TotalMobility complies with all applicable EU and national legal standards in the field of data protection and privacy.
Under the System of Protection of Personal Data, TotalMobility seeks to ensure regulatory compliance and demonstration or evidence of institutional responsibility for data protection, implementing all the technical and organizational measures necessary to comply with the legal regime of Data Protection in force.
In this framework, TotalMobility also assumes a commitment to secrecy and confidentiality of personal data of which it is responsible for the treatment, in accordance with this policy of data protection and privacy. Thus, ensures compliance with all applicable standards on confidentiality and secrecy, requiring it also to all its employees or suppliers, as well as the adoption of behaviours and the implementation of measures necessary to the same degree of compliance, ensuring that persons authorized to treat personal data have made a commitment of confidentiality or are subject to appropriate legal obligations of confidentiality.
"Personal data" means information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier. Personal identifiers are, for example, a name, an identification number, location data, electronic identifiers or to one or more specific elements of that natural person's physical, physiological, genetic, mental, economic, cultural or social identity.
"Processing Of Personal Data"
"Processing" means an operation or set of operations which is performed upon personal data or sets of personal data, by automated or non-automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Entity Responsible for Treatment
The TotalMobility, Ltd, with registered office at Rua 31 de Janeiro, 76, Moreira da Maia, registered in the Commercial Register of Porto, under the registration number and Collective Person 509293255, with a share capital of €5,000.00, hereinafter TotalMobility, is the entity responsible for the sites www.totalmobility.pt sites and the operations of non-automated or automated. Processing and computerized applications, hereinafter referred to as channels or applications, through which the Users, Recipients of the service or Customers have direct or remote access to the services and products of TotalMobility that are presented, marketed or provided at any time through them.
The use of channels or applications by any User, Recipient of the Service or Customer may involve operations of processing personal data, whose protection, privacy and security by TotalMobility, as the entity responsible for the respective treatment, is ensured in accordance with the terms of this Policy of Data Protection and Privacy.
Contact details of the Data Protection Officer
For contacting the Data Protection Office of TotalMobility, please send an email to email@example.com describing the subject of the request and indicating an email address, a telephone contact address or a mailing address.
Collection and Processing of Personal Data
The TotalMobility proceeds to the processing of personal data strictly necessary to provide information and the operation of its channels, according to the uses made by users, recipients of service or customers.
For this, the TotalMobility collects such personal data:
- directly from the Users or Recipients, who provide it for the purposes of registering requests or obtaining information;
- directly from customers for the purposes of membership of those channels or through the use of services provided by TotalMobility, such as access, queries, instructions, transactions and other records relating to their use.
In particular, the use or activation of certain features of the channels may involve the processing of various direct or indirect personal identifiers, such as name, home address, contacts, addresses of devices or geographic location, if there is the express consent of the User, Recipient of the Service or Customer.
The personal data collected by TotalMobility are processed by computer, in some cases in an automated manner, including the processing of files or profiling and within the framework of managing the relationship pre-contractual, contractual or post-contractual with the Users, Recipients of the service or customers, under the national and EU rules in force.
Categories of Personal Data Processed
The categories or types of personal data processed may be, among others that may prove necessary and are legitimately collected, the following: full name, tax number, civil ID number, taxpayer number, marital status, gender, date of birth, place of birth, address(es), town(s), postcode(s), country, country code, telephone numbers, e-mail addresses, name of the company where you work. In case of processing of other personal data, identifiers will be listed in the respective instrument of collection or processing of such data.
All operations of data processing comply with the fundamental legal principles in the field of data protection and privacy, particularly regarding its movement, lawfulness, fairness, transparency, purpose, minimization, conservation, accuracy, integrity and confidentiality, being TotalMobility available to demonstrate its liability to the data subject or any other third party who has a legitimate interest in this matter.
Grounds for Legitimacy
All operations of data processing carried out by TotalMobility have a basis of legitimacy, including the consent of the holder, the need for execution of a contract or pre-contractual steps with the data subject, as well as the need to comply with a legal obligation or the legitimate interests pursued by TotalMobility or third parties.
Purpose of Treatment
All personal data processed within the channels of TotalMobility are intended solely for the provision of information to users, the management of personal information of the recipients of the service considered necessary for the management of the relationship or communication, as well as the provision of services contracted by customers and, in general, the management of the relationship pre-contractual, contractual or post-contractual with the users or customers.
The personal data collected may also be processed for statistical purposes, for the dissemination of information or promotional activities and for commercial or marketing activities, namely to promote the dissemination of new functions or new products and services, through direct communication, whether by correspondence, e-mail, messages or telephone calls or any other communications service.
Being always ensured the prior information and the collection of the express authorization for these latter purposes, users or customers may, at any time, exercise their right to object to the use of their personal data for other purposes beyond the management of the contractual relationship, including for marketing purposes, for sending informative communications or for inclusion in lists or information services and, to this end, should send a written request addressed to the Data Protection Officer of TotalMobility, in accordance with the procedures set out below.
Deadlines for Data Retention
Personal data will be subject to retention only for the period necessary for the purposes that motivated their collection or further processing, being guaranteed the compliance with all applicable legal standards on file.
Communication of Data to Other Entities
The provision of information or the provision of services by TotalMobility to its users, recipients of services or customers through the channels may eventually involve the use of services of third- part subcontractors, including entities with headquarters outside the European Union, to provide certain services, and this may involve access, by these entities, to personal data of users or customers.
In these circumstances and where necessary, TotalMobility will only use outsourced entities that provide sufficient guarantees of implementation of technical and organizational measures to ensure that the treatment meets the requirements of applicable standards, getting such guarantees formalized in a contract signed between TotalMobility and each of these third entities.
Recipients of Data
Except in the context of compliance with legal obligations, in any case there will be communication of personal data of users, recipients of the service or customers to third parties who are not subcontractors or legitimate recipients, not being held, also, any other communication for purposes other than those mentioned above.
International Data Transfers
Any transfer of personal data to a third country or an international organisation shall only take place in the framework of compliance with legal obligations or to ensure compliance with the applicable EU and national legal rules.
Considering the most advanced techniques, implementation costs and the nature, scope, context and purposes of processing, as well as the risks, varying in probability and severity, for users, recipients of service or customers, TotalMobility and all entities that are its subcontractors apply appropriate technical and organizational measures to ensure a level of security appropriate to the risk.
To this end, various security measures are adopted in order to protect personal data against disclosure, loss, misuse, alteration, unauthorized processing or access, as well as any other form of unlawful processing.
It is the exclusive responsibility of Users, service Recipients or Customers to keep access codes secret and not share them with third parties. They must also, especially in the case of the computer applications used to access the channels, maintain and keep the access devices in safe conditions and follow the security practices recommended by the manufacturers and/or operators, namely as regards the installation and updating of the necessary security applications, such as, among others, antivirus applications.
Verifying the need to outsource services to third parties who may have access to personal data of users, service recipients or customers, the subcontractors of TotalMobility will be required to adopt the measures and security protocols at the level of the organization and the measures of a technical nature necessary to protect the confidentiality and security of personal data, and prevent unauthorized access, loss or destruction of personal data.
Exercise of Rights by the Holders of Personal Data
Users, recipients of the service and customers of TotalMobility may, as holders of personal data, at any time, proceed to exercise their rights of data protection and privacy, including rights of access, rectification, erasure, portability, limitation or opposition to the processing, under the terms and with the limitations provided in the applicable rules.
Any request for the exercise of data protection and privacy rights should be addressed, in writing, by the respective holder to the Data Protection Officer, according to the procedure and contact described below.
Complaints or Suggestions and Incident Reporting
Users, service recipients and customers of TotalMobility have the right to complain to the regulatory authorities, as well as to make suggestions via e-mail sent to the Data Protection Officer.
Communication of Incidents
The TotalMobility has implemented a system of incident management in the context of data protection and privacy. If any User, Recipients of the service or Customer wish to report the occurrence of any situation of breach of personal data, which causes, accidental or unlawful, the destruction, loss, alteration, unauthorized disclosure or access to personal data transmitted, stored or subject to any other type of processing, may contact the Data Protection Officer.
To ensure its update, development and continuous improvement, TotalMobility may, at any time, make changes, which are considered appropriate or necessary, to this Policy of Data Protection and Privacy, being assured its publication in different channels to ensure transparency and information to users, recipients of service and customers.
Express Consent and Acceptance
The terms of the Policy on Data Protection and Privacy are complementary to the terms and provisions, regarding personal data, provided in the General Conditions of Use of the channels of TotalMobility.
The free, specific and informed provision of personal data by the respective holder implies knowledge and acceptance of this Policy and constitutes an express consent to its processing, in accordance with the rules set out.
Data Protection Officer
For the exercise of any type of data protection and privacy rights or any matter relating to the topics of data protection and privacy, Users, Recipients of the service and Customers of TotalMobility may contact the Data Protection Officer via email at firstname.lastname@example.org describing the subject of the request and indicating an email address, a telephone contact address or a mailing address for response.
Maia, 11 de Novembro de 2020