Skip to content

Terms & Conditions

E+Perfil Lda (hereinafter the Company), with head office at Rua do Combatentes, Nº.603, Armazém A 4485-093 Fajozes, with VAT number 508 881 994, is committed to protecting the privacy of all its employees and clients and, to this end, has adopted the present privacy policy in order to demonstrate and inform of its commitment to respecting personal data and adopting the best practices which, under the terms of the law and applicable regulations, must be observed with regard to security techniques and the protection of personal data.

In this sense, we ask you to read the Privacy Policy that is adopted by the Company, as your contractual relationship with it and/or your access to the website https://www.eperfil.pt, domain owned by E+Perfil Lda, through which you make your personal data available, implies knowledge and express and prior acceptance of the conditions contained in said Privacy Policy, because when you establish the aforementioned contractual relationship or access the website, you are authorising the collection and processing of your personal data in accordance with the rules defined herein.

The Company clarifies that the mere navigation or access to its website does not necessarily imply the collection of your personal data or cookies. Nevertheless, we inform you that the website also uses cookies, and therefore has a Cookies Policy which you should also consult.

1. Personal data, holders of personal data and categories of personal data

a) What is personal data?

Personal data is any information, of any nature and regardless of its support (sound or image), concerning an identified or identifiable natural person.

An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, electronic identifiers, or to one or more specific elements that allow the identification of that natural person.

b) Who are the data subjects of the personal data?

The owners of the personal data are natural persons – Company employees and clients and persons who access the Company’s website or participate in the initiatives carried out by the Company and who provide their personal data for this purpose, and who may not have any contractual relationship with the Company.

c) What category of personal data do we process?

Identification and contact details – name, date of birth, gender, affiliation, civil, tax and social security identification numbers, telephone contact or email address.

Data resulting from physical identification, e.g. photographs, resulting from participation in events promoted by the Company.

2. The data controller and the data protection officer

The person responsible for collecting and processing personal data is E+Perfil Lda (hereinafter the Company), with registered office at Rua do Combatentes, No.603, Armazém A 4485-093 Fajozes, with VAT No. 508 881 994, who decides which personal data is to be collected, the means of processing and the purposes for which the data is to be used.

3. Basis, purposes and duration for processing personal data

a) Grounds for the Company to process personal data

a.1) Consent

Consent exists when the data subject expresses his/her express consent – in writing or orally or proceeds to such consent by accessing the Company’s website by validating an option – and if this consent is free, informed, specific and unambiguous;

Examples of the need for consent are: authorisation for the Company to send newsletters with messages about initiatives it promotes, to send communications or messages or to be able to assign your personal data to third parties;

a.2) Compliance with legal obligation

When the processing of personal data is necessary for the Company to comply with a legal obligation such as those arising from the need to comply with notifications made by police, judicial and regulatory bodies or to comply with obligations before the tax authorities or social security or to ensure emergency services or for the conclusion and access to legally required insurance services (v.g. personal accident insurance and/or occupational accident insurance);

a.3) Legitimate interest

When the processing of personal data corresponds to a legitimate interest of the Company such as, for example, the detection of fraud and when the reasons for the use of the personal data should prevail over the data subject’s data protection rights.

a.4) Consent by minors

In the case of processing the personal data of minors, which may be subject to prior consent, such consent shall only be valid if given by the person who proves to be the holder of parental responsibilities.

b) Purposes of processing personal data

Personal data is processed for the following purposes:

b.1) Management

* Contact maintenance;

* Replying to complaints;

b.2) Accounting, Fiscal and Administrative management

* Accounting and invoicing

* Tax and social security information, when applicable.

b.3) Litigation management

* Judicial and extrajudicial collection of debts;

* Intervention in other judicial and extrajudicial conflicts.

b.4) Fraud detection and revenue protection

* Detection of fraud and illicit practices;

* Protection and control of revenue;

* Internal audit and investigation.

b.5) Network and system management

* Supporting and improving the networks and applications that support the services provided;

* Monitoring, improvement and support of the services provided.

b.6) Legal compliance

Response to judicial, regulatory, supervisory, fiscal and social security entities.

b.7) Information security control

* Access management, logs;

* Management of backups;

* Management of security incidents.

b.8) Physical security control

* Installation of video surveillance systems in legally permitted places.

b.9) To disseminate initiatives and information

* Dissemination of initiatives promoted by the Company or by third parties.

4. Time limits for processing personal data

The Company keeps your personal data in accordance with the purposes for which they are processed.

Data relating to employees will be kept for the duration of the contractual relationship established with them.

There are cases in which, in relation to employees, the law requires that such data be kept for a minimum period of 12 years for purposes of information to the Tax Authority and for accounting or tax purposes.

With regard to video surveillance, the image recordings and respective personal data will only be kept for a period of 30 days, unless the Company is notified by a competent police or judicial body to keep this data for a longer period.

The Company may keep other personal data for periods longer than those mentioned above, either based on consent from the data subjects, or to ensure duties, rights or obligations related to contracts and relationships established with the data subjects, or because they have legitimate interests to do so, but always for the time strictly necessary to achieve the respective purposes and in accordance with the guidelines and decisions of the CNPD.

For example, contacts for the purposes of information and promotion of initiatives promoted by the Company and legal proceedings for as long as they are pending.

5. How and when personal data is collected

We collect personal data from all those who contact the Company with a view to being informed about initiatives promoted by the Company or to enrol in them.

6. Rights of the personal data subject

The rights of the personal data subjects are as follows:

(a) Right of access

Right to obtain confirmation as to which personal data concerning them are being processed and right to obtain information about such personal data, in particular about the purposes of processing and conservation periods.

b) Right of rectification

Right to obtain the rectification of inaccurate personal data or to request that incomplete personal data be completed, such as for example address, NIF, email, telephone contacts and others.

c) Right to erasure of data or right to be forgotten

Right to obtain the erasure of your personal data, as long as there is no valid basis for its conservation, such as, for example, the need to comply with legal obligations of any order, such as the need to preserve the data for the fulfilment of the duty of information before the courts, police entities and the public administration.

d) Right to portability

Right to receive the data concerning him/her that he/she has provided in a digital format for current use and automatic reading or to request the direct transmission of such data to another entity that will be the new responsible for his/her personal data whenever this transmission is technically possible.

e) Right to withdraw consent and right to object

Right to oppose or withdraw your consent to data processing at any time, provided that no legitimate interests override your interests, rights and freedoms, such as for example intervention in a judicial procedure or in a tax procedure.

f) Right of limitation

Right to request that the processing of your personal data be suspended or that the scope of the processing be restricted to certain categories of data or processing purposes and that such restriction does not conflict with the need to comply with legal obligations of any kind.

g) Automated decisions and profiling

The Company may profile its customers and users provided that such processing is necessary to comply with a legal obligation or arises from the consent of the data subject.

If the processing of personal data, including processing for profiling, is exclusively automated, i.e. without human intervention, and may produce legal effects or significantly affect the data subject, the data subject shall have the right not to be subject to any decision based on such automated processing, apart from the exceptions provided for by law, and shall have the right to have the Company take the necessary and appropriate measures to safeguard his rights and legitimate interests, including the right to have human intervention in the decision-making of the Company and the right to express his opinion and to contest any decision taken on the basis of the automated processing of personal data.

h) Right to complain

The holder of the personal data has the right to lodge a complaint at any time to the supervisory authority, CNPD – Comissão Nacional de Proteção de Dados, or to the Company.

i) Exercise of rights by the data subject

The exercise of rights by the holder of personal data is free of charge, except if manifestly unfounded or excessive, in which case the Company may charge a reasonable fee to cover the costs involved in the analysis and assessment of the exercise of such right.

The owners of personal data may exercise the rights inherent to such personal data by submitting a written request, to be presented in person or by post, at the Company’s premises, or via the following e-mail address: comunicacao@eperfil.pt.

7. Transmission of personal data

Personal data may be transferred to third parties so that they may process it in the name and on behalf of the Company, in which case the Company shall adopt the appropriate measures to ensure that such third parties are reputable entities offering high guarantees of respect for the protection of personal data in compliance with the applicable legal and regulatory standards and with the present privacy policy.

When such a situation occurs, the Company shall take the appropriate measures to ensure that the entity having access to the personal data assumes the obligation to adopt the technical and organisational measures necessary to protect such data against accidental or illicit destruction, accidental loss, alteration, unauthorised disclosure or access and against any other form of illicit processing.

In any case, the Company remains responsible for the processing of the personal data.

Personal data may only be transferred outside the European Union if such transfer is expressly requested by the data subject.

8. Liability for the services and websites of the company

Regarding the use and processing of personal data of Company websites, you should refer to the rules on the use of cookies on the respective websites.

9. Access to third party websites

The present privacy policy does not apply to third party websites.

The Company’s websites may contain links to third party websites, products or services, which are not related to the Company and which are not covered by this privacy policy.

If you visit another website from the Company’s website, you should always read the privacy policy of that website and check that you agree to its terms before providing personal data.

The collection or processing of personal data requested by these third parties is their sole responsibility, and the Company may not be held liable under any circumstances for the content, accuracy, veracity or legitimacy of these websites or the misuse of data collected or processed through them.

10. Procedural and technical security measures

The Company is committed to guaranteeing the security and protection of the personal data it receives, having adopted the appropriate technical and organisational measures for this purpose, namely

(a) Protection with passwords for access to personal data;

b) Restriction of physical access to the locations where the servers that store the personal data are located;

c) Restriction of physical entry to the places where paper documents containing personal data of employees, suppliers or customers are located;

d) Firewalls.

The Company communicates that the aforementioned security measures are reviewed and updated according to the needs that may arise.

If, for any reason, there is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, the Company shall notify the competent authorities without justifiable delay and, whenever possible, within 72 hours of becoming aware of it and in accordance with applicable legislation.

Likewise, the Company shall communicate the personal data breach to the respective holder of the personal data, under the terms of the applicable legislation.

Notwithstanding the security measures adopted by the Company, users are advised that they should adopt additional security measures, namely to ensure an active firewall, antivirus and antispyware updates.

11. Changes to the privacy policy
The Company reserves the right, at any time, to make readjustments or alterations to this privacy policy, these alterations being duly publicised on the website https://www.eperfil.pt.

The version of the Privacy Policy published on the website, at each moment, is the one in force.