Personal Data Policy
1. Scope
Art Without Borders (hereinafter referred to as this Entity or Art Without Borders) is a legal person and within the scope of its commercial activity it may be necessary to collect personal data from its customers / users. Considering the customers' right to privacy, Art Without Borders does not collect any personal information without the prior consent of its holders.
Regarding the navigation and use of the Art Without Borders website by its users, to optimize and improve the browsing experience, data is collected through cookies, which may or may not be stored on the user's computer / navigation device.
It is intended to clearly demonstrate the collection and use of these Cookies, their purpose and protection of the data collected when using the website.
When browsing the website, personal data are not automatically collected without prior consent.
In any case, Art Without Borders does not commercialize in any way the personal data that may be collected, nor does it transmit them to third parties without the prior consent of the holders, except by legal imposition.
2. Entity Responsible for the Processing of Personal Data
Regarding Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, known as GDPR – General Data Protection Regime, the entity responsible for the collection and processing of personal data is Art Without Borders - info@ artwithoutborders.pt
Although the entity is not obliged to appoint a Data Protection Officer, internally it has a DPO for the treatment of issues related to the Protection of Personal Data that can be contacted by registered letter sent to Art Without Borders or via email info @artwithoutborders.pt
3. Definition of Personal Data
Any information, in any written, magnetic or digital medium, relating to the identification of a natural person or that may be identifiable.
4. Consent
When browsing the website, whenever it is necessary to identify and collect personal data, the user will have to authorize its collection through authorization mechanisms that may vary depending on the case but which will be clear in their purpose and intuitive in terms of use. For example, in a contact form, there will be a checkbox where the user must click authorizing the collection and processing of personal data entered in the form and subsequent contact by Art Without Borders. However, it should be noted that without authorization for the processing of data, Art Without Borders will not have a way to contact the user.
The processing of personal data, once authorized, will be done in accordance with this Privacy Policy, and your authorization must presuppose that it has been read and understood, as well as the Terms and Conditions of use of the website.
This Privacy Policy and the Terms and Conditions of use of the website may be revised without prior consent, but always in accordance with the GDPR.
5. Personal Data to be collected
The personal data to be collected from the user will be only those necessary for the indicated treatment. The collection is generally done through a form that will identify its purpose and authorization to collect data when applicable. Depending on the type of purpose, the following may be requested: Name, Telephone, Email, taxpayer number, among others. Only those marked as mandatory will be necessary and essential for the activity, the others being optional based on the voluntary decision of the data subject.
6. Purpose, accuracy and data collection
The accuracy of the personal data provided is the sole responsibility of the holder thereof, and Art Without Borders cannot be held responsible for its inaccuracy or inaccuracy.
The identification data is necessary for the activity and/or for the fulfillment of legal obligations and for the time necessary for its purpose or until the right of opposition, erasure is exercised or consent is withdrawn. The processing of personal data is essential and is consented to by the user and without which the commercial relationship of Art Without Borders is not possible.
Examples of data processing purposes:
CRM (Customer Relationship Manager): Management of contacts, information, customers, suppliers, market research, support requests, invoicing, collections and payments, among others.
Accounting Management: Invoicing, accounting, tax information, sending a SAFT-PT file to the tax authority, among others.
Marketing: creation of consumer profiles (aggregated data), analysis of products and services by profile, among others.
Network and systems management: monitoring, service support, remote support
Registry Operators: data management in operators namely ICANN, DNS.PT, EURID, among others, data management in perf
is for managing web services, managing data in ancillary service profiles such as personal digital certificates, company, etc.
Control and security management: access logs, incidents, physical and online security, physical and remote surveillance of systems. Management of protection measures, firewall, intrusion detection system. Surveillance systems on access to the system by employees, levels of access to information and access registration (logs).
Backup Management: Backup, access, recovery and erasure or overwrite policy. Management of data redundancy and infrastructure security.
Legal Obligations: compliance with data transmission through legal imposition.
Recruitment: in the selection of potential candidates, the collection and processing of candidates' personal data is necessary. They will not be passed on to third parties without your prior consent.
7- Transmission of Data to Third Parties
As a general rule, the data collected are not shared with third parties except by legal imposition or because they are strictly necessary for the activity.
Under the terms of the RGPD, in the eventual transmission of data to third parties, the following procedures are observed: unambiguous information to the holder of the reason for transmission, consent (except by legal imposition), shielding the form of transmission guaranteeing levels of confidentiality, security and protection. These third parties must comply with the RGDP / Privacy Shield Act, namely in terms of the duty of secrecy, security and protection, and these data cannot be used for any other purpose, nor related to others they have.
Personal data will be processed whenever possible within the European Union and in countries that comply with the GDPR / Privacy Shield Act.
8- Duration of Retention of the Processing of Personal Data
Only what is necessary for the purpose that was identified will be kept, that is, during the period of the contract or commercial relationship, and after that period they may be kept for 2 years for control purposes. By legal imposition, data relating to tax or accounting information is retained for a period of 10 years. On this point, we will follow the CNPD guidelines, always complying with the guidance that data should only be kept for the period strictly necessary and for the purpose for which they were transmitted.
9- Security in Data Processing
The data will be stored electronically on a server maintained and controlled by Art Without Borders, whose security is always monitored in terms of infrastructure and data access. Access is restricted and protected by various access management and encryption tools, so that unauthorized third parties do not have access to them. The security risk is thus minimized but not extinguished and there is always the possibility of illegal access to data. In this case, leakage retention and disclosure measures will be implemented in accordance with the GDPR.
10. Rights of Personal Data Subjects
The data subjects enjoy, in accordance with the RGPD, the right of access, rectification, opposition, erasure, limitation or data portability. In order to exercise their rights, they must submit a written request to the DPO of Art Without Borders. Art Without Borders or via email info@artwitoutborders.pt
In the written request, Art Without Borders will, for security reasons, authenticate the respective issuer as the legitimate holder of the data. In case of doubt, the request is not granted, and the issuer may authenticate it in another form.
In any case, the request may not be immediately fulfilled (legal or other imperatives). The holder will always be informed in this case, and it is expected that the required procedure will be completed within 1 month.
In the event of erasure (deletion of data), they may be retained for further processing due to legal imposition and for the period that may be imposed (10 years for invoicing, for example).
11- Right to complain
Art Without Borders, through its DPO, is available to data subjects to clarify any question about the collection and processing of data via email info@artwitoutborders.pt
The data subject is free to file a complaint with the control authority CNPD – National Data Protection Commission, R. de São Bento 148, 1200-031 Lisbon regarding the way in which Art Without Borders collects and processes data.
Cookies Policy
A cookie is a small text file that a website places on your computer, phone or any other device with internet access, containing information about your navigation on that website. Cookies are used to make browsing easier and simpler, and they do not harm your computer.
Our cookies have different functions:
Essential Cookies: Some cookies are essential to access specific areas of our website. They allow navigation on the site and the use of its applications, such as accessing secure areas of the site through login. Without these cookies, services that require them cannot be provided.
Analytical Cookies: we use these cookies to analyze how users use the website and monitor its performance. This allows us to provide a high quality experience by customizing our offering and quickly identifying and correcting any issues that arise. For example, we use performance cookies to find out which pages are most popular, which method of linking between pages is most effective, or to determine why some pages are receiving error messages. Based on the use of the site, we may also use these cookies to highlight articles or services on the site that we think will be of interest to users. These cookies are used only for the purpose of creating and analyzing statistics, without ever collecting personal information.
Functionality Cookies: We use functionality cookies to allow us to remember user preferences. For example, cookies avoid typing the user's name each time the user accesses the site.
In summary, functionality cookies save the user's preferences regarding the use of the website, so that it is not necessary to reconfigure the website each time you visit it.
The cookies used can be:
Permanent Cookies: they are stored at the level of the internet browser (browser) on your access devices (pc, mobile and tablet) and are used whenever the user makes a new visit to the website. They are generally used to direct navigation according to the user's interests, allowing us to provide a more personalized service.
Session Cookies: they are temporary, they remain in the cookies of your internet browser (browser) until you leave the site. The information obtained makes it possible to identify problems and provide a better browsing experience.
Is it possible to disable the use of cookies?
Yes, cookies can be disabled in your browser. Note, however, that by disabling cookies, you may prevent some web services from working properly, affecting, partially or totally, website navigation.
If you want to block or delete cookies on this site, you can do so by modifying your browser settings. Although the parameterization of each one is different, it is common to configure it in the “Preferences” or “Tools” menu. For more details on configuring cookies, consult your browser's "Help" menu.
Changes to the Privacy Policy
Art Without Borders reserves the right, at any time, to update or review this Privacy Policy in order to adjust it to any legislative changes and/or other constraints. Any changes made will be published in this space, so the user should frequently visit this area in order to stay informed about the Privacy Policy in force.
Last review date: September 21, 2022
Data Protection Officer
For any questions related to this topic, Art Without Borders provides the following email address: info@artwithoutborders.pt
Privacy Shield Act
a) Google reCAPTCHA
In order to protect against misuse of our web forms, as well as against spam, we use the Google reCAPTCHA service in some forms on this website. By checking a manual entry, this service prevents automated software (so-called bots) from carrying out abusive activities on the website. Pursuant to Article 6(1)(f) of the GDPR, this serves to protect our overriding legitimate interests, as part of a balance of interests, in the protection of our website against misuse, as well as to ensure that our online presence runs uninterrupted.
Google reCAPTCHA is offered by Google Ireland Limited, a company incorporated and operated under the laws of Ireland, based at Gordon House, Barrow Street, Dublin 4, Ireland (www.google.de). To the extent that information is transferred and stored on Google servers in the USA, the American company Google LLC is certified under the EU-US-Privacy Shield. A current certificate can be consulted here. As a result of this agreement between the US and the European Commission, the latter has determined an adequate level of data protection for certified companies.