Privacy Policy
Last update: February 14,2023
This information on personal data processing (hereinafter, “Information”) is given in accordance with regulation (EU)/2016/679 (hereinafter, “GDPR”) and concerns the processing of personal data performed through the website https://www.erpgap.com/ by PROMPTEQUATION LDA , with registered office in Rua Alberto Sampaio nº27 2º Direito, Viseu 3510-030 Viseu, VAT number PT 513695257, email [email protected], in person of Diogo Duarte as its legal representative (hereinafter, “Controller”).
The Controller is PROMPTEQUATION LDA.
The Controller is located in Portugal and no representative has been
appointed.
Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Data Controller or Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by union or member state law, the Controller or the specific criteria for its nomination may be provided for by union or member state law.
Data processor or processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller.
Through the website, the collector collects and uses personal data to the extent necessary to provide the services described within the Terms and Conditions of the website, available at the following url: [ https://www.erpgap.com/ ]. Personal data that might be collected, are:
- Identification information;
- Contact information;
- Payment information;
In no event, special categories of data, such as those concerning health, shall be processed.
- Cookies Browsing cookies, functionality cookies and session cookies allow the correct functioning of the website. Session cookies are not permanently memorized on the device of the data subject but are automatically erased once the web browser is closed. Their use is strictly limited to the transmission of data related to each session. Session cookies are adopted to allow the correct and safe use of the website. Statistical cookies: the website uses statistical cookies realized by the Controller or supplied by third parties. Statistical cookies allow to customise the website to visitor requirements, for instance by measuring the number of visits or the number of pages viewed. When cookies are realized by third parties, adequate tools are adopted in order to reduce their identifying power, for instance by hiding significant portions of the ip addresses processed by such cookies. The adoption of statistical cookies by third parties is subject to contractual obligations, which require third parties to use them solely for supplying the required service and to retain them separate from one another, without “enriching” them or “crossing” them with any additional information at their disposal. Browsing data: computer systems and procedures responsible for the functioning of the website automatically acquire, whilst operating, some personal data concerning the data subject’s browsing history. For instance, within this category we may find:
- IP addresses of computers used by users;
- Number of accesses to the website;
- Visited pages;
- Date and time of access;
- URL where the browser was before our page;
- Browser type;
- Adopted operating system.
- Personal Data Voluntarily Provided By The Data Subject Personal data freely and optionally provided by the data subject via email to one of the email addresses indicated on the website, may be acquired for purposes communicated to the data subject from time to time. Besides the email address, required to reply to the sender, additional personal data included within the same communication may be processed. Personal data collected as such, will be retained and processed solely for the purpose of preserving them and sending correspondence and for no further purpose.
Regarding technical cookies and browsing data, personal data of
the data subject are processed for the purpose of allowing the
correct functioning of the website. In such case, the legal
basis for the data processing is the legitimate interest of the
Controller, in accordance with article 6, comma 1, point f) of
the GDPR.
Regarding personal data freely given via email by the data subject,
the processing of personal data allows to reply to the received requests.
The legal basis of such data processing is the legitimate interest
of the Controller to reply to those who show an interest in the Controller’s
activities, in accordance with article 6, comma 1, point f) of the
GDPR.
Regarding personal data given by the data subject, the legal basis
of the data processing is the necessity of processing data in order
to fulfil the contract and/or in order to handle pre-contractual
relations, in accordance with article 6, comma 1, point b) of the
GDPR.
The following subjects shall be the recipients of the data subject’s personal data:
- organization auditors for accounting or legal reasons
The Controller may intend to transfer personal data to a third country or an international organization, such as:
- Service providers which perform services on behalf of the Controller;
- Suppliers of services belonging to the information society;
- Commercial partners of the Controller.
Personal data processed and retained for the correct fruition of
the website shall be processed and retained for no longer than
12 months from their collection.
Personal data processed for contractual or pre-contractual purposes
shall be processed for no longer than 10 years from the termination
of the contract. In the event of pre-contractual negotiations that
have not led to the conclusion of a contract, personal data shall
be stored for no longer than 10 years from the ending of negotiations.
Personal data voluntarily given by the data subject to the Controller
via email, are processed and stored until the data subject demands
the Controller to proceed with their erasure.
The Controller, however, has the right to ask the data subject to
renew his/her consent to the data processing and/or to verify the
given consents.
With regard to personal data processed through technical
cookies, the communication of such data is not a contractual
obligation. However, it is a legitimate interest of the
Controller, as, without it, it would be impossible to provide a
perfectly functioning website.
Concerning personal data processed and retained for contractual and
pre-contractual purposes, the communication of personal data is both
a contractual obligation and a necessary requirement for the performance
of pre-contractual negotiations and for the conclusion of the contract.
The data subject has the faculty to provide personal data; however,
in the event of failure to communicate such data, it will not be
possible to conclude any contract or to establish any contractual
negotiation.
Concerning personal data sent via email, the lack of consent will
make it impossible to answer to the data subject’s requests.
Article 21 GDPR - Right to Object
- The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of article 6(1), including profiling based on those provisions. The Controller shall no longer process the personal data unless the Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.
- Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.
- Where the data subject objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.
- In these cases, the data subject shall also have the right to object partially, for instance to the marketing emails sent through automated and/or digital tools, or to paper documents.
- Where personal data are processed for scientific or historical research purposes or statistical purposes pursuant to article 89(1), the data subject, on grounds relating to his or her particular situation, shall have the right to object to processing of personal data concerning him or her, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
The data subject, in order to exercise the rights provided for in the Information, such as the right to objection, the right to erasure, the right to withdraw consent, shall contact the Controller to the following email address: [email protected] or, alternatively, via registered letter to the following address: Rua Alberto Sampaio nº27 2º Direito, Viseu 3510-030 Viseu
The information to data subject is accessible at the address of
the Controller. If expressly requested so by the data subject,
the information may also be given orally, provided that the
identity of the data subject is proven.
The data subject declares and confirms to have read the present Information.