RJRI - THE ERICEIRA REAL ESTATE, LDA. (hereinafter, “Responsible for the Treatment”), based at Rua Dr. Eduardo Burnay, 71, 2655-368 Ericeira, and NIPC 514575174 is the owner of the grupodascasas.pt domain, where his WEBSITE is located.
THE RESPONSIBLE FOR THE TREATMENT IS COMMITTED TO PROTECT THE PRIVACY AND PERSONAL DATA OF ITS CLIENTS AND USERS OF THE WEBSITE.
- WHAT IS THIS POLICY ABOUT?
2. WHAT IS PERSONAL DATA?
2.1. Personal data is all information relating to a person and that identifies, or makes it identifiable, regardless of the nature and support of the information, including the person's sound and image.
2.2. Examples of personal data that we collect are name, email, IP address and cookies.
2.3. Identifiable means a person who can be identified, directly or indirectly, namely by reference to an identification number or other specific elements of his physical, physiological, psychological, economic, cultural or social identity.
3. HOW WILL WE USE YOUR PERSONAL DATA?
3.1. The Data Controller will use the personal data you provide us for the following purposes:
(a) To analyze and respond to your messages, customer support and requests for information;
(b) To keep a record of your contact details;
(c) For WEBSITE management operations;
(d) For commercial purposes, such as data analysis, audits;
(e) For fraud prevention and security of information systems;
(f) For the adaptation, improvement and modification of services, namely, through the identification of usage trends, or, to determine the effectiveness of promotional campaigns;
(g) To expand the commercial activities of the Data Controller.
3.2. These personal data processing operations are an essential tool for your satisfaction and for the activity of the Data Controller and are carried out in accordance with the applicable legislation and in accordance with best practices.
3.3. Your personal data will not be reused for other purposes that are not previously identified or that have no relation to those purposes for which they were initially collected.
4. WHAT ARE THE GROUNDS FOR TREATING THE PERSONAL DATA WE COLLECT?
4.1. The personal data that the Data Controller treats has specific grounds, depending on the purposes for which they are intended.
4.2. In the following table, you can see the fundamentals according to the purposes identified above:
To analyze and respond to your messages, customer support and information requests. Consent for that specific purpose.
To keep a record of your contact details. Consent for that specific purpose.
For WEBSITE management operations. Consent for this specific purpose (cookies);
Legitimate interests pursued by the Controller.
For commercial purposes, such as data analysis, audits. Consent for this specific purpose (cookies);
Legitimate interests pursued by the Controller.
For fraud prevention and security of information systems. Legitimate interests pursued by the Controller.
For the adaptation, improvement and modification of services, namely, through the identification of usage trends, or, to determine the effectiveness of promotional campaigns. Consent for this specific purpose (cookies);
Legitimate interests pursued by the Controller.
For the expansion of the commercial activities of the Responsible for Treatment. Legitimate interests pursued by the Controller.
5. WHAT PERSONAL DATA DO WE COLLECT?
5.1. The personal data that the Data Controller collects and processes are only those necessary and suitable for the purposes indicated above.
5.2. The Data Controller will collect and process the following personal data:
To analyze and respond to your messages, customer support and information requests. Name and email.
To keep a record of your contact details. Name and email.
For WEBSITE management operations. Cookie data.
For commercial purposes, such as data analysis, audits. Cookie data.
For fraud prevention and security of information systems. IP adress; Cookie data.
For the adaptation, improvement and modification of services, namely, through the identification of usage trends, or, to determine the effectiveness of promotional campaigns.
For the expansion of the commercial activities of the Responsible for Treatment. Name and email.
6. HOW DO WE COLLECT YOUR PERSONAL DATA?
6.1. We will collect your personal data through the forms present on the WEBSITE, but also through the WEBSITE and the communication it does with your equipment and e-mail messages you send to us.
6.2. Your personal data is collected through your equipment as follows:
(a) Through your browser;
(b) Through cookies;
(c) Through pixel tags and other similar technologies;
(d) IP address;
(e) Through your User data.
6.3. The Data Controller is committed to processing your data in accordance with the law and in a legitimate manner.
6.5. The services of the Data Controller are not directed at minors, and personal data of minors are not intentionally processed.
7. WHAT ARE COOKIES?
7.1. Cookies are small files of information that help to identify your browser and that can store information, for example, settings and User preferences.
7.2. The Data Controller will store cookies on your equipment to personalize and facilitate navigation as much as possible, but also for troubleshooting, statistics, quality assurance, and to monitor system security.
7.3. With the exception of cookies specifically necessary for the performance of the website, the storage of other cookies will always depend on the acceptance and consent of the User, and this consent may be withdrawn at all times through specific browser tools.
(b) Cookies allow us to identify you as a recurring User;
(c) Cookies allow us to retrieve your personalized preferences when you browse;
(d) In point 11.1 you will find a description of the cookies used.
9. WHAT ARE COOKIES FOR?
9.1. The Data Controller will store cookies on your equipment to personalize and facilitate navigation as much as possible, but also for troubleshooting, statistics, quality assurance, and to monitor system security.
9.2. You may, at any time, delete or block said cookies, and when doing so, some features of this WEBSITE may not work as intended.
9.3. Cookies are not used for any purpose other than those described here.
10. TYPES OF COOKIES.
(a) Strictly Necessary Cookies: are cookies that are essential for the provision of the WEBSITE and for all services requested, but do not perform any additional or secondary functions.
(b) Performance Cookies: these are cookies that provide statistical information about the use of the WEBSITE, that is, the analysis of the web.
(c) Targeting / Advertising cookies: cookies used to create profiles or personalize content.
11. COOKIES WE USE.
11.1. The following table explains how cookies are used on this WEBSITE.
Strictly Necessary Cookies
Origin Name Description Duration
__cfduid Cookie associated with websites that use CloudFare, to speed up their loading time. The cookie is used to override security restrictions based on the IP address from which the user comes.
12. COOKIE CONTROL AND MANAGEMENT.
12.1. At all times you can control and / or delete cookies, namely, you can delete all cookies that are already stored on your device, and you can even configure most browsers in order to prevent their storage.
12.2. In order for you to be able to perform this management, however, you will have to manually adjust some preferences each time you visit certain websites, without which some services and features may not work.
12.3. As an additional guarantee you can, at all times, disable cookies by configuring your browser, according to the instructions available at:
(a) For Google Chrome users: http://support.google.com/chrome/bin/answer.py?hl=en&answer=95647
(b) For Internet Explorer users: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
(c) For Microsoft Edge users: https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy
(d) For Mozilla Firefox users: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
(e) For Apple Safari users: http://support.apple.com/kb/ph5042
13. WHAT ARE PIXEL TAGS AND OTHER SIMILAR TECHNOLOGIES?
13.1. Pixel tags (also known as web beacons and clear GIFs) can be used in connection with some services to, for example, track the actions of service users (including email recipients), measure the success of our marketing campaigns and compile statistics on the use of the Services and response rates.
14. HOW DO WE PROTECT YOUR PERSONAL DATA?
14.1. Your personal data is kept safe through the adoption of various technical and organizational security measures that ensure that only Employees who have access to personal data have access to personal data, according to rules created for this purpose.
14.2. To protect your personal data, we only use data center providers that offer us adequate and documented security measures, namely guarantees that your personal data is stored on servers that are kept in controlled environments with limited access.
14.3. Personal data is kept on secure servers at RJRI - THE ERICEIRA REAL ESTATE, UNIPESSOAL, LDA. (hereinafter, “A Casa das Viagens”) with NIPC 514575174 and headquartered at Praça dos Navegantes, nº17, which provides us with adequate security guarantees for the protection of personal data against its dissemination, loss, misuse, alteration, treatment or unauthorized access as well as against any other form of unlawful treatment.
14.4. Likewise, when you browse the WEBSITE, we protect your data with encryption, such as Transport Layer Security (TLS, is a security protocol that protects telecommunications via the Internet).
14.5. Although we take the precautions and precautions we feel are appropriate to protect the personal data you provide and collect, you must be aware that no security system is impenetrable.
15. HOW LONG DO WE KEEP YOUR PERSONAL DATA?
PURPOSE MAXIMUM TIME
To analyze and respond to your messages, customer support and information requests. 2 years
To keep a record of your contact details. 3 years
For WEBSITE 2 year management operations
For commercial purposes, such as data analysis, 2 year audits
For fraud prevention and security of information systems 2 years
For the adaptation, improvement and modification of services, namely, by identifying usage trends, or, to determine the effectiveness of promotional campaigns 2 years
For the expansion of the commercial activities of the Responsible for Treatment 3 years
15.2. If any specific or mandatory period results from the law, the period of data retention will be this. In all other cases, personal data will be kept at most during the times indicated above, periods that the Data Controller understands as sufficient to fulfill the purposes.
15.3. After the retention period, all personal data collected will be deleted.
16. HOW YOU CAN EXERCISE YOUR RIGHTS:
16.1. Before explaining how you can exercise your rights, you should know what they are. Thus, the law gives you the right to request us to exercise the following rights:
(a) Access: the right to obtain confirmation that the personal data concerning you are or are not being processed and, if so, the right to access your personal data;
(b) Rectification: the right to obtain rectification of inaccurate personal data concerning you and to have your incomplete personal data completed;
(c) Deletion: the right to have your personal data deleted when one of the reasons listed in the legislation applies;
(d) Treatment limitation: the right to obtain treatment limitation if one of the situations listed in the legislation applies;
(e) Opposition: the right to object at any time to the processing of personal data concerning you;
(f) Portability: the right to receive personal data concerning you in a structured format, in current use and automatic reading.
16.2. You also have the right to file a complaint with the competent supervisory authority (in Portugal, the National Data Protection Commission at www.cnpd.pt)
16.3. For the purpose of exercising the rights indicated above, you should contact the Data Controller through the following e-mail email@example.com.
16.4. If you ask us to delete some of your personal data or all of it, some of the services requested may not be provided to you and the Data Controller will retain only the personal data necessary to fulfill the legal obligations to which he is bound.
17. WHEN DO WE COMMUNICATE DATA TO THIRD PARTIES?
17.1. The Data Controller may use third parties to provide certain services, in terms of maintenance and technical support, namely, which may have access to some of the personal data, namely, the data necessary for the contracted purposes.
17.2. The Data Controller ensures that the entities that have access to the data are credible and offer high protection guarantees, never being transmitted data beyond what is necessary to provide the contracted service, however, the latter remains responsible for the personal data provided.
17.3. For example, for data center management purposes, A Casa das Viagens uses Avantio services.
17.4. The Data Controller may also communicate his data to the following entities:
(a) Companies of the business group to which the Data Controller belongs and with which he has commercial partnerships to create and offer benefits; or yet,
(b) Other partners outside your business group (with prior authorization from you).
17.5. The Data Controller may also transmit data to third parties in the context of investigations, inquiries and judicial and / or administrative proceedings or of a similar nature, provided that this is duly ordered by a court order in this regard.
18. THIRD PARTY WEBSITES.
18.1. The WEBSITE may contain links to other websites which may collect and process your personal data and this treatment is the sole responsibility of the owners of those websites, and the Data Controller is not responsible for their policies and / or practices.
18.2. An example of these third parties is Facebook, through the buttons that are present on the WEBSITE.
19. DATA TRANSFERS OUTSIDE THE EUROPEAN UNION.
19.1. In the event of data transfers to third countries that do not belong to the European Union, the Data Controller will comply with legal rules, namely with regard to the suitability of the country of destination with regard to the protection of personal data and the requirements, which are applicable to these transfers, with no personal data being transferred to jurisdictions that do not offer guarantees of security and protection.
20.1. The WEBSITE is not aimed at minors under 16, so we ask that these minors do not provide us with personal data through the WEBSITE, application, social networks and social media or emails.
21. SENSITIVE PERSONAL DATA.
21.1. The Data Controller is grateful that he does not send or make known to us any sensitive personal data, that is, information that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, union association, genetic information, biometric information, relative data health or data relating to a person's sexual life or sexual orientation.
21.2. If you still send or make known these categories of personal data, they will be immediately deleted.
23. OUR CONTACT DETAILS.
24. LATEST VERSION.
April 30, 2019. Ericeira (Portugal)