Personal Data Protection
It is Finsolutia commitment to process all personal data, in the context of its activities, and in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. Finsolutia has adopted the technical and organizational measures considered appropriate for the protection of personal data to prevent the loss, misuse, alteration, unauthorized access and theft of the personal data provided.
For that purpose, Finsolutia commits to:
- Only collect data from data subject, and only those which are strictly necessary for the performance of their business activity or Human Resources Management (if data subjects are employees of Finsolutia);
- Whenever legally required, collect directly and previously the data subject consent, obtaining their authorization for its usage in the business environment of the company;
- Not sharing data subject information with other entities that do not have the necessary technical and organizational measures to ensure the regulation application;
- Report to the data subject, in accordance with applicable legislation, any anomalous situations that have occurred and pose significant risks to their fundamental rights and freedoms.
In addition, Finsolutia assures to data subjects that their data are:
- Subject to a lawful, fair and transparent processing;
- Collected for specific, explicit and legitimate purposes;
- Adequate, relevant and limited to what is required for the processing activities they are addressed;
- Preserved only for as long as necessary for the purposes for which they are processed;
- Processed in a manner that ensures their safety, including protection against unauthorized or unlawful processing, accidental loss, destruction or damage.
Finsolutia also guarantees the following rights to data subjects:
- To obtain with ease confirmation as to whether or not personal data concerning him or her are being processed;
- Rectification or erasure of personal data or restriction of processing personal data;
- To know and be informed of the processing purposes, the period during which are processed, the of identity any recipients, the rationale of hypothetical automatic processing and, at least when profiling is performed, of its consequences;
- To receive personal data in a structured, commonly used, of automatic reading and interoperable format (capable to be read and processed by any organization), for the transmission to other data controller;
- To complain within Finsolutia of any situation considered anomalous regarding the protection of personal data or privacy;
For the data subjects exercise of rights by as well as for other issues related to personal data protection, Finsolutia has appointed an element of the organization to perform the duties of “Data Protection Officer” whose responsibility is to ensure that the technical and organizational measures necessary for the effective protection of personal data and the privacy of data subjects are in place and are continually improving.
To exercise these rights, Finsolutia users can contact our offices:
- Lisbon: Av dos Combatentes, n.º 43, 12.º piso, 1600-042 Lisboa.
- Madrid: Calle de Cardenal Marcelo Spínola, 14, 1 planta 28016 Madrid
It is also the Data Protection Officer responsibility to:
- Promote the integration of technical and organizational measures, in the context of data protection and privacy, into company policies, processes and procedures;
- Promote the execution of awareness-raising actions on these matters, for Finsolutia employees or relevant third parties;
- Oversee the handling of any anomalous situation with negative impact on the fundamental rights and freedoms of data subjects;
- Promptly promote the execution of access validation processes assigned to users of the company's information and communication systems;
- Promote regular internal or external audits to validate compliance with established data protection and privacy rules and compliance with the regulation;
- Advise on the results of PIA's or DPIA's performed by the organization;
- Be the sole contact element between the company and the Local Data Protection Authority and between Finsolutia and the data subject.
Finsolutia will keep your personal data for necessary amount of time to provide the requested service and/or to achieve the intended treatment purpose and subsequently, will keep them for the legal periods that are applicable in each case, considering the type of data, as well as the purpose of the treatment.
In any case, the user can request detailed information on the data retention periods applied by contacting our Data Protection Officer
Finsolutia Data Protection Officer may be contacted at firstname.lastname@example.org