Privacy Policy
CENFIM PRIVACY POLICY
1. GENERAL PRINCIPLES
The protection of privacy and personal data is a priority for CENFIM - Professional Training Center of the Metallurgical and Metallurgical Industry (hereafter referred to as CENFIM) and a clear commitment made by us.
Any personal data you provide to us will be treated with the guarantees of security and confidentiality required by the personal data protection legal framework.
The free and informed provision of your personal data, necessary and appropriate for the development of our activity, requires the knowledge, understanding and acceptance of the terms and conditions described in this Privacy Policy.
CENFIM seeks through this Privacy Policy to express its commitment to and respect for the legal rules that aim to protect your privacy and your personal data.
2. CONCEPTS
Consent - A free, specific, informed and explicit expression of willingness whereby the data subject accepts, by means of an unambiguous positive statement or act, that personal data concerning him / her are subject to processing.
Personal Data - Information relating to an identified or identifiable natural person (“Data Subject”); A natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, identification number, location data, electronic identifiers or one or more specific elements of the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Sensitive Personal Data - Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data that unambiguously identifies a person, health data or data relating to a person's sexual life or sexual orientation.
Data Protection Officer - Person who guarantees that CENFIM complies with all legal obligations regarding personal data.
Legitimate purpose - The purposes for which personal data may be used by CENFIM Stakeholders.
Protection of Personal Data - A fundamental right protected not only by national law but also by European law.
3. DATA HOLDER INFORMATION
3.1 Reason for collecting personal data
- a) CENFIM collects and processes personal data to carry out its mission of promoting the training, guidance and professional enhancement of the Human Resources of the Metallurgical, Metallomechanical and Electromechanical Sector.
- b)In this context, CENFIM collects personal data by telephone, through the website (cenfim.pt), in writing, namely through forms, by e-mail or by interview.
- c) The data collected are only those strictly necessary for the provision of services in the context of Vocational Training.
- (d) The collection and processing of personal data for the purpose of sending informational and marketing communications, including name, e-mail and telephone, shall only be carried out with your consent. At any time, and at your sole discretion, you may withdraw this consent by completing IMP PPE 205 (Withdrawal of Consent from the Data Subject), or via e-maildadospessoais@cenfim.pt.
3.2 Data collected
1. a) The data collected by CENFIM, for the purpose of providing services in the context of Vocational Training, may be, namely:
- Name
- Sex
- Nationality
- Date of birth
- Marital status
- Identification number
- Tax Identification Number
- Social Security Identification Number
- Driving License Number
- Naturalness
- Address
- Personal Contacts
- Professional and Academic Qualifications
- Employment Situation
- Relationship
- Photography
- Household Composition
- Data Collected on Application Interview
- Elements for Bank Transfer
1. (b) Personal data collected are processed by computer and stored in databases and / or on paper archives, in compliance with existing data protection legislation and information security rules.
2. c) CENFIM only processes your data for the specific or legitimate purpose or purpose determined when collecting personal data.
3. d) With respect to sitecenfim.pt, the actual availability of links to sites external to CENFIM does not imply any assumption of responsibility with respect to such sites and their content, and therefore they are not applicable to this Privacy policy.
3.3 Purpose of treatment
Personal data are used by CENFIM for the following purposes:
1. a) identification of the Data Subject;
2. (b) training management;
3. c) management of the contractual relationship;
4. (d) managing applications for EU funds;
5. e) social support;
6. f) billing and collection of services rendered;
7. g) conducting satisfaction surveys;
8. h) compliance with legal obligations to which CENFIM is subject and, also, existing customer consent;
9. (i) for institutional and marketing communications;
10. j) adequacy of services to customer needs and interests;
11. k) visit optimization and site navigability (cenfim.pt).
3.4 Personal Data of Children Under 16
1. a) In the case of the collection of personal data of children under 16 years old, CENFIM takes into consideration that they deserve special protection because they are less aware of their rights related to data processing.
2. (b) In such cases, consent to the processing of personal data shall be given or authorized by the holders of parental responsibility for a child under 16 years.
3. c) It is also incumbent upon the holders of parental responsibilities to request the deletion of any data for which consent is required, through e-maildadospessoais@cenfim.pt, which CENFIM will promptly access after verifying that such factual collection it occurred.
3.5 Data retention time
1. (a) The length of time for which data is stored and stored varies according to the purpose for which the information is processed. There are legal requirements that require data retention for a minimum period of time.
2. (b) If there is no statutory period for the retention of the data, it shall be stored and retained only for the minimum period necessary for the purposes which led to its collection and further processing, at the end of which the data shall be properly processed.
3.6 Principles concerning the processing of personal data
1. a) Personal data processed by CENFIM follow the following principles:
1 - Legal: there is a legal / contractual or consent basis for its treatment; Loyalty: There are no omissions in the objects of treatment; and Transparency: the data and its use are communicated to all holders continuously and noticeably.
2 - Limitation of Purposes: All data collected have a determined, explicit and legitimate purpose and are not further processed in a manner incompatible with that purpose.
3 - Data Minimization: Data are adequate, relevant and limited to what is necessary for the purposes for which they are processed.
4 - Accuracy: the data are accurate and updated whenever necessary; CENFIM shall take all appropriate measures to ensure that inaccurate data, having regard to the purposes for which they are processed, are deleted or rectified without delay.
5 - Limitation of retention: Data are retained in a manner that permits the identification of data subjects only for the period necessary for the purposes for which they are processed.
6 - Integrity and Confidentiality: Data is processed in a manner that ensures its security, including protection against unauthorized or unlawful processing and loss, destruction or accidental damage, by taking appropriate technical or organizational measures.
7 - Responsibility: CENFIM is responsible for compliance with all principles of personal data processing.
3.7 Data Subject Rights
1. (a) CENFIM undertakes to ensure the exercise of the following rights to data subjects:
Receive clear and understandable information about who is processing your data, what data is being processed and what is the purpose of that processing;
2 - Request access and correction of incorrect, inaccurate or incomplete personal data held by CENFIM;
3 - Request the transmission of personal data held by CENFIM to another person responsible for processing personal data of another organization, whenever technically possible;
4 - Right to be forgotten: You may request that your personal data be deleted if you wish to withdraw the consent provided and there are no other legal grounds justifying its preservation by CENFIM.
5 - The right to object to the processing of your personal data for marketing purposes or for reasons relating to your particular situation.
6 - Inform the data subject and the competent data protection supervisory authority of data loss or theft if such breach is likely to cause harm to the data subject.
7 - Better protection of children, as they may be less aware of the risks, CENFIM will ensure specific information tailored to this target audience.
1. b) These rights may be exercised by completing IMP PPE 206 (Request for Exercise of Rights of the Personal Data Holder), or by e-mail datapessoais@cenfim.pt.
2. c) If there is no legal / contractual basis for the collection and / or processing of data, CENFIM will request consent to process the data, clearly indicating the use that will be made of the data. This consent shall translate into a free, specific, informed and explicit expression of willingness by the data subject who accepts, by means of a clear statement or positive act, that the personal data concerning him / her shall be processed.
3.8 Withdrawal of consent for the processing of personal data
1. (a) The withdrawal of the data subject's consent is an explicit expression of willingness whereby the data subject conveys, by means of an unambiguous positive statement or act, that he wishes to withdraw consent so that personal data concerning him is not subject to treatment.
2. (b) Withdrawal of consent shall not affect the lawfulness of consent-based treatment prior to withdrawal. Just as consent covered all treatments for the same purpose or purposes, withdrawal of consent covers treatments performed for the same purpose or purposes.
3.9 Personal Data Security Guarantees
CENFIM adopts technical and organizational measures, which are periodically reviewed and improved, to ensure the security and protection of personal data in terms of its availability, authenticity, integrity and confidentiality, as well as those to prevent its loss, misuse, unauthorized alteration, treatment, or access, as well as any other form of unlawful treatment.
3.10 Reporting Data to Third Parties
1. a) In the context of the provision of Vocational Training services, CENFIM may have recourse to a subcontractor handling its data, which implies access by this entity to such data.
2. (b) Where this is the case, CENFIM shall take appropriate contractual measures to ensure that such third parties, subcontractors, partners or in a group relationship are provided with adequate and adequate safeguards for the implementation of technical and organizational measures and that they will act. according to CENFIM instructions only.
3.11 Data Transfer
1. (a) Within the framework of compliance with existing legislation, and in particular the need to provide data for the purposes of training management, contractual relationship management and the management of applications for EU funds, CENFIM is obliged to notify personal data to third parties, in particular to European Social Fund management bodies and public administration bodies.
2. b) In this case, CENFIM shall endeavor to comply with the legal provisions in force in such transmission.
3.12 Contacts
1. a) If you have any questions or concerns about how CENFIM collects and processes your personal data, you may contact the Data Protection Officer:
Name: Maria de Lurdes Moreira Gomes Alves
Email: data@cenfim.pt
1. b) The Data Protection Officer is responsible for ensuring that any revision or update of this Privacy Policy is performed in accordance with the requirements of the RGPD.
3.13 Privacy Policy Review
1. a) CENFIM reserves the right to change without notice the content of this Privacy Policy, without prejudice to publishing it on sitecenfim.pt, in particular, and on the intranet whenever this happens.
2. (b) Amendments shall be deemed to enter into force upon publication, with reference to the date of update.
