English (US)
 
+351 234 348 306
0Cart

Privacy Policy

The Privacy Policy of TROPHYFLASH LDA., hereinafter referred to as the company, establishes how it uses and processes the personal data of its customers (within the scope of the contract between the parties) and its potential customers, ensuring that all personal data processing activities that have been and are provided to it, are in accordance with the provisions of Regulation (EU) 2016/679, of the European Parliament and of the Council of 27 April 2016.

The company is a private limited company under Portuguese law, registered at the competent Commercial Registry Office, with registered office at Rua São Simão, Macida, 3740-408 Talhadas, Sever do Vouga, with legal person number no. 509402607.

Who is responsible for the processing of your personal data?

The company is responsible for the processing of the personal data of its customers and/or potential customers, which result from the submission of the respective Consent Form. By automated means or not, it is responsible for the processing of personal data from its collection, organization, storage to its deletion. The company is aware of and complies with the rules laid down for the processing of personal data, which are currently provided for in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016.

What personal data do we collect and what operations are carried out?

The personal data contained in the Consent Form are as follows:

  • Name
  • Locality
  • Email
  • Telephone (optional)
  • Full address
  • Tax identification number

Contracts that can be concluded with customers may contain these same elements.

Regarding data processing operations, we inform:

  • The collection of data is done through the consent form or when the contract for the provision of services and/or supply of goods is signed with the customer, whether it is carried out in person or electronically. If it is electronic, the customer voluntarily registers on the company's electronic portal, which is intended to send emails, news, newsletters and commercial information to the customer, various documents and accounting and tax documents. If it is manual, the customer provides his personal data in the counter services, expressly consenting to this purpose.
  • The recording, organization, and storage of this data can be done electronically and, if so, it is recorded on monitored servers. If the registration is carried out manually, it will be stored in a documentary archive. In both situations, the data is intended to be stored for sending to customers emails, news, newsletters and commercial information to the customer, various documents and accounting and tax documents.
  • The retrieval, consultation, use, disclosure by any form of availability, are carried out only with the intervention of authorized persons, with restricted access and within the scope of the purposes of this privacy policy. Following loss of access, the customer may request in writing requests for access, correction or consultation. The customer remains solely responsible for the data provided since Trophyflash, Lda. does not access customer profiles without authorization or prior written request from customers.
  • Limitation, deletion or destruction always correspond to actions triggered by the will of the data subject, after their prior consent, and at their request. If the customer wishes to modify, correct or delete the personal data stored, he may contact Trophyflash, Lda. in writing. In the event of detection of abusive use of the platform, the company reserves the right to permanently delete or destroy the data stored on our servers. The entity contracted to store the data ensures that the data is definitively deleted when requested. The customer has the right to verify and confirm directly with the contracted entity to ensure the storage of the data, the definitive destruction of the data concerning him. This contact must be requested in advance in writing to Trophyflash.
  • Data Organization: customers' personal data is processed electronically and integrated into the servers of a data storage service entity (cloud hosting provider). Trophyflash, Lda. guarantees that the entity contracted for the organization of the data will maintain the integrity and security of the stored data. The contracted company is an active member of the CISPE - Cloud Infrastructure Services Providers in Europe organization, recognized by the European Commission's Data Center. The customer has the right to contact the contracted entity directly for data storage. This contact must be requested in advance in writing.
  • Storage, adaptation or alteration: the customer has every right and freedom to change the data provided. The customer may also request information about the processing of his personal data directly in writing free of charge. The customer also has the right to demand the correction of the personal data if it is incorrect. Customers' personal data will not be passed on to third parties.
  • Comparison or interconnection: the company does not carry out this type of activity.

The personal data indicated to the company within the scope of the execution of the contractual relationship between the parties will be processed with a view to marketing products and services marketed by the company, and the updating of data and the provision of express and explicit consent for its use and processing is essential for the customer to receive emails, news, commercial information and billing documents by the company.

The personal data provided will only be used for the purposes indicated above, will not be transmitted to third parties, nor will they be used for purposes other than those for which consent was given, and the possibility of accessing, archiving, storing and processing the data provided is very relevant for the proper execution of the services provided and the goods sold.

In the case of customers, the communication of personal data provided to the company is mandatory by law and for full compliance with the contracted obligations.

What rights are guaranteed?

The company guarantees compliance with the right of access, rectification, erasure, limitation of processing, data portability and opposition. In other words, the customer has the right, whenever he wants, to ask TROPHYFLASH to:

  • Access your data
  • request rectification of your data
  • Request the erasure of your data
  • request restriction of processing of your data
  • Object to the processing of your data
  • request the portability of your data to an entity indicated by you.

It should be noted, however, that if there is a legally imposed rule or obligation, court sentence or administrative decision that overrides these rights, the company will reserve the impossibility of executing the request, indicating the respective grounds.

Compliance with these legal rights is guaranteed by complying with the rules and criteria that densify the company's policy in this matter.

What are the purposes inherent to the data provided?

The personal data that were submitted in the Consent Form or that were indicated within the scope of the execution of the contract in force between the company and its customers, will be processed in order to carry out marketing of products and services marketed by Trophyflash, such as:

  • Information on news, campaigns and news
  • Event Invitations
  • Training or workshops
  • Other disclosures related to Company products

How do we keep your personal data secure?

TROPHYFLASH has a partnership with a company specialized in information security, with whom a contract and confidentiality agreement has been signed, regarding the management and monitoring of the servers where your personal data is stored. We use a variety of security measures, including encryption and authentication tools, to help protect and maintain the security, integrity, and availability of your personal data.

How long do we keep your personal data?

For the purposes described in this Privacy Policy, your data will be kept for a period of two years, from the granting of consent. In the case of customers, the granting of consent is associated with the effective date of the formalized service provision contract.

Some time before the expiry of the period of storage of your data, indicated in the previous paragraph, you will be invited to renew your consent. If you do not do so, your personal data will be irreversibly anonymized (anonymized data may be stored) or securely destroyed.

What is the response and response time to the holders of personal data in the context of the exercise of the guaranteed rights and in the context of violation of them?

As part of the exercise of the rights guaranteed, the controller must respond as soon as possible, within a maximum period of 30 days. If you need to extend the deadline, you can extend it but you have to justify the reasons and the procedure for doing so, and electronically facilitated means are provided for this purpose, especially when the data is also processed in this way. In case of refusal, the reasons for the refusal and the possibilities and means of reaction must be sent.

In the context of the violation of the same, within 70 hours, the data controller will send an email to the holder of the personal data that was violated, informing them of the scope of the violation, as well as the protocol / procedure for responding to the action to be taken to resolve the problem. For technical reasons, the deadline for response may be extended, and the reasons for such extension must be justified.

How can you view and change your personal data or withdraw your consent?

At any time, with effect for the future, you may use the following communication channels:

  • Email: dados@estudiopt.pt
  • address: Rua Santa Rita, 45 / 3810-167 Aveiro

To consult or change your data, you must use the communication channels indicated above.

To withdraw your consent, you can click here or copy the following https://www.estudiopt.pt/news/unsubscribe address into your browser and fill in the relevant form. Alternatively, you can also use the communication channels. The withdrawal of consent does not compromise the lawfulness of the processing carried out on the basis of the consent previously given. If you do so, you will no longer be contacted and no longer receive communications for the purposes described in this Privacy Policy. If you are covered by a continuing contract with Trophyflash, consent is linked to the duration of the contract.

The telephone contact for further clarification is the number 234348306 (Call to national fixed network).

How can I file a complaint?

If you consider that your data is not being processed in accordance with applicable legislation, namely European and national, you may contact TROPHYFLASH for clarification on such processing. Even so, if you wish, we remind you that you have the right to file a complaint with a supervisory authority (e.g. National Data Protection Commission: https://www.cnpd.pt/bin/duvidas/queixas_frm.aspx) or another that may be legally indicated as such.

Your exercise of this right to complain is subject to certain exceptions aimed at safeguarding the public interest (prevention or detection of crime).

Can the Privacy Policy change?

If the legislation changes and there are technological evolutions, it is possible that the privacy policy in force in the company will be changed, becoming available online.