1. CONTROLLER IDENTIFICATION
Name: Antas da Cunha Ecija & Associados, Law Firm R.L. (hereinafter referred to as “AdCE”)
Head office: Amoreiras Square Building, Rua Carlos Alberto da Mota Pinto, 17 – 2nd floor, 1070-313 Lisbon, Portugal.
Company No. (NIPC): 513 631 984
Telephone: (+351) 213 192 080
2. INFORMATION REGARDING THE PROCESSING OF PERSONAL DATA
Law No. 58/2019, of 8 August, hereinafter “LPDP” and the General Regulation on Data Protection (Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, in “GDPR”) ensure the protection of natural persons regarding the processing of personal data and the free movement of such data. “Personal data” is any information, of any nature and regardless of the respective support, including sound and image, relating to an identified or identifiable natural person, so the protection does not cover the data of legal persons. An identifiable person is a person who can be identified directly or indirectly, namely by reference to an identification number or to one or more specific elements of their physical, psychological, economic, cultural, or social identity (for example, their name associated with your phone number or your email address).
3. PURPOSES OF PROCESSING PERSONAL DATA
The personal data that we process through the Website will only be used for the following purposes:
a) Managing the hiring of services performed through the Website, such as scheduling meetings and requesting contact;
b) Periodically send our electronic newsletters with news related to AdCE’s practice and the sector to which it dedicates its activity;
c) Managing the applications submitted for the recruitment process, analysis of the Curriculum Vitae and Cover Letters;
d) Periodically send commercial and/or promotional information related to the contracted services sector, unless the holder objects or withdraws his consent;
e) Anonymous and aggregated analysis of the use of services, to identify user habits and trends, in order to improve the services offered and meet the specific Users needs;
f) In case of contracting, the data collected on this Website, together with the other data obtained under the contractual relationship, will be used for the management of human resources, to ensure compliance with legal obligations and made available to the firm’s employees, when necessary for pursuing their professional activity;
g) Compliance with national and international legal provisions, or executing an order of competent judicial authorities;
h) Fulfillment of legal obligations, derived from applicable legislation on data protection, as well as, for the exercise of the rights of the holders, in particular, the defense of a right during a judicial process.
AdCE guarantees the confidentiality of all data provided. Although AdCE collects and processes personal data in a secure manner and prevents its loss or manipulation, using the most appropriate techniques for this purpose, it is important to bear in mind that the collection of data on open networks allows the circulation of personal data without absolute security conditions, with the risk of these being seen and used by unauthorized third parties.
Failure to present the requested data marked as mandatory in the Website, implies the impossibility of responding to the data subject’s request.
4. LAWFULLNESS OF PROCESSING
AdCE handles User data:
(i) when they express their explicit and legitimate consent for the processing of their personal data for certain purposes and/or,
(ii) when necessary for the performance of a contract to which the data user is a party, or for pre-contractual arrangements at the User’s request;
(iii) to comply with legal obligations to which the AdCE is bound;
(iv) for the purpose of legitimate interests pursued by AdCE or by third parties, unless the data subject’s interests, fundamental rights and freedoms shall prevail.
The User warrants that the information provided is true, accurate, complete, and up-to-date, and is responsible for any damage or loss, direct or indirect, that may be caused because of the breach of this obligation.
If the data provided belongs to a third party, the User guarantees that he has informed the said third party of the aspects contained in this document and obtained his authorization to provide his/her data to AdCE for the purposes indicated.
5. STORAGE PERIOD
AdCE only stores and processes your personal data for as long as it is necessary or mandatory to fulfill the purposes described above, applying information storage criteria appropriate to each processing and in compliance with the applicable legal and regulatory obligations.
AdCE maintains personal data in its systems in such a way that it is possible to identify the data subjects according to the following criteria:
– for a period of time not exceeding the pursuit of the purposes for which they were collected, provided that legal or contractual obligations do not provide otherwise;
– to fulfill specific legal or contractual obligations;
– when applicable and legitimate, until any request for opposition or deletion by the Data Subject.
6. DATA COMMUNICATION
In addition to communications made in compliance with legal obligations, the Data Subject’s personal data may be known, in addition to AdCE, by:
– AdCE workers and collaborators, in their capacity as authorized data processors;
– national and international companies belonging to the same group as AdCE;
– authorities in general, administrations entities and public bodies, both national and international;
– external service providers;
Exclusively for the purposes indicated above, in accordance with the consents granted by the data subject.
7. INTERNATIONAL DATA TRANSFERS
The personal data collected will be processed within the European Economic Area, with no international transfers of data to third countries or international organizations.
In the event of any processing of personal data outside the European Economic Area, this will only occur upon adoption of the appropriate guarantees and the level of protection required, in accordance with the applicable legislation on personal data protection.
8. INFORMATION SECURITY
AdCE has implemented the appropriate technical and organizational security measures to ensure the security of the personal data provided by the User, in order to prevent its alteration, loss, processing and/or unauthorized access, taking into account the current state of technology , the nature of the data stored and the risks to which they are exposed.
Personal data are treated with the level of protection legally required to ensure their security and prevent their alteration, loss, processing or unauthorized access, taking into account the state of technology, the user being aware and accepting that the measures of Internet security is not impregnable.
Whenever accessing personal data, AdCE undertakes to:
– Store it through legally required security measures, of a technical and organizational nature, which guarantee it security, thus avoiding unauthorized alteration, loss, treatment or access, in accordance with the state of technology at any time, the nature of the data and the possible risks to which they are exposed;
– Use data exclusively for previously defined purposes;
– Implement physical security measures to protect the facilities;
– Ensure that data is processed only by employees whose intervention is essential to satisfy the request of the data subject, who are bound by the duty of secrecy and confidentiality. If there is a possibility that the information may be disclosed to third parties for the purposes above, they must be obliged to keep the due confidentiality in accordance with the provisions of this document.
If AdCE subcontracts to other entities the provision of services that involve the transfer of personal data, these entities will be obliged to adopt the necessary technical and organizational measures to protect personal data against destruction, loss, alteration, disclosure, unauthorized access, or any other unlawful processing.
9. RIGHTS EXERCISE
In accordance with the provisions of the GDPR, the Users may exercise their rights of access, rectification, erasure, restriction of processing, data portability, right to object and withdraw of consent by requesting it in writing by any of the following means, specifying the right or rights they wish to exercise:
E-mail: email@example.com ;
Postal Address: Edifício Amoreiras Square, Rua Carlos Alberto da Mota Pinto, 17 – 2º piso, 1070-313 Lisboa.
10. CONTROL AUTORITY
The User also has the right to submit a complaint to the National Data Protection Commission (CNPD) in relation to matters relating the exercise of their rights and the protection of their personal data, through the following website www.cnpd.pt.
11. THIRD PARTY PAGES
The Website may contain advertising, links or other content that link or redirect to pages and services of suppliers, advertisers, affiliates, AdCE sponsors and other third parties.
The search or interaction on any other website, including those that have an external link to the website, are subject to the terms and conditions of that website, AdCE will not be responsible for such access and use in any case.
Updated September 9, 2021