Privacy and Data Protection Policy
1. Introduction
This Privacy and Data Protection Policy applies to the collection and processing of personal data carried out by oskon.tech within the scope of its activity
oskon.tech is committed to complying with all applicable legislation on privacy and the protection of personal data, in particular the General Data Protection Regulation (GDPR – EU Regulation 2016/679 of 27 April 2016).
With this Privacy and Data Protection Policy, oskon.tech intends to make public all the data processing practices and mechanisms that it intends to fulfil with regard to its clients, partners.
2. Responsibility for the Processing of Personal Data
This policy covers all processing operations involving personal data, such as collection, recording, organisation, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission to authorised entities, comparison or interconnection, restriction, erasure or destruction.
All information on personal data processed by oskon.tech is used exclusively for the purposes for which it was legitimately collected.
In order to guarantee the total security and privacy of the personal data processed, oskon.tech adopts strict technical and organisational security measures to ensure that the data provided is protected against destruction, loss, alteration, disclosure or unauthorised access or against any other form of illicit processing.
These measures include the appropriate technical procedures for dealing with any suspected data breach, ensuring a response commensurate with the threat.
Access to personal data is restricted to those employees who need it for the purpose of processing specific functions for which they are duly mandated and authorised, and this policy is governed by the principle of necessity.
In order to achieve this level of security in the processing of information, oskon.tech carries out training and awareness-raising activities for its employees, and has a set of widely publicised internal rules that guide people towards protecting the privacy and confidentiality of the personal data that data subjects entrust to us.
The compliance of the measures with the objectives to be achieved is checked regularly through internal or external audits, using the best practices and techniques available on the market.
The confidentiality, availability and resilience of information systems are guaranteed even in the event of a physical or technical incident, with the ability to restore access to information through regular backup mechanisms.
3. What Personal Data is Processed
In the normal course of its business, oskon.tech collects and processes the professional and personal data necessary to carry out the tasks and functions it proposes to perform within the scope of providing contracted services and, to this end, it requests and relies on the authorisation and consent of its Clients and potential Clients who provide or authorise access.
It also processes personal data that is necessary for the fulfilment of legal obligations to which it is subject or for the satisfaction of its own legitimate interests.
4. Treatment regime
Personal data collected by oskon.tech is processed lawfully, fairly and transparently, in full compliance with national or European legislation or any applicable code of conduct.
Data may be processed automatically. Processing is limited to what is strictly necessary to fulfil the purposes for which it was collected.
5. Rights of Data Subjects
With regard to personal data collected and processed lawfully, oskon.tech grants data subjects all the rights provided for in national and European legislation, namely those enshrined in the GDPR.
5.1. Right to be informed
The data subject has the right to be informed in a concise, transparent and intelligible manner, using clear and simple language, of all their rights under the law.
5.2. Right of Access
The data subject has the right to obtain from oskon.tech all the information relating to their personal data, in particular with regard to the purposes of the processing, the categories of data processed, the recipients to whom the data will be disclosed, their expected retention period, to be informed of the origin of the data if they were not obtained directly and other information provided for by law and the GDPR.
5.3. Right of rectification
The data subject has the right to obtain from oskon.tech, without undue delay, the rectification of their inaccurate personal data, as soon as they make a declaration to this effect.
5.4. Right to erasure
The data subject has the right to have their personal data erased if it is no longer necessary for the purpose for which it was collected, if they have withdrawn their consent or object to its processing, if it has been processed unlawfully or to fulfil a legal obligation.
There are, however, exceptions provided for in the law that prevent this deletion, namely cases involving the exercise of freedom of expression and information, the fulfilment of a legal obligation or judicial defence that requires processing, reasons of public interest in the field of public health, for the purposes of public interest archives, scientific or historical research and for statistical purposes.
5.5. Right to Limitation
The data subject has the right to ask oskon.tech to restrict the processing of their personal data, particularly in cases where they dispute its accuracy or the data is no longer necessary for processing purposes.
This right may not be granted in the case of the fulfilment of a legal obligation or the exercise of a right in legal proceedings.
5.6. Portability rights
In the cases provided for by law, the data subject has the right to receive the data concerning them that they have provided to oskon.tech in a structured, commonly used and machine-readable format.
You also have the right to request that this information be transmitted directly to another data controller, as long as this is technically possible.
5.7. Right of opposition
The data subject has the right to object to the processing of their personal data for reasons relating to their particular situation, including profiling and direct marketing, and oskon.tech is obliged to cease such processing, unless processing in the public interest prevails or there are compelling legitimate reasons, or defence of a right in legal proceedings.
6. Exercising the Rights of Personal Data Subjects
To obtain any further clarification or to exercise any right provided for in national or European data protection law, data subjects may contact or consult the Data Protection Officer identified below.
Coordinating Director and DPO: Tiago Jacob
Email address: dpo@log.pt
Address: Rua Rodrigues Faria 103 – Edificio I, 4º andar – 1300501 Lisboa
You also have the right to lodge a complaint with the supervisory authority.
Portugal, the supervisory authority is the National Data Protection Commission. For more information go to www.cnpd.pt
7. Changes to the Privacy Policy
This Privacy Policy may be amended from time to time by publication on the oskon.tech website (https://oskon.tech).
Any changes of a significant nature will be communicated with the degree of publicity corresponding to their relevance, either by highlighting them in the online publication or, if justified, by individualised communication to the data subjects.