sibs.comarrow_outward
Corporate
Contact useast

PERSONAL DATA PROTECTION POLICY

Through this personal data protection policy, we aim to inform the user about how we process their personal data when using the SIBS Website (hereinafter, “Website”) and to comply with the provisions of personal data protection legislation, namely Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, “GDPR”), regarding the information to be provided to the data subject.

1. Identity and contact details of the Data Controller and the Data Protection Officer.
When using the Website, SIBS processes your personal data as the Data Controller for its own purposes (as set out below).
• Name: SIBS SGPS, S.A. (“SIBS”)
• Registered Office: Alfrapark, Estrada de Alfragide, Building E, nº67, 2610-008 Amadora, Lisbon
• Share Capital: EUR 24,642,300.00
• Tax ID Number (NIPC): 501 408 819
• Data Protection Officer: DataProtectionOfficer@sibs.com

2. Purposes and legal basis for processing, personal data and retention periods.
When using the Website, SIBS collects the user’s personal data (some mandatory, others optional, with the risk of some features not functioning properly if not provided), namely:
• To respond to contact requests, telephone number, email address, and name are collected, based on the legal ground of contractual execution (pre-contractual diligence at the request of the data subject) (cf. Article 6(1)(b) GDPR), and are retained for the period necessary to demonstrate compliance with legal obligations.
• For Website security and resilience (prevention and combating of fraud), IP address | service status | geolocation | device ID | brand and model of the user’s device | device name | operating system of the device are collected, based on the legitimate interest in ensuring security and preventing fraud (Article 6(1)(f) GDPR), and are retained for 5 years (Article 118(1)(c) of the Penal Code).
• For recruitment and selection (receipt of job and internship applications), telephone number, email address, and name are collected, based on the legal ground of contractual execution (pre-contractual diligence at the request of the data subject) (cf. Article 6(1)(b) GDPR), and are retained for the period necessary to demonstrate compliance with legal obligations.

You may withdraw your consent at any time (without affecting the lawfulness of processing carried out based on consent previously given).
SIBS only retains your personal data in a way that allows the identification of data subjects for as long as necessary or legally required to fulfil the stated purposes.

3. Data recipients.
To comply with legal obligations, SIBS may be required to disclose your personal data to third parties, namely judicial or administrative authorities, as well as supervisory or regulatory entities.

4. Service providers.
SIBS may use other companies within the SIBS Group or third-party entities to provide certain services involving the processing of personal data on the Website, solely based on SIBS’s prior and documented instructions.

5. International data transfers.
Personal data is processed within the territory of the European Union/European Economic Area (EU/EEA). In certain cases, SIBS may transfer personal data outside the EU/EEA securely and lawfully, ensuring that data is only transferred under mechanisms permitted by Chapter V of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”).

6. Data processing security.
SIBS has implemented appropriate technical and organisational security measures to protect the personal data provided, aiming to prevent unauthorised alteration, loss, processing and/or access, taking into account the current state of technology, the nature of the data processed, and the risks to which it is exposed. Users are aware, however, that no security measures are entirely infallible.

7. Exercise of data subject rights.
Under applicable data protection legislation, you may exercise the following rights free of charge and at any time: access; rectification; erasure (“right to be forgotten”); restriction; portability; objection. This can be done via written request addressed to the SIBS Data Protection Officer at the address indicated above or to the following email address: DataProtectionOfficer@sibs.com.

8. National supervisory authority.
The user has the right to lodge a complaint regarding personal data protection with the Comissão Nacional de Proteção de Dados (CNPD), the national supervisory authority for the purposes of the GDPR and Law no. 58/2019, of 8 August, which ensures the implementation of the GDPR within national law.

9. Third-party websites and social media.
The Website may contain advertisements, hyperlinks, or other content that redirects the user to third-party and/or partner websites and/or social media platforms.
SIBS does not control the content of such websites and/or social media platforms and is therefore not responsible for them, nor for the practices of those websites or platforms. As such, SIBS recommends that the user consult the data protection policies of those websites or social networks, as well as their terms and conditions of use.

10. Updates to the Personal Data Protection Policy.
This personal data protection policy will be reviewed periodically and updated whenever necessary.

Last updated: 28-08-2024