Privacy Policy

General Information

Collegium – Consultores de Gestão e Administração de Empresas Lda. (Hereinafter “Collegium”) is committed to protect and ensure the security of the information and privacy of its Customers. This Privacy Policy is intended to make known the general privacy rules and the terms of processing of the data that we collect, in strict respect and compliance with the applicable legislation in this field, namely Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“General Data Protection Regulation” or “RGPD”).

The entity responsible for the processing of personal data

Collegium – Consultores de Gestão e Administração de Empresas Lda.

Telephone: +351 289 510 220
Email: geral@collegium.pt
Letter: Rua do Índico, Edf. Altis, 3ºR, Cerro Alagoa, 8200-139 Albufeira, Portugal.
Fiscal number: 505 271 400
Website: https://collegium.pt/

1. Collection and processing of personal data

This Privacy Policy applies to all personal information collected and stored by Collegium on paper and/or digital formats.

Personal data provided voluntarily by the Contractor and whose treatment is a contractual and/or legal obligation of Collegium are treated confidentially by officials or subcontractors duly authorized for this purpose, who must follow the specific instructions of Collegium.

Your data can be collected directly or by telephone, when you make an inquiry or service request, by opening a Customer card, creating a process number that identifies the card, when you visit or use one of the available contact forms on our website, for requests for information or requests for quotation and services.

The personal information we collect is the name, address, location, postal code, tax number, email address, telephone or mobile phone number, and other supplementary information not classified as personal.

In the navigation of the website, where it is necessary to identify and collect personal data, the user must authorize its collection through authorization mechanisms that may vary according to the case, but that will be clear in its objective and intuitive about the use. For example in a contact form, there will be a checkbox where the user must click to indicate that it authorizes the collection and processing of the personal data entered in the form and later contact by Collegium. It should, however, be clear that without authorization of the data processing you can not send your message and contact Collegium through the website.

The processing of personal data once authorized, will be done following this Privacy Policy, and your authorization must assume that it has been read and understood, as well as the Terms and Conditions of use of the website.

2. Purposes of collection and categories of data

Pleas in law (Article 6 (1) (b), (c), (d) and (f) of the RGPD):

The processing is necessary for the performance of service provision in which the data subject is party, or for pre-contractual procedures at the request of the data subject; for the fulfillment of legal obligations to which Collegium is subject; for the defense of vital interests of the data subject; for the legitimate interests pursued by Collegium.

Concerning the processing of data carried out by Collegium in the context of the fulfillment of legal obligations, the basis of lawfulness for carrying out such treatments – for the most part, data communications to external entities – will be the need for treatment to comply with these obligations by the Responsible for Treatment.

So, we collect your data to:

  • Provision of services or pre-contractual procedures;
  • Billing;
  • Compliance with legal obligations;
  • Responding to requests for information, among others.

3. Communication of personal data

Collegium will implement the necessary and appropriate measures in the light of the applicable law to ensure the protection of the personal data object of communication, complying strictly with the legal provisions regarding the requirements applicable to such communications, namely informing the Customers.

In cases where Collegium communicates personal data to third parties, it will define clear rules for contracting the processing of personal data with its subcontractors and will require them to take appropriate technical and organizational measures to protect their personal data.

The data may be provided to the judicial or administrative authorities, provided that in compliance with legal obligations, as well as communicated to public and private bodies related to the activity of Collegium.

The data, depending on the purpose for which it was collected, may be supplied to the following categories of recipients:

  • Public entities;
  • Subcontracted service providers;
  • Other entities subcontracted by Collegium whose corporate purpose is essential to the pursuit of the purpose for which the data were collected.

4. Transfer of data to third countries

The information collected will, in principle, not be transferred to third countries. In case of data transfers to countries outside the EU, priority will be given to countries that are covered by an EU adequacy decision under Article 45 of the RGPD. Collegium shall take the necessary measures to ensure the privacy and security of your personal data under Article 46 of the RGPD and to use them solely for the purposes for which they were collected.

5. Retention of personal data

Your personal data are kept by Collegium, as long as the existing relationships between this Entity and the respective Holders remain in force, or for the legal period of retention, or for maintaining the purpose for which they were collected, to allow identification of the Holders until they have definitively ceased such relationships or obligations. The collected data will be destroyed at the end of its legal term of conservation.

The length of time during which the data is stored and stored varies according to the purpose for which the information is used. There are, however, legal requirements that require you to keep the data for a certain period of time.

6. Security measures

Collegium is committed to ensuring the confidentiality, protection, and security of your Customers’ personal data by implementing appropriate technical and organizational measures to protect your data against any form of undue or unlawful processing and any accidental loss or destruction of this data. To this end, we create procedures that prevent unauthorized access, accidental loss, and/or destruction of personal data, by committing ourselves to comply with the legislation regarding the protection of the personal data of Customers and to treat this data only for the purpose for which it was collected, as well as to ensure that these data are treated with adequate levels of security and confidentiality.

Your personal data shall be of limited access to persons who need to know them in the performance of their duties, to the strictest extent necessary for the pursuit of the purposes of treatment.

Administrative staff have access to their data and other special categories of data are the processing of data for billing and performing the services provided to them or for the management of their requests for information or complaints.

Collegium is not responsible for the data that the user makes available on social networks. The use of Collegium’s social networks may involve the transmission of data to providers of social media services, which may be based outside the European Union or the European Economic Area.

7. Information storage

The data will be stored in a computer maintained and controlled by Collegium, located in Portugal and cloud service providers based in the European Union.

Security is always monitored in terms of infrastructure and data access. Access is restricted and protected by various access management and encryption tools so that unauthorized third parties do not have access to them. The risk of loss/destruction is thus minimized, but not extinct, with the possibility of illegal access to data. In this case, leakage retention measures will be implemented.

8. Rights of the data subject

Information right – at the time of collection or processing, the holder of the personal data has the right to be informed about the purpose of the processing, the data controller, the entities to which his data may be communicated, the conditions for access and rectification and which compulsory and optional data will be collected.

Right of access – the holder of the personal data has the right to access it, without restrictions or delays, as well as to know what information is available on the origin of the data, purposes of treatment, and communication to third parties.

Right of rectification – the holder has the right to demand that the data about him be accurate and up to date, and may at any time request rectification from the data controller.

Right of erasure – the data subject has the right to have his data ceased to be processed, erased, and deleted under certain conditions, in the case of:

  • They cease to be necessary for the purpose they have been collected;
  • Holders withdraw their consent or oppose their treatment;
  • If the processing of the data does not comply with the legal provisions.

Right to limitation of treatment – the holder of personal data is entitled to have his data limited only to what is essential for the treatment.

Right of portability of data (data transfer) – the data subject has the right to receive his data or to request the transmission of the data to another entity that becomes the new responsible for his personal data (only if it is technically possible ).

Right of opposition – the data subject has the right to oppose, at his request and free of charge, the processing of his personal data for direct marketing or any other form of search and that his personal data are communicated to third parties unless otherwise provided by law.

Right not to be subject to automated decisions or profile definitions – As the holder of personal data you have the right not to be subject to any decision made solely based on automated processing, including profiling.

Right to the knowledge of the existence of a data breach – the holder of the personal data has the right to be informed if there is any breach of security that compromises his data.

Right of complaint to a supervisory authority – the holder of personal data has the right to complain not only to the controller of personal data of the company but also to the supervisory authority, the National Data Protection Commission (CNPD).

You also have the right to withdraw or change, at any time, the consent you have given us to use your personal data when it has legitimated the use of the same.

9. Obligations of entities involved in the data processing

Each of the entities involved in the processing of your data is required to comply with applicable data protection laws, in particular as regards the security and confidentiality of your treatment.

Those responsible for the processing of Personal Data, as well as persons who are aware of them in the exercise of their duties, are bound by professional secrecy, following the law.

10. Contact Data Protection Officer

Collegium – Consultores de Gestão e Administração de Empresas Lda.

Telephone: +351 289 510 220
Email: geral@collegium.pt
Letter: Rua do Índico, Edf. Altis, 3ºR, Cerro Alagoa, 8200-139 Albufeira, Portugal.
Fiscal number: 505 271 400

11. Change and update the privacy policy

Collegium reserves the right at all times to make modifications or updates to this Privacy Policy, these changes being duly published on our website.

If you have any questions or wish, at any time, to cease to be part of the database Collegium can exercise this right, contacting us through the following means.

Collegium – Consultores de Gestão e Administração de Empresas Lda.

Telephone: +351 289 510 220
Email: geral@collegium.pt
Letter: Rua do Índico, Edf. Altis, 3ºR, Cerro Alagoa, 8200-139 Albufeira, Portugal.
Fiscal number: 505 271 400
Website: https://collegium.pt/

Note: In case of doubt in the interpretation of the content of this Privacy Policy, the original Portuguese version prevails. / Em caso de dúvida na interpretação do conteúdo da presente Politica de Privacidade, prevalece a versão original em Português. Ver a versão original. / See original version.