LEGAL INFORMATION REGARDING DATA PROTECTION
How we collect your personal information
The K2D consortium collects personal information, both mandatory and voluntary, using the subscription form, which is accessible through the various companies' websites. In order to fulfill all obligations, the treatment of personal information is necessary for us to formalize your registration in our database for contacts within the existing commercial relationships, sending publications and other communications. The lack of this information may prevent or delay or block the registration process and, consequently, our contacts. Under current European Union data protection legislation (the General Data Protection Regulation) the use of personal data must be justified under at least one legal ground for processing personal data, namely:
i. When you have given consent to the processing of your personal data (for these purposes you will be presented with a consent form for the use of your data, which you may later withdraw);
ii. When the processing is necessary for entering into a contract with you or its execution;
iii. When the processing is necessary to comply with the legal obligations to which the K2D consortium is subject
iv. When processing is necessary to achieve a legitimate interest and our reasons for its use outweigh your data protection rights;
v. when processing is necessary for us to assert, exercise or defend a right in legal proceedings against you, us or a third party.
For what purposes and on what basis your personal data may be used
We use your personal information as a result of the subscription to:
i. answer questions asked in the contact forms,
ii. disseminate K2D consortium newsletters,
iv. publicize events in which K2D consortium participates.
What data we collect
The categories of information we may request from you include:
i. Identification data - Mandatory - (Name);
ii. Contact details - Mandatory - (Email);
What are your rights regarding your personal data
Please inform us of any changes in the information we have about you so that we can have correct and updated information in our systems. You may request the limitation of the processing of personal data, whenever:
i. You contest the accuracy of the personal data
ii. The processing does not occur for the purposes communicated in this privacy notice
iii. The Company no longer requires the data, for example because it has ceased publication;
iv. You have objected to the processing.
You may object at any time to the processing of personal data, and the processing will be stopped. The withdrawal of consent does not affect the lawfulness of previous processing carried out on the basis of consent or other legally required processing activities. You also have the right to the erasure of your information from the database of subscribers to publications, by unsubscribing from newsletters, which may occur at any time. To exercise the rights indicated, please inform us through the contacts indicated below
If you exercise any of these rights, we will review your request and respond to you, hopefully, within one (1) month.
How we keep your personal data secure
We use a variety of security measures, including encryption and authentication tools, to help protect and maintain the security, integrity and availability of your personal data. Although transmission of data via the internet or website cannot guarantee full security against intrusion, we and our service providers and business partners use best efforts to implement and maintain physical, electronic and procedural security measures to protect your personal data in compliance with applicable data protection requirements.
Among others, we have implemented the following:
i. Restricted personal access to your personal data on a "need to know" basis and only within the scope of the communicated purposes;
ii. Transfer of collected data only in encrypted form;
iii. Storage of highly confidential data (such as credit card information) only in encrypted form;
iv. Protection of information technology systems through firewalls, in order to prevent unauthorized access to your personal data;
v. Permanent monitoring of access to information technology systems in order to prevent, detect and stop misuse of your personal data.
vi. The company guarantees the use of the best techniques, organizational and security measures, to protect personal information avoiding its loss, misuse, alteration or destruction, ensuring its integrity, availability and confidentiality. To this end, all employees are required to keep personal data confidential.
Only authorized personnel bound by the duty of secrecy and confidentiality shall have access to this information.
vii. The data will be kept for the period of time strictly necessary for the purposes of its treatment (one year, in the case of data provided for recruitment purposes) or by legal or regulatory determination. During the retention period, data integrity and access is guaranteed.
viii. Once the maximum retention period, counted from the moment of data collection, has been reached and if, within this period, you have not withdrawn your consent, your personal data will be irreversibly anonymized (anonymized data may be retained) or will be securely destroyed.
With whom we may share your personal data
As a rule, the K2D consortium does not transfer or share information concerning personal data with third parties unless obliged to do so by legal or regulatory requirements. K2D consortium may subcontract service providers for situations where there is a need or where K2D consortium considers there is an added value. This prerogative implies the need to share information regarding personal data. The K2D consortium will take all necessary steps to ensure that service providers offer every guarantee for the safeguarding, security and confidentiality of the personal data shared. They shall act exclusively in accordance with instructions addressed to them by the K2D consortium, which implies the regulation of the existing relationship by contract.
Should you consider that the K2D consortium has not been competent in the resolution of your complaints, you have the right to submit your complaint to the competent control authority - Comissão Nacional de Proteção de Dados - through its web page at the following address: https://www.cnpd.pt