Privacy Policy in Compliance with the General Data Protection Regulation (GDPR)
This Privacy Policy aims to inform data subjects about how Portugal Visa Lawyers, including its website, processes personal data in accordance with the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016) and national legislation, namely Law No. 58/2019 of 8 August, which ensures the implementation of the GDPR in the national legal system.
We expressly highlight that the transmission of data over the internet (for example, when communicating via email) may involve security vulnerabilities and cannot be fully protected from access by third parties.
Consent
Access to and use of the Portugal Visa Lawyers website presupposes agreement with our Privacy Policy and Cookie Policy, as well as acceptance of their terms.
Identity and Contact Details of the Data Controller
The entity responsible for data processing is:
Portugal Visa Lawyers
Av. da República, 50 – Fl.2
1050-197 Lisbon
Portugal
Email: Direct@PortugalVisaLawyers.com
Data Processing on Our Website
General Information
The transmission of personal data to recipients/third parties and to external service providers is carried out strictly in compliance with legal requirements. Data transmission to third parties occurs only within the framework of legal provisions.
External Agents
We engage third parties and external agents to perform services related to the operation of this website and our company (namely advertising agencies or transport service providers in the implementation and management of contests and other promotional activities, as well as software providers for email marketing).
Server Log Files
We collect data on each access to our website (also referred to as server log files) based on our legitimate interest, Art. 6(1)(f) GDPR.
The data processed includes the IP address, time of access, type of request, protocol, HTTP status, referrer, type and version of browser, operating system, and report upon successful access.
The data will be used for statistical analysis for operational, security, and optimization purposes.
Data will be retained for up to 3 months for security reasons. The IP address will be stored exclusively in anonymized form.
If retention is required for a longer period for evidentiary purposes, the data will be deleted after the final resolution of the matter.
Cookies
Cookies are small files that allow specific device-related information to be stored on users’ access devices (computers, smartphones, etc.). They aim to make browsing easier and consequently improve user experience (e.g., storing login data). They also serve to collect statistical data on website usage and enable analysis for the improvement of our services.
It is possible to influence the use of cookies. Most browsers offer options to limit or completely prevent the storage of cookies. However, please note that without cookies, the usability and convenience of the website may be restricted.
Integration of Third-Party Content and Services
We may use content and services from external providers to integrate their offers and services, such as videos, maps, etc. This is based on our legitimate interest, Art. 6(1)(f) GDPR (e.g., interest in analysis, optimization, and the economic operation of our online services).
The prerequisite for this is that such content detects the IP address, since without an IP address the content cannot be sent to the user’s browser and therefore cannot be displayed.
We strive to use only content whose providers use the IP address solely for content delivery. Third parties may also use “pixel tags” (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. Pixel tags can be used to evaluate information such as visitor movements on this website. Pseudonymous information may be stored in cookies on the user’s device and operating system and may include, without limitation, technical information about the browser and operating system, referring web pages, visit duration, and other information related to the use of our online services.
The following overview provides information on external providers, their content, and links to their privacy policies, which contain additional information on data processing and opt-out options.
Contact
When you contact us (for example, via a contact form or email), your data will be processed for handling your inquiry as well as for any follow-up questions. Data processing is based on Art. 6(1)(b) GDPR. Your data will be deleted once your request has been fully processed.
Rights of Data Subjects
You have the right to request access to your personal data from the data controller at any time. This information must be provided free of charge. Furthermore, under certain circumstances, you have the right to data portability, deletion of your data, and rectification. Additionally, you may have the right to restrict the processing of your data and to publish or transfer the data you provided in a structured, commonly used, and machine-readable format.
If the processing of your personal data is based on your consent, you have the right to withdraw consent at any time. The lawfulness of processing carried out based on your consent prior to withdrawal remains unaffected.
Right to Object
You have the right to object at any time to the processing of your personal data carried out under Art. 6(1)(f) GDPR. Where personal data is processed for direct marketing purposes, you have the right to object to the processing of your personal data for such marketing, including profiling to the extent that it is related to direct marketing.
Right to Lodge a Complaint
You also have the right to lodge a complaint with the supervisory authority.
The competent supervisory authority is:
Comissão Nacional de Proteção de Dados (CNPD)
Address: Av. D. Carlos I, 134 – 1.º
1200-651 Lisbon
Further information can be obtained by phone at +351 213 928 400 during business hours, or via email at geral@cnpd.pt.
Transfer of Personal Data to a Third Country or International Organization
If we transfer personal data outside the European Union, we will only do so if the third country has been confirmed by the EU Commission as having an adequate level of data protection or if other appropriate safeguards are in place (such as binding corporate rules or EU standard contractual clauses).