GENERAL PRINCIPLES
This document serves to explain in a clear and succinct manner the principles and rules followed by SANTO SGPS, NUIPCM 507 916 425, with head office at Avenida Valbom, 15, 2750-508 Cascais, with the capital of 79.161.040 euros - in the treatment of personal data.
SANTO SGPS, in the scope of its activity, needs, continuously, to treat personal data, such as the personal data of clients, employees and other people with whom SANTO SGPS has a relationship. Respect for the rights of the data subjects, whether they are clients or others, and strict compliance with the laws on the protection of personal data is a constant concern of SANTO SGPS.
SANTO SGPS is aware that the use of personal data requires the trust of the data subjects. Therefore, SANTO SGPS strives to protect such data in the most effective way within its reach, and ensures that it will use personal data for clearly identified purposes and in accordance with the legislation, in particular the General Data Protection Regulation (Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016) and Law 67/ 98 - Personal Data Protection Law.
RESPONSIBILITIES
SANTO SGPS is responsible for defining the rules that guide it in what concerns the General Data Protection Regulation, demonstrating its compliance.
All SANTO SGPS' employees and external entities with access to personal data are responsible for the protection of the information they handle and are obliged to know and comply with the policy, standards and procedures for the protection of personal data that are defined and approved in SANTO SGPS.
SANTO SGPS does not keep personal data for longer than is necessary to fulfil the purpose for which it was processed. When SANTO SGPS no longer requires the personal data, it is irreversibly deleted or destroyed.
SCOPE
Personal data is any information of any nature whatsoever, irrespective of the medium, including sound and image, concerning an identified or identifiable natural person.
Personal data collected by SANTO SGPS is limited to what is strictly necessary for the purpose of the processing of such data.
DATASHARING
SANTO SGPS may communicate your personal data to third parties, ensuring that they process such personal data only and exclusively for the authorised purposes.
Users' data may be processed by a qualified service provider hired by SANTO SGPS. Such service provider shall only process the data for the purposes set out by SANTO SGPS and in compliance with the instructions issued by the latter, strictly complying with the legal rules on personal data protection, information security and other applicable rules.
WHAT ARE YOUR RIGHTS?
The data subject may exercise, at any time, the rights provided in the General Data Protection Regulation, such as: access, rectification, limitation or deletion of their personal data, provided that this does not conflict with other rights or obligations of SANTO SGPS.
If the use of the personal data is based on consent, the data subject has the right to withdraw such consent at any time by providing notice to SANTO SGPS, without prejudice to the validity of the data processing carried out until that time.
SANTO SGPS has appointed a Data Protection Officer who can be contacted by e-mail: dpo@santo.pt. If you are dissatisfied with our use of your personal data or with our response after exercising any of these rights, you have the right to lodge a complaint with the Portuguese Data Protection Commission.
HOW DO WE KEEP YOUR PERSONAL DATA SECURE?
We use a set of appropriate security technologies and procedures to protect personal data from unauthorised access, use or disclosure, through access control and monitoring of databases and information systems, and through security rules aligned with best information security practices, including encryption and authentication tools, to help protect and maintain the security, integrity and availability of personal data.
Although data transmission over the internet or website cannot guarantee full security against unauthorised access, we and our service providers and business partners use best efforts to implement and maintain physical, electronic and procedural security measures to protect your personal data in compliance with applicable data protection requirements.
CHANGES TO THIS DATA PROTECTION POLICY
This document may be subject to updates, where appropriate. The updated version can be consulted on our website at the following address: http://www.santo.pt. We recommend that you consult our data protection policy from time to time to keep informed of how SANTO SGPS handles your personal data and to keep up to date with the information and rights you are entitled to.
CONTACTUS
If you have any questions regarding our use of your personal data, you should first contact the Data Protection Officer:
- Via e-mail: dpo@santo.pt;
- Or by letter to: A/C: DPO Santo SGPS | Av. Valbom nº 15 | 2750-508 Cascais | Portugal