The rules foreseen in this Data Protection Policy complement the provisions on the protection and processing of personal data provided for in the contracts that Customers enter into with WYBR, as well as the rules set forth in the terms and conditions governing the offer of the various products and services and are duly advertised on their websites.
Your data is collected by WYBR, based on calçada das necessidade snº40 1350-214 Lisboa,hereinafter called WYBR.
WYBR processes and stores personal data within the European Union (EU) and respects best practices in the area of personal data security and protection, having taken the necessary technical and organizational measures to comply with the General Protection Regulation Regulation (EU) 2016/679), which is a directly binding legislative act for natural and legal persons who, whether or not resident in the EU, treat data of citizens of the European Union and ensure that the processing of personal data is lawful, loyal, transparent and limited to authorized purposes.
The privacy statement is the responsibility of WYBR which is considered the data controller for the purposes of the RGPD and will determine the purpose and means of processing personal data presented and collected online. The Data Protection Officer (DPO) ensures compliance with the regulation and is involved in all matters relating to the protection of personal data. Your identification and contact details are indicated at the end of this document.
What is personal data?
Personal data is any information of any nature and regardless of its support, including sound and image, relating to an identified or identifiable natural person. Any identifiable person, directly or indirectly, identified by reference to a name, identification number, location data, identifiers by electronic means or one or more specific elements of his or her physical, physiological, genetic, mental, economic, cultural or social.
What is the processing of personal data?
The processing of personal data consists of an operation or set of operations carried out on personal data or personal data sets, by automated means or not, namely collection, registration, organization, structuring, preservation, adaptation, retrieval, consultation, use, disclosure, dissemination, comparison, interconnection, limitation, erasure or destruction..
Our data protection policy guarantees that the data is: Object of lawful, fair and transparent treatment of the data subject (‘lawfulness, loyalty and transparency’); Collected for specific purposes, explicit and legitimate and can not be further processed in a way incompatible with those purposes; Appropriate, relevant and limited to what is necessary in relation to the purposes for which they are processed; Accurate and up-to-date whenever necessary; taking all appropriate measures to ensure that inaccurate data, taking into account the purposes for which they are processed, are erased or rectified without delay; Preserved in a way that allows the data subjects to be identified only for the period necessary for the purposes for which they are processed; Treaties in a manner that guarantees their safety, including protection against their unauthorized or unlawful treatment and against their accidental loss, destruction or damage by adopting appropriate technical or organizational measures;
Purposes of Treatment of Personal Data.
Guaranteeing, when necessary, the prior consent of the holder of the personal data we will collect, among others, the following information: Name and Last Name, Civil Identification Number; Tax Identification Number; Date of Birth, Email and Telephone.
In general, the personal data collected are based on the management of the contractual relationship, the provision of contracted services, the suitability of the services to the needs and interests of the Customer, namely for the purpose of accessing specific features of the services, suggestions for content, proximity information services as well as information and marketing actions. In addition, personal data may also be processed for the purpose of complying with legal obligations and for the purposes of investigation, detection and prosecution of serious crimes.
The length of time during which personal data are stored and stored varies according to the purpose for which the information is processed. Effectively, there are legal requirements that require you to retain the data for a minimum period of time. Thus, and whenever there is no specific legal requirement, the data will be stored and kept only for the minimum period necessary for the pursuit of the purposes that led to its collection or subsequent processing, under the terms defined by law.
Use of personal data
WYBR will contact you to present you the goods and / or services you sell. The processing of such data is based on the consent given by the data subject. Access to personal data is strictly limited to the staff of data controllers and subcontractors. Sharing of personal data
WYBR warrants that it does not intend to transfer data to third countries to the General Data Protection Regulation and if it does so, it will ask for consent. WYBR concluded with its subcontractors an agreement whereby they undertake not to transfer data to third countries. In certain situations, both WYBR and its Subcontractors may be notified to disclose personal information in response to requests by supervisory authorities to meet the requirements of the RGPD.
WYBR is committed to ensuring the protection of the security of personal data made available to it, and has adopted and implemented strict rules in this regard. Compliance with these rules is an obligation of all those who legally access them. Taking into account the concern and commitment that WYBR reveals in the defense of personal data, a number of technical and organizational security measures have been adopted in order to protect the personal data made available to it against its dissemination, loss, misuse, unauthorized access, alteration, treatment or access, as well as against any other form of illicit treatment. In addition, third parties that, in the context of the provision of services, process the personal data of the Client in the name and on behalf of WYBR, are required, in writing, to carry out adequate technical and security measures that, in each case, comply with the requirements of current legislation and ensure the protection of the rights of the data subject (in particular, the protection of the privacy and personal data of the Customers).
Access and rectification or deletion of personal data
As the holder of the data, the Client has the right to request access to the data concerning him, to ask for rectification and to eliminate them. It may also limit the processing of data as well as oppose it and still require data portability. You may do so, either directly or by written request, addressed to the person responsible for the treatment, through the contacts made available for this purpose in this document. You may also request clarification from the Data Protection Officer or submit a complaint to the CNPD whenever you understand that your rights are being violated.
Right of access
The holder of the personal data has the right to obtain from WYBY the confirmation that the data concerning him or her are processed and, if applicable, to access their personal data and access the information provided by law.
Right of rectification
The holder of personal data has the right to obtain from the company of WYBR without undue delay the rectification of inaccurate or incomplete data concerning him.
Right to erase data (“right to be forgotten”)
The holder of the personal data has the right to obtain from WYBR the erasure of his data, without undue delay, and the latter has the obligation to erase the personal data, without undue delay, when it applies in particular for one of the following reasons: (a) personal data are no longer necessary for the purpose for which they were collected or processed; (b) the data subject has withdrawn his consent for the processing of data (where treatment is based on consent) and there is no other basis for such treatment; c) The holder opposes the treatment and there are no prevailing legitimate interests justifying the treatment;
Right to limit treatment
The data subject has the right to obtain from WYBR the limitation of treatment if one of the following applies in particular:
a) To answer the accuracy of the personal data, during a period that allows WYBR to verify its accuracy;
b) The processing of data is lawful and the data owner opposes the erasure of personal data and requests, on the other hand, the limitation of its use;
c) WYBR no longer requires personal data for treatment purposes, but such data are required by the holder for the purposes of declaration, exercise or defense of a right in a legal process;
(d) if he opposes the processing until it is established that the legitimate grounds of the controller prevail over those of the data subject.
Right of portability of data
If the processing is subject to the consent of the data subject and such consent has been provided by automated means, the data subject is entitled to receive the personal data relating to him and which he has provided to WYBR in a structured, automatically.
Right of opposition
In cases where the processing of data is effected for 1) effect of the legitimate interests pursued by WYBR; or 2) the processing of data is done for the purposes of direct marketing or 3) definition of profiles, you can still, at any time, oppose the treatment of your personal data.
Data controllers are allowed, after explicit consent, to send marketing emails to site users. At any time the user may cancel the consent through the link, existing for that purpose, in each email sent.
Changes to this policy
This policy may be updated from time to time, for example because of changes to relevant legislation. If any material changes are made, customers will be notified by email or notification on the website.
RESPONSIBLE FOR TREATMENT
Tel: +351 913 351 730