Privacy Policy
PRA-Raposo, Sá Miranda & Associados, Sociedade de Advogados, SP, RL. (ahead, PRA), headquartered in Rua Rodrigo da Fonseca, N.º 82, 1.º Dto 1250-193 Lisboa and Tax Registration Number 505 253 739 is the owner of the domain https://www.pra.pt/, where is housed its WEBSITE.
AS A DATA CONTROLLER, PRA IS COMMITTED TO PROTECTING THE PRIVACY AND PERSONAL DATA OF ITS CUSTOMERS AND WEBSITE USERS AND HAS THEREFORE DEVELOPED AND ADOPTED THIS POLICY AND THE PRACTICES DESCRIBED HEREIN.
THIS POLICY EXPLAINS HOW YOUR PERSONAL DATA IS COLLECTED AND PROCESSED, SO WE ADVISE YOU TO READ IT.
1. WHAT IS THIS POLICY ABOUT?
1.1. This Privacy Policy explains how we collect and process personal data that is necessary for the provision of services that are available through the website and describes the practices adopted for that purpose.
2. WHAT ARE PERSONAL DATA?
2.1. Personal data shall mean all information relating to an identified or identifiable individual, whatever the nature and support of the information, including sound and image of the individual.
2.2. An identifiable person is a person who can be identified, directly or indirectly, in particular by reference to an identification number or to other factors specific to his physical, physiological, mental, economic, cultural or social identity.
3. HOW DO WE USE YOUR PERSONAL DATA?
3.1. The personal data processing operations that we carry out are an essential tool for your satisfaction and for the activity of PRA and are performed in accordance with applicable law and best practices.
3.2. Your personal data will not be reused for other purposes that are not previously identified or that have no connection with those purposes for which they were initially collected.
4. WHAT ARE THE PURPOSES, LEGAL BASIS AND RETENTION PERIODS FOR THE DATA COLLECTED?
4.1. The personal data we process has specific bases, depending on the purposes for which they are intended, and will be kept for the time necessary for the respective purposes, as listed in this Privacy Policy.
4.2. The personal data collected are only those necessary and appropriate for the purposes indicated.
4.3. The following table shows the purposes of processing and data collected for these purposes, the respective grounds and the periods or criteria for storing data:
PURPOSES | LEGAL BASIS | COLLECTED DATA | RETENTION PERIOD |
To review and process your application to work with PRA. | Consent for this specific purpose. | Full name, address, email, CV, motivational letter, phone number and application details. | 1 year |
To send newsletters. | Consent for this specific purpose. | Name, email, company and position. | 5 years |
To analyse and respond to your contact requests. | Consent for this specific purpose. | Name, email, phone number and massage. | 1 year |
For website management operations. | Consent for this specific purpose (cookies);
Legitimate interests pursued by PRA. |
Cookies data, IP address. | 1 year |
For business purposes, such as data analysis, audits. | Consent for this specific purpose (cookies);
Legitimate interests pursued by PRA. |
Cookies data, IP address. | 1 year |
For fraud prevention and information systems security. | Legitimate interests pursued by PRA. | Cookies data, IP address. | 1 year |
For the adaptation, improvement and modification of services, namely by identifying usage trends, or, to determine the effectiveness of promotional campaigns. | Consent for this specific purpose (cookies);
Legitimate interests pursued by PRA. |
Cookies data, IP address. | 1 year |
4.4. If the law provides for a specific or mandatory period, the data will be kept for that period. In all other cases, personal data will be kept for a maximum of the times indicated above, periods that the PRA considers sufficient to fulfil the purposes.
4.5. At the end of the conservation period, all personal data collected will be deleted.
5. HOW DO WE COLLECT YOUR PERSONAL DATA?
5.1. We will collect your personal data through the forms on the website, but also through the website and the communication that it makes with your device and email messages that you send us.
5.2. Your personal data is collected through your equipment as follows:
(a) Through your browser;
(b) Through cookies;
(c) Through pixel tags and other similar technologies;
(d) IP Adress;
(e) Through your user data.
5.3. PRA is committed to process your data lawfully and legally.
5.4. PRA will not sell, rent or share your personal data with third parties, except as clearly identified in this Privacy Policy (see Section 9 to understand how).
5.5. The PRA’s services are not intended for minors and no personal details of minors are or will being processed intentionally.
6. WHAT ARE COOKIES?
6.1. Cookies are small information files that help you identify your browser and can store information, for example, User settings and preferences.
6.2. PRA will store cookies on your device to personalize and facilitate browsing as well as troubleshooting, statistics, quality assurance, and to monitor system security
6.3. With the exception of cookies specifically required for the performance of the website, the storage of other cookies will always depend on the acceptance and consent of the User, and this consent may be withdrawn at any time through specific browser tools.
6.4. To know more about the cookies we use please refer to our Cookies Policy.
7. HOW DO WE PROTECT YOUR PERSONAL DATA?
7.1. Your personal data is kept secure by adopting a variety of technical and organizational security measures to ensure that only those employees who are required to access the personal data in accordance with the access requirements and rules created for this purpose have access to it.
7.2. To protect your personal data, we only use data center providers that offer adequate and documented security measures, including guarantees that your personal data is stored on servers that are maintained in controlled environments with limited access.
7.3. Your personal data may be processed in the context of website management by MSTF PARTNERS – AGÊNCIA DE PUBLICIDADE S.A. (ahead, “MSTF PARTNERS”) with Tax Registration Number 506 601 412 headquartered in Rua do Borja n.º 6, 1350-047 Lisboa which provides us with adequate security guarantees for the protection of personal data.
7.4. Your personal data for the purpose to send newsletter are kept in secure servers at The Rocket Science Group, LLC (ahead, MAILCHIMP”) with Tax Registration Number MOSS No. EU372008134 headquartered in 675 Ponce De Leon Ave NE Suite 5000 Atlanta, GA 30308 USA which provides us with adequate security guarantees for the protection of personal data against disclosure, loss, misuse, alteration, unauthorized processing or access, as well as against any other form of unlawful processing.
7.5. Similarly, when you browse the website, we protect your data with encryption, such as Transport Layer Security (TLS, a security protocol that protects telecommunications over the internet).
7.6. Although we take all necessary precautions we deem appropriate to protect the personal data you provide and we collect, one must be aware that no security system is impenetrable.
8. HOW YOU CAN YOU EXERCISE YOUR RIGHTS:
8.1. Before we explain how you can exercise your rights, you should know what they are. Thus, the law gives you the right to ask us to exercise the following rights:
(a) Access: the right to obtain confirmation as to whether or not personal data concerning you are being processed and, if so, the right to access your personal data;
(b) Rectification: the right to obtain the rectification of inaccurate personal data concerning you and to have incomplete personal data completed;
(c) Erasure: the right to obtain the erasure of your personal data when one of the grounds listed in the legislation applies;
(d) Restriction of processing: the right to obtain limitation of processing if one of the situations listed in the legislation applies;
(e) Objection: the right to object at any time to the processing of personal data concerning you;
(f) Data portability: the right to receive personal data concerning him/her in a structured, commonly used and machine-readable format.
8.2. You also have the right to lodge a complaint with a supervisory authority (National Data Protection Commission at www.cnpd.pt)
8.3. For the purpose of exercising the rights abovementioned, you should contact PRA via the the email dados.pessoais@pra.pt.
8.4. If you request us to delete some or all of your personal data, some of the services you have requested may not be provided to you and PRA will retain only the personal data necessary to comply with its legal obligations.
9. WHEN DO WE COMMUNICATE DATA TO THIRD PARTIES?
9.1. PRA may use third parties to provide certain services, such as maintenance, technical support, marketing, billing or payment management, which may have access to some personal data, in particular, data required for contractual purposes.
9.2. PRA ensures that the entities that have access to the data are credible and offer high guarantees of protection, and that that data will never be transmitted beyond what is necessary to provide for the contracted service, nevertheless PRA remains responsible for the personal data made available.
9.3. For example, for the purposes of data center management, PRA uses the services provided by MAILCHIMP.
9.4. The PRA may also communicate your data to other partners (with prior authorization from data subjects).
9.5. PRA may also transmit data to third parties in the context of investigations, inquiries and judical and / or administrative proceedings or of similar nature, provided that it is duly ordered by a court.
10. THIRD PARTY WEBSITES.
10.1. The WEBSITE may contain links to other websites which may collect and process your personal data, and this processing is the sole responsibility of the owners of these websites, and PRA does not take any responsibility for its policies and / or practices.
10.2. Example of such third parties are Instagram, Facebook or LinkdIn through the buttons that are present on the WEBSITE.
11. DATA TRANSFERS OUTSIDE THE EUROPEAN UNION.
11.1. In the event that data transfers may occur to third countries outside the European Union, PRA will comply with the legal rules, particularly with regard to the suitability of the destination country for the protection of personal data and requirements, which are applicable to such transfers, and personal data will not be transferred to jurisdictions that do not offer guarantees of security and protection.
12. MINORS.
12.1. The WEBSITE is not intended for minors under the age of 18, thus, we request that minors do not provide us with personal information through the website, application, social media and/or emails.
13. SENSITIVE PERSONAL DATA.
13.1. The PRA requests you not to send or disclose to us any sensitive personal data, i.e. information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic information, biometric information, health data or data concerning a natural person’s sex life or sexual orientation.
13.2. If you nevertheless send or make known such categories of personal data to us, it will be deleted immediately.
14. CHANGES TO THE PRIVACY POLICY.
14.1. PRA reserves the right to readjust or change this Cookies Policy at any time. These changes will promptly be made public.
15. CONTACT DETAILS.
15.1. If you have any questions about this Privacy Policy, please email us at dados.pessoais@pra.pt.
16. LAST REVIEW.
16.1. 18th of March 2022. Lisbon (Portugal).