NEW GENERAL DATA PROTECTION REGULATION
WHAT IS IT?
The General Data Protection Regulation (GDPR) is in force since May 25th 2018 and GRUPO SOUSA assures that GDPR rights are fully respected.
WHAT WILL CHANGE?
GRUPO SOUSA communications will require your free, informed and explicit consent, therefore, increasing the security in the processing of your data.
GRUPO SOUSA has always been regulated by transparency and respect for the privacy of its customers, therefore, the introduction of this new regulation reinforces this position, and GRUPO SOUSA has developed the current and necessary mechanisms to better ensure its protection.
The new GDPR aims primarily to protect the holders of personal data, giving them more control over their personal information.
LACK OF CONSENT
By choosing not to update your contact in GRUPO SOUSA Database, we will no longer be able to communicate the exclusive campaigns, services and events that we are preparing.
PERSONAL DATA UPDATE
It is essential to us, through personalized actions or satisfaction studies, to offer you even more services to your needs.
WHAT TO DO?
Please express your consent by replying to our request or send us an e-mail. For security reasons, all customers must fill in their data, even if they have already provided it in contact with GRUPO SOUSA.
In GRUPO SOUSA, we understand that the use of your personal data requires its protection, in order to assure your confidence. We are subject to the highest privacy standards and will only use your personal data for clearly identified purposes and in accordance with your data protection rights.
The confidentiality and integrity of your personal data is one of our main concerns and is the basis of our action.
Who is responsible for the processing of your personal data?
GRUPO SOUSA is responsible for processing the personal data of its clients and/or potential customers, who fill in their data and submit the Subject Rights Application for GRUPO SOUSA ’s Marketing Communications, through this document.
How do we gather your personal data?
Your personal data will be gathered and processed in the following situations:
For what purposes and on what grounds can your personal data be used?
Your personal data will be gathered and used for marketing purposes (communications and products of GRUPO SOUSA), in the strict terms that you selected in the Subject Rights Application contained in this document.
Under the EU data protection legislation (GDPR) terms, the use of personal data must be justified under at least one legal basis for the processing of personal data.
Context of each of these legal grounds for the processing personal data:
The legal basis applicable to the collection and use of your personal data for marketing purposes, is your consent.
What personal data may be gathered:
DATA GATHERED BY GRUPO SOUSA:
How do we keep your personal data safe:
GRUPO SOUSA uses several security measures, authentication tools to help protect and maintain the security, integrity and availability of your personal data.
Although the transmission of data, through the Internet or website, cannot guarantee complete security against intrusions, GRUPO SOUSA, our service providers and commercial partners have made the best efforts to implement and maintain physical, electronic and procedural security measures intended to protect your personal data in accordance with the applicable data protection requirements.
Specifically, we undertook the following measures:
How long do we keep your personal information:
GRUPO SOUSA only retains your personal data for as long as necessary in the context of the purpose for which it was gathered.
Once the maximum storage period has been reached, your personal data will be irreversibly anonymized (anonymized data may be retained) or destroyed in a secure manner.
By applicable legal provision, the storage period of your data may be limited.
With whom can we share your personal data and how do we keep them safe:
Thus, GRUPO SOUSA guarantees that your personal data exported outside the EEA, will be treated according to appropriate security measures.
Switzerland and Canada have been recognized by the European Commission as offering an adequate level of data protection and, as such, no additional safeguards will be required.
Regarding countries not subject to this recognition, such as the USA, the export of your personal data will be governed by standard contractual clauses approved by the European Commission, which impose directly on our suppliers / service providers data protection obligations equivalent to those existing in the EEA.
Please contact us if you wish to request a copy of the specific safeguards that have been applied to export your data to suppliers / service providers located outside the EEA.
Your personal data is stored in the protected servers of our suppliers / service providers, being accessed and used exclusively under our policies and standards (or equivalent policies and standards of our suppliers / service providers).
GRUPO SOUSA and Data Protection Officer Contact Details:
Phone line: Contact Center + 351 291 210 300, available from 9h to 12h30 and from 14h to 18h, from Monday to Friday
How can you change or withdraw your consent:
You may, at any time, change or withdraw your consent, generating such declaration, effects for the future.
To withdraw your statements of consent submitted to GRUPO SOUSA, simply access this document again, fill in your personal data and resubmit the Consent Form, selecting or not selecting the check boxes according to your preferences.
The latest Consent Form submitted to GRUPO SOUSA will prevail over all previous ones.
Contact with GRUPO SOUSA: know your data protection rights and the right to complain to your supervisory authority:
If you have any queries relating the above described use of your personal data, you should first contact our customer service here. Additionally, you can contact email@example.com.
Accordingly to certain conditions, you may have the right to request us to:
The exercise of these rights is subject to certain exceptions intended to safeguard the public interest, such as, the prevention or detection of crimes.
If you exercise any of these rights we will analyze them and we will respond, within an estimated period not to exceed 1 (one) month.
If you are unsatisfied with our use of your personal data or with our response, after exercising any of these rights, you have the right to complain to the supervisory authority (National Commission for Data Protection – CNPD) | Rua de São Bento, n.º 148, 3º, 1200-821 Lisboa | Phone: +351 213928400 | Fax: +351 213976832 | E-mail: firstname.lastname@example.org).