1. Who is responsible for processing your data?
idD Portugal Defence S.A, located at Av. Ilha da Madeira, nº35 K - 2ºB | Restelo Business Center, is the entity responsible for processing personal data collected on the portal Smart Defence.
The [name of the platform] platform was developed together with EY Portugal. The company, located at Avenida da República, nº90 - 3º, 1649-024 Lisbon, will monitor the platform's evolution for two years after the go-live. During this period, EY Portugal may have access to the data collected. EY is committed to protecting your data and privacy.
2. What personal data do we process?
The personal data we process comes from the information you provide by filling in the forms that you may come across on the Smart Defence platform or through the means used to request your integration in our registration processes. Specifically, we will process the following data:
- Name, surname, e-mail, and contact number;
- Data concerning the registered entity, provided when conducting the registration process;
- There is an extraordinary situation in which a copy of the Portuguese cartão do cidadão (citizen card) is requested for entities registered in DTIB or wishing to register in DTIB. Submission of the copy of cartão do cidadão is optional and can be avoided in both cases if the user authenticates through Chave Móvel Digital (Mobile Digital Key).
3. What are the purposes of processing your data?
- Cross-checking and analyzing data for matchmaking purposes between the competencies selected for your entity and the business opportunities that exist in the platform;
- Managing communications regarding actions or events related to the Smart Defence portal.
4. What is the legitimacy of processing your data?
idD only processes the data referred above if a free, explicit, informed and unambiguous consent is obtained from the end-user.
You must contact idD in case you wish the anonymity and/or destruction of your data.
5. For how long do we keep your data?
The data collected will be kept for the period strictly necessary for the purposes for which they were collected such as:
- Presenting the best business opportunities;
- Regarding communications, data will be treated for the duration of the relationship between the parties, that is, until the interested party requests the deletion of the data.
6. What are your rights and how can you exercise them?
End users have the right, at any given time, to withdraw consent, without affecting the lawfulness of data processing based on previously given consent, to request access to and rectification or erasure of personal data concerning them, to request the restriction of data processing, as well as to request data portability where lawfully and contractually permissible.
For the purposes of exercising their rights, users must send an e-mail message to the address written below.
Platform users also have the right to lodge complaints with the competent control authority – which, in Portugal, is the National Commission for Data Protection (abbreviated to CNPD) - concerning matters relating to how their personal data information is processed and managed. For more information, please go to www.cnpd.pt.
To exercise your rights you should address the Data Protection Officer of idD Portugal Defence S.A through written form. The communication should be accompanied by a photocopy of an identification document and should be conducted through the following channels:
- E-mail: email@example.com
- Registered letter: Estrada da Luz nº 153 | 1600-153 Lisboa, Portugal
For any question related to the privacy of information on the Smart Defence platform or about the regulation of the platform, you may contact idD Portugal Defence S.A. through the channels mentioned above.
You also have the right to file a complaint with the data protection authority in your country.
Smart Defence platform and idD Portugal Defence S.A. guarantee the confidentiality and security of the information obtained in the course of its business. Access to this information is limited and policies and procedures are in place to protect the information from loss, misuse and improper disclosure.
idD promises to always undertake measures that ensure that data processing is performed in compliance with the GDPR, taking into account the nature, scope, context and purposes of the data processing, as well as the risks to the rights and freedoms of natural persons, the likelihood and severity of which may be variable.
These measures shall be updated whenever necessary and shall be reviewed annually.