This Privacy and Personal Data Protection Policy explains the terms under which INOVFITNESS LDA, hereinafter FITTEST, processes the personal data of Customers, as well as the rights they may exercise, in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and the Council – General Data Protection Regulation (GDPR) – and other applicable national legislation on privacy and data protection.
FITTEST recognizes the importance of protecting your personal data, whatever its nature and we value, above all, honesty and transparency, so that we can build a solid and lasting relationship with our customers, based on trust and mutual benefit.
To facilitate understanding of this Policy, the following definitions are used:
• Personal Data: any information relating to an identified or identifiable natural person (the “data subject”); an identifiable person is a person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, identification number, location data, identifiers electronically or to one or more specific elements of the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
• Processing of personal data: it is an operation or a set of operations carried out on personal data or on sets of personal data, by automated or non-automated means, such as the collection, registration, organization, structuring, conservation, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, diffusion or any other form of availability, comparison or interconnection, limitation, deletion or destruction;
• Responsible for the Treatment of Personal Data: natural or legal person who determines the purposes and means of processing personal data.
• Supervisory authority: European Data Protection Supervisor (EDPS) who is responsible for supervising the correct application of legislation on the protection of personal data.
• Cookies: computer files that contain a sequence of numbers and letters that make it possible to uniquely identify a user’s internet access device, but may contain other information such as their browsing preferences on a given website. Cookies are downloaded via the browser to the internet access device (computer, mobile phone, tablet, etc.) when certain websites are accessed;
Entity Responsible for Data Processing
The entity responsible for processing the data is INOVFITNESS LDA.
FITTEST treats the personal data it collects within the scope of the commercial relationship established with Customers, and within the scope of compliance with applicable legal and regulatory obligations.
When processing data that FITTEST does, it observes principles of lawfulness, loyalty and transparency; limitation of purposes; minimization of data; accuracy; conservation limitation; integrity and confidentiality and responsibility.
Basis for Data Processing
In the pursuit of its activity, the processing of data to which FITTEST proceeds fits into determined, explicit and specific purposes, and the data subjects are guaranteed information duties. Such treatment is based on:
– In the fulfillment of legal obligations;
– Within the scope of the execution of contracts to which the data subjects are part or in pre-contractual steps at their request;
– And also in the consent of the data subject.
INOFITNESS LDA – Rua das Salinas 96CE, 4480-460, Vila do Conde – NIF 513 887 784
Rights of holders of personal data
FITTEST ensures Customers the exercise of the rights of access, rectification, opposition, deletion and limitation of treatment Customers also have the right to submit a complaint to the European Data Protection Supervisor (EDPS)
How to exercise rights
Customers can exercise the rights mentioned above, by means of a written communication presented at FITTEST’s registered office.
FITTEST observes the legal norms related to the periods of retention of personal data, and may retain them:
a) Up to ten years after the end of the contractual relationship;
b) As long as obligations arising from a contractual relationship remain;
FITTEST, in the pursuit of its activity, may use third parties – Subcontractors – to provide certain services, which may imply access by these third parties to the personal data of the data subjects. FITTEST ensures that, in these circumstances, the appropriate technical and organizational measures are taken in order to ensure that the subcontracted entities satisfy the applicable legal requirements and offer adequate data protection guarantees.
FITTEST guarantees adequate levels of security and protection of the personal data of the data subjects. For this purpose, it adopts several technical and organizational security measures, in order to protect personal data against loss, dissemination, alteration, treatment or unauthorized access, as well as against any other form of illegal treatment.