1. FRAMEWORK

As you know, the new General Data Protection Regulation has been applicable since May 25, 2018 in all European Union Member States.

At TECNOCRIMP, we value and attach the utmost importance to the trust you place in us and we guarantee that your personal data is secure and processed with total privacy. Privacy, confidentiality and transparency are three key elements in the relationship of trust we establish with our clients.

The processing of your personal data allows, among other purposes, the development and direct marketing of the products and services that we believe to be the most appropriate to the profile and needs of each Client.

2. OBJECTIVE AND SCOPE

This Privacy Policy establishes how TECNOCRIMP uses the personal data of its clients and potential clients, as well as compliance with internal practices and the definition of internal procedures for any processing of personal data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, cross-checking, blocking or destruction.

3. DATA CONTROLLER

TECNOCRIMP – Componentes e Sistemas Tecnológicos, Lda. (TECNOCRIMP), with registered offices at Rua Manuel Pedro Franco, n.º 125, Várzea do Andrade, 2670-734 FANHÕES, Portugal, legal person 507 732 921, share capital €125,000.00 (one hundred and twenty-five thousand euros), is responsible for the processing of personal data, within the scope of the GDPR.

4. DATA PROTECTION OFFICER

TECNOCRIMP has appointed a Data Protection Officer (DPO), who:

4.1. provides information and advice to the controller, the processor and the employees who process the data on their obligations in the field of privacy and data protection;

4.2. monitors the compliance of data processing with applicable standards;

4.3. advises, when requested, on data protection impact assessments and monitors their implementation;

4.4. is a point of contact for the holder of personal data to clarify issues relating to the processing of their data by TECNOCRIMP;

4.5. is the point of contact for the supervisory authority (Comissão Nacional de Protecção de Dados – CNPD) on issues related to processing, cooperating with this entity.

TECNOCRIMP’s EPD can be contacted by e-mail:

privacy@tecnocrimp.com

5. COLLECTION OF PERSONAL DATA

Within the scope of its activity, TECNOCRIMP has access to personal data, which consists of information relating to an identified or identifiable natural person.

This information is collected directly from data subjects, employees and customers. However, information is also generated through a series of operations carried out by TECNOCRIMP as part of its activity. This could be prospecting and analyzing public websites, business and professional associations or even professional associations, in order to obtain contacts for potential clients.

6. AIMS AND RATIONALE

Within the scope of its activity, TECNOCRIMP only processes the personal data of data subjects when there is a lawful basis that legitimizes the processing, namely:

6.1. Consent

Consent is a free, specific and informed expression of will by which you accept, by means of an unequivocal positive statement or act, that personal data concerning you will be processed. For example: the processing of data for certain marketing purposes;

6.2. Execution of contracts and pre-contractual procedures

When the processing of personal data is necessary for the conclusion, execution and management of the contract to which you are a party as a customer, supplier and/or partner, or to carry out pre-contractual steps at your request. For example: for managing customer data in connection with the delivery of goods;

6.3. Compliance with a legal obligation

When the processing of personal data is necessary for the fulfillment of a legal obligation to which TECNOCRIMP is subject. For example: the communication of data to police, judicial, tax or regulatory bodies, compliance with tax obligations;

6.4. Legitimate interest

When the processing of personal data corresponds to a legitimate interest of TECNOCRIMP or a third party, and when the reasons for its processing must prevail over the fundamental rights and freedoms of the data subjects. For example: processing data to improve the quality of services, detect fraud, control physical access or manage information systems;

6.5. Vital interest

When the processing of personal data is necessary to ensure the defense of vital interests, namely the life of data subjects or third parties;

6.6. Public interest

When the processing of personal data is necessary to defend the public interest, such as social protection and public health.

TECNOCRIMP undertakes to ensure that the processing of your data is only carried out under the conditions listed above and with respect for the aforementioned principles.

When your data is processed by TECNOCRIMP solely on the basis of your consent, you have the right to revoke your consent at any time. However, revoking consent does not compromise the lawfulness of the processing carried out by TECNOCRIMP on the basis of the consent previously given.

7. PERSONAL DATA

7.1. Personal data is information relating to an identified or identifiable person. An identifiable person is one who can be identified directly or indirectly. Personal data is also the set of distinct pieces of information that can lead to the identification of a specific person. Examples of personal data (not exhaustive):

  • Name and surname;
  • Address of a residence;
  • E-mail address;
  • Number of an ID card;
  • Location data (for example, the location data function on a cell phone);
  • IP address (internet protocol);
  • Cookies(see definition in 7.2);
  • Your device’s advertising identifier;
  • Data held by a hospital or doctor that makes it possible to identify a person unequivocally;
  • Sound or image.

7.2 When you visit our website, small text files – cookies – are installed and stored in browser folders containing information onbrowsing data and characteristics or user preferences. These text files will allow for a personalized and efficient browsing experience.

These cookies will only be installed with your express consent, except in the case of cookies that are strictly necessary for the operation of the website.

8. SECURITY

TECNOCRIMP has implemented various physical, logical, technical and organizational security measures in order to protect your personal data against unauthorized disclosure, loss, misuse, alteration, processing or access, including:

8.1. mechanisms for controlling access to information systems and data;

8.2. specialized security systems (e.g. firewalls, antivirus, intrusion detection systems);

8.3. mechanisms for recording the actions taken by employees, clients and other users of the information systems (e.g. access, alteration, deletion of personal data);

8.4. encryption measures for mobile devices and equipment;

8.5. physical security measures to protect the facilities (e.g. physical access control, video surveillance, various alarms).

It should be noted that TECNOCRIMP invests in continuous improvement of the security of its systems and processes, through continuous monitoring of risks and controls, which allows it to identify new risks emerging from continuous technological evolution and to adopt new security measures and controls appropriate to those risks. In addition, TECNOCRIMP has an employee awareness and training program on information security and personal data protection to ensure that all those involved in the processing of your data are aware of their obligations and work to protect your privacy.

9. SHELF LIFE

Your personal data is collected and processed in strict compliance with the applicable legislation. It is stored in databases set up for this purpose and kept for the period of time necessary to ensure the proper management of the obligations, rights and interests associated with its collection.

Without prejudice to the time limits indicated above, the personal data processed by TECNOCRIMP may be kept for the period of time necessary to meet tax, legal and judicial obligations, under the legally applicable terms.

10. SHARING INFORMATION

Personal data may be transmitted to subcontractors to be processed in the name and on behalf of TECNOCRIMP. In this case, TECNOCRIMP will take the necessary contractual measures to ensure that subcontractors respect and protect the data subject’s personal data in accordance with the law.

The data may also be transmitted to third parties – entities other than TECNOCRIMP or its subcontractors – such as, for example, companies that supply services to TECNOCRIMP, if the data subject has consented, or entities to which the data must be communicated by law, such as the Tax Authority, judicial authorities, criminal police bodies, among others.

TECNOCRIMP does not transfer your personal data to a third country outside the EU that is not on the list of countries that the EU has deemed to have adequate levels of personal data protection. With the exception of any access to social networks, such as:

10.1. Facebook and Instagram

On the website there is interactivity with Facebook and Instagram, through a connection to the servers of these social networks, this will allow us to identify the website that the User is visiting and possibly store other data, such as the IP address. If the User has logged in to Facebook and/or Instagram, the data will be associated with their accounts. To prevent this from happening, the User must end their Facebook and Instagram sessions before visiting the page.

More information on how these social networks process data is available at:

https://www.facebook.com/about/privacy/ https://help.instagram.com/519522125107875

10.2. Twitter

The website offers interactivity with Twitter, through the respective button, establishing a connection to Twitter’s servers, which will identify the website the User is visiting and possibly store other data, such as the IP address.

More information on how Twitter processes data is available at:

https://www.linkedin.com/legal/privacy-policy?_l=pt_BR

10.3. LinkedIn

The website offers interactivity with LinkedIn, through the respective button, establishing a connection to LinkedIn’s servers, which will identify the website that the User is visiting and possibly store other data, such as the IP address.

More information on how LinkedIn processes data is available at:

https://www.linkedin.com/legal/privacy-policy?_l=pt_BR

10.4. Youtube

This website interacts with Youtube through a connection to this website’s servers, which will allow us to identify the website the User is visiting and possibly store other data, such as the IP address. If the User has started their Youtube session, the data will be associated with their account. To prevent this from happening, the User must log out of YouTube before visiting the page.

Information on data processing carried out by Youtube is available at:

https://www.youtube.com/intl/pt-BR/yt/about/policies/#community-guidelines

11. CONSENT

TECNOCRIMP guarantees that data subjects can exercise their rights under the law, namely access, rectification, objection and erasure.

To exercise your rights under the GDPR, a written request should be sent to our address or e-mail at:

privacy@tecnocrimp.com

12. RIGHTS

12.1. Right of Access

Obtain confirmation of what personal data is being processed and a copy of the personal data being processed.

12.2. Right of rectification

Request the rectification of inaccurate personal data or request that incomplete personal data be completed.

12.3. Right to erasure

Obtain the deletion of your personal data, provided that there are no valid grounds for retaining it.

12.4. Right to Restriction of Processing request the restriction of the processing of your personal data by requesting the suspension of processing or the limitation of the scope of processing to certain categories of data or processing purposes.

12.5 . Portability rights

Receive the data you have provided us in a commonly used, machine-readable digital format or request that your data be transmitted directly to another entity that will become the new controller of your personal data.

12.6. Right of Opposition

To object at any time to the processing of data, for example in the case of processing for marketing purposes; to the taking of decisions based exclusively on automated processing: not to be subject to any decision taken exclusively on the basis of automated processing, including profiling, which produces effects in your legal sphere or significantly affects you in a similar way.

13. COMPLAINTS

If you are dissatisfied with our use of your personal data or with our response after exercising any of these rights, you have the right to lodge a complaint with your supervisory authority (Comissão Nacional de Protecção de Dados – CNPD – Rua de São Bento, n.º 148, 3º, 1200-821 Lisboa – Tel.: +351 213 928 400 – Fax: +351 213 976 832 – e-mail: geral@cnpd.pt).

In this case, please contact us before submitting your complaint to the CNPD so that the problem can be resolved quickly.

14. REFERENCES

Regulation (EU) 2016/679 of the European Parliament and of the Council – General Data Protection Regulation (GDPR), available at:

https://eur-lex.europa.eu/legal-content/PT/TXT/PDF/?uri=OJ:L:2016:119:FULL&from=PT

Applicable national legislation on privacy and data protection, in particular Law No. 58/2019 of August 8, available at:

https://files.diariodarepublica.pt/1s/2019/08/15100/0000300040.pdf

Tecnocrimp – Componentes e Sistemas Tecnológicos, Lda. | NIPC 507 372 921 – Mafra Registry Office Mat. 3965 – Share Capital: 125.000 EUR.

Rua Manuel Pedro Franco 125, Várzea do Andrade, 2670-734 Fanhões, Portugal | +351 219 663 407info@tecnocrimp.comwww.tecnocrimp.com