In this regard, in order to ensure that all personal data are processed and protected in accordance with the new General Data Protection Regulation, we ask you to read our new Privacy and Data Protection Policy carefully.
It is extremely important that you read and give your express consent to the maintenance and processing of your personal data, in order to authorise the transmission of communications in accordance with the rules defined herein.
In addition, it is important to clarify that simply browsing or accessing the PROMONTORIO website will not necessarily imply cookies (whose policy you may and should read here) or the collection of your personal data.
1. Personal Data
Personal data means any information regarding an identified or identifiable natural person, of any nature and regardless of the means.
An identifiable natural person is someone who can be identified, directly or indirectly, in particular by reference to an identifier (e.g. identification number, location data, electronic identifiers or one or more specific elements of the physical, physiological, genetic, mental, economic, cultural or social identity of such a natural person).
Through this website, and depending on the purpose of data collection, the following personal information can be gathered: (i) name, (ii) date of birth, (iii) contact details (telephone number and e-mail address), (iv) company represented and (v) required information that is relevant to assess the suitability of candidates to work at PROMONTORIO, namely professional experience and academic qualifications.
2. Responsibility for the Processing of Personal Data
PROMONTORIO, legal person under no. 502 304 820, with registered office at Rua Fabrica Material de Guerra, n.º 10 , 1950-128 Lisboa – Portugal is the entity responsible for the collection and processing of personal data for the purposes set out below.
3. Purpose of the Processing of Personal Data
The collection and processing of personal data on PROMONTORIO’s website is intended for: (i) the recruitment and selection of candidates, as well as (ii) sending, upon express request of the user, of service and/or budget proposals (or other information on PROMONTORIO products and/or services), therefore the filling of the form corresponding to each of the purposes and/or the submission of the curriculum vitae (in case of the collection and processing of personal data for the purpose of recruitment and selection of candidates) corresponds to the prior and express consent to the processing of the personal data transmitted.
If the user expressly and previously allows the processing of their personal data (which consent can be revoked at any time – see section 5 below), PROMONTORIO undertakes to ensure the processing of the personal data to the extent and for the time necessary to the pursuit of its purposes.
In view of the foregoing, PROMONTORIO clarifies that is does not request or encourage, in any place or in any way, the submission or transmission of personal data related to philosophical or political beliefs, party or trade union affiliation, religious faith, private life and racial or ethnical origin, as well as the processing of data related to health and sexual life, including genetic data.
Without prejudice to other forms of contact with PROMONTORIO, the non-transmission of personal data by the user prevents PROMONTORIO from considering him/her for the purpose of recruiting/submitting proposals and/or budgets or other information, as applicable.
4. Maintenance of Personal Data
The period of time during which personal data are stored and maintained will vary in accordance with the aforementioned purposes.
In this regard, it should be clarified that personal data relating to the recruitment and selection of candidates may be maintained for the period necessary to comply with the purpose (e.g., if the applicant joins PROMONTORIO his/her personal data will be processed for human resource management purposes; if the applicant does not join PROMONTORIO data can be maintained in reserve for future recruitment processes, without prejudice to the right of the holder to request the suppression of their data at any time, as indicated in section 5 below).
Personal data whose purpose is the submission of service and/or budget proposals or information regarding new PROMONTORIO products and/or services will be stored for a period of one (1) year after the latest contact with the holder of the personal data, without prejudice to the fact that longer periods may be applied whenever the situation justifies it (provided that proportionally to such situation), namely to safeguards the rights of PROMONTORIO.
5. Right of access, rectification, deletion, limitation of processing and portability of Personal Data
The user is guaranteed, at any time, the right of access to their personal data, as well as to their rectification, deletion, portability, limitation and/or opposition to the processing – in this regard, the user may exercise any of these rights by addressing in writing to PROMONTORIO through the address of the registered office or through the following e-mail: firstname.lastname@example.org.
In addition, the user may always present any complaints he/she deems necessary to the competent authority for this purpose.
6. Security in the Processing of Personal Data
Personal data will be processed and stored in electronic means and paper format.
PROMONTORIO undertakes to ensure the security and protection of personal data you submit to use through the website, having adopted the appropriate measures necessary for this purpose, namely: (i) password protection, (ii) use of digital certificates, (iii) physical entry restrictions to the premises where the personal data storage servers are located; (iv) firewalls, (v) secure communication via https protocol.
PROMONTORIO informs that said security measures are reviewed and updated according to the needs and requirements on these matters.
If, for any reason, there is a breach of security that causes, accidentally or unlawfully, the destruction, loss, alteration, disclosure or unauthorized access to personal data, PROMONTORIO undertakes, in accordance with the applicable legislation, to notify the competent authorities, without undue delay and, whenever possible, within 72 hours of becoming aware of such occurrence.
In addition, under the terms referred to in the preceding paragraph, PROMONTORIO undertakes to report the violation of personal data to the respective holder of said data, in accordance with the applicable legislation.
Notwithstanding the security measures taken by PROMONTORIO, it is important to point out that the users should also take additional security measures, in particular to ensure that there is an up-to-date active firewall, antivirus and anti-spyware.
7. Communication of Personal Data to Third Parties
In the course of its business, PROMONTORIO may use third parties to provide certain services (located inside or outside the European Union), which may imply, in some cases, access by said entities to personal data of users.
In such a scenario, PROMONTORIO undertakes to take the necessary and appropriate measures, in order to ensure that entities that have access to such personal data are reputed and offer high guarantees in this regard, which shall be duly provided for and safeguarded in writing in the agreement to be entered into between PROMONTORIO and the third party/parties.
In fact, any entity sub-contracted by PROMONTORIO will process the personal data of users, on its behalf and account, undertaking to take the necessary technical and organisational measures to protect personal data against accidental or unlawful destruction, accidental loss, alteration, dissemination or unauthorised access, and against any other form of unlawful processing.
In any case, PROMONTÓRIO remains responsible for the processing of personal data.
Where necessary, and within the scope of sub-contracting of third parties by PROMONTORIO, personal data may be transferred to outside the European Union, under the terms and conditions permitted by the applicable law.
8. Right to be Forgotten
The holder of personal data has the right to obtain from the person responsible for the processing of personal data the deletion of his/her personal data, who, in turn, will be obliged to delete them, whenever one of the following reasons applies: (i) data are no longer necessary for the purpose for which they were collected or processed; (ii) the holder withdraws consent, when the consent is the legal basis or the holder opposes the processing and there are no prevailing legitimate interests justifying their maintenance.
9. Access to third party websites
The published version on the website is the one currently in force.