Data Treatment Information Sheet

Visitors, Interested Parties, Potential Clients, Customers or Service Users

The Companies of the SODECIA Group (hereinafter referred to as SODECIA) carry out production activities and provide services in their different establishments, in accordance with the conditions of use found in each of these establishments, carrying out personal data processing activities for the development of their professional activities, such processing being carried out in accordance with data protection rules, namely the General Data Protection Regulation, the Personal Data Protection Act or special legislation and in accordance with the following parameters:

1. Data Officer: SODECIA Group companies, represented by Sodecia – Participações Sociais, SGPS, SA (hereinafter referred to as Sodecia), with the Tax Number PT503437786, with registered office at Rua António Bessa Leite, 1430, 4º – 4150-074 Porto, Portugal, telephone (+351) 220 101 900 and email sodecia@sodecia.com.

2. Contact of the Data Protection Officer: The data officer has a specific email address for personal data protection purposes, and the Data Protection Officer is available at dpo@sodecia.com.

3. Categories of data subjects: visitors, interested parties, potential clients, customers or users of the different products, services or events offered by SODECIA through its establishments or its direct communication channels.

4. Personal data to be processed: Data necessary for access control, to respond to requests for information, to participate in events, to submit proposals, to enter into contracts or to use any direct communication channel with SODECIA, such as, in particular, civil and tax identification data, bank and financial data, contact data that is considered necessary for entering into Contracts or contact data that is considered optional for the purposes of responding to requests, sending information, managing registrations or providing ancillary services, under the terms of the conditions of access to the facilities or the use of products, services or direct communication channels.

5. Context and purpose of processing: information, promotion, marketing, organization of events, support, communication with data subjects for the purposes of production, marketing of products, provision of services and related ancillary services.

6. Legal basis: depending on the specific situation in question, the processing of data is based on the management of the contractual relationship, the fulfillment of legal obligations, the pursuit of legitimate interests or, in specific situations of ancillary services, the consent of the data subject.data for the purposes of production, marketing of products, provision of services and related ancillary services.

7. Consequences of failure to provide mandatory data: failure to provide data necessary for access control, responding to requests or concluding contracts, such as civil and tax identification data, bank and financial data and contact details deemed necessary, makes it impossible to access the facilities, respond or conclude the related contract and consequently provide services.

8. Consequences of not providing optional data: the data subject is not obliged to allow optional contact data to be processed, so if they do not consent, or subsequently withdraw the consent previously given, they will not be processed, and in the latter case, after the request, the personal data in question will be deleted, or their use will be canceled for the purposes of providing ancillary services, without, however, affecting the legality of the operations carried out in the meantime up to the date of withdrawal of consent.

9. Recipients: the data controller processes personal data himself (through professionals subject to the obligation of professional secrecy) or on his behalf, through subcontractors accredited for the provision of services selected by it and bound by strict technical and organizational measures adjusted to the protection of personal data.

10. Security measures: the technical and organizational security measures deemed appropriate are in place to ensure a level of treatment security appropriate to the risk.

11. Where the data is collected: the data is collected when the data subject accesses, requests information, participates in events, purchases products or services or uses direct communication channels, through the various service channels of the data controller, guaranteeing the privacy and confidentiality of its collection and the integrity, quality and accuracy of the data.and security: the technical and organizational security measures considered appropriate are in place to ensure a level of security of the processing appropriate to the risk.

12. Retention period: without prejudice to exceptional situations of extension of the retention period provided for by law or considered necessary for the defense of legitimate rights or interests, the personal data processed is kept for a period of ten years after the termination of the contractual relationship, after which it will be deleted, with shorter retention periods for data relating to access control or the processing of non-contractual information requests, under the general terms of the Data Retention Policy in force and available for consultation at www.sodecia.com.

13. Signage: all service points where personal data processing operations are carried out are duly signposted, with the application of specific signage with a commitment to data protection in the reception and service of visitors, clients, users or users, and transparency and information on the correct use of personal data processing systems and procedures in the establishment responsible for processing is guaranteed.

14. Communication of data: with the exception of situations where there is a legal obligation to communicate data or data communication operations between group companies, there are no data communication operations, and personal data is not communicated to third parties.

15. Interconnection of data and automated decisions: no interconnection of personal data is carried out, and only manual or computerized processing systems are integrated for the purposes of processing requests for information, requests for products or the provision of services within the scope of the management of the contractual relationship, and only automated decisions necessary for the execution of the Contracts entered into are carried out.

16. Rights of the data subject: the data subject has the right to ask the data controller for access to, rectification or erasure of their personal data, as well as to restrict or object to the processing and portability of the data, under the conditions laid down by law, and may also withdraw consent for the processing of the data, in situations where this is the basis for the legitimacy of such processing.

17. Right to lodge a complaint with the Supervisory Authority: the data subject may always exercise their right to lodge a complaint with the Supervisory Authority if they deem it necessary.

18. Address for exercising rights: to request any information, submit complaints or request the exercise of rights, please contact dpo@sodecia.com.

19. Conditions of Use: the conditions of use of the different communication channels, platforms or websites are available for consultation by any interested party at the service points or at any of the receptions of the establishments of the Group’s companies.

20. Data Protection Policy: personal data processing operations are carried out in accordance with the Data Protection Policy available at www.sodecia.com.

SODECIA
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.