|
Privacy Policy
PORDATA PRIVACY POLICY
1. IDENTIFICATION OF THE CONTROLLER
• Entity: FUNDAÇÃO FRANCISCO MANUEL DOS SANTOS (HEREINAFTER, FFMS)
• REGISTERED OFFICE: Largo Monterroio Mascarenhas, n.º 1, 7.º piso, 1099 - 081 Lisboa
• Corporate tax no.: 508867380
• Phone: +351 21 001 5800
• Email: pordata@ffms.pt
2. INFORMATION AND CONSENT
The Personal Data Protection Act (hereinafter the LPDP) and the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, hereinafter the GDPR) ensure the protection of natural persons with regard to the processing of personal data and the free movement of such data.
In legal terms, personal data are considered to be any “information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.”
When you agree to this Privacy Policy, you are considered to have been informed through the https://www.pordata.pt/ website that your data will be included in a file that FFMS is responsible for and whose processing under the legislation on personal data protection complies with the appropriate technical and organisational security measures.
FFMS keeps a database with its clients’ registration information, consisting only of the personal data provided by the actual data subject at the time of registration, which are collected and processed automatically by FFMS, the entity responsible for processing personal data.
Under no circumstances will personal data regarding racial or ethnic origin, political opinions, religious or philosophical beliefs, political opinions, trade union membership, health and sex life, genetic or biometric data or data relating to sex life or sexual orientation be requested.
Under no circumstances will FFMS engage in any of the following activities using the personal data provided on this website, without the express prior consent of the data subject:
• Transferring data to other persons or other entities;
• Transferring data outside the European Economic Area (EEA).
3. PURPOSES OF PERSONAL DATA PROCESSING
The personal data processed through this page will only be used for the following purposes and the following reasons, within the time periods listed below:
|
PURPOSE
|
BASIS
|
DATA COLLECTED
|
DATA RETENTION PERIOD
|
|
Following up on your registration in the reserved area of Pordata
|
Consent for this specific purpose
|
Name, date of birth, mobile phone number, sex, nationality and email address
|
For the period in which you are registered as a customer and wish to use the website services and for up to one year after you last accessed it
|
|
Subscribing to the Pordata newsletter
|
Consent for this specific purpose
|
Email address
|
Two years after the account becomes dormant
|
|
Analysis and management of usage statistics
|
Consent for this specific purpose
|
Cookie data
|
Cookie retention period
|
|
Managing and processing contact requests
|
Consent for this specific purpose
|
Name and email address
|
During the time required to fulfil your request or order, as well as during the time set out in the applicable regulations in each case
|
|
For commercial purposes, such as data analysis, audits
|
Consent for this specific purpose
|
Cookie data and IP address
|
Cookie retention period
|
FFMS guarantees the confidentiality of all data provided. Notwithstanding the fact that FFMS collects and processes data safely and securely, preventing them from being lost or tampered with and using the most appropriate techniques for this purpose, it is important to remember that the collection of data on open networks allows for insecure movement of personal data, and there is a risk of their being seen and used by unauthorised third parties.
Failure to provide the data marked as mandatory means the data subject’s request will not be fulfilled.
4. SECURITY MEASURES
FFMS hereby declares that it has implemented and will continue to implement the technical and organisational security measures necessary to ensure the security of the personal data provided to it in order to prevent alteration, loss, processing and/or unauthorised access, taking into account technological developments, the nature of the data stored and the risks to which they are exposed.
FFMS guarantees the confidentiality of the data provided through this website. The collection and processing of data is carried out in a secure way to prevent loss or tampering. All data will be entered on a Secure Server (128-bit SSL) that encrypts/encodes them (transforms them into a code), and your password is stored using a one-way hash, which means it cannot be retrieved (or disclosed) by anyone, including FFMS, and can only be reset.
You can tell that your browser is secure if the padlock icon appears or if the address starts with https instead of http.
Personal data are processed with the level of protection legally required to ensure the security of the data and prevent them from being altered, lost or processed and from unauthorised access, taking technological developments into account. It is important for you to be aware of this and to understand that internet security measures are not impregnable.
While we take the care and precautions we deem appropriate to protect the personal data you provide and that we collect, we must all be aware that no security system is impenetrable.
Therefore, you should take certain precautions, such as keeping your password secret and not disclosing it to anyone else. If you believe that your password has been misused, you should notify us immediately; you should also be careful to log out each time you close your browser.
Whenever it accesses personal data, FFMS undertakes to:
• Store them by means of legally enforceable security measures of a technical and organisational nature, guaranteeing their security and thus avoiding any alteration, loss, processing or unauthorised access, in accordance with technological developments at any time, the nature of the data and the possible risks to which they are exposed;
• Use the data exclusively for the purposes previously defined;
• Ensure that the data are processed only by employees whose intervention is necessary to fulfil the request of the data subject, and that they are obliged to the duty of secrecy and confidentiality. If there is a possibility that the information may be disclosed to third parties for these purposes, they too shall be under the same security and confidentiality obligations outlined in the provisions of this document.
5. WHEN DO WE COMMUNICATE DATA TO THIRD PARTIES?
FFMS may use third parties for the provision of certain services on the Pordata website, such as maintenance, technical support, marketing, billing or payment management. These parties may have access to some of the personal data, namely the data necessary for contractual purposes.
Personal data collected on the Pordata website are kept on secure servers in the Netherlands. They are managed by Microsoft Azure West Europe-Netherlands, Evert van de Beekstraat 354, 1118 CZ Luchthaven Schiphol, Noord-Holland, Netherlands, which provides us with the appropriate security safeguards for protecting personal data from dissemination, loss, misuse, alteration, processing or unauthorised access, as well as from any other form of unlawful processing.
6. THIRD-PARTY WEBSITES
The Pordata website may contain links to other websites that may collect your personal data. Any processing then carried out is the sole responsibility of the owners of these websites, and FFMS is in no way responsible for their policies and/or practices.
Examples of these third parties are Facebook, Instagram, LinkedIn, Twitter and YouTube, accessed via the buttons on the website.
7. COMMERCIAL AND PROMOTIONAL COMMUNICATIONS
One of the purposes for which personal data provided by users are processed is in order to send electronic communications containing commercial and promotional information.
All communications of this type will be directed exclusively to users who have provided express prior authorisation and that are aged over 18.
If you wish to stop receiving commercial or promotional communications from FFMS, you may object at any time by sending a request to the following email address: pordata@ffms.pt
8. EXERCISE OF RIGHTS
In accordance with the provisions of the LDPD and the GDPR, users can exercise the following rights at all times:
(a) Access: the right to obtain confirmation of whether personal data concerning you are processed or not and, where applicable, the right to access your personal data;
(b) Rectification: the right to have inaccurate personal data concerning you rectified and to have incomplete personal data completed;
(c) Erasure: the right to have your personal data erased when one of the reasons listed in the legislation applies;
(d) Limitation of processing: the right to have the processing limited if one of the situations listed in the legislation applies;
(e) Opposition: the right to object at any time to the processing of the personal data concerning you;
(f) Portability: the right to receive personal data concerning you in a structured, commonly used and machine-readable format.
Therefore, you can exercise your rights of information, access, rectification, erasure, limitation, portability and opposition at any time, through a written request addressed to FFMS via any one of the following methods:
• A letter addressed to: Largo Monterroio Mascarenhas, n.º 1, 7.º piso, 1099 - 081
Lisboa
• An email sent to:pordata@ffms.pt
9. DATA TRANSFERS OUTSIDE THE EUROPEAN UNION
If data are transferred to third countries that are not part of the European Union, FFMS shall comply with the legal rules, in particular as to the suitability of the destination country with regard to personal data protection and the requirements that apply to such transfers. No personal data are transferred to jurisdictions that do not offer guarantees of security and protection.
10. SUPERVISORY AUTHORITY
By law, the data subject has the right to lodge a complaint regarding personal data protection to the competent supervisory authority, the National Data Protection Commission (CNPD) www.cnpd.pt.
|