Criar Valor acknowledges the importance of privacy and is invested in protecting it’s user’s/client’s personal data, and in all occurrences regarding the use of personal data, we take responsibility to fully respect and follow the General Data Protection and Regulation (GDRP)
The website https://criarvalor.com is property of “Criar Valor - Consultoria de Gestão, Lda”
Your personal data will never be divulged or sold to third parties, whether these are private or businesses.
Whenever it is necessary to collect personal data or use this information, it will be carried out under the legislation applicable to the Policy of Protection of Personal Data, imposed by the General Data Protection Regulation (RGPD, UE, 2016/679).
All information collected is provided with online consent through the website (https://criarvalor.com), by telephone, in writing or through the contact form available on the website. The “Criar Valor" website collects personal data, such as; names, e-mails, telephone numbers, but also other personal data, in case you make these available when completing the online form.
The entity responsible for the collection and processing of personal data is “Criar Valor" (DPO).
The Use of Collected Information
“Criar Valor” will comply with the rules of personal data treatment used in Portugal.
The data collected is exclusively for the use of “Criar Valor”, in order to follow the contacts made through the contact form available on the website or through another means of communication, ensuring the privacy and protection of user data.
Right to Access, Modification, Cancellation and Opposition
In accordance with the GDRP, EU, 2016/679, anyone can request access to their personal data, acknowledging its content, as well as requesting any rectification, update or request its removal, by written request addressed to “Criar Valor" to the e-mail: firstname.lastname@example.org, or by letter to the following address:
Pimenteiras Street, Antélius Building, R / C LJ B
Security and Data Protection
“Criar Valor" will comply and follow the necessary security measures to ensure the safeguarding of the personal data of the users against its possible misuse or unauthorised access.
Although “Criar Valor" is committed to ensuring the protection and security of the personal data to which it has access, it cannot guarantee the security of any information you disclose online, nor be liable for any loss or damage caused to you as a consequence of the loss of information confidentiality.
General Data Protection Regulation (GDPR) (EU) 2016/679
The General Regulation on Data Protection (GDPR) (EU) 2016/679 is a regulation of the European law on privacy and protection of personal data, applicable to all individuals in the European Union and European Economic Area. It also regulates the export of personal data outside the EU and EEA. The GDPR aims to give citizens and residents ways of monitoring their personal data and unifying the European regulatory framework.
The Regulation repeals the Personal Data Protection Directive 1995 (95/46 / EC) and contains clauses and requirements concerning the way in which personal information is processed in the EU and applies to all companies operating in the EEA, irrespective of their country of source. Business processes that process personal data are required to be designed from scratch and by default with measures that respect the principles of data protection by default and from their design, which means that the data must be stored using pseudonymization or complete anonymization and using the highest default privacy settings, so that data cannot be made available without explicit consent, and cannot be used to identify someone without additional information stored separately. The regulation does not allow the processing of any data outside the legal context specified in the regulation, except in the case that whoever controls the data has received explicit consent and expression of the will of the data owner. The owner also has the right to revoke this permission at any time.
The data controller must clearly state any data collection, state the legal framework for such data collection, the purpose of data processing, how long data will be stored and whether such data will be shared with third parties outside the European Union. Users have the right to require a copy of the data collected in a common format and the right to require that such data be deleted in certain circumstances. Public authorities and undertakings whose activity focuses on the regular or systematic treatment of personal data are required to have a data protection officer (DPO), which is responsible for ensuring that the treatment is in accordance with the GDPR. Companies are also required to report any data breach within 72 hours when this has any adverse effect on the user's privacy.
The regulation was adopted on April 14th 2016. After a transitional period of two years, it entered into force on the 25th of May 2018. Since the GDPR is a regulation, not a directive, it is not necessary for the Member States to adopt additional legislation, as so the Regulation is binding and applicable.
The regulation provides the following rights on the part of the user of this website:
- Right of access to your personal data (right to obtain access to your personal data that are processed and information about you, for example, what are the purposes of the treatment, what are the conservation periods, among others).
- Right of rectification (right to request rectification of your personal data that is out of date or request incomplete personal data to be complete.)
- Right to forget (right to request the removal of your personal data, as long as there are no valid grounds for its conservation, such as cases where “Criar Valor" has to keep the data to fulfill a legal obligation.)
- Right to portability (Right to receive the data you have provided us or to request the direct transmission of your data to another entity that becomes the new responsible for your personal data).
- Right to withdraw consent (Right to oppose or withdraw consent at any time to data processing).
- Right of limitation (right to request limitation of the processing of your personal data, in the form of: Suspension of processing, limitation of the scope of processing to certain categories of data or purposes of treatment).
- Right to complain (Right to submit a complaint to “Criar Valor", the (CNPD) National Data Protection Commission or (DPO) in charge of Data Protection).