1. Responsible party identification
- Entity: IMPACTINGDIGITAL, LDA (hereinafter referred to as “ImpactingDigital“)
- Location: Rua Alfredo Allen, n.º 455 e 461, 4200-135 Paranhos, Porto
- NIPC: 516485539
- Phone: 300 404 470
- E-mail: rgpd@impacting.digital
2. Information and consent
The Law on Personal Data Protection (hereinafter referred to as “LPDP”) and the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council, dated April 27, 2016, hereinafter referred to as “GDPR”) guarantee the protection of individuals with regard to the processing of personal data and the free movement of such data.
In legal terms, personal data is considered to be any “information relating to an identified or identifiable natural person (“the data subject'”; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more specific factors relating to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
By accepting this Privacy Policy, the user is informed, for all purposes, through the website https://impacting-digital-staging.azurewebsites.net/, that their data will be included in a file under the responsibility of ImpactingDigital. The processing of such data, in accordance with personal data protection legislation, complies with appropriate technical and organizational security measures.
By using this website, you will be consenting to the terms described in this Privacy Policy (“Policy”).
ImpactingDigital maintains a database with the registration of its customers, consisting only of personal data provided by the data subject themselves at the time of registration, which are collected and processed automatically by ImpactingDigital, the entity responsible for the processing of personal data.
Under no circumstances will personal data regarding racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, data concerning health or sex life, genetic or biometric data, or data concerning sexual life or sexual orientation be requested.
Under no circumstances will ImpactingDigital carry out any of the following activities with the personal data provided through this website without the prior and express consent of the data subject:
- Assignment to other persons or entities;
- Transfer data outside the European Economic Area (EEA).
3. Purpose of personal data processing
The personal data collected and processed by ImpactingDigital are those voluntarily provided by you in the chatbots on this website. As this website is aimed at business contacts, by providing your data through the collection means, you agree that they will be processed in a business context.
The personal data processed through this website will be used solely for the following purposes, with the following legal bases, and within the following timeframes:
| PURPOSE | BACKGROUND | DATA COLLECTED | RETENTION PERIOD |
|---|---|---|---|
| Direct contact, business opportunity generation, and market research. | Legitimate interest of ImpactingDigital. | Name, company address, telephone, mobile phone, current employer, job position, email. | 2 years. |
| For website management operations of ImpactingDigital. | Consent for this specific purpose (cookies); Legitimate interests pursued by ImpactingDigital (ImpactingDigital has a legitimate interest in maintaining the normal functioning of the website). | Cookie data, IP address. | Cookie retention period. |
| For the purpose of analyzing usage data. | Consent for that specific purpose (cookies). | Cookie data, IP address. | Cookie retention period. |
| For fraud prevention and information system security purposes. | Legal obligations arising from the legal regime of cyberspace. | Cookie data, IP address. | Cookie retention period. |
ImpactingDigital guarantees the confidentiality of all provided data. Although ImpactingDigital collects and processes data securely, taking appropriate measures to prevent loss or manipulation, it should be noted that data collection over open networks allows for the circulation of personal data without security conditions, with the risk of being viewed and used by unauthorized third parties.
Failure to respond to the required data marked as mandatory implies the inability to fulfill the request of the data subject.
4. Security measures
ImpactingDigital states that it has implemented and will maintain the necessary technical and organizational security measures to ensure the security of personal data provided to prevent its alteration, loss, unauthorized processing, and/or access, taking into account the state of technology, the nature of the stored data, and the risks to which it is exposed.
Personal data is treated with the level of legally required protection to ensure its security and prevent its alteration, loss, unauthorized processing, or access, taking into account the state of technology. The user is aware and accepts that security measures on the Internet are not impregnable.
While we take care and precautions that we deem appropriate to protect the personal data you provide and collect, you should be aware that no security system is completely impenetrable.
Whenever accessing personal data, ImpactingDigital commits to:
- Store them under the legally required security measures, both technical and organizational, to ensure their security and prevent alteration, loss, treatment, or unauthorized access, taking into account the state of technology at any given time, the nature of the data, and the potential risks to which they may be exposed;
- Use the data exclusively for the purposes previously defined;
- Ensure that the data is processed only by employees whose intervention is necessary to fulfill the request of the data subject, and who are bound by the duty of secrecy and confidentiality. In the event that there is a possibility of the data being communicated to third parties for the aforementioned purposes, they will be obliged to maintain the proper confidentiality in accordance with the provisions of this document.
5. When to communicate data to third parties?
ImpactingDigital may rely on third parties to provide certain services, such as maintenance, technical support, or marketing, which may have access to some of the personal data, particularly the data necessary for the contracted purposes.
In the event of a merger, acquisition, transformation, dissolution, or insolvency of ImpactingDigital, your data may be transferred to third parties as a commercial asset, always in compliance with applicable legislation and while preserving your rights as a data subject, particularly regarding the consent given and the rights of objection, access, rectification, erasure, or blocking.
6. Third-party websites
The website may contain links to other websites that may collect and process your personal data, and such processing is solely the responsibility of the owners of that website.
ImpactingDigital is not responsible for the acts or omissions of third parties, particularly regarding links to other websites and their content. An example of such third parties is LinkedIn, accessible through the buttons present on the Website.
7. Marketing and communication
One of the purposes for which the personal data provided by users is processed is to send electronic communications with commercial and promotional information.
All such communications will be exclusively directed to users who have previously given their explicit authorization and are over 18 years of age.
By checking a box and clicking the “Accept” button (or equivalent) in the chatbots, you are consenting to receive electronic communications containing useful information for digital businesses, via email or mobile phone, sent by ImpactingDigital.
If you wish to stop receiving commercial or promotional communications from ImpactingDigital, you can object at any time by contacting us:
- By clicking on the unsubscribe link (usually marked “unsubscribe”) in any e-mail message you receive by virtue of your registration on this website;
- by sending a request to the following e-mail address: rgpd@impacting.digital, with the subject “Unsubscribe”;
- or by mail to the address indicated at the beginning of this Privacy Policy.
8. Exercising your rights and definitions
Before explaining how you can exercise your rights, you should know what they are. Thus, the law gives you the right to ask us to exercise the following rights:
(a) Access: the right to obtain confirmation as to whether or not personal data concerning you is being processed and, if so, the right to access your personal data;
(b) Rectification: the right to obtain the rectification of inaccurate personal data concerning you and the right to have incomplete personal data completed;
(c) Erasure: the right to obtain the erasure of your personal data when one of the grounds listed in the legislation applies;
(d) Restriction of processing: the right to obtain the restriction of processing when one of the grounds listed in the legislation applies;
(e) Opposition: the right to object at any time to the processing of personal data concerning you;
(f) Portability: the right to receive the personal data concerning you in a structured, commonly used, and machine-readable format.
Consequently, the user may exercise their rights of information, access, rectification, erasure, restriction, portability, and objection at any time by submitting a written request to ImpactingDigital through the following means:
- By mail to the address: Rua Alfredo Allen, n.º 455 e 461, 4200-135 Porto.
- By email to the following address: rgpd@impacting.digital.
9. Data transfer outside the European Union
If data transfers may occur to third countries outside the European Union, ImpactingDigital will comply with legal requirements, particularly regarding the adequacy of the destination country in relation to the protection of personal data and applicable requirements for such transfers. Personal data will not be transferred to jurisdictions that do not provide adequate security and protection guarantees.
10. Supervisory authority
In legal terms, the data subject has the right to file a complaint regarding the protection of personal data with the competent supervisory authority, the Comissão Nacional de Proteção de Dados (CNPD) www.cnpd.pt.
11. Changes in the privacy policy
ImpactingDigital reserves the right to adjust or modify this Privacy Policy at any time, and any changes will be published.