Art.1 Confidentiality rules

The general data protection regulation of 27 April 2016 (hereinafter the GDPR, which means the General Data Protection Regulation) shall apply from 25 May 2018. It imposes strict rules and conditions on companies and merchants as part of the processing of personal data of their customers and potential customers in order to protect their privacy.

We intend to communicate to our customers clear and accurate information about the processing of their personal data.


Art.2 The Representative

The “representative” of your personal data is the manager of Gloma, Lda to which he communicated his/her data.


Art.3 Legal basis for data processing and use

We may only use your personal data for legitimate and necessary purposes (Art. 6 GDPR):

Specifically, this means that we process your personal data, in electronic or non-electronic format, for legitimate purposes in the context of the contractual, commercial and security/protection relationship.

These purposes are, in particular, but not only the following:

  • Communication of information, offers and newsletter;
  • communications in the context of the performance of a supply contract;


Art.4 What is personal data

Personal data includes all information that concerns your business and on the basis of which you may be identified. Anonymous data, which does not directly identify you, is not considered personal data. Your personal data may therefore include:

  • Data relating to your identity (name, address, taxpayer number, company phone number, etc.);
  • Personal status data (phone number, personal email, etc.);
  • Financial data (bank account number, billing details, …);
  • Data relating to the performance of the contract concluded with us (subject of the contract, mode of collection, professional data, etc.);
  • Data relating to the use of electronic equipment, such as computers (password, registration data, electronic identification data, billing data, etc.);

Sensitive data:

The processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, as well as the processing of genetic data, biometric data with the aim of uniquely identifying a natural person, data relating to the sexual life or sexual orientation of a natural person.

We are committed to strictly complying with this prohibition.

How do we use your information?

Who do we share your information with?


Art.5 Sources and sources of personal data

In principle, the data we keep is provided by you. If you do not intend to provide the required or necessary information, you may lose the benefit of certain advantages and/or we may decide to terminate our services for you or your company.


Art.6 Access to personal data

Your data is primarily for internal use. For certain legitimate reasons, your personal data may be communicated, or even processed, by third parties. However, we will ensure compliance with GDPR regulations with our partners.


Art.7 data retention period

We have implemented the necessary means to ensure that the retention of personal data for the purposes described above does not exceed the legal deadlines.


Art.8 What are your rights?

We undertake to take appropriate technical and organisational measures to ensure the security of the processing of each person’s personal data (Art. 32 GDPR).

– Right of access (Art. 15 gdpr);

We grant everyone the right to access their own personal data and the right to obtain or make a copy of it when reasonable.

– Right of rectification (Art. 16 GDPR);

We recognize the possibility of requesting the rectification of wrong data.

– Right to forgetfulness (Art. 17 gdpr) and right to processing restriction (Art. 18 GDPR);

We are committed to allowing the deletion of your personal data, in particular in the following cases:

– Unnecessary data for the purposes for which it was collected or processed;

– In which it opposes processing;

– Where personal data has been subjected to illegal processing;

– The right to complain (Art. 77 of the GDPR) is used;

The customer has the right to lodge a complaint with the CNPD at any time if he considers that the processing of his/her personal data constitutes a violation of the GDPR.


Art.9. Our commitment

Our goal is to implement security techniques to protect stored data from unauthorized access, misuse, alteration, unlawful or accidental destruction, and accidental loss.


Art.10. Procedure in case of violations

It is always possible that the personal data processed in the context of the contractual relationship fall into the wrong hands due to human error, computer error, etc.

When rape represents a high risk to human rights and freedoms, we will inform you immediately of the facts and measures. We will ensure that the necessary measures are taken to notify the breach in question to the National Data Protection Commission within 72 hours of knowledge, unless the breach does not pose a high risk to personal rights and freedoms. (Art. 32-34 of the GDPR).


art. 11. assent

You give your express, informed and unambiguous consent to the processing of personal data as described in this Privacy Notice. You have the right to withdraw your consent at any time upon simple written request.

We reserve the right to modify this Privacy Notice without notice