GREENLIS complies with all applicable communities and national legal
standards in data protection, privacy and information security. Within
the scope of the Personal Data Protection and Information Security
System, GREENLIS seeks to ensure regulatory compliance and the
demonstration or evidence of institutional responsibility in terms of
data protection and information security, implementing all technical
and organizational measures necessary for compliance. of the current
Data Protection legal regime. In this context, GREENLIS also assumes
commitment to the secrecy and confidentiality of the personal data for
which it is responsible for processing, in accordance with this data
protection and privacy policy. Thus, it guarantees compliance with all
applicable standards regarding confidentiality and secrecy, also
requiring this from all its employees or suppliers, as well as the
adoption of behaviors and the implementation of the necessary measures
to the same degree of compliance, ensuring that the people authorized
to process the personal data have undertaken a confidentiality
commitment or are subject to appropriate legal confidentiality
obligations.
Defintions
«Personal data»
Personal data means information relating to an identified or
identifiable natural person (data subject); an identifiable natural
person is one who can be identified, directly or indirectly, by
reference to an identifier. Personal identifiers are, for example, a
name, an identification number, location data, identifiers by
electronic means or one or more specific elements of the physical,
physiological, genetic, mental, economic, cultural or social identity
of that natural person.
«Processing of Personal Data»
'Processing' means any operation or set of operations which is
performed on personal data or on sets of personal data, whether or not
by automated means, such as collection, recording, organization,
structuring, storage, adaptation or alteration, retrieval,
consultation, use, disclosure by transmission, dissemination or any
other form of making available, comparison or interconnection,
limitation, erasure or destruction.
«Cookies»
“Cookies” are small text files with information considered relevant
that the devices used for access (computers, mobile phones or portable
mobile devices) load, through the internet browser, when a website is
visited by the Customer or User.
GREENLIS, Comercio de Artigos Decorativos, with headquarters at Estrada Octávio Pato 175 aramzém AA6 Talaíde, 2635-631 Rio de Mouro, registered at the Commercial Registry Office of Sintra, under the unique registration and Legal Entity number 501.510.702, with the share capital of 270,000 euros, in this document referred to as GREENLIS, is the entity responsible for the online websites www.greenlis.pt and the computerized applications, hereinafter referred to as channels or applications, through which Users, Service Recipients or Customers have access remote access to GREENLIS services and products that are presented, marketed or provided, at any time, through them. The use of channels or applications by any User, Service Recipient or Customer may imply the carrying out of personal data processing operations, the protection, privacy and security of which by GREENLIS, as the entity responsible for the respective processing, is ensured, in accordance with the terms of this Data Protection and Privacy Policy.
For contact purposes with GREENLIS's Data Protection Officer, please send an email to dpo.privacy@greenlis.pt, describing the subject of the request and indicating an email address, a telephone contact address or a mailing address.
GREENLIS processes personal data strictly necessary for the provision of information and the operation of its channels, in accordance with the uses made by Users, Service Recipients or Customers. To this end, GREENLIS collects such personal data: - Directly from Users or Recipients who provide them for the purpose of registering requests or obtaining information. - Directly from Customers for the purpose of subscribing to those channels or using services provided by GREENLIS, such as access, queries, instructions, transactions and other records relating to their use. In particular, the use or activation of certain functionalities of the channels may involve the processing of several personal identifiers. direct or indirect personal data, such as name, home address, contacts, device addresses or geographic location, whenever there is express consent from the User, Service Recipient or Customer. The personal data collected by GREENLIS are processed electronically, in certain cases in an automated manner, including the processing of files or the definition of profiles and within the scope of the management of the pre-contractual, contractual or post-contractual relationship with Users, Recipients of the Service. or Customers, in accordance with current national and community regulations.
The categories or types of personal data subject to processing may be, among others that are necessary and legitimately collected, the following: full name, taxpayer number, civil identification number, marital status, gender, date of birth, place of birth, address(es), location(s), zip code(s), country, country code, telephone contacts, email addresses, name of the company where you work, etc. In all cases, Users, Service Recipients or Customers will always be informed of the need to collect such data to access the functionalities of the channels in question.
All data processing operations carried out by GREENLIS have a basis of legitimacy, namely, the consent of the data subject, the need to execute a contract or pre-contractual steps with the data subject, as well as the need to comply with a legal obligation or legitimate interests pursued by GREENLIS or third parties.
All personal data processed within the scope of GREENLIS channels are exclusively intended for the provision of information to Users, the management of personal information of Service Recipients considered necessary for the purposes of managing the relationship or communication, as well as the provision of services contracted by the Customers and, in general, the management of the pre-contractual, contractual or post-contractual relationship with Users or Customers. The personal data collected may also, and eventually, be processed for statistical purposes, for information dissemination or promotional actions and for commercial or marketing actions, to promote actions to publicize new features or new products and services, through direct communication, whether by correspondence, email, messages or telephone calls or any other communication service. Prior information and the collection of express authorization for these latter purposes are always ensured, Users or Customers may, at any time, exercise their right to object to the use of their personal data for other purposes that go beyond the management of the contractual relationship, especially for marketing purposes, for sending informative communications or for inclusion in lists or informative services, and to do so, you must send a written request addressed to GREENLIS's Data Protection Officer, in accordance with the procedures indicated below.
Personal data will be stored only for the period necessary for the purposes that motivated their collection or subsequent processing, ensuring compliance with all applicable legal standards regarding archiving.
GREENLIS uses cookies on its websites in accordance with the Cookies Policy available for consultation at www.greenlis.pt.
The provision of information or the provision of services by CIN to its Users, Service Recipients or Customers through the channels may eventually imply the use of third-party services, including entities based outside the European Union, for the provision of certain services, this may imply access by these entities to personal data of Users, Service Recipients or Customers. In these circumstances and whenever necessary, CIN will only use subcontracted entities that provide sufficient guarantees of implementation of appropriate technical and organizational measures so that the processing meets the requirements of the applicable standards, such guarantees being formalized in a contract signed between CIN and each one. of these third parties.
Except in compliance with legal obligations, under no circumstances will there be communication of personal data of Users, Service Recipients or Customers to third parties that are not subcontracted entities or legitimate recipients, nor will any other communication be carried out for other purposes. of those mentioned above.
Any transfer of personal data to a third country or an international organization will only be carried out within the framework of compliance with legal obligations or ensuring compliance with applicable Community and national legal standards in this matter.
Considering the most advanced techniques, application costs and the nature, scope, context and purposes of the processing, as well as the risks, of varying probability and severity, for Users, Service Recipients or Customers, GREENLIS and all entities that are subcontractors apply appropriate technical and organizational measures to ensure a level of security appropriate to the risk. To this end, various security measures are adopted to protect personal data against dissemination, loss, misuse, alteration, processing or unauthorized access, as well as against any other form of unlawful processing. It is the sole responsibility of Users, Service Recipients or Customers to keep access codes secret and not share them with third parties. In the case of computer applications used to access channels, they must also maintain and preserve access devices. in safe conditions and follow the security practices recommended by manufacturers and/or operators, particularly regarding the installation and updating of necessary security applications, such as, among others, antivirus applications. If it is necessary to subcontract services to third parties that may have access to the personal data of Users, Service Recipients or Customers, GREENLIS's subcontractors will be obliged to adopt security measures and protocols at the organization level and the measures of a technical nature necessary to protect the confidentiality and security of personal data, as well as to prevent unauthorized access, loss or destruction of personal data.
GREENLIS Users, Service Recipients and Customers may, as holders of personal data, at any time, exercise their data protection and privacy rights, especially the rights of access, rectification, erasure, portability, limitation or opposition. to the treatment, under the terms and with the limitations provided for in the applicable standards. Any request to exercise data protection and privacy rights must be addressed, in writing, to the Data Protection Officer, in accordance with the procedure and contact described below.
GREENLIS Users, Service Recipients and Customers have the right to file a complaint, either by registering the complaint in the Complaints Book or by submitting a complaint to the regulatory authorities, as well as making suggestions via email sent to the Data Protection Officer.
GREENLIS has implemented an incident management system within the scope
of data protection, privacy and information security.
If any User, Service Recipient or Customer intends to report the
occurrence of any situation of personal data breach, which causes,
accidentally or unlawfully, the destruction, loss, alteration,
disclosure or unauthorized access, to personal data transmitted,
stored or subject to any other type of processing, you can contact the
Data Protection Officer.
To ensure its updating, development and continuous improvement, GREENLIS may, at any time, make changes that are considered appropriate or necessary to this Data Protection and Privacy Policy, ensuring its publication on the different channels to guarantee the respective transparency and information to Users, Service Recipients and Customers.
The terms of the Data Protection and Privacy Policy are complementary to the terms and provisions regarding personal data, set out in the General Conditions of Use of GREENLIS channels. The free, specific and informed provision of personal data by the respective holders implies knowledge and acceptance of this Policy and constitutes express authorization for its processing, in accordance with the defined rules.
To exercise any type of data protection, privacy or information security rights or any matter relating to data protection, privacy and information security, Users, Service Recipients and Customers of GREENLIS may contact the person in charge of and Data Protection via email dpo.privacy@greenlis.pt, describing the subject of the request and indicating an email address, a telephone contact or a correspondence address for response.