Scope of Application and Responsibility
APCER provides certification, auditing and training services and is committed to protecting the privacy of the personal information that it collects in its various areas of activity. With the General Data Protection Regulation (EU) coming into effect on 25th May 2018, APCER has strengthened its commitment in this regard.
APCER assumes no responsibility for and provides no guarantees with regard to other websites that can be accessed via a link on APCER’s own website. Moreover, it is the user’s responsibility to take precautions and to ensure that the information they retrieve does not contain any damaging properties.
Your data will be collected, processed and retained by APCER – ‘Associação Portuguesa de Certificação’, or ‘Portuguese Association of Certification’. APCER’s head office is located at Rua António Bessa Leite, 1430, 1º, 4150-074 – Porto, Tax Identification Number 503 731 765.
When you interact with APCER, your data, including your personal data, is collected. This includes:
Depending on the nature of the interaction and only when necessary, APCER may request some personal information, such as: name, email, address, phone number, Identification Document/Tax Identfication Number, date of birth, sex, nationality, education level, professional status and/or bank/payment details.
Why we collect data
APCER collects and processes your data only when strictly necessary and only when requested for the specified purpose, in accordance with your consent, and for legitimate purposes, such as:
Provided there are no specific legal obligations, the personal data will be processed by APCER only for the period of time needed to achieve the defined aim.
The length of time that your data can be kept for may change significantly whenever public interest archival purposes and historical, scientific or statistical reasons are concerned. APCER is committed to providing appropriate retention and security measures.
APCER may communicate your personal data to third parties, ensuring that they process this personal data solely and exclusively to fulfil the specified purposes.
Where applicable, we will share your information with:
The Entities referred in the previous paragraphs, may be located outside the European Union. In these cases, APCER will ensure that data transfer take place safely, in compliance with applicable legal rules.
Users’ data may be processed by a reliable service provider contracted by APCER. The service provider will process data exclusively for the purposes outlined by APCER, in strict compliance with the instructions issued and with the legal regulations on the protection of personal data, information security and other applicable regulations.
Data protection rights
You can exercise your rights under the General Data Protection Regulation at any time, including: the access, correction, restriction or deletion of your personal data.
Where the use of your personal data is based on your consent, you have the right to withdraw it without compromising the validity of the data processing which has occurred up to this point.
If you make any type of request in relation to your data, you may be asked to provide proof of identification as the owner of the data for reasons of security and protection.
Personal data security
We use a range of technologies and appropriate security procedures to protect your Personal Data against unauthorised access, use or disclosure, as well as access control and database and information system monitoring. We do this via security policies which are in line with information security best practices to ensure appropriate auditing and monitoring and access accountability.
November 22, 2019