Holos, in the context of its attributions, processes personal data, aiming to ensure rigorously, effectively and securely the protection of all the data it collects and processes on a daily basis.
Personal Data, Holders and Personal Data Categories
What is personal data?
Personal data is any information of any nature, collected on any type of medium, relating to a natural person, identified or identifiable. The set of information that may lead to the identification of a particular person, namely by reference to an identifier (such as an identification number or a location data), is identifiable.
Whom do we collect personal data from?
In view of Holos’ duties, most of the data are processed by legal persons (companies and associations). Notwithstanding, for the performance of their duties, data of the following types of natural persons may be collected and processed (non-exhaustive list):
- Clients / investors and their collaborators;
- Service providers and their collaborators;
- Candidates and trainees;
- Candidates and clients of programs promoted by Holos;
- Participants in events promoted by Holos;
- Visitors to Holos installations.
What personal data do we treat and how do we collect them?
Holos only collects data that is appropriate, relevant and limited to what is necessary in relation to the purposes for which it is processed.
The collection of your data can be done orally, in writing (in particular through forms and contracts), as well as through the Holos website. As a general rule, we collect your data directly, and personal data may also be collected from public sources (such as official websites and public lists) as well as from incentive management entities.
For the different purposes, we may collect the following types of personal data:
- identification data (such as name, naturalness, citizen’s card or date of birth);
- contact information (such as mobile phone, address or e-mail);
- qualification data and professional situation (such as level of education and CV);
- banking and financial data and transactions (such as IBAN or tax identification number);
- location data (such as IP address);
As a rule, Holos does not collect special data, such as health data or criminal misdemeanor data.
Grounds and purposes of the processing of personal data
Why and on what grounds do we use your personal data?
All data collected and processed by Holos are based on one of the following conditions of legitimacy
- . Consent: When the collection is preceded by your express, specific and informed consent, through written or web support.
- We collect your consent, for example, to subscribe to newsletters or to subscribe to Holos-sponsored actions.
- The performance of a contract or pre-contractual procedures: when the processing is necessary for the performance of a contract in which it is a party or for pre-contractual procedures.
- This condition will be fulfilled when we treat your data for the management of programs and contracts for the provision of services.
- The fulfillment of legal obligations: when the treatment is necessary for the fulfillment of a legal obligation.
- This includes, for example, the communication of data to other public (national and Community), tax or judicial bodies.
- Legitimate Interest: where treatment proves necessary for the pursuit of the legitimate interests of the treating entity or third parties, without prejudice to the rights and freedoms of its customers and / or users.
- This includes all treatments that result from attributions conferred by law, namely the internal and external disclosure of Portuguese entities, nationally and internationally.
What are the purposes for which we collect your data?
Personal data collected by Holos are only processed for specific, explicit and legitimate purposes. Whenever personal data are collected, they are intended exclusively for the purposes expressly identified at the time of collection. Here we outline the main purposes that justify the collection of personal data by Holos
- Contractualisation and management of cooperation programs and protocols;
- Event management promoted by Holos;
- Contracting of supply and service contracts;
- Disclosure of newsletters / publications;
- Physical Security of Facilities and People.
Responsible for processing and data protection
As part of its activities and attributions, Holos is the entity responsible for the collection and processing of personal data, which are processed and stored in an automated and non-automated way.
Holos has a, which can be contacted by e-mail dpo@ holos.pt Data Protection Officer(Data Protection Officer). In particular, the Data Protection Officer is responsible for monitoring the compliance of the activities involving the processing of his data with the applicable legal and regulatory standards, as well as the contact point between Holos and the National Control Authority, as well as between Holos and its customers and users in matters relating to the processing of personal data.
Period of retention of personal data
Holos treats and retains your data only for as long as is necessary to continue or complete the purposes of the treatment for which they are intended, in compliance with the maximum periods necessary to comply with contractual, legal or regulatory obligations .
As a general rule, and where there is a contract that legitimizes the processing of your data, Holos will maintain such data for as long as such a contractual relationship is maintained. Other circumstances exist, such as compliance with legal or regulatory obligations (for example, for the purposes of complying with tax obligations, personal data relating to invoicing must be kept for a maximum period of ten years from the date of the act) and pending a judicial proceeding, which may justify keeping their data for a longer period of time.
After the maintenance period, Holos will proceed to the elimination of such data.
Rights of data owners
Under the terms of the legislation in force, as soon as we collect and process your data, there is a set of rights that you can exercise at any time with Holos.
What are your rights?
Right of access: right to obtain information on the processing of your data and its characteristics (in particular the type of data, the purpose of the processing, to whom your data may be communicated, storage periods and what data you need to know compulsory or optional).
Right of rectification: right that allows you to request the rectification of your data, requiring that these are accurate and current, such as when you consider that they are incomplete or outdated.
Right to be deleted or “Right to be forgotten”: right that allows you to request the deletion of your data, when you consider that there are no valid grounds for data retention and provided there is no other valid basis for such treatment. the performance of a contract or the fulfillment of a legal or regulatory obligation).
Right to Limitation: right that allows you to suspend treatment or limitation of treatment to certain categories of data or purposes.
Right to Portability: right through which you can request the sending of your data, in digital format and in current use, that allows the re-use of such data. Alternatively, you may request the transmission of your data to another entity that becomes responsible for the processing of your data.
Right of Opposition: right that allows it to oppose certain purposes and provided that there are no legitimate interests that prevail over its interests. One of the examples of this right concerns opposition to direct marketing (marketing) purposes.
Right to Withdraw Consent: right that allows you to withdraw your consent, but which can only be exercised when your consent is the only condition of legitimacy.
How can you exercise your rights?
All rights described above may be exercised, subject to the limitations set forth in the applicable legislation, upon written request, to be sent by e-mail dpo@ holos.pt.
In the same way you can send questions related to the treatment of your data, directly to the Data Protection Officer, through the email indicated above.
With whom do we share your personal data?
In view of Holos’ assignments, and depending on its purpose, its data may be shared with third parties, which include national and international public bodies and private entities for the fulfillment of legal or regulatory obligations, contractual obligations or functions of interest public.
Your data may also be accessed by Holos service providers deemed necessary for the purposes described above, in particular as regards information security and archiving services. Holos guarantees that it only resorts to service providers who have the guarantees to carry out the technical and organizational measures necessary and adequate to protect their personal data.
Transfers of personal data outside the EEA.
Holos may, exceptionally, transfer your personal data to third countries (outside the EEA – European Economic Area).
In such cases, Holos will ensure that data transfers are carried out in strict compliance with applicable legal standards.
cookiesare small text files with relevant information which is discharged by the access device (computer, smartphone or tablet) via the web browser (browser), when a site is visited by the user, and used to store information about user visits.
Cookies, depending on how long the user stays on the page, can be classified as session or permanent cookies. The first type of cookies expires when the user closes the browser. The second type of cookies expires when your goal is completed or when they are manually turned off.
The cookies used by Holos on the site holos.pt do not collect personal information to identify the user.
The cookies used on the site holos.pt are analytical. They collect information about users’ browsing experience on the web page, anonymously, although sometimes they also allow a user to be uniquely and uniquely identified to obtain information about the user’s interests in the services provided by the web page.
However, it is important to note that disabling cookies may prevent some web services from functioning properly, affecting, in whole or in part, navigation.
The processing of personal dataof users and clients carried out by Holos, as well as the sending of commercial communications carried out by electronic means are in conformity with the national and Community legislation in force, in particular by the General Regulation of Protection of Data.