Ver versão em Português

Version 5 – effective as of May 22, 2018

  Chrome 2 – Sistemas de Informação, Unipessoal Lda, (referred as “Chrome”, “us” or “website”), a corporate entity with NIPC 508858976 and headquartered at Rua Francisco Salgado Zenha, 29 – 6B, 2725-548 Mem Martins, assumes the permanent commitment to protect the privacy of personal data provided by our clients in the scope of the services provided by us, namely:

• Identifying and limiting the processing of any personal data collected to what is strictly necessary to successfully complete the action presented and requested;
• Whenever the collection of personal data is mandatory, the use of this information is described in accordance with the present document and with respect to the applicable legislation on the privacy and protection of personal data;
• Do not use your data for purposes other than those that have been identified and previously communicated;
• Treat your data in accordance with applicable law, taking care of any security and protection measures that appear necessary and applicable.

Privacy Policy of Personal Data

Chrome is committed to ensuring and protecting the privacy of the individuals with whom it interacts, and as such collects only personal information from those who volunteer it. In accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (RGPD), we assure  all control over the personal data made available to the client. We thus transcribe the general rules for the processing of personal data, ensuring that they are collected and processed in accordance with the provisions of said legislation, so that all users of the website will keep them in mind.

Personal data

Personal data is any information of any nature and regardless of its support, including sound and image, relating to an identified or identifiable natural person (data subject). Any identifiable person, directly or indirectly, is identifiable, namely by reference to a name, identification number, location data, identifiers by electronic means or to one or more specific elements of his / her physical, physiological, genetic identity , mental, economic, cultural or social.

Responsible for the Collection and Processing of Personal Data

With respect to the personal data necessary to fulfill the contractual relationship in the provision of the services subscribed, the entity Responsible for the Treatment of Data collected under the use of the services is the aforementioned Chrome. Chrome 2 – Sistemas de Informação, Unipessoal Lda Rua Francisco Salgado Zenha, 29 – 6B 2725-548 Mem Martins +351 219170955  info@chrome.pt

Personal Data Treated

We understand the processing of personal data in the terms expressly resulting from the Regulation “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;”.

Purpose of Treatment

The processing of personal data will depend on the personal information in question and the specific context in which it was collected. The processing of personal data may occur in order to:

• Respond to your questions or provide you with information, in particular in the cases where you fill out and send us our forms or use an email address that is available to us;
• Develop and maintain this site with the quality and safety intended;
• Provide technical assistance;
• Contribute to the prevention and detection of fraud;
• In the management of the contractual relationship, including contacts, via web platform, email and / or telephone for notifications, clarification of questions or conducting surveys of satisfaction and evaluation of services provided;
• If you have obtained your consent, as the holder of the data, to treat them based on specific, explicit and legitimate purposes;
• When it is necessary for the fulfillment of legal obligations that apply to it.

Processors and Controllers

There are two entities that have responsibility for data handling: the controller and the processor. It is important to determine if the Customer is acting as a controller or processor and understands their responsibilities accordingly. A controller determines the purposes, conditions and means of the use of personal data. Under Article 5 of the RGPD, the controller is responsible for proving compliance with the principles regarding the processing of personal data as it is linked. A processor acts only on the controller’s instructions and processes personal data in its name. According to Article 28 of the RGPD, processing may be carried out on behalf of a controller, but the controller is responsible for subcontracting only those processors which provide sufficient guarantees of compliance with the RGPD. This leads to the fact that any EU company or even outside the EU, as controller or processor, must implement the necessary controls to ensure compliance with the RGPD, provided that the data to be processed is about EU citizens . This responsibility is shared and therefore the fines can be applied to both controllers and processors. Chrome is a controller with respect to the data of its clients, which makes us responsible for the need to alert our customers and to have their authorization for the use of their data, for the provision of the services subscribed and their support, and processor as an agent for hosting your data, registering domains or selling SSL certificates. If for example our reseller, then you will also be a controller in front of your customers.

Subcontractors, Communication and Transfer of Personal Data

In the exercise of its activity and within the scope of the Services it provides, Chrome may subcontract third parties for the pursuit of the aforementioned purposes and for the development and management of its computer systems, which may imply access by such entities to personal data of your Customers. When this happens, Chrome takes appropriate action so that the entities that will have access to the data offer the highest technical, organizational and human guarantees at that level. Therefore, third parties subcontracted by Chrome will be obliged, under the terms legally provided for, as well as by agreement signed with the first, to implement technical and organizational measures adequate for the protection of personal data against accidental, unlawful destruction, alteration, disclosure, unauthorized access and any other form of illicit treatment, as well as being bound by special duties of professional secrecy and confidentiality. Except for the above cases, Chrome will only transmit the personal data of its Clients to Third Parties if it is obliged by virtue of legal provision and only to the strict extent of its obligations, or in cases where the law expressly permits it, if you expressly and specifically authorize such transmission and are duly informed in writing of the recipients of the personal data and the purposes of the data transmitted. The provision of certain services by Chrome may imply the transfer of your personal data outside of Portugal. In this case, the company declares that it will strictly comply with the determination of the suitability of the country of destination of the information regarding the protection of personal data and the requirements applicable to such transfers, under the terms legally established.

Conditions for Collection of Personal Data

Chrome only collects and processes the personal data of Customers with their express consent, according to each of the specific purposes of the treatment in question, under the terms established in the Law. The consent provided by the Customers may be withdrawn at any time, free of charge. There are personal data that are indispensable for the provision of the Services by Chrome, (required data), and the Customers must previously be informed of this necessity (especially when creating a Client form) and the consequences of not making such data available. If personal data, deemed to be indispensable, are not provided by Customers or prove to be insufficient, inaccurate or outdated, Chrome will not be able to provide the Service (s) underwritten, insufficiency or inaccuracy of the transmitted data.

What data is collected

In addition to the duly specified cases, which arise, from the provision of contracted services and navigation on this site with the contours set forth below in the Cookies Policy, through your use of this site, and always upon previous voluntary action of the owner of the data, the following personal data may be processed:

• name;
• NIF/VAT;
• email address;
• telephone;
• mobile phone;
• address.

Retention time

Chrome keeps your personal data only for the time needed to process the data for the purpose for which it was collected, which may, in certain situations and depending on the legal basis of the data collection, be deleted or anonymised if the customer exercise its right to opposition, the right to forgetfulness or withdraw its consent to the treatment of that specific purpose. Whenever there is an obligation to keep the data for a certain period of time, such as data preservation required by the Tax Authority for tax and accounting compliance, Chrome will take the necessary measures to minimize the information strictly necessary to comply with this requirement. In all other cases, the storage period should not exceed six months.

Rights of Data Holders

The RGPD guarantees a set of rights to the holders of personal data, namely:

• Right of Access: Right to access the data you provided in the scope of the customer registration or in the use of the services subscribed and the purpose of this treatment.
• Right of Rectification: Right to make and / or to request the correction of your personal data that is incorrect or to complete the customer data that are incomplete, such as the Name, Address, E-mail Address, NIF and Telephone Contacts.
• Right to Forgetfulness: The right to request the deletion of your personal data when it is no longer necessary for the purpose for which it was initially collected, and when there are no situations in which its conservation is fundamental, such as the exercise of a contractual relationship or conservation to fulfill a legal obligation.
• Right to Portability: Right to obtain a digital copy of the data you have provided us in a structured and automatic reading format that allows you to easily transfer, copy or transmit personal data from one service to another entity.
• Right to Opposition: Right to object to treatment or to withdraw consent to treatment for a particular purpose when the basis of the processing of personal data has been your consent, such as the cancellation of a newsletter subscription.
• Right to Limitation: Right to request the suspension of data processing or limitation of the processing of your personal data to a specific purpose.

As a customer, you have the independence to easily and immediately exercise most of your rights through the Customer Area. You may also exercise your rights through the contacts in the section “Responsible for Collection and Processing of Personal Data” of this Privacy Policy.

Links to other sites

On the website you can find links to other websites that are unrelated to our company. The availability of such links is made in good faith, and Chrome can not be held responsible for the collection and processing of personal data made on those websites, nor be held liable for the accuracy, credibility and functionality of third party websites, as well as assume any responsibility for the same, and as a consequence, this Privacy Policy is not applicable to them.

Analytics

We may use third-party Service Providers to monitor and analyze the use of our Service.

Google Analytics

Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity. For more information on the privacy practices of Google, please visit the Google Privacy Terms web page

Payments

We use third-party payment processing services. We will not store or collect your payment card details, this information is provided directly to payment processors whose use of your personal information is governed by your Privacy Policy. The transmission of the information is carried out safely, in particular through the use of encryption protocols.  These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information. The payment processors we work with are:

Paypal

PayPal is a global leader in online payment solutions with more than 203 million accounts worldwide. Available in 202 countries and 25 currencies around the world. We accept direct payments from PayPal accounts, as well as Credit card payments using PayPal services. Their Privacy Policy.

Stripe

Stripe is the new standard for online payments. It is based in San Francisco, and we use its services for payments by credit card. Their Privacy Policy.

Ifthenpay

Ifthenpay is an ATM processing service. The transmission of data to this processor is limited to the number of the document to be settled and its value, and no other data that can be considered as private is provided.