POLÍTICA DE PRIVACIDADE

Versão 4.0

1.1. Our Commitment

At TIS we understand that the use of personal data requires trusting us. We comply with the highest privacy standards and will only use personal data for clearly identified purposes and fully aligned with data protection rights. The confidentiality and integrity of personal data are part of our main concerns.

 

This Privacy Policy establishes the way in which TIS uses the personal data collected in opinion and social studies, as well as the personal data of our clients, and it is composed of the following sections.

 

1.2. Who is responsible for data processing?

In the scope of its activities and attributions, TIS is responsible for the collection and processing of personal data, which are processed and stored in both automated and non-automated ways.

 

TIS has a Data Protection Officer, who can be contacted by e-mail at dpo@tis.pt. The Data Protection Officer is responsible, specifically, for monitoring the compliance of the activities involving the processing of personal data according to the applicable legal and regulatory standards, and is the contact point between TIS and the National Control Authority, as well as between TIS and its customers and users in matters relating to the processing of personal data.

 

1.3. Which personal data is collected ?

1.3.1. What is personal data?

Personal data is any information of any nature, collected on any type of medium, relating to a natural person, identified or identifiable. The set of information that may lead to the identification of a particular person, namely by reference to an identifier (such as an identification number or a location data), is considered identifiable.

 

1.3.2. Whom do we collect personal data from?

In the light of TIS's duties, most of the data processed regards individual persons, in particular those that enable framing mobility standards and people’s preferences for different transport modes, that are collected in inquiries or face-to-face interviews, by telephone or online, supported by productivity tools whenever justified.

 

However, for the performance of our duties, data regarding individual persons of the following types (non-exhaustive list) may be collected and processed:

  • TIS employees;
  • Current and potential customers of TIS;
  • Professional partners and their collaborators;
  • Service providers and their collaborators;
  • Candidates to work and / or enrol in professional internships in TIS;
  • Participants in events promoted by TIS (eg, seminars and training actions).

 

1.3.3. What personal data do we handle and how do we collect it?

TIS only collects data that is appropriate, relevant and limited to what is necessary for the purposes for which it is processed.

 

Data collection can be done orally, in writing (including filling in forms and questionnaires), as well as in online surveys. As a general rule, we collect the data directly, although it can can also be collected from public sources (such as official websites and public listings).

 

For different purposes, we may collect the following types of personal data:

  • identification data (such as name, age, gender and address);
  • contact information (such as mobile phone, address or e-mail);
  • qualification and professional situation data (such as degree, professional situation and CV);
  • location data (such as IP address);
  • mobility data on a reference day (start and end point (s)), start and end times, modes of transport used, reason (s) for travelling, choice reasons, parking modes, transport tickets, etc.)
  • event or videoconferencing recording and collection of images, when consented.

 

As a rule, TIS does not collect any special data, such as health data or criminal misdemeanour data.

 

1.3.4. Why and on what grounds do we use personal data?

All data collected and processed by TIS are based on one of the following conditions of legitimacy:

  • Consent: The collection is preceded by express, specific and informed consent, through written or web support. We collect consent, for example, for purposes related to conducting interviews or inquiries, for the subscription of newsletters or for registration in actions promoted by TIS.
  • Execution of contract or pre-contractual procedures: when the treatment is necessary for the execution of a contract in which it is part of or for pre-contractual procedures. This condition will be fulfilled when we treat the data for the purposes of response to calls for tenders, when formalizing financing or cooperation contracts, or in the formalization of supply or service contracts.
  • The fulfillment of legal obligations: when the treatment is necessary to fulfill a legal obligation. This includes, for example, the communication of data to other public (national and EU), fiscal or judicial bodies.
  • Legitimate Interest: when the treatment proves necessary to pursue the legitimate interests of the responsible entity or third parties, without prejudice to the rights and freedoms of its customers and / or users. This includes all treatments that result from attributions conferred by law, namely the internal and external disclosure of Portuguese entities, at national and international level.

 

1.3.5. What are the purposes for which we collect the data?

Personal data collected by TIS is only processed for specific, explicit and legitimate purposes. Whenever personal data is collected, it is intended exclusively for the purposes expressly identified at the time of collection. Here we outline the main purposes that justify the collection of personal data by TIS:

  • Collection of information on personal characteristics and information on mobility patterns, considering in each case only the information necessary to fulfill the objectives of the project;
  • Supply and / or services contracts;
  • Dissemination of newsletters / other publications;
  • Training / dissemination actions carried out by TIS.

 

1.4. How do we ensure the security of personal data?

We are working to introduce a variety of security measures, including encryption and authentication tools, to help protect and maintain the security, integrity and availability of personal data.

 

Although data transmission through the internet or website can’t guarantee complete security against intrusions, TIS and its service providers and commercial partners are making the best efforts to implement and maintain physical, electronic and procedural security measures, designed to protect your personal data in accordance with the applicable data protection requirements. Among others, the following are being implemented:

  • Restricted access to personal data based on the "need to know" criterion and only within the scope of reported purposes;
  • Encrypted transfer of the data collected;
  • Encrypted storage of confidential data (such as telephone number information and email address);
  • Protection of information technology systems through firewalls, in order to prevent unauthorized access to your personal data;
  • Continuous monitoring of access to information technology systems to prevent, detect and avoid the misuse of personal data.

 

Personal data, both ours and from our suppliers / service providers, is stored in protected servers, being accessed and used exclusively under our policies and standards (or equivalent policies and standards of our suppliers / service providers).

 

In addition, third parties which process personal data in the name and on behalf of TIS within the provision of services are obliged to carry out appropriate technical and safety measures which at all times meet the requirements of the applicable legislation and ensure the protection of the rights of the data subject.

 

1.5. How long do we store personal data?

TIS treats and stores personal data only for as long as necessary to continue or complete the purposes of the processing for which they are intended, in compliance with the maximum deadlines necessary to comply with contractual obligations, legal or regulatory requirements.

 

As a general rule, where there is a contract legitimizing the processing of data, TIS will maintain such data for as long as such a contractual relationship is maintained.

 

Other circumstances exist, such as compliance with legal or regulatory obligations (for example, for the purposes of complying with tax obligations, personal data relating to invoicing must be kept for at least 10 years from the date of the act) and pending a judicial proceeding, which may justify keeping their data for a longer period of time. At the end of the storage period, TIS will delete the data.

 

Personal data collected at an interview, Focus Group, workshops or surveys will be irrevocably anonymised (anonymised data may be retained) or destroyed securely one month after completion of the project in which they were collected. A project is completed when it is approved by the client.

 

For the purposes of customer service and marketing, personal data will be retained until explicit information withdrawing its consent.

 

1.6. What are the rights of data subjects?

Under the terms of the legislation in force, as soon as we collect and process personal data, there is a set of rights that can be claimed at any time with TIS.

  • Right of access: right to obtain information on the processing of data and its characteristics (in particular the type of data, the purpose of the processing, who can be informed of such data, storage lenght and what data has to be compulsory or optionally provided).
  • Right of rectification: right that allows you to request the rectification of the data, requiring it to be accurate and up to date, such as when you consider that it is incomplete or outdated.
  • Right to delete data or "Right to be forgotten": right to request the deletion of data, when it is considered that there are no valid grounds for data retention and provided there is no other valid basis for such treatment (such as the fulfillment of a contract or a legal or regulatory obligation).
  • Right to limitation: right that allows the suspension of treatment or limitation of treatment to certain categories of data or purposes.
  • Right of opposition: right that allows you to oppose certain purposes provided that there are no legitimate interests that prevail over individual interests. One of the examples of this right concerns opposition to direct marketing purposes.

 

All rights described above may be prosecuted, subject to the limitations set forth in the applicable legislation, upon written request, to be sent by e-mail to dpo@tis.pt.

 

Likewise, questions related to the treatment of your data may be sent directly to the Data Protection Officer, via the same email. A complaint may also be sent to the National Control Authority.

 

1.7. Data transmission

1.7.1. With whom do we share your personal data?

Depending on TIS's duties, and depending on the purpose, data may be shared with third parties, which include national and international public bodies and private entities for the purpose of complying with legal obligations or regulatory, contractual or public interest functions.

 

They may also be accessed by TIS service providers deemed necessary for the purposes described above, in particular for information collection services. TIS ensures that it only makes use of service providers who have demonstrated tehe technical and organizational measures to protect personal data and who explicitly agree to comply with TIS standards.

 

1.7.2.  Transfers of personal data outside the EEA

TIS may, exceptionally, transfer your personal data to third countries (outside the EEA - European Economic Area).

 

In such cases, TIS will ensure that data transfers are carried out in strict compliance with legal rules applicable.

 

1.8. Cookies’ Policy

1.8.1. What are cookies?

Cookies are small text files with relevant information that is downloaded by your access device (computer, mobile phone / smartphone or tablet) through the browser when a site is visited by the user. They are used to store information about user’s visits.

 

The cookies used on the tis.pt site do not collect personal information that allows identifying the user. They are used to collect statistical information in order to analyse the perfirmance of the site and users’ browsing experience. The cookies used on the tis.pt site are:

  • Analytics – they collect information about users’ browsing experience on the web page, anonymously.
  • Third-party – they allow the site to remember browsing preferences, language, region, and collect user information to direct advertising to your interests.

 

Third-party cookies consider your own privacy policies, which can be found at the following links:

 

1.8.2. Disable cookies

All browsers allow the user to accept, reject or delete cookies by selecting the appropriate settings. Therefore, users may disable the use of cookies at tis.pt at any time by modifying browser settings.

 

However, it is important to stress that disabling cookies may prevent some web services from functioning properly, affecting navigation, in whole or partially.

 

Google Chrome:

http://support.google.com/chrome/bin/answer.py?hl=pt&answer=95647

 

Internet Explorer:

http://windows.microsoft.com/pt-pt/windows7/how-to-manage-cookies-in-internet-explorer-9

 

Mozilla Firefox:

https://support.mozilla.org/pt-PT/kb/Activar%20e%20Desactivar%20cookies

 

Apple Safari:

http://support.apple.com/kb/ph5042

 

1.9. Legislation

The processing of personal data of users and clients carried out by TIS and sending commercial communications by electronic means is in conformity with the national and EU legislation in force, namely with the General Regulation of Data Protection.

 

 

1.10. Possible adaptations to the Privacy Policy

Regarding that, in addition to European legislation, the adoption of national legislation regulating various matters is still pending, namely:

  • data portability and deletion rights;
  • definition of special categories of personal data, such as biometric and health data;
  • self-assessment obligation of data controllers and subcontractors;
  • certification mechanisms to prove compliance of processing operations performed by managers and sub-contractors;
  • obligation to notify the CNPD in case of violation of personal data;
  • the obligation of presence of a Data Protection Officer in public and private entities;
  • the incrementation of the values of the penalties,

this Privacy Policy may be reviewed as the applicable rules become clearer at any time without notice and possibly with immediate effect.

 

The changes will be announced on our website www.tis.pt and, if necessary, you will be asked to renew your knowledge and consent.

 

Version: 4.0

 

Last Update: August 31, 2018

 

TIS é Movimento Inteligente

Mais de 25 anos a criar soluções sustentáveis, integradas e all-in-one na área de mobilidade e transportes

© Copyright 2016 | All Rights Reserved | By Portugal Web Design

TIS's Privacy Policy