Commitment to Data Protection and Privacy
The company complies with all applicable EU and national legal standards on data protection, privacy and information security. As such, it is in the process of implementing a Personal Data Protection System and an Information Security System. In other words, the goal is to ensure regulatory compliance and demonstration or evidence of institutional responsibility for data protection and information security.
For any clarification or additional information, or to exercise your rights in this regard, please contact the company's Data Protection Office at dpo@arestalfer.com.
Definitions
"Personal data"
"Personal data" means information relating to an identified or identifiable natural person ("data subject"). A natural person who can be identified, directly or indirectly, is considered identifiable. So, personal identifiers are considered to be: a name, an identification number, location data, electronic identifiers or to one or more specific elements of physical, physiological, genetic, mental identity, etc.
"Processing of Personal Data"
"Processing": operation or a set of operations performed on personal data or on sets of personal data, by automated or non-automated means.
Examples: the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, etc...
"Cookies"
"Cookies": small text files with information considered as relevant that the devices used for access. For example: computers, cell phones or portable mobile devices load, through the internet browser (browser).
Entity Responsible for Treatment
The company, with its registered office at the Conservatória do Registo Comercial. Under the registration and Tax ID number 503 648 825, with a share capital of 1 000 000 Euros.
Hereinafter referred to as the company.
The company is the entity responsible for the online sites www.empresa.com and the computerized applications, hereinafter referred to as channels or applications. Thus, Users, Suppliers and Customers have remote access to the company's services and products. These are presented, marketed or provided, at any time, through them.
Contacts for the Data Controller
For the purposes of contacting the company's Data Protection Officer, please send an email to dpo@arestalfer.com. After this, please describe the subject of the request and provide an email address, a telephone contact address or a mailing address.
For any other purpose, the following general company contacts can be used:
Email: geral@arestalfer.com
Collection and Processing of Personal Data
The company processes personal data strictly necessary for the provision of information and the operation of its channels. To this end, it uses the uses made by Users, Suppliers and Customers. That is, in all cases, Users, Suppliers and Customers will always be informed of the need to access such data to use the functionalities of the channels in question.
Thus, the personal data collected by the company are processed by computer, in certain cases in an automated way. These include file processing or profiling...
Categories of Data Processed
The categories or types of personal data of Users, Suppliers and Customers that are subject to processing are as follows:
User code, NISS, NIF, ID card or others
Name, Address, Telephone number, cell phone, fax, Email, Case number
Number of notification, summons, official letter
Complaint number, request number
Remarks, comments (free writing)
Execution Agent Number
IBAN/NIB, TIF Code
Household number, Date of birth, death, doctor's number
Date of incorporation, Card number, Name of place of care, residence, PSNI
Physician's professional card, Income Tax Return Number
Car registration number, Lawyer's license number.
The categories or types of sensitive personal data of Users, Suppliers and Customers that are subject to processing are as follows:
Trade Union Membership, Health Data and Biometric Data.
Legal Principles
All data processing operations comply with fundamental legal principles regarding data protection and privacy. Namely regarding its circulation, lawfulness, fairness, transparency, purpose, minimization, conservation, accuracy, integrity and confidentiality.
Thus, the company is available to demonstrate its responsibility to the data subject or any other third party that has a legitimate interest in this matter.
Grounds for Legitimacy
All data processing operations carried out by the company have a basis of legitimacy. Either because the data subject has given his/her consent to the processing of his/her personal data for one or more specific purposes, or because the processing is considered necessary for the performance of a contract, for example.
Complaints or Suggestions and Incident Reporting
The company's Users, Suppliers and Customers have the right to file complaints, either by registering a complaint on the site protecaodedados@arestalfer.com, or by filing a complaint with the regulatory authorities.
As such, the company's Users, Suppliers and Clients can make suggestions, by sending an email to the Data Protection Office.
Communication of Incidents
The company has implemented an incident management system in the scope of data protection, privacy and information security.
If any User or Customer wishes to report the occurrence of any situation of violation of personal data, they may contact the Data Protection Office. Or, also, use the company's general contacts described above.
Alteration of the Privacy Policy
In order to ensure its updating, development and continuous improvement, the company may make changes at any time.
Express Consent and Acceptance
The terms of the Data Protection and Privacy Policy are supplementary to the terms and provisions, with regard to personal data, set forth in the General Conditions of Use of the Company's channels.
Data Protection Office
For the exercise of any kind of data protection and privacy rights or for any matter relating to the topics of data protection, privacy and information security. Users, suppliers and customers of the company can contact the Data Protection Office. To do so, they use the email address dpo@arestalfer.com. They describe the subject of the request and provide an email address, a telephone contact address or a mailing address for a reply.