests, for purposes such as:
Statistical operations;
Video surveillance.
DATA COLLECTION
IMOM collects personal data through forms available on its website (online ticketing). The data collected is adequate, relevant, and limited to what is necessary for the purposes for which it is processed, such as processing purchases and sending tickets, in accordance with the principles of transparency and fairness. By providing their personal data to IMOM, the data subject acknowledges and accepts that the processing will be carried out as described in this document.
DATA SUBJECT RIGHTS
Data subjects include individuals who purchase tickets, visitors, employees, and job applicants. Under the GDPR, data subjects have the following rights:
Access: the right to obtain confirmation of the personal data processed by IMOM
Rectification: the right to correct or update inaccurate or incomplete data
Objection: the right to object to processing, except where legal or public interest grounds prevail
Restriction: the right to limit processing to certain categories or purposes, subject to legal exceptions
Erasure (“right to be forgotten”): the right to request deletion of data, except where legal obligations or public interest require retention
Withdrawal of consent: the right to withdraw consent when processing is based on it
Portability: the right to receive data in a commonly used digital format or request its transfer to another entity, where technically feasible
Data subjects may exercise these rights by contacting the Data Protection Officer (DPO).
DATA SHARING
IMOM may share personal data with platforms that manage ticket sales and act as processors, namely Tickera (website ticketing extension) and Stripe (payment processing). Data may also be shared with other contracted service providers and with public or judicial authorities when legally required.
For processors, IMOM applies strict selection criteria and ensures, through data processing agreements, that processors: Implement appropriate technical and organisational measures, Process data only for the agreed purposes
Delete or return personal data to IMOM after completing the services
DATA RETENTION PERIODS
Retention periods vary depending on the purpose for which the data was collected. In some cases, legal requirements impose minimum retention periods. Where no such requirements exist, data will be retained only for the minimum period necessary to fulfil the purposes for which it was collected and processed.
SECURITY MEASURES
IMOM ensures that all necessary technical and organisational security measures are implemented to mitigate risks associated with data processing. These include antivirus and firewall systems, regular backups, pseudonymisation or anonymisation, among others, to protect personal data against loss, disclosure, alteration, unauthorised access, or any other unlawful processing. Regarding processors, IMOM ensures that they comply with privacy and data protection legislation, guaranteeing confidentiality, integrity, and availability of the data, and preventing loss, unauthorised access, or improper disclosure.
INTERNATIONAL DATA TRANSFERS
Transfers of personal data to countries or entities outside the European Union may only occur if the destination ensures an adequate level of data protection. Additionally, such transfers require appropriate safeguards, such as data protection clauses, or must be necessary for lawful bases under the GDPR, such as contract performance, protection of vital interests, public interest, or the exercise or defence of legal claims.
COMPLAINTS
Data subjects may lodge complaints regarding the processing of their personal data with:
IMOM’s Data Protection Officer: via email or postal address
The Portuguese Data Protection Authority (Comissão Nacional de Proteção de Dados): www.cnpd.pt
The courts of the Funchal district shall have exclusive jurisdiction to resolve any disputes arising from the interpretation or application of this Privacy Policy.
COOKIES
With the aim of providing a personalized and efficient browsing experience, the IMOM Museum website uses its own and third-party cookies to collect and store data about users. For more information, it is recommended to read the Cookie Policy.
REVIEW OR AMENDMENTS TO THE PRIVACY POLICY
This Privacy Policy may be amended or updated at any time, without prior notice, due to legislative or regulatory requirements. All significant changes will be communicated to individuals with access to IMOM’s systems.
When changes are published, the “last updated” date will be modified accordingly.
Imersive Museum of Madeira
Rua dos Aranhas 98, 3rd Floor
São Pedro – Funchal
open
MONDAY — SATURDAY
10:00 — 20:00
SUNDAY
10:00 — 18:00
e-mail
Hello@imom.pt
phone
+351 961 369 745
Imersive Museum of Madeira
Rua dos Aranhas 98, 3rd Floor
São Pedro – Funchal
open
MONDAY — SATURDAY
10:00 — 20:00
SUNDAY
10:00 — 18:00
Select ticket types and quantities to continue.
Choose an available date and timeslot.
