Privacy Policy

Privacy Policy

1. Information we collect

Electrão - Associação de Gestão de Resíduos, NIPC 509300421 with registered office at Rua Afonso Praça, n.º 6, 1400-402 Lisboa (hereinafter “Electrão”), in its capacity as Data Controller, considers the General Data Protection Regulation to be a fundamental element of respect for the privacy, security and trust placed in us by our members, suppliers, employees, subcontractors and third parties in the collection and processing of personal data.

Electrão is particularly committed to ensuring compliance with the challenges posed by Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, hereinafter referred to as the GDPR.

We guarantee that the data collected is strictly necessary for the purchase or provision of the services offered by Electrão.

The use of data collected for other purposes requires prior consent which will always be clear, informed and explicit.

The data collected will only be kept for the period necessary for the performance of the contracted services or for the duration of a contract. The data shall not be transmitted to any third party other than those included as authorized and working on behalf of Electrão for the purposes described in this policy.

Electrão ensures that all third parties involved in the provision of its services must comply with the privacy and security requirements set out in this policy, using the data that we may provide to them or to which they may have access, exclusively in compliance with the established contract.

Electrão collects data and information on entities such as suppliers, members, potential members, partners and some contacts of their employees, with the aim of improving its service provision. The personal data collected is name, email address, name of the entity, position and telephone number. In the case of services, other elements may be requested for contractual and billing support.

 

2.    How we use the collected data

The data collected by Electrão is used to process activities related to our services, such as filling in reporting forms, sending communications, processing requests for information, statistical analysis or other purposes previously requested and consented to.

 

Lawfulness of the Processing Operations carried out by Electrão:

Consent of the data subject by signing or accepting a digital or paper form, which may be withdrawn at any time;

The data is necessary for the performance of a contract to which the data subject is a party;

The data is necessary for the fulfillment of Electrão's legal obligations;

The data is necessary for Electrão's legitimate interests in its business, provided that they do not override the interests or rights, freedoms and guarantees of the data subject, in particular in situations where processing is necessary for the purposes of fraud prevention and control and to ensure network and information security.

 

3.    Use of data for marketing purposes

Electrão will only use your personal data to send you information that you have previously requested or consented to. Communications may be made by any available means: - post, e-mail, telephone or other (SMS).

Electrão will not at any time transfer or sell the data collected.

 

4.    Provision of personal data

The recipients of personal data shall be exclusively Electrão employees who are specifically authorized to carry out data processing operations.

Electrão shall not make any personal data available to third parties without the consent of the data subject, except in situations where this is necessary to comply with the performance of a contract, provide a service or carry out an activity or function requested of it when required or permitted by legislation in force.

Electrão has taken steps with its employees to ensure the correct processing of personal data, in compliance with the security and privacy policy in force, as well as legal data protection obligations.

Within the scope of the management system procedures in force, Electrão will take the necessary precautions to avoid non-compliance, for example by carrying out audits.

In the event of failures or non-compliance, Electrão will take the appropriate measures to correct/improve processes, and may apply sanctions to employees or cancel contracts with third parties.

Compliance with the General Data Protection Regulation and applicable legislation on data security and protection shall be guaranteed by imposing this policy on third parties who have dealings with Electrão, providing, where necessary, for contractual clauses ensuring that the data is used only for the purposes envisaged and in accordance with this policy.

Electrão shall use appropriate security means to protect the personal data in its custody from unlawful or unauthorized processing, including loss, destruction or other actions that may cause damage.

If third parties are required to carry out data processing operations, prior written authorization shall be requested from the data subject in an explicit manner, indicating the intended purpose in a clear and informed manner.

 

5.    Where the data resides

Your personal data is stored in Electrão's datacenter located in Portugal and in datacenters located in the European Union.

This data and the respective infrastructures are protected and maintained in accordance with security criteria and in compliance with applicable privacy laws, and are periodically subject to tests and audits.

Electrão has implemented, and will continue to implement, the necessary measures to adequately protect your data from unauthorized processing and access.

Electrão will continue to make all reasonable efforts to prevent the misuse, unauthorized or illegal use of personal data, prevent its loss, destruction or damage, as well as any cybersecurity incidents.

Electrão shall take the initiative to inform data subjects and the competent authorities whenever a breach or security incident occurs that jeopardizes the rights of data subjects.

Electrão protects data security through information security management using, among other things:

 

6.    Data security at Electrão

The implementation of an information security policy, which includes, among other things, risk analysis of infrastructure and services, access control, backup copies, service contracts with third parties and levels of confidentiality, integrity and availability of information;

Adequate training and awareness-raising of its employees for their assigned duties.

 

7.    Exercising your rights under the General Data Protection Regulation

As the holder of personal data, you have the following rights:

Right of access (Art. 15 GDPR);

Right to rectification (Art. 16 GDPR);

Right to erasure of data (Art. 17 GDPR);

Right to restriction of processing (Art. 18 GDPR);

Right to data portability (Art. 20 GDPR);

Right to object (Art. 21 GDPR); and

Right to complain to a supervisory authority (Art. 77 GDPR).

 

In effect, you have the right to lodge complaints with the competent supervisory authority regarding the processing of your personal data.

In Portugal, the competent supervisory authority is the National Data Protection Commission (geral@cnpd.pt).

If you wish to exercise any of your rights or simply request information, please send your request to our email dpo@electrao.pt or by telephone on +351 214169020.

This site uses cookies from Google to deliver its services and to analyze traffic. Your IP address and user-agent are shared with Google along with performance and security metrics to ensure quality of service, generate usage statistics, and to detect and address abuse.