The privacy and protection of personal data of all customers, employees, suppliers and other stakeholders of the products and services provided or provided by DIGIHEART govern the way in which all employees of the company operate.
The efforts made by DIGIHEART at the level of personal data protection aim at ensuring at all times that the security of its data is at the highest possible level and that good national and international practices are followed, as well as compliance with legislation in force.
EXERCISE OF RIGHTS
Under the data protection legislation in Portugal and in the European Union, users, designated as data owners, can exercise their rights as declared in the legislation.
The data subject may exercise the rights of access, correction, elimination and authorization or opposition to the processing of personal data.
Whenever a data subject needs to exercise a certain right, he can perform this exercise through two available channels, always addressed to the data protection officer, by email to firstname.lastname@example.org or by letter to the address Largo do Montinho, n . 1 Mazarefes, 4935-472 Viana do Castelo
It is the responsibility of DIGIHEART to keep safe and integrate any information collected or treated by the company in the course of its functions, complying with and implementing data protection measures in accordance with the current legislation.
In order to ensure the security of customer data, DIGIHEART has the right to condition access to equipment and services made available by means of passwords or access codes.
It is the responsibility of the client to keep the accesses assigned by DIGIHEART in a safe and non-transferable way, so as not to allow the loss or harmful use of these by third parties.
As the Internet is considered a means of transmitting data that is not secure and is liable to cause loss or violation of the information contained therein, it is the customer's responsibility to safeguard any sensitive information (passwords, access codes, etc.) that have been provided by DIGIHEART or not.
DIGIHEART is not liable for damage caused by third parties or natural causes, so the customer is responsible for taking protective measures appropriate to its infrastructure.
RESPONSIBILITY FOR DATA COMMUNICATION TO THIRD PARTIES
The responsibility of communicating data to third parties falls always on DIGIHEART and must be performed with the knowledge or consent (when applicable) of the data owners.
Currently DIGIHEART does not make any communication of personal data with third parties.
DIGIHEART only treats personal data for the purposes defined in contract with its customers and applies the principle of minimization in the collection of personal data, only the essential to the performance of the company's functions. All personal data processing beyond that defined in the contracts, is the object of direct user consent collection through the companies that contract the services of DIGIHEART.
CONDITIONS OF COLLECTION
DIGIHEART collects personal data directly to users who have business relationships with the company, or through their customers when the collection relates to the performance of functions within a particular company. When the collection of personal data is performed by the customers, the responsibility for the quality of the data and the information of the users resides in that entity, and these data may be essential for the performance of functions and making it impossible to perform the provision of services.
All personal data processed by DIGIHEART complies with the best security standards in the market, always stored in encrypted form, transferred on secure links and never shared with external service providers.
PERIOD OF CONSERVATION
All personal data processed by DIGIHEART complies with the principle of conservation for as long as the purpose of collection is maintained, after that period the data is destroyed. Users are duly informed of the period of retention of the data within the scope of its purpose.
The preservation of personal data beyond the period of a particular service or supply is possible, but will be defined at the time of collection or through the collection of user consent.
DATA PROTECTION MANAGEMENT SYSTEM (SGPD)
DIGIHEART has implemented a data protection management system that is a govern model for this sector in order to guarantee the existence of the ideal conditions for the protection of the personal data of its clients and users. This model involves technical, procedural and physical measures to ensure data security at high levels.
This system involves the implementation of physical and logical access control measures, secure data storage, safeguarding in case of accidental destruction or disaster recovery, confidentiality measures with employees and service providers, restriction of access to strictly essential data, auditing processes and verification of conformity.
In addition to legal and technical constraints implemented within the organization, all systems are subject to automatic auditing of all relevant operations, ensuring traceability in case of personal data breach.
Cookies are files stored on clients' devices that visit certain web pages, and the purpose of using these files is varied, but generally they serve to optimize the experience of using the pages, save browsing history, etc.
This is a common practice and used by many pages and browsers on the internet and refusal to use these files may lead to the denial of access to a particular page on the internet or service.