This Privacy Policy regulates the processing of users’ personal data collected in the context of their interactions with the Portuguese Green Card Bureau (“Bureau”), the entity responsible for data processing and a non-profit association, with company taxpayer number 501 799 940 and head office at Rua Rodrigo da Fonseca, 41, in Lisbon, starting with the use of the website https://gpcv.pt/ (hereinafter “GPCV Website”). Making your personal data available implies that you know and accept the conditions laid out in this Privacy Policy. This Privacy Policy is complemented by the Terms and Conditions, available here, and the Cookies Policy, available here.
The user can find detailed information on the Bureau’s Privacy Policy in the following sections:
- Collection and processing of personal data
- Retention of personal data
- Data subjects’ rights
- Communication of data to other entities
- Security
- Cookies
- Links to third-party websites
- Complaints
- Questions and suggestions
- Changes to the Privacy Policy
1. Collection and processing of personal data
Access to and use of the GPCV Website does not imply that the user’s personal data is made available and processed through the GPCV Website.
However, the use of certain features of the GPCV Website may imply the provision and processing of the User’s personal data, outside the scope of the GPCV Website. In particular, the use of the contact request feature will involve the collection of data from [·], and other data that you make available to us. Your personal data is processed to manage the contact established and to provide clarifications and information requested by the user and is processed with your consent.
When you provide us with personal data from third parties, you must ensure, where possible, that the third parties are informed of how we may process their personal data.
2. Retention of personal data
The personal data collected is processed in strict compliance with the applicable legislation. Personal data will be kept in accordance with the purpose for which it was collected and in compliance with the applicable legal time limits. Therefore, and whenever there is no specific legal requirement, the data will be stored and retained only for the appropriate period and to the extent necessary for the purposes for which it was collected, unless the right to object, the right to delete or the right to withdraw consent is exercised within the legal limits.
Please note that in the event of potential conflict or a conflict in which the Bureau is directly involved, it may be necessary to extend the retention of the aforementioned personal data until the conflict has been settled.
3. Data subjects’ rights
Under the terms of the applicable legislation, which includes the General Data Protection Regulation and the respective national implementing Law, the user may request, at any time, access to personal data concerning them, as well as their rectification, deletion, restriction of processing, portability of their data, or object to their processing.
The user may also obtain confirmation that personal data concerning them is being processed and will be provided with a copy of the data being processed if they so request.
Under the terms of the law, the user is also ensured the right to withdraw their consent to the processing of data for the purposes indicated through the aforementioned means, although this does not invalidate the processing carried out up to that date on the basis of the previously granted consent.
To exercise any of the above rights, the user must submit a written request to the following contacts:
Telephone: (+351) 213 848 101
E-mail: gpcv@apseguradores.pt
Address: Rua Rodrigo da Fonseca, 41, 1250-190 Lisboa
Users also have the right to lodge a complaint with the National Data Protection Commission (Comissão Nacional de Proteção de Dados) or another competent supervisory authority if they consider that the processing of their personal data by the bureau is unlawful.
4. Communication of data to other entities
The Bureau may transmit your personal data to subcontractors, namely providers of claim Handling services or correspondents of foreign insurers in Portugal, under the terms of the contracts signed with them and ensuring compliance with the subcontracting obligations under the applicable legislation, namely with regard to security in the processing of your data.
Lastly, the Bureau may also communicate the Users’ personal data to third parties when the communication of data is necessary or appropriate (i) in light of the applicable law, (ii) for complying with legal obligations/court rulings, (iii) due to deliberations or decisions of supervisory authorities or (iv) to respond to requests from public or governmental authorities.
In any of the above situations, the Bureau will take all appropriate measures to ensure the effective protection of your personal data.
5. Security
The Bureau makes its best efforts to protect the users’ personal data from unauthorised access. To this end, it uses security systems, rules and other procedures to ensure the protection of personal data, as well as to prevent unauthorised access to data, inappropriate use of data, disclosure, loss or destruction of data.
It is, however, the responsibility of users to guarantee and ensure that the devices and equipment used to access the GPCV Website are properly protected against harmful software, computer viruses and worms.
6. Cookies
The GPCV Website uses cookies. To find out more, check our Cookie Policy, here.
7. Links to third-party websites
Through the GPCV Website, links may be provided to third-party websites, which are subject to independent Privacy Policies. Please note that this Privacy Policy does not apply to such websites and that the Bureau is not responsible for the collection of information from you by such third parties through their respective websites.
8. Complaints
Without prejudice to any other administrative or judicial form of appeal, users have the right to submit a complaint to the competent supervisory authority under the terms of the law, which is the National Data Protection Commission (www.cnpd.pt) if they believe that the processing of their data by the Bureau violates the legal regime in force at any given time.
9. Questions and suggestions
Users may contact the GPCV on all matters relating to the processing of their personal data and the exercise of their rights under applicable legislation and, in particular, those referred to in this Policy, through the following contacts:
Phone: (+351) 213 848 101
E-mail: gpcv@apseguradores.pt
Address: Rua Rodrigo da Fonseca, 41 1250-190 Lisboa
10. Changes to the Privacy Policy
The Bureau reserves the right to amend these terms of processing of personal data at any time. Such changes will be duly announced on the GPCV website.
Date last updated: 30/10/2023