- Information security
- The security of your personal information is important to Colep and we have implemented reasonable physical, technical and administrative security standards to protect personal information from loss, misuse, alteration or destruction. Colep protects your personal information against unauthorized access, use or disclosure, using security technologies and procedures, such as encryption and limited access. Only authorized individuals access your personal information, and they receive training about the importance of protecting personal information.
- Colep’s service providers and agents are contractually bound to maintain the confidentiality of personal information and may not use the information for any unauthorized purpose.
- Rights regarding personal data
At any time, the data subject may:
- Request access to personal information – You have the right to access personal information which Colep holds about you.
- Request rectification of personal information – You have a right to request Colep to correct your personal information where it is inaccurate or out of date.
- Request to be forgotten – You have the right under certain circumstances to have your personal information erased. Your information can only be erased if your data is no longer necessary for the purpose for which it was collected, and Colep have no other legal ground for processing the data.
- Request restrict processing – You have the right to restrict the processing of your personal information, but only whereas:
- its accuracy is contested, to allow Colep to verify its accuracy; or
- the processing is unlawful, but you do not want it erased; or
- it is no longer needed for the purposes for which it was collected, but Colep still need it to establish, exercise or defend legal claims; or
- you have exercised the right to object, and verification of overriding grounds is pending.
- Object to processing – You have the right to object the processing of your personal information at any time, but only whereas that processing has Colep’s legitimate interests as its legal basis. If you raise an objection, Colep has an opportunity to demonstrate that has compelling legitimate interests which override your rights and freedoms.
The data subject may, at any time, exercise their rights or withdrawing consent, by contacting the Data Protection Officer or the responsible for data protection at Colep, whichever applies, at email@example.com or by letter to the postal address GDPR Request, C/O Head of iCS, Rua Comendador Arlindo Soares de Pinho, 1977, 3730-423 Vale de Cambra, Portugal.
- Your requests will be treated with special care so that we can ensure the effectiveness of your rights. You may be required to prove your identity to ensure that you are the eligible data subject.
- You should be aware that in certain cases (e.g. due to legal requirements) your request cannot be immediately met.
- In any case, you will be informed of the measures taken to that effect within 1 (one) month from the moment the request is made.
- You also have the right to submit a complaint to the Portuguese Data Protection Authority https://www.cnpd.pt/, or, if you are in a different European jurisdiction, near your local Data Protection Authority.
- Where we store your personal information
- The data we collect from you can be transferred to, be accessible from, and stored in a location outside the European Economic Area (“EEA”). It can also be treated equally by employees outside the European Economic Area (“EEA”), working for us or one of our service providers.
- Colep only transfers personal data outside the European Economic Area (“EEA”) in a secure and legal way.
- To the extent that some countries may not have legislation regulating the use and transfer of data we take steps to ensure that external entities adhere to established in this Policy. These measures may include the analysis of privacy security of external entities and/or the conclusion of contracts (based on the model adopted by the European Commission).
- Web site & cookies