Skip to content Skip to sidebar Skip to footer
PAF Advogados
PAF Advogados

Privacy Policy

Close

PAF Advogados SP RL is guided by the respect for your personal data and privacy.

This Data Protection and Privacy Policy aims to clearly and concisely explain how PAF Advogados SP RL processes your Personal Data and ensures your privacy in the development and execution of its activities, including:

  1. Data Controller
  2. Principles applicable to the protection of your Personal Data
  3. Personal Data, Data Processing, and Data Subject
  4. Categories of Personal Data processed by PAF Advogados SP RL
  5. Purposes of processing your Personal Data
  6. Legal basis for processing
  7. Retention period of your Personal Data
  8. Sharing your Personal Data
  9. Your rights and how to exercise them
  10. Security of your Personal Data
  11. Confidentiality
  12. Cookies
  13. Contacts
  14. Changes to this Data Protection and Privacy Policy
  1. DATA CONTROLLER

The entity responsible for processing your Personal Data is PAF Advogados SP RL, determining, among other things:

  • The Personal Data to be processed in the context of the provision of services;
  • The purposes for which your Personal Data is processed; and,
  • The means to be applied for the processing of your Personal Data.
  1. PRINCIPLES APPLICABLE TO THE PROTECTION OF YOUR PERSONAL DATA

In the context of the relationship established with you, the processing of your Personal Data by PAF Advogados SP RL follows the general principles outlined in the General Data Protection Regulation (“GDPR”), including:

  • Ensuring that your Personal Data is processed lawfully, fairly, and transparently (“Principle of lawfulness, fairness, and transparency”);
  • Collecting your Personal Data for specific, explicit, and legitimate purposes and not processing the same data in a way incompatible with those purposes (“Principle of purpose limitation”);
  • Ensuring that only adequate, relevant, and limited Personal Data is processed, strictly necessary for the purposes for which it is processed (“Principle of data minimization”);
  • Adopting appropriate measures to ensure that inaccurate Personal Data, considering the purposes for which it is processed, is erased or rectified without delay (“Principle of accuracy”);
  • Retaining Personal Data in a way that allows identification only for the period necessary for the purposes for which it is processed (“Principle of storage limitation”);
  • Ensuring that your Personal Data is processed in a way that guarantees its security, including protection against unauthorized or unlawful processing, and against accidental loss, destruction, or damage, by adopting appropriate technical or organizational measures (“Principle of integrity and confidentiality”).

Additionally, despite not being expressly stated in the GDPR, PAF Advogados SP RL processes your data by applying technical and organizational measures to ensure Data Protection by Design and by Default, so that your Personal Data is treated according to best practices from the moment of collection until its destruction.

  1. PERSONAL DATA, DATA PROCESSING, AND DATA SUBJECT

Personal Data includes all information and/or elements that, regardless of their support, can identify you or make you identifiable, directly or indirectly, by PAF Advogados SP RL, especially by reference to an identifier, such as a name, an identification number, your location data, and/or electronic identifiers or one or more specific elements of your physical, physiological, genetic, mental, economic, cultural, or social identity.

Data Processing means the operation or set of operations carried out on Personal Data of Data Subjects, by automated or non-automated means, from the collection of information to its destruction. Within this cycle, operations include registration, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, transmission, dissemination, or any other form of making available, comparison, or interconnection, limitation, erasure. The concept of Data Processing is broad and applies to all operations or set of operations carried out by PAF Advogados SP RL regarding your Personal Data.

In the context of the activities carried out by PAF Advogados SP RL, the Data Subject includes, but is not limited to, the client and/or former clients, potential clients, investors, partners, job candidates, employees and former employees, employees of partners, suppliers and service providers and their employees, applicants and claimants, and/or all individuals who have a relationship with PAF Advogados SP RL and to whom the Personal Data relates.

PAF Advogados SP RL only processes the personal data of minors in strict compliance with personal data protection legislation and other applicable laws or when provided by parents or a legal guardian who expressly consents to such collection. If PAF Advogados SP RL discovers that it has inadvertently collected personal data from a minor under 18 years old, it will immediately delete the records with the personal data of that minor. If you are a parent with parental responsibilities for a child and become aware that the child has provided us with information, please contact us through the detailed means below so that PAF Advogados SP RL can, together with you, resolve the issue.

  1. CATEGORIES OF PERSONAL DATA PROCESSED BY PAF ADVOGADOS SP RL

In carrying out its activities, PAF Advogados SP RL processes Personal Data from a significant set of categories of Data Subjects. The Personal Data that PAF Advogados SP RL collects depends on the nature of the interaction but may include the following:

  1. Personal contact data: name, surname, postal address, phone number or mobile phone, fax number, email address, or other similar contact information.
  2. Business data for service provision: data related to the provision of services, billing data, payment data, and/or information in the context of responding to any questions, requests, or complaints.
  3. Account data: Mode of service acquisition, your transaction, billing history, and assistance in the context of the services provided by PAF Advogados SP RL that you use or any other related information.
  4. Demographic data: country, gender, age, preferred language, general education and professional history, as well as general interest data about work.
  5. Preference data: Information about the preferences and interests of the Data Subject, to the extent that it is related to the services and how the Data Subject prefers to receive communications.
  6. Social media data: Information shared on social networks in interaction with PAF Advogados SP RL, where transparency is ensured through the existence of appropriate privacy policies.
  7. IT usage data: User ID, roles, rights, login times, computer name, and IP address.

Please note that you are not required to share your Personal Data with PAF Advogados SP RL. However, if you choose not to share your personal information, in some cases, PAF Advogados SP RL may not be able to provide the services you require, ensure certain specialized features, or respond effectively to any questions you may have.

  1. PURPOSES OF PROCESSING YOUR PERSONAL DATA

In accordance with the “Principle of purpose limitation,” the development and execution of the various activities pursued by PAF Advogados SP RL involve a relevant set of purposes for the processing of your Personal Data, such as:

  1. Accounting, Tax, and Administrative Management: client management, supplier management, administrative management, and economic and accounting management;
  2. Commercial and Marketing Activities: contact management, client management for the provision of services, marketing activities, and surveys and opinion polls;
  3. Creation and Profiling Analysis;
  4. Human Resources Management: personnel selection and recruitment;
  5. Electronic Communications Management: management of website usage and retention of traffic data;
  6. Compliance with Legal Obligations: transfer of data to third parties.
  1. LEGAL BASIS FOR PROCESSING

In reference to the “Principle of Lawfulness,” in the development and execution of its activities, PAF Advogados SP RL only processes your Personal Data when there is a lawful basis legitimizing the processing, namely:

Consent: PAF Advogados SP RL will only process your Personal Data if you consent to its processing through a free, specific, informed, and explicit expression of will, by which you accept, through a statement (in writing or orally) or an unequivocal positive act (by filling out an option), that your Personal Data be processed.

Pre-contractual procedures or the execution of a contract: PAF Advogados SP RL may process your Personal Data if it is necessary, without limitation, for the execution of a service provision contract in which you are a party as a Employee, Client, and/or Supplier, or to carry out pre-contractual measures at your request.

Compliance with a legal obligation: PAF Advogados SP RL may process your Personal Data to ensure and guarantee compliance with legal obligations to which it is subject under the laws of a Member State and/or the European Union.

Protection of vital interests of the Data Subject: PAF Advogados SP RL may process your Personal Data to ensure the defense of your vital interests, especially when the same processing is essential to your life.

Legitimate interests: PAF Advogados SP RL, other Data Controllers, or Third Parties may process your Personal Data, provided that such processing does not prevail over your interests or fundamental rights and freedoms.

  1. RETENTION PERIOD OF YOUR PERSONAL DATA

In reference to the “Principle of storage limitation,” PAF Advogados SP RL retains your Personal Data only for the period necessary for the specific purposes for which it was collected. However, PAF Advogados SP RL may be obliged to retain some Personal Data for a longer period, taking into account factors such as:

  • Legal obligations under the laws in force to retain Personal Data for a certain period;
  • Prescription periods under the laws in force;
  • (Possible) Disputes; and,
  • Guidelines issued by competent data protection authorities.

During the period of processing your Personal Data, PAF Advogados SP RL ensures that they are treated in accordance with this Data Protection and Privacy Policy. Once your data is no longer needed, PAF Advogados SP RL will securely delete it.

  1. SHARING YOUR PERSONAL DATA

Subcontractors: Your Personal Data may be shared with companies responsible for providing services to PAF Advogados SP RL. These companies are bound by a written contract, and they can only process your Personal Data for the purposes specifically established and are not authorized to process your Personal Data, directly or indirectly, for any other purpose, for their own benefit, or for the benefit of a third party.

Other Data Controllers and/or Third Parties: Your Personal Data may be shared internally with other companies of PAF Advogados SP RL that will comply with the applicable data protection rules according to the purposes assigned to the processing performed.

At your request and with your consent, your Personal Data may be shared with other entities.

In compliance with legal and/or contractual obligations, Personal Data may also be transmitted to judicial, administrative, supervisory, or regulatory authorities, as well as to entities that lawfully carry out data compilation actions, actions to prevent and combat fraud, market research, or statistical studies.

  1. YOUR RIGHTS AND HOW TO EXERCISE THEM

As the Data Subject of Personal Data processed by PAF Advogados SP RL, you have the right of access, rectification, limitation, portability, erasure, and the right to object to the processing of Personal Data, under certain circumstances, which can be exercised in accordance with this chapter of the Data Protection and Privacy Policy.

Right to information provision: You have the right to obtain clear, transparent, and easily understandable information about how PAF Advogados SP RL uses your Personal Data and what your rights are.

Right of access: You have the right to obtain information about what Personal Data PAF Advogados SP RL processes (if it is processing) and certain information (similar to that provided in this Data Protection and Privacy Policy) about how that data is processed.

This right allows you to be aware and confirm that we use your data in accordance with data protection laws.

PAF Advogados SP RL may refuse to provide the requested information whenever, to do so, PAF Advogados SP RL must disclose Personal Data of another person, or the information negatively impacts the rights of another person.

Right to rectification: If your data is incorrect or incomplete (e.g., if your name or address is wrong), you may ask PAF Advogados SP RL to take reasonable steps to correct it.

Right to erasure of data: This right is also known as the “right to be forgotten” and, simply put, allows you to request the deletion or elimination of your data, provided that there are no valid reasons for PAF Advogados SP RL to continue using it or its use is unlawful. It is not a generic right to erasure, as exceptions are allowed (e.g., when this data is necessary for the defense of a right in a judicial process).

Right to limitation of processing: You have the right to “block” or prevent the future use of your data while PAF Advogados SP RL assesses a request for rectification or as an alternative to erasure. Whenever the processing is limited, PAF Advogados SP RL can still store your data, but cannot use it later. PAF Advogados SP RL keeps a list of data subjects who have requested the “blocking” of the future use of their data to ensure that this limitation is respected.

Right to data portability: You have the right to obtain and reuse certain Personal Data for your own purposes in various organizations. This right applies only to your own data that you have provided to PAF Advogados SP RL and that PAF Advogados SP RL processes with your consent and data processed by automated means.

Right to object: You have the right to object to certain types of processing, for reasons related to your particular situation, at any time when such processing is taking place, for the legitimate interest of PAF Advogados SP RL or Third Parties. PAF Advogados SP RL may continue to process this data if it can prove “overriding legitimate grounds for the processing that override your interests, rights, and freedoms” or if this data is necessary for the establishment, exercise, or defense of a right in a judicial process.

Right to lodge a complaint: You have the right to lodge a complaint with the competent supervisory authority, the National Data Protection Commission – CNPD, if you believe that the processing of Personal Data violates your rights and/or applicable data protection laws.

You may, at any time, in writing, exercise the rights established in the applicable legislation on the protection of personal data via the email address [email protected]

  1. SECURITY OF YOUR PERSONAL DATA

Your Personal Data will be processed by PAF Advogados SP RL, in the context of the purposes identified in this Policy, in accordance with PAF Advogados SP RL’s internal policies and standards and using appropriate technical and organizational measures to promote their security and integrity, especially regarding unauthorized or unlawful processing of your personal data and its accidental loss, destruction, or damage.

Without limiting, PAF Advogados SP RL uses logical and physical security requirements and measures to ensure the protection of your Personal Data by preventing unauthorized access, ensuring that information storage is done on secure computers in a closed information center, and implementing control procedures to ensure compliance with PAF Advogados SP RL’s security policies.

However, since the transmission of information over the Internet is not completely secure, PAF Advogados SP RL cannot guarantee the security of your Data when transmitted over an open network.

  1. CONFIDENTIALITY

PAF Advogados SP RL acknowledges that the information you provide to us may be confidential. PAF Advogados SP RL does not sell, rent, distribute, or commercially make available or otherwise provide Personal Data to any third party, except in cases where it needs to share information with Service Providers for the purposes set out in this Data Protection and Privacy Policy. PAF Advogados SP RL preserves the confidentiality and integrity of your Data and protects it in accordance with this Data Protection and Privacy Policy and all applicable laws. 

  1. COOKIES

PAF Advogados SP RL uses cookies to collect information about the use of the website. Whenever you use the website, PAF Advogados SP RL processes your Personal Data collected through the use of cookies in accordance with our Cookie Policy.

For more information on the use of cookies, we recommend reading and analyzing the Cookie Policy and regularly consulting it to check for the most updated versions.

  1. CONTACTS

If you have any questions or want more information about how we process your Personal Data and our information security practices, please do not hesitate to contact us at the following addresses:

Email: [email protected]

Address: Rua São Francisco Xavier n.º 115 | Sala 2 | 4150-673 Porto

  1. CHANGES TO THIS DATA PROTECTION AND PRIVACY POLICY

PAF Advogados SP RL may periodically update this Data Protection and Privacy Policy, as well as any other specific data protection and privacy statements. When making changes to this Data Protection and Privacy Policy, a new date will be added to the end of the Data Protection and Privacy Policy.

Date: February 2024