This information on personal data processing (hereinafter, “Information”) is given in accordance with Regulation (EU)/2016/679 (hereinafter, “GDPR”) and concerns the processing of personal data performed through the website https://www.odoomtd.co.uk/ by PROMPTEQUATION LDA , with registered office in Viseu, Rua do Hospital L6 5AD, 3500-161, Portugal, VAT number PT513695257, email email@example.com , in person of Diogo Duarte as its legal representative (hereinafter, “Controller”).
The Controller is
The Controller is located in Portugal and no representative has been appointed.
means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Data Controller or Controller
means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Data Processor or Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Through the website, the Collector collects and uses personal data to the extent necessary to provide the services described within the terms and conditions of the website, available at the following URL: [ https://www.odoomtd.co.uk/ ]. Personal data that might be collected, are:
• Identification information;
• Contact information;
• Payment information;
The Controller will only process personal data given by the data subject in accordance with the Information and collected through the website or through an email sent by the data subject himself. No data deriving from sources available to the public shall be treated.
In no event, special categories of data, such as those concerning health, shall be processed.
Browsing cookies, functionality cookies and session cookies allow the correct functioning of the website.
Session cookies are not permanently memorized on the device of the data subject but are automatically erased once the web browser is closed. Their use is strictly limited to the transmission of data related to each session. Session cookies are adopted to allow the correct and safe use of the website.
Statistical cookies : the website uses statistical cookies realized by the Controller or supplied by third parties. Statistical cookies allow to customise the website to visitor requirements, for instance by measuring the number of visits or the number of pages viewed. When cookies are realized by third parties, adequate tools are adopted in order to reduce their identifying power, for instance by hiding significant portions of the IP addresses processed by such cookies. The adoption of statistical cookies by third parties is subject to contractual obligations, which require third parties to use them solely for supplying the required service and to retain them separate from one another, without “enriching” them or “crossing” them with any additional information at their disposal.
Browsing data: computer systems and procedures responsible for the functioning of the website automatically acquire, whilst operating, some personal data concerning the data subject’s browsing history. For instance, within this category we may find:
IP addresses of computers used by users;
Number of accesses to the website;
Date and time of access;
URL where the browser was before our page;
Adopted operating system.
Personal data voluntarily provided by the data subject
Personal data freely and optionally provided by the data subject via email to one of the email addresses indicated on the website, may be acquired for purposes communicated to the data subject from time to time. Besides the email address, required to reply to the sender, additional personal data included within the same communication may be processed.
Personal data collected as such, will be retained and processed solely for the purpose of preserving them and sending correspondence and for no further purpose.
Regarding technical cookies and browsing data, personal data of the data subject are processed for the purpose of allowing the correct functioning of the website. In such case, the legal basis for the data processing is the legitimate interest of the Controller, in accordance with article 6, comma 1, point f) of the GDPR.
Regarding personal data freely given via email by the data subject, the processing of personal data allows to reply to the received requests. The legal basis of such data processing is the legitimate interest of the Controller to reply to those who show an interest in the Controller’s activities, in accordance with article 6, comma 1, point f) of the GDPR.
Regarding personal data given by the data subject, the legal basis of the data processing is the necessity of processing data in order to fulfil the contract and/or in order to handle pre-contractual relations, in accordance with article 6, comma 1, point b) of the GDPR.
The following subjects shall be the recipients of the data subject’s personal data:
• Organization auditors for accounting or legal reasons
The Controller may intend to transfer personal data to a third country or an international organization, such as:
Service providers which perform services on behalf of the Controller;
Suppliers of services belonging to the information society;
Commercial partners of the Controller.
The transfer of personal data to the aforesaid subjects is subject to an adequacy decision made by the European Commission after deciding that the third country or one or more specified sectors within that third country, or the international organization in question, ensures an adequate level of protection of personal data. However, if the Controller deems it appropriate to proceed with the transfer of personal data despite the lack of any adequacy decisions, the Controller reserves himself the right to conclude separate agreements with those subjects, requiring them to adopt adequate security measures to safeguard the transferred personal data. Personal data of the data subject may be transferred to the United Kingdom. To obtain a copy of the transferred personal data or to be informed on where personal data have been transferred to, the data subject shall send the Controller a written request to the following email address: firstname.lastname@example.org .
Personal data processed and retained for the correct fruition of the website shall be processed and retained for no longer than 12 months from their collection.
Personal data processed for contractual or precontractual purposes shall be processed for no longer than 10 years from the termination of the contract. In the event of precontractual negotiations that have not led to the conclusion of a contract, personal data shall be stored for no longer than 10 years from the ending of negotiations.
Personal data voluntarily given by the data subject to the Controller via email, are processed and stored until the data subject demands the Controller to proceed with their erasure.
The Controller, however, has the right to ask the data subject to renew his/her consent to the data processing and/or to verify the given consents.
With regard to personal data processed through technical cookies, the communication of such data is not a contractual obligation. However, it is a legitimate interest of the Controller, as, without it, it would be impossible to provide a perfectly functioning website.
Concerning personal data processed and retained for contractual and pre-contractual purposes, the communication of personal data is both a contractual obligation and a necessary requirement for the performance of pre-contractual negotiations and for the conclusion of the contract. The data subject has the faculty to provide personal data; however, in the event of failure to communicate such data, it will not be possible to conclude any contract or to establish any contractual negotiation.
Concerning personal data sent via email, the lack of consent will make it impossible to answer to the data subject’s requests.
Article 21 GDPR - Right to object
The data subject is granted with a right to object for the following motives:
• The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1), including profiling based on those provisions. The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.
• Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.
• Where the data subject objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.
In these cases, the data subject shall also have the right to object partially, for instance to the marketing emails sent through automated and/or digital tools, or to paper documents.
• Where personal data are processed for scientific or historical research purposes or statistical purposes pursuant to Article 89(1), the data subject, on grounds relating to his or her particular situation, shall have the right to object to processing of personal data concerning him or her, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
Article 15 GDPR – Right of access
The data subject shall have the right to obtain from the Controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and other specific information, pursuant to article 15 of the GDPR.
Article 16 GDPR – Right to rectification
The data subject shall have the right to obtain from the Controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement, pursuant to article 16 of the GDPR.
Article 17 GDPR – Right to erasure
The data subject shall have the right to obtain from the Controller the erasure of personal data concerning him or her without undue delay and the Controller shall have the obligation to erase personal data without undue delay where the grounds set out in article 17 of the GDPR apply.
Article 18 GDPR – Right to restriction of processing
The data subject shall have the right to obtain from the Controller restriction of processing where the grounds set out in article 18 of the GDPR apply.
Article 20 GDPR – Right to data portability
The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to the Controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another data controller without hindrance from the Controller to which the personal data have been provided under the conditions set out in article 20 of the GDPR.
The data subject, in order to exercise the rights provided for in the Information, such as the right to objection, the right to erasure, the right to withdraw consent, shall contact the Controller to the following email address: email@example.com or, alternatively, via registered letter to the following address: Viseu, Rua do Hospital L6 5AD, 3500-161, Portugal.
The information to data subject is accessible at the address of the Controller. If expressly requested so by the data subject, the information may also be given orally, provided that the identity of the data subject is proven.
The data subject declares and confirms to have read the present Information.