Privacy Policy

The privacy policy of the Sintra Tourism Association is explained in this document, according to the following division:

Introduction

1. Who is responsible for processing your data.

2. What data do we collect from our customers, how do we use it and on what basis.

3. Who are the recipients of your data.

4. Where we store your data.

5. What are your rights when you provide us with your data.

6. How long do we store your data.

7. Warranties.

Introduction

It is the policy of the Sintra Tourism Association (hereinafter referred to as ATS ) at all times and to any entity with which it maintains any type of relationship, namely with customers, associates, suppliers and competent official bodies, the integrity, availability and confidentiality of necessary information for the correct pursuit of its business objectives, expressing its firm commitment to comply with the legislation in force at all times.

Each time you use the ATS website , https://www.atsintra.com (“website”) or when you are otherwise connected with ATS (eg registration on the website and in applications, such as Newsletter subscription, enrollment in workshops), the Personal Data you transmit to us will be treated in accordance with the Privacy Policy in force at all times, so we suggest that you read these policies carefully in order to assess whether you agree with them.

The ATS reserves the right to modify the Privacy Policy due to new legal requirements and / or regulations, for safety reasons or in order to adjust that policy to the instructions of the supervisory authority on data protection.

Whenever any change is made to the Privacy Policy, the user will be informed of the changes via the ATS website or, if justified, through a communication, and will be asked to renew consent regarding the text of the Privacy Policy.

Likewise, ATS considers it essential for the security of its business that all external entities with which it has relations comply with the security standards described in this document.

Who is responsible for processing your data?

The person responsible for the processing of Personal Data is the Sintra Tourism Association , with registered office at Av. Prof. Dr. Fernando de Almeida, S. Miguel de Odrinhas, 2705-739 S. João das Lampas, holder of the person identification number 513 893 180. The user can contact ATS through the following means:

– E-mail address: info@atsintra.com

What data do we collect from our visitors / customers / associates, how do we use it, on what basis and where do we store it?

1. ATS collects different types of Personal Data according to the different purposes, including the following:

• Full name

• Date of birth

• E-mail address

• Phone number

• Address

• Address for billing purposes

• TIN

• Position held (applicable to Corporate customers only)

• Company name (applicable to Corporate customers only)

The purposes of processing Personal Data are as follows:

The. Marketing : ATS may use your email address or telephone number to communicate with you by sending you an email or SMS, namely about:

– Disclosure of Newsletter about events, workshops promoted by ATS or in partnership with other entities;

– Disclosure of news related to tourist activity by ATS ;

B. Communication : ATS may use your personal data to communicate, namely, to send news related to services and products, or to send invitations, as well as to provide assistance in aspects related to support to members;

ç. Recruitment : ATS during the personnel selection and recruitment process collects and processes the personal data of the respective candidates. The personal data processed will be those contained in the application form and the Curriculum Vitae, as well as all personal data that you spontaneously decide to transmit to ATS , including but not limited to, name, age, sex, photograph, contact details (mail address number, telephone number and address), education information, employment history.

With the exception of treatment for the purpose of providing products and services (treatment necessary for the performance of a contract), and treatment in the context of recruitment processes, in which treatment is based on the legitimate interest of ATS ), the legal basis data processing is the consent of the data subjects.

The Personal Data collected when an event or service request is made by ATS is necessary for the purpose of executing the respective contract, so if the user in any way opposes the respective treatment, ATS cannot comply with the execution of the contract.

Who are your data recipients?

The ATS may subcontract other companies to provide certain services, such as will be the case of supplies of services / collections, tax and accounting advice, marketing (including sending SMS and e-mailing) or maintenance of the website and digital suppliers. In these cases, these third parties may need to access certain information and data from the data subjects. The ATS guarantees that, in such cases, these third parties will have limited access to the data holders’ information, restricted only to those data necessary for the performance of the contracted tasks and that it was granted in a contract between the parties in which the protection of Personal Data is regulated, these third parties undertake not to disclose Personal Data in any way, nor to use it for purposes other than providing the contracted services.

Access to any type of information asset by third parties with whom ATS has a contract and / or subcontracted third parties is expressly prohibited , without the written authorization of ATS and the respective owners.

Likewise, ATS may communicate your Personal Data when so determined by law, in the context of a judicial process or in the context of investigations of suspicious activities.

The ATS does not collect intentionally personal information from children under 18 years. If ATS detects that it collects personal information from children under the age of 18 involuntarily, ATS will take the necessary measures to delete the information as soon as possible, unless it is required by applicable law to retain it.

Where do we store your data?

The ATS custody on servers that are in a secure environment, protected from unauthorized access, use or disclosure Personal data that the user provides.

The ATS has adopted the technical procedures, electronic and organizational necessary and appropriate to ensure the safety of your personal data and prevent its loss, misuse or unauthorized access.

Stresses that it will only process your data for the purposes for which it was collected, under the terms set out in this Privacy Policy.

The ATS adopt appropriate procedures to ensure that your information is correct, complete and current, but depends on the user update or correct your personal information when necessary, by contacting the ATS finally to request your upgrade.

What are your rights when you provide us with your data?

In accordance with the applicable legislation in the General Data Protection Regulation (GDPR), ATS is committed to respecting the confidentiality of your personal information and guaranteeing the exercise of your rights to:

a) Right to be informed: our customers have the right to obtain clear, transparent and understandable information about the way ATS uses their Personal Data. It is, for this reason, that we provide you with this Privacy Policy;

b) Right of access: in addition to the right to information, you can access your personal data that we keep. In these cases, ATS will provide you with a copy of the personal data that are subject to conservation. In addition, when requested by electronic means, the information will be provided in an electronic format in common use;

c) Right of rectification: you have the right to rectify your personal data if they are incorrect, outdated or if you want to complete them. To do this, you can contact us for the contacts indicated above;

d) Right of erasure / right to be forgotten: you can ask us to delete your data, however, please bear in mind that this is not an absolute right, since we may have legal grounds or other legitimate interests for the retention of your personal data;

e) Right of opposition, including direct marketing: you can delete the subscription to the ATS Newsletter or choose to be removed from our direct marketing communications at any time. The easiest way to do this is by clicking on the “remove” link in any email or communication we send you, but you can also contact us for that purpose;

f) Right to withdraw your consent for data processing at any time: you can withdraw your consent to data processing when said processing is based on your consent. The withdrawal of consent does not affect the legality of the treatment based on consent prior to its withdrawal;

g) Right to file a complaint with the National Data Protection Commission (CNPD): if you believe that the processing of your personal data by ATS violates the applicable data protection legislation, you can file a complaint with CNPD. Do not hesitate to contact us before making a complaint to the CNPD;

h) Right to data portability: you have the right to request the transfer or copy of your personal data from our database to another;

i) Right to limit the processing: you have the right to request the restriction of the processing of your personal data in the following situations: if you contest the accuracy of the data, if the processing is illegal and you do not want to delete your data, but only limit it, if the data is no longer needed by ATS , or if it has exercised the right of opposition referred to above, during the period of time during which ATS analyzes whether its legitimate interests in the treatment prevail over that right or not.

To request the exercise of any of the rights listed above, in addition to the forms specifically mentioned in the respective paragraphs, you can send a communication addressed to the address identified above or by sending an email message to the email address also mentioned above. , address that you can also use if you want to ask us any questions regarding this Privacy Policy.

How long do we store your data for?

We only keep Personal Data for as long as necessary to achieve the purpose for which it was collected, to respond to your needs or to comply with our legal obligations.

To determine the period for which we keep your data, we use the criteria mentioned below. If several criteria are applied simultaneously, we will keep your personal data in accordance with the criterion that implies the conservation of your Personal Data for the longest period of time.

a) When purchasing products and / or services, we will keep your personal data for the duration of our business relationship, including any complaints that may arise, as well as for a period of two years after the end of the same, without prejudice to the fulfillment of obligations data of the controller (legal period for keeping accounting documents);

b) When you contact us to ask questions, we will keep your personal data for as long as necessary to resolve your question;

c) When you become our member, that is, when you register on our membership application form, we will retain your data until you ask us to delete it or after a two-year period of inactivity;

d) When you have consented to sending direct marketing, we will keep your personal data until you cancel the subscription or ask us to delete it;

e) Regarding the data collected in the recruitment process, for a maximum period of 1 year from the end of the process;

f) The period of time provided for in the applicable legislation; or

g) Until the specific purpose applicable to certain data ceases to exist.

In any of the aforementioned situations, if there is a pending legal or administrative proceeding, the data will be kept for the duration of the process and up to six months after the final decision has been handed down.

After the aforementioned conservation periods, Personal Data will be deleted and / or erased in a safe manner.

Guarantees

The data subject guarantees that the Personal Data communicated to ATS is certain and accurate and undertakes to notify them of any changes or modifications and assumes sole responsibility for the losses and damages caused by the erroneous, inaccurate or incomplete communication of the data.

The data subject is expressly warned that when revealing Personal Data on public ATS media such  as Facebook, this information may be viewed and used by third parties.