SCOPE OF APPLICATION AND RESPONSIBILITY
APCER provides certification, auditing and training services and is committed to protecting the privacy of the personal information that it collects in its various areas of activity. With the General Data Protection Regulation (EU) coming into effect on 25th May 2018, APCER has strengthened its commitment in this regard.
APCER assumes no responsibility for and provides no guarantees with regard to other websites that can be accessed via a link on APCER’s own website. Moreover, it is the user’s responsibility to take precautions and to ensure that the information they retrieve does not contain any damaging properties.
Your data will be collected, processed and retained by APCER – ‘Associação Portuguesa de Certificação’, or ‘Portuguese Association of Certification’. APCER’s head office is located at Rua António Bessa Leite, 1430, 1º, 4150-074 – Porto, Tax Identification Number 503 731 765.
When you interact with APCER, your data, including your personal data, is collected. This includes:
• Business procedure
• Information requests and training services registration
• General information requests
• Download guides and other documentation
• Event management (on-site and/or online)
• Recruitment or unsolicited application procedures
• Auditing procedures
• Training initiatives
Depending on the nature of the interaction and only when necessary, APCER may request some personal information, such as: name, email, address, phone number, Identification Document/Tax Identfication Number, date of birth, sex, nationality, education level, professional status and/or bank/payment details.
WHY WE COLLECT DATA
APCER collects and processes your data only when strictly necessary and only when requested for the specified purpose, in accordance with your consent, and for legitimate purposes, such as:
• Providing an appropriate and targeted response to requests for information/proposals;
• Better informing you about relevant issues, only when necessary and in accordance with the nature of your data and preferences;
• Complying with business purposes, particularly statistical data for improving the performance of the various services provided;
• Meeting the requirements of accrediting bodies on which the validity of the certificates of some of the services provided depends, particularly training initiatives;
• Billing services/products, such as training initiatives.
Provided there are no specific legal obligations, the personal data will be processed by APCER only for the period of time needed to achieve the defined aim.
The length of time that your data can be kept for may change significantly whenever public interest archival purposes and historical, scientific or statistical reasons are concerned. APCER is committed to providing appropriate retention and security measures.
APCER may communicate your personal data to third parties, ensuring that they process this personal data solely and exclusively to fulfil the specified purposes.
Where applicable, we will share your information with:
a) APCER group companies, for marketing communication purposes;
b) Regulatory bodies, in order to carry out compliance checks on the activities that APCER provides;
c) Bodies APCER has a working partnership with, in order to carry out the activities included therein.
Users’ data may be processed by a reliable service provider contracted by APCER. The service provider will process data exclusively for the purposes outlined by APCER, in strict compliance with the instructions issued and with the legal regulations on the protection of personal data, information security and other applicable regulations.
DATA PROTECTION RIGHTS
You can exercise your rights under the General Data Protection Regulation at any time, including: the access, correction, restriction or deletion of your personal data.
Where the use of your personal data is based on your consent, you have the right to withdraw it without compromising the validity of the data processing which has occurred up to this point.
If you make any type of request in relation to your data, you may be asked to provide proof of identification as the owner of the data for reasons of security and protection.
PERSONAL DATA SECURITY
We use a range of technologies and appropriate security procedures to protect your Personal Data against unauthorised access, use or disclosure, as well as access control and database and information system monitoring. We do this via security policies which are in line with information security best practices to ensure appropriate auditing and monitoring and access accountability.
When we publish changes to this policy, we will simultaneously amend the respective "date of update".
23rd May 2018