Last updated: 3 January 2020
SECTION 1 – COLLECTION AND PROCESSING OF DATA
All the personal information relative to visitors, subscribers or other users navigating on the GUIMAGOLD website is handled in accordance with the GDPR – General Data Protection Regulation. This regulation, which came into effect on 25 May 2018, reformulates the data protection rules for the European Union and ensures citizens gain greater control over their own personal data.
Some examples of personal data «supplied by» the data holder in an active and conscious fashion are, for example, the data relative to the accounts and submitted through the respective forms. The following categories may be classified as «supplied by the data holder»: 1) Data supplied by the holder in an active and aware fashion when making facultative registrations (e.g., postal address, name of user, age, etc.); 2) Observed data provided by the data holder in keeping with the service or the device (e.g., search histories, data traffic and location data. For gathering and analysing these data, we make recourse to data analysis. The data gathered by these tools serve to monitor the operational state of the website, improve its interfaces and usability and present personalised content and advertising so as to contribute towards continually improving the user experience.
The record serves for user access to services such as subscribing to the newsletter, educational content and other special offers made available by GUIMAGOLD to its online community. The set of personal information collected may therefore include; name, surname, email address, residential and/or mobile telephone numbers, home address and other location data such as the IP address, cookies and/or other information. When requesting such data, we have as our key objective maintaining a closer relationship with our users. With each registration, we may begin using your own name and providing more effective responses to your needs and requests. In using the website, users commit to accurately providing their personal and maintaining this updated.
SECTION 2 – COOKIES POLICY
WHAT ARE COOKIES?
Cookies are short text files containing information on what a browser processes whenever a website is visited by a user. The placing of cookies helps the website recognise the respective device (tablet, desktop, mobile, etc.) of the user whenever visiting us. These cookies only retain information related to your preferences and do not reveal any personal details. In order to optimise your navigation experience, we would recommend you do not turn off the cookies. They also boost your navigation speed of response.
TYPES OF COOKIES
There are various types of cookies with different characteristics and functions. They are: - essential cookies: fairly important to accessing the specific areas of the website enabling navigation to proceed correctly;
- - Functional cookies: enabling user preferences to be stored for whenever they visit the website. Hence, it is no longer necessary to personalise the experience whenever you visit;
- - Analytical cookies: enabling analysis of the ways users use the website, ascertaining the most popular pages and monitoring its performance, enabling the receipt of error messages. These never reveal information of a personal nature.
- - Advertising cookies: targeting advertising in accordance with the user’s interests and behaviour on the website so as to present only advertising and content that is aligned with the tastes and preferences of each user.
SECCTION 3 – PURPOSES FOR COLLECTING AND PROCESSING DATA
WHY DO WE NEED THE INFORMATION?
3.1 CLIENT MANAGEMENT:
The processing of data is necessary to, among other reasons, providing the services as agreed between the client and GUIMAGOLD.
3.2 MARKETING CAMPAIGNS:
GUIMAGOLD may handle data in order to send information via e-and telephone about its services and contents. This data processing only ever takes place following your respective consent provided at the time of subscribing to the newsletter through the form on the GUIMAGOLD website, its blog and in other agency communications. The data may also be used for the purposes of running marketing campaigns through the social networks, such as Facebook, for example. Consent for handling personal data for marketing purposes may be reversed at any time.
3.3. DEFINING TARGET MARKETS:
GUIMAGOLD undertakes the definition of client profiles based on information related with user behaviours on the website. This information is subject to analysis in order to identify the respective consumer information profile. Such analysis enables GUIMAGOLD to improve its service provision, planning and managing its communications and as well as sending out personalised information appropriate to the respective profile.
SECTION 4 – LOCATION AND PERIOD OF STORAGE OF PERSONAL DATA
GUIMAGOLD stores client and user data in its servers located in the European Union. All of these servers meet high security standards in order to protect the data in full respect for the applicable privacy norms. The period for which the data is stored and maintained varies in accordance with the purpose for which the information is applied. There are, however, legal requirements that force the conservation of data for a determined period. Hence, and whenever there are no such specific legal demands, the data are stored and maintained for the period necessary to the purposes for which they were collected or supplied or for the period authorised by the National Commission of Data Protection.
SECTION 5 – RIGHTS OF PERSONAL DATA HOLDERS
WHAT ARE THE RIGHTS OF DATA HOLDERS?
At any moment, holders may request that we:
- - Provide access to the information we hold on them;
- - Rectify the information whenever incorrect or incomplete;
- - Eliminate or limit the processing of their personal data;
- - Whenever treatment depends on consent or agreement and this was provided by automated means, you have the right to receive your previously supplied personal data in a commonly used structure and in a technologically readable format;
- - The personal data holder has the right to present complaints to the National Data Protection Commission.
SECTION 6 – DATA PORTABILITY
GDPR article 20 also establishes a new right – the portability of data which is directly bound up with the right of access. The objective of this new right is to bestow power on the data holder and ensuring greater control over their own personal data.
The data holder has the right to receive the personal data held on them and that they have provided from the entity responsible for their processing in a commonly used and automatically readable structure and the right to send these data to another entity responsible for their processing without any scope for the entity that received the data supplied to prevent this transfer.
WHAT IS THE DEADLINE SET FOR RESPONSES TO REQUESTS FOR PORTABILITY?
Article 12, paragraph 3 requires the entity responsible for handling provide «to data holders information on the measures taken [...], without undue delay and within a period of one month counting from the date of receiving the request». This period of one month may be extended to a maximum of three months in complex cases whenever data holders are duly informed of the motives for extending the one month period counting from the date of the initial request.
HOW SHOULD PORTABLE DATA BE PROVIDED?
Under the terms of GDPR article 20, paragraph 1, data holders have the right to send their data to another entity responsible for their handling without any scope for the entity that received the data supplied to prevent this transfer. Article 20, paragraph 2 imposes on data handling entities the obligation to send the portable data directly to the other entity responsible for their processing «whenever technically so possible».
SECTION 7 – FINAL CONSIDERATIONS
Further information may be obtained from the respective supervisory authorities, including the CNPD – the National Commission for Data Protection in Portugal and its publications. Please do not hesitate to contact us as regards any question surrounding this agreement.