- Only authorized persons use authorized data for authorized purposes;
- Because your privacy is very important to us in everything we do;
- Because we understand that the security of your data is a priority that we periodically review according to technological innovation;
- Because we consider that the data is not ours, but that of its subjects;
Concepts and information for the data subject. Who is responsible for the treatment? Bolflex – A. Ferreira & Pereira, Lda, is the entity responsible for processing personal data.
What is Personal Data? For the purposes of this Policy, we follow the definition adopted by the General Data Protection Regulation (GDPR), namely, any information relating to an identified or identifiable natural person, in which a natural person who can be identified, directly or indirectly, namely by reference to an identification number or to one or more specific elements of their physical, physiological, psychological, economic, cultural or social identity.
How do we collect your personal data? a) As part of our activity, we collect and process your personal data through our website, newsletter or in writing/email, for example within the scope of a contractual or pre-contractual relationship; b) The data we collect are only those strictly necessary for the provision of our services; c) We collect and process your personal data with your consent only when it reflects a free, specific, informed and explicit expression of will; d) At any time, and at your sole discretion, you can easily withdraw this consent, under the terms set out in subparagraph c) of the point “For what purposes do we process personal data“.
What personal data do we collect? a) The categories of data we collect, in order to be able to provide our services, are the following: Identification data (name, e-mail address, telephone number, company name, corporate identification number, citizen card (tax identification number), Country/region, address, postal code, locality, district/municipality); Contact details (name, telephone number, email); Professional data (company name, tax identification number, legal person identification number); Billing and expense data (tax identification number); b) The personal data we collect are processed by computer and stored in databases, strictly complying with the legislation in force on data protection and the rules on information security. We will only process your personal data in accordance with a specific and legitimate purpose or purposes, determined at the time of collection, and these data will not be processed later in a way that is incompatible with these purposes, except for the purpose of archiving in the public interest, scientific research or historical or even for statistical purposes, in which cases, under the terms of the GDPR, this incompatibility does not occur; c) We do not collect special categories of personal data (“sensitive data”).
For what purposes do we process personal data? We will process your personal data for the following purposes: In order for us to identify you as our customer; To provide the services or information you have requested; For the purpose of invoicing the services provided and accounting management; To communicate changes to the conditions of provision of the contracted services; To comply with legal obligations to which we are subject; If there is customer consent, for us to send promotional materials or special offers on our behalf or on behalf of our group companies and marketing partners; To optimize the visit and the navigability on our website; To manage the contractual relationship and its execution; For the purpose of adapting the services we provide to the needs and interests of our customers. a) Depending on the circumstances, the processing of your personal data may be carried out on the legal basis: the need for processing for the purposes of pre-contractual steps or contractual execution; compliance with legal obligations; the legitimate interests of Bolflex – A. Ferreira & Pereira, Lda or the consent granted by the data subject. b) If consent is the legal basis for the processing of personal data, the data subject has the right to withdraw it at any time and easily, without this right compromising the lawfulness of the processing carried out on the basis of the consent previously given, nor the further processing of the same data, based on another legal basis. c) If you wish to withdraw your consent, you can contact us at the email address: [email protected]. By requesting that we withdraw your consent, you will no longer receive communications from us and your data will no longer be used.
Children’s data a) We do not collect nor intend to collect data from children, considering the recipients of the services we provide; b) Bearing in mind that the child must be accompanied in all aspects of his/her life, including the digital one, it will be up to the holders of parental responsibilities to request the deletion of any data, a request to which we will promptly access after verifying that this collection is in fact occurred, albeit not intentionally.
How long do we keep your personal data? a) The period for which the data are kept depends on the purpose for which the data are processed. There are legal requirements that oblige us to keep the data for a minimum period of time; b) If there is no legal period of conservation, the data will only be kept for the time necessary for the purposes that motivated their treatment, after which they will have the appropriate treatment, being eliminated or anonymized; c) If the processing is based on the consent of the data subject, until the data subject expresses his/her opposition.
What are your rights as a data subject?
Under the provisions of the GDPR, we guarantee you the exercise of your rights as a data subject, namely: a) Right of Access – you have the right to request from us, among others, information regarding whether or not your data is being processed, what data we process and for what purposes. If you wish, you can request a copy of the personal data being processed, and the provision of other copies may be subject to payment of a reasonable fee, taking into account administrative costs. If the request is requested in electronic format, and unless you indicate otherwise, the information will be provided by us in an electronic format in common use. b) Right to Rectification – you have the right to have, without undue delay, the rectification of inaccurate personal data concerning you and incomplete data to be completed. c) Right to cancel – the right to be forgotten – you may request, in certain circumstances, that your personal data be deleted from our records, without undue delay, whenever any of the reasons provided for in the RGPD are verified. d) Right of Opposition – you have the right to object, for reasons related to your particular situation, to certain types of data processing provided for in the GDPR, such as processing for the purposes of direct marketing, in which case we will cease processing for that purpose. e) Right to Portability – you have the right to transfer your personal data that we keep to another organization or to receive them in a structured, commonly used and machine-readable format. f) Right to Limitation of Treatment – the right to obtain limitation of the processing of your personal data, when you intend, for example, to contest the accuracy of your personal data for a period of time that allows us to verify its accuracy, when the processing is unlawful or if you have deducted your right to object. In order to exercise these rights, please send your request to email: [email protected]. You will then be sent the Data Subjects Exercise Form and, after completing and sending it, we will proceed with your exercise of rights.
What measures are implemented to ensure the security of personal data? We adopt appropriate technical and organizational measures to ensure a level of security appropriate to the risk, which we review and improve periodically, aimed at guaranteeing the security and protection of your personal data in terms of availability, authenticity, integrity and confidentiality, as well as those intended to prevent its loss, misuse, alteration, treatment or unauthorized access, as well as any other form of illicit treatment.
Is there data communication to third parties? Within the scope of our activity, we may use subcontractors who process your data on our behalf, which implies access by these entities to this data. When this happens, we take the appropriate measures, contractually foreseen, in order to ensure that these third parties, subcontractors, partners or in a group relationship, present sufficient and adequate guarantees for the execution of technical and organizational measures and that they will act only in accordance with our instructions.
Are international transfers made of your personal data? It may happen that we have to communicate personal data to third countries or international organizations outside the European Economic Area. In this case, we will strictly comply with the applicable legal provisions, not proceeding with international transfers of personal data to entities that do not offer guarantees of maintaining the level of protection required by the GDPR.
Contact If you have any questions or concerns about the way we process personal data, you may contact our Data Protection Officer: Contacts of the Data Protection Officer Email: [email protected] Address: My Cute Pooch | Bolflex, Lda. Rua Nicolau Coelho 4610-733 Felgueiras
Email: [email protected]
Address: My Cute Pooch | Bolflex, Lda. Rua Nicolau Coelho 4610-733 Felgueiras
Contact of the National Data Protection Commission
CNPD – National Data Protection Commission
Av. D. Carlos I, 134, 1º1200-651 Lisboa
T (+351) 213 928 400F (+351) 213 976 832 [email protected]