Privacy Policy

COMMITMENT

Provide clients with a privacy policy that offers an overview of how their data is processed, and what their rights are in this matter in accordance with Regulation 2016/679 of the European Parliament and Council – General Data Protection Regulation (GDPR) and other applicable legislation on privacy and data protection, including local legislation that complements the GDPR.

DATA CONTROLLER

The entity responsible for processing personal data is Detusware – Hardware Design, Unipessoal Lda, a company established under Portuguese law, with headquarters at Rua Eng. Duarte do Amaral, Nº 1273, Pavilhão 8 – Pencelo 4800-109 Guimarães, with Tax ID 514082658 (hereinafter, “Detusware”).

Detusware may also intervene in some processing activities where it may be qualified as a joint controller or processor, which will be informed to the data subject prior to processing.

DATA PROTECTION OFFICER

Detusware appoints a Data Protection Officer (“DPO”).

Any clarification regarding policies or practices related to privacy and information processing can be requested from the designated DPO by sending an email to info@detus.pt or by postal mail to Detusware’s address, to the attention of the DPO.

The DPO may also be contacted regarding subscription removal, consent withdrawal, or filing complaints based on a legal violation or of this privacy policy.

PERSONAL DATA PROCESSING

Data provided within the relationship between Clients and Clients’ Employees and Detusware are processed in accordance with the following principles:

  • lawfulness, fairness and transparency;
  • determined, explicit and legitimate purposes;
  • adequacy, relevance and limitation to what is necessary;
  • accuracy and updating when necessary;
  • storage limited to the necessary period;
  • security, with protection against unauthorized access, use or destruction.

PURPOSE, LEGAL BASIS AND RETENTION

Purpose: Detusware processes personal data for service provision, commercial support, institutional communication, and compliance with legal obligations.

Legal bases:

  • Execution of contracts and pre-contractual measures;
  • Legitimate interest (communication, direct marketing, service improvement);
  • Consent of the data subject;
  • Compliance with legal and fiscal obligations.

Retention periods:

  • For the duration of the contractual relationship and until the legal prescription period of obligations;
  • As long as there is valid consent or active commercial relationship (plus 6 months after termination);
  • Up to 10 years for compliance with legal and fiscal obligations;
  • 7 years in the context of prevention of money laundering and terrorist financing.

DATA COMMUNICATION

Data may be shared with processors, business partners, and legal authorities, always safeguarding the rights of data subjects and ensuring that recipients comply with the GDPR and other applicable legislation.

RIGHTS OF DATA SUBJECTS

The data subject may, at any time, exercise their rights by contacting the DPO:

  • Access to data;
  • Rectification or updating;
  • Limitation of processing;
  • Portability;
  • Opposition to processing;
  • Erasure (when legally applicable);
  • Withdrawal of consent (without affecting previous processing);
  • File a complaint with the CNPD (Portuguese Data Protection Authority).

DATA COLLECTION

Detusware may collect data from public sources and legally authorized entities for the purpose of contractual and legal compliance. Collected data includes name, email, phone, address, profession, language, location, among other relevant information.

OBLIGATIONS OF THE DATA SUBJECT

The data subject is legally obligated to provide information necessary for contractual and legal compliance, as well as to keep it updated.

INTERNATIONAL DATA TRANSFER

Data transfer outside the EU only occurs when:

  • It is necessary for the execution of a contract;
  • There is a legal obligation;
  • The data subject expressly authorizes it;
  • Or when using service providers that guarantee the same level of protection required in the EU.

DATA SECURITY

Detusware adopts appropriate technical and organizational measures to protect personal data against loss, destruction, unauthorized access or use. All data is treated confidentially and in accordance with legal standards and good security practices.

PROFILING

Detusware does not perform automated profiling with legal effects, except when necessary for the provision of services, with the data subject being previously informed and all their rights safeguarded.

COOKIES

Please consult our Cookie Policy.

CHANGES TO THE PRIVACY POLICY

Detusware reserves the right to change this privacy policy at any time. Regular consultation is recommended to stay informed of any updates.