PRIVACY POLICY
PASTCERAM IS COMMITTED TO PROTECTING THE PRIVACY AND PERSONAL DATA OF ITS CLIENTS AND WEBSITE USERS AND HAS THEREFORE DRAWN UP AND ADOPTED THIS POLICY AND THE PRACTICES DESCRIBED HEREIN. THIS POLICY EXPLAINS HOW YOUR PERSONAL DATA IS COLLECTED AND PROCESSED, SO WE RECOMMEND THAT YOU READ IT.
1. IDENTIFICATION OF THE ENTITY RESPONSIBLE FOR DATA PROCESSING.
Organisation: PASTCERAM – PASTAS CERÂMICAS S.A. (hereinafter “PASTCERAM”)
NIPC: 505689111
Registered office: Zona Industrial Casal da Areia – Lote 38/39 2460-392 Cós – Alcobaça (Portugal)
Telephone contact: +351 262 540 080 (national landline) +351 969 650 737 (Call national mobile network)
Email: [email protected]
2. WHAT IS THIS POLICY ABOUT?
2.1 This Privacy Policy explains how we collect and process personal data that is necessary for the provision of products and services that are available through the website, describing the practices adopted for this purpose.
3. WHAT IS PERSONAL DATA?
3.1 Personal data is any information relating to a person which identifies that person or makes that person identifiable, regardless of the nature and medium of the information, including the sound and image of the person.
3.2 Identifiable means a person who can be identified, directly or indirectly, in particular by reference to an identification number or to other factors specific to his or her physical, physiological, mental, economic, cultural or social identity.
4. HOW WILL WE USE YOUR PERSONAL DATA?
4.1 The personal data processing operations we carry out are an essential tool for your satisfaction and for PASTCERAM’s activity and are carried out in accordance with the applicable legislation and best practices.
4.2 Your personal data will not be reused for other purposes that have not been previously identified or that are unrelated to the purposes for which they were initially collected.
5. WHAT ARE THE PURPOSES, GROUNDS AND RETENTION PERIODS FOR THE DATA COLLECTED?
5.1 The personal data we process has specific grounds, depending on the purposes for which it is intended, and will be kept for as long as necessary for the respective purposes, as listed in this Privacy Policy.
5.2 The personal data collected is only that which is necessary and appropriate for the purposes indicated.
5.3 In the table below you can see the processing purposes and the data collected for them, the respective grounds and the data retention periods or criteria:
PURPOSE | BACKGROUND | DATA COLLECTED | RETENTION PERIOD |
To analyse and follow up on your request to join/apply to PASTCERAM’s community of workshops. | Pre-contractual due diligence and execution of the contract. | Name; Workshop identification data (which may constitute personal data); Contact e-mail address. | For the period necessary to fulfil the contract, or for a period of 1 year if the membership/application is not continued. |
To analyse and respond to your messages, client support and contact/information requests. | Consent for this specific purpose. | Name and surname; Email address; Telephone contact; Message and personal data that may appear in it. | 2 years, or for the period deemed necessary to fulfil this purpose, if longer than 2 years. |
For commercial purposes, such as data analysis, audits. | Consent for this specific purpose (cookies); | Cookies; IP address. | Consult the Cookies Policy. |
To adapt, improve and modify the services, in particular by identifying usage trends, or to determine the effectiveness of promotional campaigns. | Consent for this specific purpose (cookies); Legitimate interests pursued by PASTCERAM. | Cookies; IP address. | Consult the Cookies Policy |
For website management operations. | Consent for this specific purpose (cookies); Legitimate interests pursued by PASTCERAM. | Cookies; IP address. | Consult the Cookies Policy |
For fraud prevention and information systems security. | Consent for this specific purpose (cookies); Legitimate interests pursued by PASTCERAM. | Cookies; IP address. | Consult the Cookies Policy |
|
|
|
|
5.4 If a specific or mandatory period is required by law, this will be the data retention period. In all other cases, personal data will be kept for no longer than the periods indicated above, which PASTCERAM considers to be sufficient to fulfil its purposes.
5.5 At the end of the retention period, all personal data collected will be deleted.
6. HOW DO WE COLLECT YOUR PERSONAL DATA?
6.1 We will collect your personal data through the forms on the website, but also through the website and the communication it makes with your device and the e-mail messages you send us.
6.2 Your personal data is collected via your device as follows: a) When you fill in the forms on the website, namely the contact form and the form for joining/applying to PASTCERAM’s community of workshops;
b) Through your browser; c) Through cookies; d) IP adress
6.3 PASTCERAM undertakes to process your data in accordance with the law and in a legitimate manner.~
6.4 PASTCERAM will not sell, rent or share your personal data with third parties, except in the cases clearly identified in this Privacy Policy (see Point 112 to understand how).
7. WHAT ARE COOKIES?
7.1 Cookies are small information files that help identify your browser and can store information, for example, user settings and preferences.
7.2 PASTCERAM will store cookies on your device to personalise and facilitate browsing as much as possible, but also for troubleshooting, statistics, quality assurance, and to monitor system security.
7.3 With the exception of cookies specifically necessary for the performance of the website, the storage of other cookies will always depend on the User’s acceptance and consent, and this consent may be withdrawn at any time through specific browser tools.
7.4 To find out more about the cookies we use, please consult our Cookie Policy.
8. HOW DO WE PROTECT YOUR PERSONAL DATA?
8.1 Your personal data is kept secure by adopting various security measures of a technical nature (the data is kept on secure servers that offer us every guarantee of the integrity of the information) and an organisational nature that guarantee that only those Employees who must access the personal data have access to it, in accordance with the need for access and the rules created for this purpose.
8.2 To protect your personal data we only use data centre providers that offer us adequate and documented security measures, namely guarantees that your personal data is stored on servers that are kept in controlled environments with limited access.
8.3 Personal data is kept on secure servers at PTISP – Almouroltec – Serviços de Informática e Internet Lda (hereinafter, “PTISP”) with NIPC 502665696 and head office at Rua José Dias Simão s/n, Parque de Ciência e Tecnologia, Edifício INOV.POINT, Alferrarede, 2200-062 Abrantes, which offers us the appropriate security guarantees to protect personal data against its dissemination, loss, misuse, alteration, unauthorised processing or access, as well as against any other form of illicit processing.
8.7 Although we take the care and precautions we deem appropriate to protect the personal data you provide and that we collect, you should be aware that no security system is impenetrable.
9. WHAT ARE YOUR RIGHTS?
9.1 Before we explain how you can exercise your rights, we would like to inform you that the law grants you the following rights:
a) Access: the right to obtain confirmation as to whether or not personal data concerning you is being processed and, if so, the right to access your personal data;
b) Rectification: the right to have inaccurate personal data concerning you rectified and to have incomplete personal data completed;
c) Erasure: the right to have your personal data erased when one of the reasons listed in the legislation applies, namely when:
i. The personal data is no longer necessary for the purpose for which it was collected or processed;
ii. You withdraw the consent on which the data processing is based and there is no other legal basis for the processing;
iii. You object to the processing and there are no overriding legitimate interests justifying it; iv. The personal data has been processed unlawfully; v. The personal data must be erased for the fulfilment of a legal obligation;
vi. The personal data has been collected in the context of offering information society services.
d) Restriction of processing: the right to obtain restriction of processing if one of the situations listed in the legislation applies, namely when:
i. Challenge the accuracy of personal data;
ii. The processing is unlawful and the data subject opposes the erasure of the personal data and requests, instead, the restriction of its use;
iii. The data controller no longer needs the personal data for processing purposes, but the data subject requires them for the purposes of declaring, exercising or defending a right in legal proceedings;
iv. If the data subject has objected to processing using automated individual decisions.
e) Objection: the right to object at any time to the processing of personal data concerning you;
f) Portability: the right to receive personal data concerning you in a structured, commonly used and machine-readable format, and the right to transmit that data to another controller without the controller to whom the personal data was provided being able to prevent it, when the processing is based on consent or contract, or when it is carried out by automated means.
9.2 You also have the right to lodge a complaint with the competent supervisory authority (in Portugal, the National Data Protection Commission at www.cnpd.pt).
9.3 In addition to the rights described above, whenever the basis for data processing is consent, the User has the right to withdraw the consent given at any time, without this invalidating the data processing carried out up to that point.
10. HOW CAN YOU EXERCISE YOUR RIGHTS?
10.1 You can exercise your rights by writing to the following addresses: a) By email: [email protected]
b) By post: Zona Industrial Casal da Areia – Lote 38/39 2460-392 Cós – Alcobaça (Portugal)
10.2 If you ask us to delete some or all of your personal data, some of the services you have requested may not be provided. PASTCERAM may have to keep only the personal data that may be necessary to fulfil the legal obligations to which it is bound.
11. WHEN DO WE COMMUNICATE DATA TO THIRD PARTIES?
11.1 PASTCERAM may use third parties to provide certain services, such as maintenance, technical support, marketing, invoicing or payment management, which may have access to some of the personal data provided, in particular the data required for the contracted purposes.
11.2 For example, for data centre management purposes, PASTCERAM. uses the services of PTISP (better identified in point 8.3).
11.3 In particular, your data may be passed on to transport companies in order to ensure delivery of the order placed with the client.
11.4 PASTCERAM may also communicate your data to the following entities:
a) Companies in the business group to which PASTCERAM belongs and with which it has commercial partnerships for the creation and offer of benefits; or,
b) Other partners outside your business group (with your prior authorisation).
11.5 PASTCERAM ensures that the entities that have access to the data are credible and offer high guarantees of protection, never transmitting data beyond what is necessary to provide the contracted service, although PASTCERAM remains responsible for the personal data provided.
11.6 PASTCERAM may also transmit data to third parties in the context of investigations, enquiries and judicial and/or administrative proceedings or of a similar nature, provided that it is duly ordered to do so by court order.
12. THIRD PARTY WEBSITES.
12.1 Our website may contain links to other third-party websites that may collect and process your personal data, and this processing is the sole responsibility of the owners of these websites, and PASTCERAM is not responsible for their policies and/or practices.
12.2 Examples of these third parties are Facebook or Instagram via the buttons on the website.
13. DATA TRANSFERS OUTSIDE THE EUROPEAN UNION.
13.1 We will process your data within the European Economic Area.
13.2 In the event of data transfers to third countries not belonging to the European Union or the European Economic Area, PASTCERAM will comply with the law, in particular with regard to the suitability of the country of destination for the protection of personal data and the requirements applicable to such transfers, and personal data will not be transferred to jurisdictions that do not offer guarantees of security and protection.
14. MINORS.
14.1 The website is not aimed at minors under the age of 18, so we ask that minors do not provide us with personal data through the website, application, social networks and social media or emails.
15. SENSITIVE PERSONAL DATA.
15.1 Please do not send or disclose to us any sensitive personal data, i.e. information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic information, biometric information, health data or data concerning a natural person’s sex life or sexual orientation.
15.2 If you still send or make known these categories of personal data, they will be deleted immediately.
16. CHANGES TO THE PRIVACY POLICY.
16.1 We reserve the right to adjust or modify this Privacy Policy at any time, and such changes will be publicised on this website with the updated effective da
16.2 We recommend that you (re)visit this policy periodically so that you are aware of any changes made.
17. OUR CONTACT DETAILS.
17.1 If you have any questions or queries regarding this Privacy Policy please contact us in writing at [email protected].
18. LAST VERSION.
18.1 21, 06, 2024, Alcobaça (Portugal).
Copyright © 2024 Pastceram S.A. All rights reserved.