PRIVACY AND PERSONAL DATA PROTECTION POLICY
BlueOtter’s approach to personal data protection is to reduce the information collected to the absolute minimum required. No personal data is collected from you simply by browsing our website, and, if you decide to contact us, we undertake not to transfer, share or publicly disclose your personal data.
Any data you submit by email or through our contact form shall only be used for the appropriate response to your contact.
1. COOKIES
1.1. Like most websites, this website uses cookies. Cookies used on this website are completely anonymous, not disclosing information regarding your personal data, and serve only to recall the preferences of each user (for example, the language you choose) during visits and between them, and also to make a count and track visits.
1.2 Cookies stored may be deleted at any time from your browser options. This can be made in all of the most popular browsers. You may also disable the use of cookies on your browser, however this may limit the usability of this website.
2. COUNTING AND TRACKING VISITORS
2.1. This website tracks visits anonymously through Google Analytics (GA). GA is a tool that collects and analyses data on the interaction of users with the website.
2.2. This data allows us to understand how users navigate our website and to optimise it accordingly. Reports provided by GA tell us the number of visitors, how they get to our website, how they navigate and use the different pages.
2.3. Although GA registers data about your geographical location (vaguely), device, browser and operating system, none of this information is collected in such a way as to personally identify any visitor.
2.4. For the purpose of counting and tracking visits, we use Google (Privacy policy, in English) for processing data. Google complies with the EU-U.S Privacy Shield regulation (website in English).
2.5. GA uses cookies. You can consult more information on this use on the following link (in English): Google’s developer guides.
2.6. By disabling cookies on your browser, you are preventing GA from recording any data about your visit to our website.
3. CONTACT FORMS AND EMAIL LINKS
3.1. Your personal data will be collected if you contact us by email or through the contact form. The personal data you provide to us will not be permanently recorded on our website, nor will they be transferred or shared with any external entities.
3.2. The information you submit will be sent to us by email, to a TLS-protected server. The email content is encrypted by using 256-bit SHA-2 cryptography, before it is sent.
4. ABOUT THE SERVER OF THIS WEBSITE
4.1. This website is hosted at Hocnet, in a datacentre located in Portugal.
4.2. All communication between this website and the browser is encrypted and sent via HTTPS.
1. TYPE OF PERSONAL DATA COLLECTED
1.1. The following personal data are collected when you submit the contact form: name, address, email address and telephone number.
1.2. The following personal data are collected when you send us an email in job applications: name, email address, telephone number and curriculum vitae.
1.3. The following personal data are collected when you send us an email for any other purpose: name, email address and telephone number.
1.4. The following personal data are collected when you fill out our customer and supplier form: name, address, place, postcode, telephone number, fax, email, taxpayer number.
2. RESPONSIBLE FOR DATA PROCESSING, SUB-PROCESSORS AND OTHER RECIPIENTS
2.1. BlueOtter is responsible for processing the personal data collected. You may contact us at:
BlueOtter
Telephone: 265115370
Email: compliance@blueotter.pt
2.2. CITRI and PRORESI are companies of the BlueOtter group, so your personal data may be accessed by these companies, always under the terms and for the purposes described in this Privacy Policy. These companies are also required to comply with the GDPR with regard to the processing of your personal data.
2.3. BlueOtter, as responsible for your personal data processing, declares that it has a written agreement with all Sub-processors, through which they undertake to comply with the GDPR, and your personal data are only processed by them under the terms and conditions described therein, for the purposes set forth herein, and to the extent strictly necessary.
3. PURPOSES OF DATA PROCESSING
3.1. BlueOtter collects and processes your personal data only to appropriately respond to your contact, as well as for the following purposes:
3.2. BlueOtter undertakes not to transfer your data to other persons or entities without your prior consent, nor to transfer data to third countries without your prior consent.
4. GROUNDS FOR DATA PROCESSING
4.1. The basis for the collection and processing of personal data when they are collected by filling out the contact form, by sending an email for job applications or by sending an email for any other purpose is consent.
4.2. The basis for the collection and processing of personal data when they are collected by filling out the customer or supplier form is consent, the performance of a contract or pre-contractual arrangements at the request of the data subject.
5. DATA STORAGE PERIOD
5.1. The period of time during which data is stored and kept varies according to the purpose for which the information is processed, as well as the applicable obligations and legal requirements that may require data to be kept for a minimum period of time.
5.2. Thus, and where there is no specific legal obligation, data shall be stored and kept only for the minimum period necessary for the purposes that led to their collection or subsequent processing, after which they shall be deleted.
6. RIGHTS OF THE DATA SUBJECT
6.1. The following rights of data subjects are ensured, under the terms of the applicable legislation:
Comissão Nacional de Proteção de Dados – CNPD
Rua de São Bento, n.º 148, 3º
1200-821 Lisboa
Phone: 351 213928400
Fax: +351 213976832
e-mail: geral@cnpd.pt.
6.2. You can use the following contacts to exercise your rights:
compliance@blueotter.pt | Telephone 265115370.
7. USER CONSENT AND RIGHT TO CHANGE OR WITHDRAW CONSENT
7.1. By providing us your personal data through our website, namely by filling out the contact form, sending emails or filling out the customer or supplier form, you give consent to the processing of your personal data mentioned above, under the terms and conditions contained in this privacy and data protection policy, for the purposes identified herein.
7.2 The consent provided may be amended or withdrawn at any time, with effect to the future, through the contacts of the responsible for data processing mentioned above. The withdrawal of consent does not compromise the lawfulness of the processing carried out up to that date.
7.3. After you have withdrawn your consent, you will no longer be contacted and receive communications for the purposes described in this privacy policy.
8. RESPONSIBILITY OF THE DATA SUBJECT
As data subject and user of this website, you declare that you are 16 years old or over and that the data you provide to BlueOtter are true, accurate, complete and updated. You are responsible for the accuracy of all the data you provide and for keeping them duly updated.
9. EXISTENCE OF AUTOMATED DECISIONS
We do not use any type of profiling nor adopt any automated decisions.
10. SECURITY MEASURES
10.1. BlueOtter declares that it complies with all the provisions of the GDPR - General Data Protection Regulation (Regulation EU 2016/679 of the European Parliament and of the Council, of 27 April 2016).
10.2. BlueOtter has implemented the necessary technical and organisational security measures to ensure the security of the personal data it collects and processes, and to avoid its alteration, loss and unauthorised processing and/or access, taking into account the state of technology, the nature of the data stored and the risks to which they are exposed.
10.3. This website has security measures to prevent unauthorised access. Any brute-force authentication attempt quickly results in turning into lock mode. We also filter and sanitise all information submitted in forms to prevent code injections. The servers and software involved in the operation of this website are regularly monitored and updated in order to prevent security vulnerabilities, and any new tools and practices that may arise will be considered and promptly implemented if deemed relevant. In addition, in the event of any security breach, no personal data of the user is stored on the platform of this website.
11. LINKS
The BlueOtter website may include hyperlinks to other websites that are not operated or controlled by it. As such, BlueOtter does not guarantee or is liable for the lawfulness, reliability, usefulness, truthfulness and timeliness of the content of those websites or their privacy policies, which may differ from ours. Thus, please bear these factors in mind before you pass on your personal information to those websites.
12. PERSONAL DATA BREACH
12.1. When a personal data breach occurs that could pose a high risk to your rights and freedoms, BlueOtter must notify you of such breach in a timely manner.
12.2. Such notification must include the nature of the personal data breach; the indication of a contact point where more information can be obtained; the description of the likely consequences of the personal data breach; the description of the measures taken or proposed by the responsible for data processing in order to remedy the personal data breach, including, where appropriate, measures to mitigate any possible adverse effects.
13. AMENDMENTS TO THE PRIVACY POLICY
If we update our privacy policy, it shall be posted on your website. If we materially modify how we process your personal data, we will notify you in advance, or, when legally required, we will ask for your consent prior to the implementation of such changes.
The most recent change to this privacy policy was made on 24 May 2018.