1. Contact details
Share IT – Tecnologia eMarketing, Unipessoal, Lda
Zona Industrial Paul
Núcleo Empresarial Balfer, Armazém E
2560-232 Torres Vedras
Phone: +351 261 336 000
Company registration number: 509901387 (registered in Portugal)
2. What information do we collect?
We collect data generated by users browsing our website and interacting with it. When a user submits a consent, the following data is automatically logged by Share IT:
• The user’s ip number in anonymized form (last three digits are set to ‘0’).
• The date and time of the consent.
• User agent of the user’s browser.
• The URL from which the consent was submitted.
• An anonymous, random and encrypted key value.
• The user’s consent state, serving as proof of consent.
• The key and consent state are also saved in the user’s browser in the cookie “CookieConsent” so that the website can automatically read and respect the user’s consent on all subsequent page requests and future user sessions for up to 12 months. The key is used for proof of consent and an option to verify that the consent state stored in the user’s browser is unaltered compared to the original consent submitted to Share IT.
We also collect any data freely submitted by the users (e.g. when submitting a contact form or by sending us enquire e-mails regarding Share IT and its services).
3. What do we use your information for?
Any of the information we collect may be used for one or more of the following purposes:
• To personalize your experience (the information will help Share IT better respond to your individual needs);
• To improve our website (Share IT continually strives to improve our website based on the information and feedback we receive from our users);
• To establish a primary channel of communication with you;
• To produce and display cookie declaration to users and to also store and display cookie scan reports to you;
• To send periodic e-mails (the e-mail address you provide when contacting us, may be used to send you information and updates pertaining to your request. In addition to receiving occasional company news, updates, or services information, etc.);
• If at any time you would like to unsubscribe from receiving future e-mails, you can cancel your registration by clicking on the unsubscribe link available at the bottom of the received e-mail.
4. Legal basis
The processing of your data is either based on your consent or in case the processing is necessary for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract.
If the processing is based on your consent, you may at any time withdraw your consent by contacting us using the contact information in clause 1.
In order to enter into a contract regarding the purchase of Share IT’s services, you must provide us with the required personal data. If you do not to provide us with all the required information, it will not be possible to deliver the requested services.
Share IT is in compliance with the requirements of the Children’s Online Privacy Protection Act. We will not intentionally collect any information from anyone under 13 years of age. Our website services are all directed at people who are at least 13 years old or older.
5. How do we protect your information?
Share IT implements several technical, physical and organizational measures to maintain the safety of your personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized use, unauthorized modification, disclosure or access and against all other unlawful forms of processing.
To ensure integrity, all data transits are encrypted to align with best practices for protecting confidentiality and data integrity (e.g. all supplied information is transmitted via Secure Socket Layer (SSL) technology and then stored in our databases only to be accessible by those who are authorized to access such systems and who are required to keep the information confidential).
All personnel are subject to full confidentiality and any subcontractors and subprocessors are required to sign a confidentiality agreement if not full confidentiality is part of the main agreement between the parties.
Any device being used to access personal data is login protected by a based identity and access management service. All Share IT’s hosting and on-premise devices have an antivirus solution installed and active firewall.
All access to personal data is blocked by default, using a zero privileges policy. Access to personal data is restricted to individually authorized personnel. Authorized personnel are granted a minimum access on a need-to-have basis through our based identity and access management service.
In the event that your data is compromised, Share IT will notify you and competent Supervisory Authority(ies) within 72 hours by e-mail with information about the extent of the breach, affected data and Share IT's action plan for measures to secure the data and limit any possible detrimental effect on the data subjects.
"Personal data breach" means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed in connection with the provision of our services.
In this section we list all the cookies used at our website.
7. Do we disclose any information to outside parties?
Share IT does not sell, trade or otherwise transfer to outside parties any personally identifiable information.
This does not include trusted third parties or subcontractors (that are GDPR compliant) who assist us in operating our website, conducting our business, or servicing you. Such trusted parties may have access to personally identifiable information on a need-to-know basis and will be contractually obliged to keep your information confidential.
We may also release your information when we believe release is appropriate to comply with the law, enforce our website policies, or protect our or others’ rights, property, or safety. Furthermore, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Share IT will not disclose the customer’s data to law enforcement except when instructed by you or where it is required by law. When governments make a lawful demand for customer data from Share IT, Share IT strives to limit the disclosure. Share IT will only release specific data mandated by the relevant legal demand.
8. Third party links
Occasionally, at our discretion, we may include or offer third party products or services on our website. These third-party sites have separate independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked websites. Nonetheless, we seek to protect the integrity of our website and welcome any feedback about these websites.
9. Where do we store the information?
Most of the collected data is stored inside European Union (on premise and in our hosting environment). We also use trusted third parties or subcontractors that are based outside of the European Union (that provide services such as e-mail marketing, website use statistics, crm, etc.). All these trusted third parties or subcontractors are GDPR compliant.
10. Access, data portability, migration, and transfer back assistance
You may at any time obtain confirmation from Share IT as to whether or not personal data concerning you are being processed.
You may at any time order a complete data copy, which you may transmit to another controller of the data. Your data will be delivered within 30 working days by Share IT as spreadsheet files in Microsoft Excel-format or another digital format. You are required to pay 1.000 euros plus any applicable taxes on delivery for each data copy order.
11. Request for rectification, restriction or erasure of the personal data
You may at any time obtain without undue delay rectification of inaccurate personal data concerning you.
You may at any time request Share IT to restrict the processing of personal data when one of the following applies:
a. if you contest the accuracy of the personal data, for a period enabling Share IT to verify the accuracy of the personal data;
b. if the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead; or
c. if Share IT no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims.
You may without undue delay request the erasure of personal data concerning you, and Share IT shall erase the personal data without undue delay when one of the following applies:
a. if the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
b. if you withdraw your consent on which the processing is based, and where there is no other legal ground for the processing;
c. if you object to the processing in case the processing is for direct marketing purposes;
d. if the personal data have been unlawfully processed; or
e. if the personal data have to be erased for compliance with a legal obligation in EU or national law.
12. Data retention
All date we be retained for the strictly necessary time in relation to the purposes for which they were collected or otherwise processed. Share IT will also retain all required data to comply with its legal obligations.
You may request a data protection audit performed by an independent third party who is also accepted by Share IT. You will pay 5.000 euros plus applicable taxes for an audit request along with 200 euros per hour Share IT is spending in connection with the audit as well as any other costs related to the audit, including the auditor.
Share IT will cooperate with you in order to ensure compliance with applicable data protection provisions, e.g. to enable you to effectively guarantee the exercise of data subjects’ rights (right of access, rectification, erasure, blocking, opposition), to manage incidents including forensic analysis in case of security breach.
15. Your consent
You may at any time lodge a complaint with a supervisory authority regarding Share IT’s collection and processing of your personal data. In Portugal, you can lodge a complaint with the CNPD (Comissão Nacional de Proteção de Dados).