WHO WE ARE
VoIP-IT Unipessoal, Lda (“VoIP-IT”), is a VoIP operator licensed by ANACOM since 2009.
VoIP-IT is committed to protecting the personal data of the Customers/Users of services and products as well as the personal data of the corresponding owners in all situations in which a personal data processing occurs. This Policy has been composed in such context, supporting our commitment to respect the rules for the protection of personal data.
WHY THIS PERSONAL DATA PROTECTION POLICY?
This Policy intends to inform the Customers about the general rules for personal data processing, which are collected and processed in strict compliance with the provisions of the personal data protection legislation ruling at any time, namely the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 ("GDPR").
VoIP-IT respects the best practices in security and personal data protection by taking the necessary technical and organizational measures to comply with the GDPR and ensuring that the processing of personal data is lawful, fair, transparent and limited to authorized purposes.
VoIP-IT is committed in the protection and confidentiality of personal data and has adopted the appropriate measures to ensure the accuracy, integrity and confidentiality of personal data, as well as all the other holders rights.
The rules in this Data Protection Policy include, concerning the protection and processing of personal data, the foreseen provisions in the contracts that Customers subscribe to VoIP-IT, as well as the rules in the terms and conditions regarding other products and services properly published in the corresponding websites.
ABOUT THIS DATA PROTECTION POLICY
This Data Protection Policy applies exclusively to the collection and processing of personal data for which VoIP-IT is responsible, considering the services and products available to its Clients and all situations where processing of personal data by Voip-IT may occur, namely through social intervention and development support.
WHAT IS PERSONAL DATA?
Personal data is any information of any nature and regardless of its format, including sound and image, relating to an identified or identifiable individual.
An individual is considered as identifiable when, directly or indirectly, can be identified by name, identification number, location data, electronic identifiers or any physical, physiological, genetic, mental, economic, cultural or social elements.
WHAT IS THE PROCESSING OF PERSONAL DATA?
The processing of personal data is an operation or set of operations over personal data or personal data sets, by automated means or not, namely collection, registration, organization, structuring, preservation, adaptation, retrieval, consultation, use, disclosure, dissemination, comparison, interconnection, limitation, erasure or destruction.
WHO IS RESPONSIBLE FOR THE PROCESSING OF PERSONAL DATA?
VoIP-IT is responsible for the processing of personal data, defining its purpose and means of treatment.
If the holder of the personal data needs to contact the data protection officer, he or she may do so: :
- By e-mail to firstname.lastname@example.org
- By written correspondence directed to the data protection officer, to Rua do Mar da China, N1, Escritório 1.3, Parque das Nações, 1990-137 Lisboa, Portugal
WHO IS THE DATA PROTECTION OFFICER?
The data protection officer plays a relevant role in the processing of personal data, ensuring, among other aspects, the compliance between data processing and the current legislation, verifying the compliance with this Data Protection Policy and establishing clear rules for the processing of personal data, ensuring all those who entrust its treatment to be aware of their rights and how VoIP-IT treats their personal data.
If the holder of the personal data needs to contact the data controller, he or she may do so, regarding any subject about the processing of personal data, to:
TREATED TYPES OF PERSONAL DATA
In the scope of its activities, VoIP-IT processes the necessary personal data needed to provide its products and services such as, name, address, telephone number and email address, according to the detailed information available to the holders and managers of personal data. Managers can be, but not only, System Administrators or similar activities, with authority and authorization to collect, process and share users data.
Without prejudice to compliance with the legal rules regarding the preservation and transmission of data for investigation, detection, prosecution of serious crimes, as well as other purposes to which it is legally obliged, traffic data, geographic location or consumption of the Client/Users will be treated by VoIP-IT, considering its essential for the provision of services.
In case of prior consent of the Client/User, this can be withdrawn at any time, without, however, compromising the legality of the treatment carried out based on the prior consent given.
WHEN AND HOW DO WE COLLECT YOUR PERSONAL DATA?
VoIP-IT collects your personal data by telephone, in writing and by e-mail, guaranteeing, when necessary, the prior consent of the holder of the personal data.
Some personal data are indispensable for the execution of the contract and VoIP-IT will not be able to provide its product or service considering any lack of information.
If the holder of the personal data is not a Customer of VoIP-IT, their personal data will only be processed when they are made available, namely by subscribing to the newsletters, in which rules of this Data Protection Policy will apply.
The collected personal data can be processed in a computerized and automated or non-automated way, always following the legislation of protection of personal data, stored in specific databases created for this purpose. In any situation will the collected data be used for any purpose other than the one it was collected or consent for.
WHO ARE THE ADDRESSEES OF PERSONAL DATA?
Without prejudice to the addressees indicated in this Data Protection Policy, VoIP-IT may communicate Clients’ personal data considering legal obligations, namely to police, judicial, tax and regulatory entities.
WHAT ARE THE PURPOSES OF PERSONAL DATA PROCESSING AND THEIR LEGAL BASIS?
The collected personal data is generally intended for the contractual relationship management, the provision of contracted services, the suitability of services to Customers needs and interests, namely to allow access to specific services features.
Personal data may also be processed in order to comply with legal obligations, investigation, detection and prosecution of serious crimes.
VoIP-IT may also, according to current law, use the holder provided personal data for other purposes, such as social intervention actions, complaints dispatching and suggestions.
HOW LONG DO WE KEEP YOUR PERSONAL DATA?
The period of time in which personal data is stored varies according to the purpose for which it is processed.
Legal requirements oblige retainment of personal data for a minimum of time. Therefore, whenever there is no specific legal requirement, personal data will be exclusively stored for the necessary period of time for its purpose, under the legal terms defined by law.
WHAT ARE YOUR RIGHTS AS A HOLDER?
As personal data holders, clients and users may at any time access, rectify, update, limit and erase their personal data (except when the personal data is essential for the provision of VoIP-IT services, properly identified in the Contract as mandatory for compliance with legal obligations to which the controller is bound), the right to object to its use for commercial purposes and to withdraw its consent, without compromising the legality of the processing performed under this consent, as well as the right to data portability.
HOW CAN YOU ACCESS, RECTIFY, UPDATE, LIMIT, DELETE, OPPOSE THE PROCESSING OF YOUR PERSONAL DATA OR REMOVE THE CONSENT?
Without prejudice to the provision of the GDPR, the personal data holder may contact, directly or through written request, addressed to the data protection officer, through the available contacts for that matter in this document, as well as other, made available by VoIP-IT.
HOW CAN YOU COMPLAIN?
Without prejudice on being able to submit complaints directly to VoIP-IT, through the contacts made available for this purpose, the Customer may directly complain to the Control Authority, the Comissão Nacional de Proteção de Dados (CNPD), using the available contacts by the entity for this purpose.
WHAT ARE THE ADOPTED MEASURES BY VoIP-IT TO ENSURE YOUR PERSONAL DATA SECURITY?
VoIP-IT is committed to ensure the security of customers’ provided personal data, by approving and implementing strict rules for that matter. The compliance of this rules are an obligation to whom legally accesses it.
Considering VoIP-IT concern and commitment to ensure the security of personal data, technical and organizational security measures have been adopted in order to protect personal data from its dissemination, loss, unauthorized use, alteration, processing or access, as well as any other illicit treatment.
Also, in the scope of the provision of services, third parties that process the customer personal data on their own behalf or VoIP-IT’s, are obligated to ensure, in writing, at any time, the adequate technical and security measures, to comply with the current legislation requirements and to ensure the protection of the rights of the data holder (particularly, the protection of the privacy of clients’ personal data).
Therefore, on all VoIP-IT websites, all the forms oblige to encrypted Browser sessions as all the provided personal data is stored securely on VoIP-IT systems, which are in a VoIP-IT Datacenter, covered by all physical and logical security measures that VoIP-IT considered as imperative for personal data protection.
Despite VoIP-IT’s adopted security measures, VoIP-IT warns all Internet users that they should take additional security measures, namely to ensure that they use an up-to-date PC and Browser, particularly: up-to-date and properly configured security patches, with active firewall, antivirus and antispyware, to ensure the authenticity of the websites they visit and to avoid website whose reputation may not be trusted.
UNDER WHAT CIRCUMSTANCES IS THERE COMMUNICATION OF DATA TO OTHER ENTITIES (THIRD PARTIES)?
VoIP-IT, in the scope of its activity, may resort to third parties for the provision of certain services. Sometimes the provision of these services implies access by these entities to the personal data of the Clients/Users. When this happens, VoIP-IT will take appropriate measures to ensure that entities with access to data are reputed and offer the highest guarantees at this level, which is properly established and contractually ensured between VoIP-IT and the third parties.
This way, any entity subcontracted by VoIP-IT will treat the personal data of our Clients/Users, on behalf of VoIP-IT with the adoption of the necessary technical and organizational measures in order to protect the personal data against the destruction, accidental or illicit, accidental loss, alteration, dissemination or unauthorized access and against any other form of illicit treatment. In summary, VoIP-IT remains responsible for the personal data provided to them.
UNDER WHAT CIRCUMSTANCES DO WE TRANSFER YOUR PERSONAL DATA?
The provision of certain services by VoIP-IT may involve the transfer of your data to outside of Portugal, including outside the European Union or to International Organizations.
In such a case, VoIP-IT shall comply strictly with the applicable legal provisions, in particular with regard to determining the suitability of the countries of destination in regard to the protection of personal data and the requirements applicable with such transfers, including, when applicable, the conclusion of the appropriate contractual instruments that guarantee and respect the legal requirements to be enforced.
HOW CAN YOU KNOW ANY CHANGES TO VOIP-IT PERSONAL DATA PROTECTION POLICY?
VoIP-IT reserves the right at any time to make adjustments or changes to this Personal Data Protection Policy, and these changes are properly publicized in the various VoIP-IT communication channels.
Last Revised: May 2018