The purpose of the Privacy Policy is to provide all data holders who deliver personal information to CESO, with the necessary knowledge about the organisation, use and management of their personal data. This Policy applies exclusively to the personal data that CESO is responsible for collecting and treating.

CESO CI INTERNACIONAL S.A., a commercial corporation incorporated under Portuguese law, established at Avenida Elias Garcia, nº 123, 4th floor, Lisbon, 1050-098 Lisbon, Portugal, with a share capital of € 1,000,000.00 (one million euros), with the fiscal number 502.550.643, holder of the website https://www.ceso.pt/, registered under the same number at the Lisbon Commercial Registry Office, is the responsible entity for the collection and processing of personal data and in pursuit of its activity, decides which data to collect, the means of treatment and the purposes for which it is used.

Accordingly, CESO is committed to:
— Processing the personal data in a lawful and fair manner, collecting only the relevant and necessary information to the purpose for which it is intended;
— Allowing the data holder to access and correct the information that concerns him or her, transmitting it in a clear language and strictly corresponding to the registered contents;
— Guaranteeing the right to delete the data in accordance with the legislation in force;
— Not using data collected for purposes incompatible with the initial collection;
— Keeping the data accurate and, if necessary and possible, up to date;
— Ensuring the consent of the data holder in accordance with the legislation in force;
— Respecting professional secrecy with regards to the processed data;
— Limiting interconnections of personal data to the minimum necessary;
— Implementing appropriate protection and security measures, which prevent unauthorized personnel from consulting, modifying, destroying or adding data;
— CESO ensures, among other aspects, the processing of data in accordance with the legislation in force, by verifying compliance with the present Privacy Policy. It also cooperates with the supervisory authority, provides information and advises the controller on its obligations in the matter of privacy and data protection.

Personal data refers to any information of any nature and regardless of its support, relating to an identified or identifiable individual. Anyone who can be directly or indirectly identified by reference to an identification number or to one or more specific elements of his / her physical, physiological, psychological, economic, cultural or social identity shall be considered as identifiable.

The individuals to whom the data belongs, who are professionally related or likely to be related to CESO, as a supplier, permanent employee or as representatives of clients or partners.

CESO may collect, store and use the following categories of personal data:
— Contact information (name, address, telephone number, e-mail) intended to be registered in the general communication database;
— Any other information that the data holder chooses to provide, namely in the scope of service proposals or while participating in projects, events or training actions. The provision of incorrect or inaccurate data is the sole responsibility of the data holder;
— Personal data provided may include, but is not restricted to: Contact data; Demographic data; Professional data; Personal documents in electronic format;
— Requested and collected information through filling out online forms, according to the safety and security measures implemented by CESO;
— Data related to the services provided by CESO in the organisation where it works;
— Personal data available from publicly accessible sources.

The processing of personal data is only permissible if, and to the extent of the occurrence of at least one of the following situations:
— Consent: when, as the data holder, you have given us your consent, in writing or through an optional validation and if such consent is free, informed, specific and unequivocal for the treatment of your personal data for one or more specific purposes. Whenever reasonably possible or required by the applicable law, we will obtain your consent before collecting or using your personal data;
— Compliance with contractual obligations and pre-contractual arrangements: when necessary, for processing of personal data for the fulfillment of contractual obligations in which the data subject is party, or for pre-contractual procedures at the request of the data holder, such as for the preparation of a service proposal;
— Compliance with legal obligations: when the processing of personal data is necessary to fulfill a legal obligation to which CESO is subject, such as the communication of identification data to police, judicial, fiscal or regulatory entities;
— Legitimate interest: when the processing of personal data corresponds to CESO’s or a third parties’ legitimate interest, such as data processing for the improvement of the quality of service and when our motives for its use prevail over the rights protection;
— Defense of vital interests of the data holder or of another individual: in case the data holder is physically or legally incapable of giving his consent;
— Performance of functions of public interest: when the treatment is necessary to the performance of functions of public interest or to the performance of the public authority of which the data controller is responsible.

The personal data collected is intended for the organisation, management and evaluation of the needs, interests and expectations of the data holder, namely for possible inclusion in service proposals, hiring of services or permanent employees, participation in events, actions training and/or other activities, as well as their inclusion in the general communication database and to respond to questions, suggestions or complaints.

CESO may also use your personal data to send information, including updates or changes to our services, and for changes to CESO’s terms, conditions and policies.

Whenever there is no specific legal obligation, personal data is processed by CESO only for the period of time necessary to achieve the defined purpose.

In accordance with the applicable legislation, as data holder, you have the right to free access the data that concerns you, and you can request its rectification or addition by contacting CESO through written communication to:

CESO CI INTERNATIONAL S.A.
Avenida Elias Garcia, nº 123, 4º andar
1050-098 Lisbon, Portugal
E-mail: dataprotection@ceso.pt

The data holder interested in the exercise of these rights must submit a signed written request, attaching a copy of an identification document to authenticate identity.

We will try to respond to requests within one month. If the received requests are particularly complex, the response may be more time-consuming. In this case, we will keep you informed with regards to the process. As the data holder you may also, at any time, oppose the treatment of your data according to the legislation in force.

Within the framework of its activity, CESO may use partners and suppliers for all, or part of the identified purposes, and take the necessary measures to ensure that these entities are reputed, offer security guarantees and treat the personal data of the data holders to which they have access, in accordance with the law and with all the present in this privacy policy.

For the identified purposes, CESO may have to transfer some personal information from the data holders to third parties located outside the EU, in particular in the context of the presentation of service proposals for customers or of cooperation with partners located outside the EU.

Cookies are small text files that are stored on the device (computer, tablet, mobile phone) through the browser and are commonly used to retain information about the visit to the site in several sessions (ie: preferences, visited pages, etc.).

The cookies used on CESO’s website respect anonymity and are not used to collect any personal information. The information stored in the cookies herein mentioned are used exclusively by CESO, with the exception of Google Analytics, which is used and maintained by Google for statistical purposes and search analysis. For more information on this, you should consult the Google Analytics privacy policy.

Your browser allows you to manage the cookies in the configuration options and may even block all cookies from CESO’s website. However, CESO states that, by blocking cookies, it may not be possible to access certain parts of CESO’s website or its navigation may be less efficient.

CESO has implemented the appropriate logical, physical, organisational and security measures, necessary and sufficient to protect personal data, namely:
— Firewall and intrusion detection system;
— Means of data protection from design (privacy by design) and a set of preventive privacy-friendly measures (privacy by default);
— Audit and control mechanisms to ensure compliance with security policies;
— All employees are covered by a confidentiality agreement or subject to confidentiality rules, within the framework of the relations established with CESO, regarding the data to which they have access in the scope of their activities, being properly informed of the importance of fulfilling this legal duty secrecy and being responsible for compliance with this obligation of confidentiality.

CESO reserves the right to change this policy from time to time. The date of the last modification is mentioned at the end of this document. If we make changes to this policy and how we use the personal data of the data holder, we will make an updated version of this policy available by publishing it on the company's website (https://ceso.pt/).