In this document, we seek to explain what personal data we collect, for what purposes we can use it, how we treat it, who we share it with, how long we keep it, as well as the ways to contact us and exercise your rights.
General Data Protection Regulation
The new GDPR establishes the rules regarding the processing, by a person, a company or an organization, of personal data relating to people in the European Union (EU).
The GDPR protects personal data regardless of the technology used to process that data, the protection is neutral in technological terms, and applies to both automated and manual processing, as long as the data is organized according to pre-defined criteria (e.g. in alphabetical order). It is also irrelevant how the data is stored, in a computer system, through video surveillance, or on paper; In all these cases, personal data is subject to the protection requirements set out in the GDPR.
Who is responsible for data processing?
Reage Lda is responsible for the processing of personal data, within the scope of the GDPR.
Processing of personal data, scope and changes to the Privacy Policy
By providing personal data, the holder of personal data consents to their processing in accordance with this Privacy Policy.
This Privacy Policy applies to data that has been directly provided by the respective holder or collected when the holder accesses digital platforms and Reage Lda services.
Reage Lda. reserves the right to change its Privacy Policy, so we advise you to consult this document regularly.
What type of information is collected?
We collect two types of information: personal information and anonymous information. Anonymous information occurs while the holder of personal data visits digital platforms and aims to improve their functioning, including the management and prioritization of content. Personal information is voluntarily provided by the holder of personal data during optional registration. All data collected is processed automatically, and the information collected from the holder of personal data is encrypted and managed with advanced security.
Registration allows the holder of personal data to access the services provided by Reage Lda.
What are personal data?
Personal data is information relating to an identified or identifiable person. A person who can be directly or indirectly identified is considered identifiable. Personal data also constitutes the set of distinct information that can lead to the identification of a specific person.
Examples of personal data:
- Name and surname;
- Address of a residence;
- Email address;
- Number of an identification card;
- Location data (e.g. the location data function on a mobile phone);
- IP address (internet protocol);
- Cookies;
- Advertising identifier of your phone;
- Data held by a hospital or doctor, which allows a person to be unambiguously identified;
- Sound or image.
Who is the holder of personal data?
The holder of personal data is the natural person to whom the data relates and who used the digital platforms and services of Reage Lda.
Personal data categories
TYPES
DATA
Main identifiers
Name, civil or tax identification number, passport number, date of birth, marital status, address, telephone, email address, nationality, photographs and files from the mobile device, household data, data relating to kinship.
Complementary identifiers
IBAN, geo-location, education level, gender, profession, socioeconomic data, personal ID, IP address, social network addresses, type of mobile device, operating system, operating system version.
Special protection
Personal data of minors under 16 years of age.
When and how do we collect your personal data?
We collect personal data when you purchase products or services from Reage Lda, make quote requests or book services. Collection can be done orally, in writing or through digital platforms.
What is the basis for processing your personal data?
Consent
Your consent must be expressed – in writing, orally or by validating an option – and prior, provided in a free, informed, specific and unambiguous manner; or
Contract execution and pre-contractual measures
When the processing of personal data is necessary for the conclusion, execution and management of a contract concluded with Reage Lda; or
Compliance with legal obligation
When the processing of personal data is necessary to comply with a legal obligation to which Reage Lda is subject, such as, for example, the communication of identification or traffic data to police, judicial, tax or regulatory entities or location data to ensure emergency services; or
Legitimate interest
The processing of personal data by Reage Lda. may be justified by reasons of legitimate interest related to the execution of tasks related to its activity as a company, such as data processing to improve service quality, fraud detection and revenue protection and when our reasons for using it should prevail over your data protection rights.
How long does Reage Lda. process and keep your personal data?
Reage Lda. processes and preserves your personal data according to the purposes for which they are processed and only for the period of time necessary to fulfill the purposes that motivated their collection and conservation, and always in accordance with the law, guidelines and the decisions of the CNPD, or, depending on what is applicable, until you exercise your right to object, your right to be forgotten or withdraw your consent.
There are situations in which the law determines the retention of data for a minimum period of time, namely: for one year, traffic and location data for the purposes of investigation, detection and repression of serious crimes or for 10 years data necessary for information to the Tax Authority.
After the respective retention period has elapsed, Reage Lda. will delete or anonymize the data whenever it should not be kept for a different purpose that may subsist.
Rights of the holder of personal data
The holder of personal data has rights to information, access and rectification or erasure of personal data and the right to data portability, the right to limit or oppose the processing of their data, within the scope and under the terms of the GDPR and other applicable legislation .
The holder may withdraw, at any time, the consent he has given to the processing of his personal data, within the framework of the GDPR. The revocation of consent will not affect the lawfulness of the processing of personal data that has been carried out to date, based on the consent you have previously provided.
You also have the right to lodge a complaint regarding the processing of your data addressed to the CNPD.
Exercise your rights through the following contacts:
E-mail
info@safebox.cash
The exercise of rights is free of charge, except if the request is manifestly unfounded or excessive or unjustifiably reiterated, in which case a reasonable fee may be charged taking into account the costs.
Responses to requests must be provided, without undue delay, within one month of receipt of the request, unless it is a particularly complex request or occurs in exceptional circumstances. This period may be extended by up to two months, when necessary, taking into account the complexity of the request and the number of requests received.
As part of your request, you may be asked to prove your identity to ensure that personal data is only shared with the respective holder.
Transmission of personal data
The data may be transmitted to entities to which the data must be communicated by law, such as the Tax Authority, judicial authorities, criminal police bodies, among others.
Responsibility for digital platforms and services Reage Lda. and third parties
Reage Lda. is not responsible for the content accessed through any link that takes the holder of personal data to navigate outside the Reage Lda. digital platforms and for the processing of personal data carried out there, whenever such links are the responsibility of third parties. Third-party websites and content are not subject to this Privacy Policy, so we advise you that whenever you browse these websites, look for and read the privacy policies, as well as the applicable terms and conditions.
What security procedures guarantee the protection of your data?
Reage Lda takes all necessary and legally required precautions to guarantee the privacy of personal data processed and/or transmitted through its digital platforms. These precautions ensure the online and offline security of this information.
Whenever sensitive information is collected or used, the data will be encrypted using the SSL protocol. This technology called Secure Socket Layer is used to improve the security of data transmission over the Internet, encrypting and protecting data and sensitive information using the HTTPS protocol. SSL guarantees the holder of personal data that the data will not be intercepted fraudulently and that all information is treated with maximum security.
Doubts?
If you have any questions about any of the topics covered in this document, please contact us at:
E-mail
info@safebox.cash
Last updated: February 14, 2019.
General Data Protection Regulation (GDPR): Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and freely circulation of these data and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016).
