1. User data collection and processing
Within the scope of the website hosted at www.jmf.pt (“Site”) including the provision of information about their services and communications made available José Maria da Fonseca, S.A., with the corporate taxpayer number 500157871, with its registered office at Quinta da Bassaqueira – Estrada Nacional 10, 2925-511 Vila Nogueira de Azeitão, Setúbal, may require the User to provide personal data, that means any information that allows José Maria da Fonseca, S.A. to identified and contact the User (“Personal Data”). As a rule, Personal Data are collected when the User:
- Register on the Site;
- When the data subject requests a contact through the form available on the Site;
The collected and processed Personal Data consist of information regarding the name, e-mail address and other personal information provided by the User.
2. Data collection channels
José Maria da Fonseca S.A. may collect data directly (i.e., directly from the User) or indirectly (i.e. via partner entities or third parties). Such collection may be done through the following channels:
- Direct collection: in person, by telephone, via e-mail and through the site;
- Indirect collection: through partners or group companies and official entities.
3. General principles relating to processing of user data
In terms of the principles relating to processing of personal data, José Maria da Fonseca S.A. undertakes to ensure that the User Data processed are:
- Subject to a lawfully, fairly and in a transparent manner in relation to the User;
- Collected for specified, explicit and legitimate purposes and not further processed ina manner that is incompatible with those purposes;
- Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
- Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
- Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed;
- Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.
Data processing carried out by José Maria da Fonseca S.A. is lawful only if and to the extent that at least one of following applies:
- The User has given consent to the processing of his or her personal data for one or more specific purposes;
- The processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- The processing is necessary for compliance with a legal obligation to which José Maria da Fonseca S.A. is subject;
- The processing is necessary in order to protect the vital interests of the User or of another natural person;
- The processing is necessary for the purposes of the legitimate interests pursued by José Maria da Fonseca S.A. or by a third party (except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data).
José Maria da Fonseca S.A. undertakes to ensure that User Data is only processed under the conditions cited above and respecting the principles mentioned above.
When processing of the User Data is performed by José Maria da Fonseca S.A. based on the User’s consent, the User has the right to withdraw his/her consent at any time. Such withdrawal of the consent, does not compromise the lawfulness of processing carried out by José Maria da Fonseca S.A., based on the consent previously given by the User.
The period of time, which the data is filed and stored, varies according to the purpose for which the information is being processed.
Effectively, there are legal requirements that require the data to be preserved for a minimum period of time. Thus, and where there is no specific legal obligation, the data will be stored and kept only for the minimum period necessary for the purposes that lead to their collection or subsequent processing, which at the end of the period will be deleted.
4. Use and purposes of user data processing
In general terms, José Maria da Fonseca S.A., uses the User Data for the following purposes:
- Marketing the products and providing José Maria da Fonseca S.A., services;
- Inform the User of new products and services, through any means of communication,being a legitimate interest of José Maria da Fonseca S.A. to do so, without prejudice to the right of the data subject to object this processing at any time;
- Allow access to restricted areas of the Site, in accordance with previously established terms;
- Ensuring that the site meets the User’s needs by developing and publishing contente that is best adapted to the requests made and the type of User, improving the search capabilities and functionalities of the site and obtaining associated or statistical information regarding to the user’s profile (analysis of consumption profiles);
- Provision of Services, and other services, such as newsletters, opinion surveys, or other information or products requested or consented to by the User;
In addition, José Maria da Fonseca S.A., may also contact representatives of business customers for the presentation of José Maria da Fonseca S.A., products and services, and José Maria da Fonseca S.A., will have a legitimate interest in doing so, without prejudice to the right of the data subject to object to this processing at any time.
The User Data collected by José Maria da Fonseca S.A., is not shared with third parties without the User’s consent, except in the situations mentioned in the following paragraph. However, in the event of the User contracting services with José Maria da Fonseca S.A that are provided by other entities responsible for the processing of personal data, User Data may be consulted or accessed by such entities, to the extent that it is necessary for the provision of such services.
José Maria da Fonseca S.A., in the applicable legal terms, may transmit or communicate the User Data to other entities in the event of such transmission or communication are necessary for the implementation of the contract established between the User and José Maria da Fonseca S.A or in order to take steps to entering into a contract procedures at the request of the User, if necessary for the fulfilment of a legal obligation to which José Maria da Fonseca S.A., is subject or, if it is necessary, to obtain them in the legitimate interests of José Maria da Fonseca S.A. or of a third party.
5. Technical, organizational and security measures implemented
In order to guarantee the security of the User Data and the maximum confidentiality, José Maria da Fonseca S.A processes the information provided in an absolutely confidential manner, in accordance with our internal security and confidentiality policies and procedures, which are updated periodically as required, as well as the terms and conditions legally set out.
Bases in the nature, scope, context and purpose of data processing, as well as the risks arising from the processing of the rights and freedoms of the User, José Maria da Fonseca S.A undertakes to apply, when defining the method and timing of handling the data, the appropriate technical and organizational measures necessary for the protection of User Data and compliance with legal requirements.
It also undertakes to ensure that, by default, only data that are necessary for each specific purpose are processed and that such data are not made available without human intervention to an indeterminate number of people.
José Maria da Fonseca S.A adopts the following general security measures:
- Regular audits to identify the effectiveness of the technical and organizational measures implemented;
- Awareness and training of personnel involved in data processing operations;
- The pseudonymisation and encryption of personal data;
- Mechanisms capable of ensuring the to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
- Mechanisms capable to ensure the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
6. Transfers of personal data to third countries (outside the European union)
Personal data collected and used by José Maria da Fonseca S.A are not made available to third parties established outside the European Union. If, in the future, such a transfer takes place for the reasons mentioned above, José Maria da Fonseca S.A undertakes to ensure that the transfer complies with the applicable legal provisions, regarding the country’s adequacy decision with respect to data protection and the requirements applicable to such transfers.
Cookies are small files that are sent to your computer or mobile phone whenever you visit a website. Cookies are sent back to the website in each sequential visit or to another website that recognizes the cookie. Cookies are useful because they enable a website to recognize the user’s device, allowing an efficient browsing through the webpages, saving its preferences and improving the user experience.
Some cookies sent by the server will only live throughout the session and they expire when you close the browser.
Other cookies are used to remember when a user returns to the website and have a larger lifespan.
Most browsers automatically accept cookies. You can change the settings on your browser to refuse or to be notified whenever a cookie is created.
To obtain more information about cookies, including how to check which cookies were created on your device or how to manage and eliminate them on different browsers:
- Internet Explorer
- Mozilla Firefox
You may also change on your browser the settings regarding activation, deactivation and elimination of cookies. To do that, follow the instructions on your browser (usually located in the options “Help”, “Tools” or “Edit”). Deactivating a cookie or a set of cookies does not eliminate it from your browser, which you will have to do manually.
If you block or eliminate cookies that José Maria da Fonseca S.A. uses, it is possible that you will not be able to enjoy all the functionalities of the website.
We use the following cookies:
|Google Analytics||Analytic data and page views||All year|
|Hotjar||Understand our users’ experience by collecting data on our users’ behavior and their devices||All year|
José Maria da Fonseca S.A will respond in writing (including by electronic means) to the User’s request within a maximum period of one month from the receipt of the request, except in particularly complex cases, for which this period may be extended up to two months.
Where requests are manifestly unfounded or excessive, in particular because of their repetitive character, José Maria da Fonseca S.A may charge a reasonable fee based on administrative costs, or refuse to act on the request.
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Disable Google Analytics.
Alternatively you can prevent Google's cookie generated collection of data, referring to your use of the website (incl. your IP address), plus the processing of the data, by downloading and installing the browser-plugin, which you can find here.
7.1. Google Analytics
This website uses Google Analytics, a web analytics service provided by Google, Inc. (Google). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site. Google will use this information to evaluate your use of the website, compiling reports on website activity for website operators and providing other services related to website activity and internet usage. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States.
8. Data breach
When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, José Maria da Fonseca S.A shall communicate the personal data breach to the User, not later than 72 hours after having become aware of it.
In legal terms, the communication to the User shall not be required if any of the following conditions are met:
- José Maria da Fonseca S.A has implemented appropriate technical and organizational protection measures, and those measures were applied to the personal data affected by the personal data breach, in particular those that render the personal data unintelligible to any person who is not authorized to access it, such as encryption;
- José Maria da Fonseca S.A has taken subsequent measures which ensure that the high risk to the rights and freedoms of data subjects referred to in paragraph 1 is no longer likely to materialize; or
- It would involve disproportionate effort. In such a case, there shall instead be a public communication or similar measure whereby the User are informed in an equally effective manner.
10. Applicable law and legal jurisdiction