Privacy Policy


Responsible for Data Processing

Virtudelegível, Unip. Lda., Based in Rua António José Batista, 43-B. 2910-400 Setúbal, Portugal, with VAT number PT515823724, represented by Renato Lopes da Costa, is responsible for the processing of personal data at the Business Case Institute®‘s Website, hereinafter referred to as BCI, and can be contacted by email info@businesscaseinstitute.org and by telephone (+351)933598860. Business Case Institute® is an Institute dedicated to the promotion of knowledge in different areas identified in the “About Us” section of the website, and can be accesses through the domain names www.businesscaseinstitute.org or www.businesscaseinstitute.com. All content distributed through the domain www.businesscaseinstitute.work is also protected under this Privacy Policy.

The collection and processing of data that we carry out complies with the requirements of the General Data Protection Regulation, Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016.

Data Subjects Rights

Data subjects have the right to:

  • Information – the BCI data subject has the right to be informed about the data we collect and how we handle it. That information is grouped in this privacy policy;
  • Access – BCI data subjects have the right to access their personal data. Access to personal data can be done by accessing the website’s user area, by entering the username and password chosen when registering at the website;
  • Rectification, deletion, limitation or portability - the BCI data subject has the right to request the rectification, deletion, limitation of treatment and portability of their personal data, upon request by email addressed to BCI, and on a case-by-case basis, according to the data category in question.
  • Opposition - the BCI data subject has the right to object to the processing of data, for important and legitimate reasons, duly explained in writing, sent by email addressed to BCI;
  • Notification – the BCI data subject has the right to be notified of the data processing, whenever it occurs in situations not foreseen in this policy;
  • Automated processing – the BCI data subject has the right that decisions taken on the basis of “automated processing” that concern them or that significantly affect them and that are based on their personal data are taken by individuals and not just by computers. They also have the right, in this case, to express their point of view and to challenge the decision.
  • Right to complain - BCI data subjects have the right to complain about the way their data is handled to the responsible for data processing identified above in first instance or to the National Data Protection Commission (www.cnpd.pt) on second.

Data category

The categories of data collected by BCI are:

  • Data for membership subscription – “membership”;
  • Data for billing membership or store products – “invoicing”;
  • Contact details – “contact”;
  • Data for shipment of goods – “shipping”;
  • Data for newsletter – “newsletter”;
  • Contact forms – “contact form”.

Data Collection and Purpose

The data we collect through our website is submitted by the user at the time of membership subscription or store products purchase.

  • Membership Subscription Data is collected in order to be possible to validate the information of the user and to provide access to private members area;
  • Billing data is collected in order to be able to carry out the commercial transaction related to membership subscription or store products purchase, and, accordingly, issue a legal billing document on behalf of the user;
  • Contact details are collected in order to communicate with the user, on a member relation or costumer relation in the pre-purchase and post-purchase period, as well as in future technical assistance, return or complaint situations;
  • Data for shipment of goods is collected to allow the shipment of goods, whenever the address in question is different from the address used for invoicing;
  • Data for newsletters is collected for the purpose of sending information to the user;
  • Data from Contact Forms is collected through the several contact forms available in the website and result from the user submission. The purpose of this collection is to provide feedback to the users request;

Data Treatment

Data processing occurs after a membership subscription or purchase order by the user (membership, invoicing, contact and shipping data categories), or after subscribing to our newsletter (newsletter data category);

Safety in treatment

The data collected is recorded in a database in the BCI website. Access to the website's administration panel, access to the hosting control panel and access to the database manager are secured with strong passwords and 2-factor authentication.

The hosting account uses an updated SSL certificate.

Backup copies of the hosting are made daily for redundancy purposes and fortnightly for system reset purposes.

Data is stored locally on a BCI computer located at our headquarters. This computer has a password to access and resume after inactivity, firewall and antivirus program. This computer is periodically backed up to an external hard drive.

The management and invoicing software where the data is entered is configured with access levels, and only the Board and a person designated under its responsibility is allowed to change or delete any customer data. Access to the software in question is individual and made by password.

Data Transmission

No data is transmitted to third parties, other than those imposed by legal obligations (invoicing).

Data Conservation

We keep data for the periods of time mentioned below:

  • Membership data is kept indefinitely for members history purpose;
  • Billing data is kept indefinitely in our billing software;
  • Contact details are kept for up to 3 years after the end of the membership subscription;
  • Data for shipment of goods are kept up to 3 years after the last shipment of goods;
  • Data for newsletters is kept permanently, unless the user requests its deletion;
  • Data from Contact Forms is kept up to 1 year after the request the user sent us is fully satisfied.


Our privacy policy can be changed without prior notice, being immediately updated on the Privacy Policy link on the footer of our website, so you should consult the most recent version each time you access our website and/or make a purchase.

Present changes do not affect membership subscriptions or purchases and/or other business relationships made in the past or in progress.