Privacy Policy

I – PRIVACY AND DATA PROTECTION

The privacy and the protection of the personal data of every user of the services provided by Certificação Global (heretofore “Certificação Global”), i.e., clients, suppliers, partners, employees, contractors, homeowners, tenants, etc. (the “Data Subjects”), are key concerns of Certificação Global’s operation.

Certificação Global thus undertakes to guarantee that all their Data Subjects are aware at any given point in time of the rules and principles related to the processing and protection of personal data, employing every possible effort to ensure that such date is secure in accordance to the norms and procedures set forth in the applicable law, namely the General Data Protection Regulation and the Data Protection Law (Law nr. 67/29 of 26 October).

Therefore Certificação Global has adopted the best technical and organizational practices in order to protect the Data Subjects’ personal data against the loss, involuntary or unlawful deletion and undue modification as well as integrity breaches and unauthorized access and disclosure.

Data Subject may find on Certificação Global’s website access links to other websites, foreign to Certificação Global. Certificação Global links to those third-party websites in good faith and cannot be held liable for the collecting and processing of personal data undertaken by those websites, or for the accuracy, credibility and functionality of any third-party websites. As such, Certificação Global is not to be held responsible for linking to any other third party websites, and this Privacy Policy shall not be applicable to those websites.

Certificação Global further recommends that the Data Subjects adopt additional security measures, such as the usage of equipment and programs that have been duly updated and set up, of malware protections and firewalls, and that the Data Subject exercise their judgement in deciding whether any given website presents sufficient guarantees of authenticity.

This Privacy Policy may at any moment be modified or revised, and any modifications and revisions shall then be duly published on Certificação Global’s website.


II – WHAT IS PERSONAL DATA

Personal data is defined as the data of any nature, and regardless of support, including sound and image, relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as an identification number, or any other one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

III – PURPOSES OF THE PROCESSING AND LEGAL GROUNDING

The data processed by Certificação Global are collected as a result of the pursuit of activities such as recruitment and human resources management, vehicle lending, billing, marketing, provision and supplying of services and goods, namely pertaining to the prospecting and marketing of real estate, client representation, architectural and speciality projects, licensing studies, project management, follow-up, supervision and direction of works and preparation of valuation reports and market studies.

These data may include identification data, such as identity document numbers and expiration dates – or copies of these documents, duly authorised by the corresponding holders – VAT numbers and Social Security numbers, capacity in which the Data Subjects act, signatures, names, e-mail addresses, telephone numbers, addresses, job positions, household composition, marital statuses, academic qualifications, IBANs and information on the contractual goals and interests of our clients.

Within the scope of the business relationships established by Certificação Global, it may act in ways which necessitate processing of personal data, with the following purposes, among others admissible by law:

  • Administrative, commercial, employment, tax, accounting and billing management;
  • Management of claims and suggestions;
  • Contract execution, namely the sending of relevant data to the counterparty in a business relationship, including data on contract modification, products and services contracted, requests for authorization, payment of services, request for the issuing of documentation before any public and/or private entities;
  • Projection of new supplies and services related to those previously contracted;
  • Undertaking of studies directed at bettering service provision or supply of goods;
  • Sending of information on new products or services similar to those previously contracted, which may be of the clients’ interest, via any media, including online, even after the termination of the business relationship;
  • Observance of any legal obligations that Certificação Global may have to maintain and conserve documents;
  • Advertising and invitation to any events, conferences and other occasions related with Certificação Global’s business, in which the Data Subjects may be interested on, based on their previously existing business relationship with Certificação Global.

By freely entering into a business relationship with Certificação Global the Data Subjects consent on the processing of their data for the purposes described above, without prejudice of their rights.

The processing of this data will always be conducted with the previous consent of the Data Subject, except when Certificação Global has any legal obligation to process any data.


IV – RESPONSÁVEL PELA RECOLHA E TRATAMENTO DOS DADOS PESSOAIS

A Certificação Global é a responsável pela recolha e tratamento dos dados pessoais dos Titulares de Dados, nos termos do artigo 4.º, n.º 7 do Regulamento Geral de Protecção de Dados, cabendo a esta decidir no contexto da relação de prestação de Serviços estabelecida com o Titular dos Dados, quais os dados pessoais recolhidos, os meios de tratamento dos dados e as finalidades para que são utilizados.

V – RESPONSIBILITY FOR DATA DISCLOSED TO THIRD PARTIES

Certificação Global may, pursuant to its business and in the context of the services provided, subcontract any third parties for the pursuit of the purposes above mentioned and for the development and management of its information systems, which may imply that said third parties shall be granted access to the Data Subjects’ personal data. In such an event, Certificação Global shall undertake the appropriate measures to ensure that said third parties observe the highest technical, organizational and human guarantees to safeguard the integrity of the Data Subjects’ personal data.

Therefore, any and all Subcontractors contracted by Certificação Global are under the obligation, pursuant to the applicable law, as well as to an agreement executed with Certificação Global, to employ technical and organizational measures directed at ensuring the protection of personal data against destruction, accidental or unlawful, disclosure, modification, unauthorized access as well as any kind of unlawful processing. Any and all Subcontractors contracted by Certificação Global shall be bound to special duties of professional secret and confidentiality.

Aside from these instances, Certificação Global shall only divulge the Data Subjects’ personal data to Third Parties, when:

  • It is obligated to do so by law, and only in the absolute measure of its legal duties;
  • In any instances expressly permitted by law, should the Data Subject expressly and specifically authorize such disclosure and is duly informed, by writing, of all the receivers of their personal data and the purpose of the processing of the disclosed data.

In any event Certificação Global shall remain liable for the personal data disclosed by the Data Subjects.

The provision of certain services by Certificação Global may necessitate the disclosure of some data outside of Portugal. In such case Certificação Global hereby declares that it shall strictly undertake to determine the receiving country as adequate for the purposes of data protection and the legal requisites applicable to such a transfer, in the applicable legal terms.


VI – TERMS OF THE COLLECTION OF PERSONAL DATA

Certificação Global shall only collect and process the personal data of the Data Subjects with their express consent, in accordance with each specific purpose of the processing at hand, pursuant to the GDPR and the Data Protection Law.

The consent given by the Data Subjects can be withdrawn at any moment, without cost.

Data Subjects are hereby made aware that, in last instance, they may always exercise their rights pertaining to the processing of their personal data by Certificação Global before the National Data Protection Committee (CNPD).

However, there are personal data that are indispensable to the provision of services by Certificação Global (mandatory data), and the Data Subjects shall be previously informed of that mandatory nature of the data and the consequences of the non-disclosure of such data.

Should the Data Subjects opt not to disclose mandatory personal data, or such data, if disclosed, is deemed insufficient, incorrect or out of date, Certificação Global may not be in a position to adequately provide the service(s) contracted, and the Data Subjects shall be wholly responsible for the insufficiency or inaccuracy of those data.


VII – DATA RETENTION PERIOD

A Certificação Global apenas conservará os dados pessoais dos Titulares de Dados pelo período de tempo estritamente necessário para permitir:

  • a prestação do(s) Serviço(s);
  • o cumprimento das obrigações legais a que a Certificação Global está adstrita;
  • a prossecução das finalidades da recolha e/ou do tratamento;
  • o exercício dos direitos dos Titulares de Dados e o cumprimento das obrigações correspondentes.

Nos casos em que a Comissão Nacional de Proteção de Dados Pessoais (CNPD) autorize a conservação dos dados pessoais dos Titulares de Dados por períodos superiores à da vigência do contrato de prestação de serviços, atendendo à finalidade específica do tratamento em causa, o Titular dos Dados será tempestiva e devidamente informado dessa mesma finalidade e do prazo de conservação em causa.

Após o decurso do período de tempo de conservação/guarda, nos termos acima expostos, os dados pessoais dos Titulares de Dados serão eliminados definitivamente pela Certificação Global.

Certificação Global shall only retain the Data Subjects’ personal data for the period of time that is strictly necessary to allow for:

  • The provision of services;
  • The observance of Certificação Global’s legal obligations;
  • The pursuit of the purposes of the collection and/or the processing;
  • The exercise of the Data Subjects’ right and the observance of the legal obligations inherent to such exercise of rights.

Should the National Data Protection Committee (CNPD) authorize the retention of the Data Subjects’ personal data for longer than the term of the services provision agreement, pursuant to the specific purpose of the processing, the Data Subject shall always be duly informed of the purpose of the processing and the retention period in a timely fashion.

After the term of the retention period the Data Subjects’ personal data shall be eliminated by Certificação Global.


VIII – RIGHTS OF THE DATA SUBJECTS PERTAINING THEIR PERSONAL DATA

Pursuant to the GDPR and the Data Protection Law, the Data Subject has, as the owner of the personal data, the rights of access, rectification, updating, and erasure of their personal data, without any cost.

In any of the cases above the Data Subject may exercise their legal rights by sending a written notice to Certificação Global for the e-mail address info@certificacaoglobal.com.


IX – UNSOLICITED ELECTRONIC COMMUNICATIONS FOR THE PURPOSES OF DIRECT MARKETING

The Data Subjects’ contact details may be used by Certificação Global, should the former expressly Consent to it, for the purposes of direct marketing and promotion of the services made available by Certificação Global, under the applicable law.

Should the Data Subject be a legal person Certificação Global may send unsolicited electronic communications for the purposes of direct marketing pertaining goods and services provided by Certificação Global or by any company in its group, except if the Data Subject expressly declines such contacts in the future and sign up on a national list of legal persons who expressly oppose receiving unsolicited communications for the purpose of direct marketing, which is kept updated by the Consumer’s Bureau (Direcção Geral do Consumidor – DGC).

In any of the above cases the Data Subject shall have the right to expressly and without cost oppose to the reception of direct marketing communications via e-mail by Certificação Global, via written communication sent to the e-mail address info@certificacaoglobal.com.


X – COOKIES

Certificação Global uses cookies on its website in order to improve its performance and the user’s experience.

WHAT ARE COOKIES?

Cookies are small text files stored in the Data Subject’s computer via their internet browser, which store only information related to the user’s preferences (generic information), and as such do not include personal data.

The cookies used by Certificação Global observe the principles of anonymity and confidentiality and have as its sole purpose to recognize the user, and are not used in any instance for collecting information to identify the user or for direct marketing purposes. These cookies help Certificação Global’s website recognize the user’s device on their next visits.

At any moment the user may, through their internet browser, decide to be notified about the cookies received, as well as block their entry into their system. We draw the Data Subjects’ attention to the fact that declining to use cookies on the website may result in the user being barred from access to some of its areas and/or receive personalized information.

WHAT IS THE PURPOSE OF COOKIES?

Cookies serve to aid with determining the utility, interest and number of uses of Certificação Global’s website, thus allowing for a faster and more efficient browsing, eliminating the need to repeatedly input the same information.

WHAT KINDS OF COOKIES ARE USED BY Certificação Global?

The cookies used by Certificação Global have different functions and are defined as thus:

  1. Strictly necessary cookies (essential): allow for website browsing and use of its applications, as well as to access the secure areas of the website. Without these cookies the Services subscribed to by the Data Subjects cannot be provided. Some cookies are essential to access specific areas of the Certificação Global website.
  2. Analytical cookies: performance cookies with the purpose of ascertaining which pages are the most popular, what links are the most effective, as well as to determine why some pages may be getting error messages. These cookies are used solely for the purposes of statistical creation and analysis, and never collect personal data.
  3. Functionality cookies: store the user’s preferences pertaining to their use of the website, so as to it not being necessary to setup the website with every visit.

Cookies may be:

Permanent: stored for a variable amount of time on the device’s internet browser and are used every time the user visits the website again. Usually, cookies are used to direct the browsing in accordance to the interests of the user, thus allowing Certificação Global to provide a more personalized service.

Cookies de Sessão: São temporários, permanecem nos cookies do seu navegador de internet (browser) até sair do portal. A informação obtida permite identificar problemas e prestar uma melhor experiência de navegação.

HOW TO MANAGE COOKIES?

Every internet browser allow the user to accept, decline or delete cookies, namely via selecting the appropriate settings on the internet browser used.

After authorising the use of cookies, the user may always deactivate part or all of Certificação Global’s cookies.


XI – PROCEDURAL AND TECHNICAL SECURITY MEASURES

Certificação Global employs the necessary technical and organizational measures to ensure that, by default, the only personal data from the Data Subjects that will be processed are those that are necessary for each specific processing purpose, and these measures are reviewed and updated by the competent department.

Certificação Global has also implemented technical, physical, organizational and security measures, following the best practices on data security, on the systems which support the services provided and where the Data Subjects’ personal data are stored, namely the usage of firewalls and intruder detection systems, the existence of restricted accesses – physical and logical – operation logging and corresponding survey and auditing, collecting and transmitting personal data via secure channels.

All personal data collected by Certificação Global are stored securely in its systems, which are located on a data center belonging to Certificação Global itself, which is secured with every physical and logical security measures indispensible to the protection of personal data.

Every time that is necessary to relay Data Subjects’ personal data to Third Parties, Certificação Global shall be responsible for those personal data and ensures that:

  • The sharing of personal data observes the applicable legal dispositions;
  • The transfer of personal data is executed securely, namely via the using of encryption protocols;
  • All Third Parties are contractually obligated to observe confidentiality and secret duties and to ensure the security of any personal data that are communicated to them for that effect, and may not use those personal data for any other purposes, in their own benefit or that of others, or cross them with other data in their possession.

XII – CONTACTS

For more information on how Certificação Global processes the personal data of their Data Subjects, or to obtain any further clarifications, file claims or leave comments on any topics pertaining to Privacy and Data Protection, all requests and communications must be sent to: info@certificacaoglobal.com.

Request your energy certificate