English EN French FR Portuguese PT Spanish ES
+351 919 879 150 info@hiddenportugal.pt

Login

Sign Up

After creating an account, you'll be able to track your payment status, track the confirmation and you can also rate the tour after you finished the tour.
Username*
Password*
Confirm Password*
First Name*
Last Name*
Email*
Phone*
Country*
* Creating an account means you're okay with our Terms of Service and Privacy Statement.

Already a member?

Login
English EN French FR Portuguese PT Spanish ES
+351 919 879 150 info@hiddenportugal.pt

Login

Sign Up

After creating an account, you'll be able to track your payment status, track the confirmation and you can also rate the tour after you finished the tour.
Username*
Password*
Confirm Password*
First Name*
Last Name*
Email*
Phone*
Country*
* Creating an account means you're okay with our Terms of Service and Privacy Statement.

Already a member?

Login

Privacy Policy

PRIVACY POLICY AND TERMS OF USE

Welcome to our Terms of Use and Privacy Policy page.
Usually this is a long text, filled with grey legal clauses and technical jargon that nearly no one understands. Yet, here you are, curious about how we deal with such matters, and it’s our goal to make this as painstaking and informative as possible. After all, we want you to use our website and reassure you of all that’s happening, in a clear and straight-forward way.

So, bare a few minutes with us, we promise to keep it as short as possible and as informative as we can.

Let’s begin…

 

WHO WE ARE

We are a Destination Management Company – a tour operator and a travel agency – a team of enthusiasts, dedicating our efforts to make your stay on the Iberian Peninsula as pleasant as possible. Offering individual and group trips around Portugal and Spain, events in Lisbon, Porto, Barcelona and Madrid, accommodation, transfers and much more. Our main office is located in Lisbon, just contact us.

Our website address is: https://www.hiddenportugal.pt/.

 

Our Contacts are:

Espaço Amoreiras – Centro Empresarial
Rua D. João V, nº 24, piso -1, 1.03,
1250-091 Lisboa – Portugal

Phone : +351 919 879 150

info@hiddenportugal.pt

 

 

THE SCOPE OF THIS WEBSITE

The purpose of this website is to provide information about ourselves, our products, services and areas of interest to existing and future stakeholders of our company. The content of this site is provided for the purpose of providing information of a general nature and does not constitute the provision of services.
We exclude alll liability for any damages that may occur related to the information contained on this site. This site is for informational purposes only and does not contain advertising content.

Our company authorizes the temporary downloading and storage of the content of this site for the purpose of viewing it on a computer or mobile device with an internet connection. The reproduction, permanent storage or retransmission of the content of this site, including any of its texts or images, is expressly prohibited without prior written consent. All rights relating to this site are the exclusive property of our company.

 

 

WHAT IS PERSONAL DATA

The Eurpoean Union formally defines Personal data as any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data.

Personal data that has been de-identified, encrypted or pseudonymised but can be used to re-identify a person remains personal data and falls within the scope of the law.

Personal data that has been rendered anonymous in such a way that the individual is not or no longer identifiable is no longer considered personal data. For data to be truly anonymised, the anonymisation must be irreversible.

The European law protects personal data regardless of the technology used for processing that data – it’s technology neutral and applies to both automated and manual processing, provided the data is organised in accordance with pre-defined criteria (for example alphabetical order). It also doesn’t matter how the data is stored – in an IT system, through video surveillance, or on paper; in all cases, personal data is subject to the protection requirements set out in the GDPR.

Examples of personal data
  • a name and surname;
  • a home address;
  • an email address such as name.surname@company.com;
  • an identification card number;
  • location data (for example the location data function on a mobile phone);
  • an Internet Protocol (IP) address;
  • a cookie ID;
  • the advertising identifier of your phone;
  • data held by a hospital or doctor, which could be a symbol that uniquely identifies a person.
Examples of data not considered personal data
  • a company registration number;
  • an email address such as info@company.com;
  • anonymised data.

 

WHAT PERSONAL DATA WE COLLECT AND WHY WE COLLECT IT

Our website allows you to manually insert personal data – in contact, comment or login forms – and, like most modern websites, also automatically collects some data related to the device you are using to access or it’s location. This data is primarily technical data and is collected automatically as soon as you enter our website.

 

 

COOKIES: HOW AUTOMATED DATA IS COLLECTED

A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. We use cookies across our site to help identify and track visitors, their usage of our services, and their website access preferences. We describe the specific cookies used in the sections below. Visitors who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using our websites, with the drawback that certain features may not function properly without the aid of cookies.

Cookie control

Web browsers allow you to exercise some control of cookies through your browser settings. Most browsers allow you to block cookies or block cookies from specific websites. Browsers can also help you clear cookies when you close the browser. However, you should note that this may mean that any opt-outs or preferences defined on the site will be lost. To learn more about cookies, including how to see what cookies were created and how to manage and delete them, visit www.allaboutcookies.org which includes information on how to manage your settings for various browsers.

 

Depending on your usage profile, we may collect some or all of the below personal data:

 

 

CUSTOMER PORTAL

Our website provides a private customer  portal, where authenticated users can acess private infromation about products. The access to this area is controlled by a username/password combination that is securely stored in our servers and is issued by a specific process under a contract or service agreement with our company.

 

COMMENTS

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

 

COMMENT AND LOGIN COOKIES

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

 

SESSION, LANGUAGE AND GDPR OPT-IN COOKIES

When you access this website, a “session cookie” is set in your computer. The session cookie is used to optimize te site usage for you, providing, for example “go back” navigation features. The session cookie is automatically deleted once you close your browser.

When you access this site, a “language cookie” is set, so that it can relate content in different languages and assist you in using multi-language content. The language cookie ha a duration of one day.

Whe you acces this website, you are prompted to accept or customize the cookies via our data privacy banner. This creates a cookie called CookieConsent that is placed in your computer, so that this website knows and respects your preferences, and has a duration of 60 days.

 

SERVER LOG FILES

The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are:

• Browser type and browser version
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request
• IP address

These data will not be combined with data from other sources.

The basis for data processing is Art. 6 GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

 

CONTACT FORMS

When you fill a contact form your personal data is collected and sent securely via our email server to the destination email in our company. The collected personal data is kept to a minimum necessary to establish contact. The form content, including the opt-in, is also stored in the website database as per GDPR regulation.

 

MEDIA

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

 

FIREWALL

When you access our website our firewall analyses your IP address and browser information. The firewall also monitors your navigation pattern inside our site. This happens for security reasons, to prevent unauthorized access to our systems and botnet threats. the good news is that, if you are reading this text, that means the firewall has considered you as legitimte visitor to our website.

 

EMBEDDED CONTENT FROM OTHER WEBSITES

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

 

ANALYTICS

When visiting our website, statistical analyses may be made of your surfing behavior. This happens primarily using cookies and analytics. The analysis of your surfing behavior is usually anonymous, i.e. we will not be able to identify you from this data. You can object to this analysis or prevent it by not using certain tools. Details can be found in our privacy policy under the heading “Third-party modules and analytics.”

You can object to this analysis. We will inform you below about how to exercise your options in this regard.

 

NEWSLETTER

If you would like to receive our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.

We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 GDPR. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the “unsubscribe” link in the newsletter. The data processed before we receive your request may still be legally processed.

The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for the members area) remain unaffected.

 

 

WHO WE SHARE YOUR DATA WITH

We use third-party services (data processors) in our website. The extent to which your data is shared with these providers depends on your use of our services, and we list the specific third-parties in use (with links to their privacy policies) in the sections below.

Each third-party provider has been vetted by our security team to ensure that privacy policies and practices meet or exceed the same levels of compliance and standards that we follow. Where appropriate and available, we hold additional signed Data Privacy Agreements with these companies as an additional layer of accountability in order to help ensure your data is safe and secure.

We disclose potentially personally-identifying and personally-identifying information only to our employees, contractors and affiliated organizations that (i) need to know that information in order to process it on our behalf or to provide services, and (ii) that have agreed, in writing, not to disclose it to others. Some of those employees, contractors and affiliated organizations may be located outside of your home country; by using our website and services, you consent to the transfer of such information to them. We will not rent or sell potentially personally-identifying and personally-identifying information to anyone.

We may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.

If we ever were to engage in any onward transfers of your data with third parties for a purpose other than which it was originally collected or subsequently authorized, we would provide you with an opt-out choice to limit the use and disclosure of your personal data.

 

AUTOMATED DATA PROCESSORS

Most modern websites use external services to provide specific functionallity. They are called Automated Data Processors. These services range from visitors analysis, video hosting – like Youtube, or social media access, like Facebook. These third party services collect personal data to be able to provide functionality. Our website also uses some of these services, you can find tehm below.

 

GOOGLE ANALYTICS

This website uses Google Analytics, a web analytics service. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.

Google Analytics cookies are stored based on Art. 6 GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.

IP anonymization

We have activated the IP anonymization feature on this website. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and Internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.

Browser plugin

You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=en.

Objecting to the collection of data

You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Disable Google Analytics.

For more information about how Google Analytics handles user data, see Google’s privacy policy:
https://support.google.com/analytics/answer/6004245?hl=en.

Outsourced data processing

We have entered into an agreement with Google for the outsourcing of our data processing and fully implement the strict requirements of the European Union data protection authorities when using Google Analytics.

Demographic data collection by Google Analytics

This website uses Google Analytics’ demographic features. This allows reports to be generated containing statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This collected data cannot be attributed to any specific individual person. You can disable this feature at any time by adjusting the ads settings in your Google account or you can forbid the collection of your data by Google Analytics as described in the section “Refusal of data collection”.

 

WORDPRESS STATISTICS

This website uses the WordPress Statistics tool to perform statistical analyses of visitor traffic. This service is provided by Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110-4929, USA.

WordPress Statistics uses cookies that are stored on your computer and allow an analysis of the use of the website. The information generated by the cookies about the use of our website is stored on servers in the USA. Your IP address will be anonymized after processing and before storage.

WordPress Stats cookies remain on your device until you delete them.

The storage of “WordPress Stats” cookies is based on Art. 6 GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.

Automattic Privacy Policy can be found here: https://automattic.com/privacy/

Automattic Cookie Policy can be found here: https://automattic.com/cookies/

You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. The functionality of our services may be limited when cookies are disabled.

You can object to the collection and use of your data at any time with future effect by clicking on this link and setting an opt-out cookie in your browser: https://www.quantcast.com/opt-out/.

If you delete the cookies on your computer, you will have to set the opt-out cookie again.

 

GOOGLE ANALYTICS REMARKETING

Our websites use the features of Google Analytics Remarketing combined with the cross-device capabilities of Google AdWords and DoubleClick. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.

This feature makes it possible to link target audiences for promotional marketing created with Google Analytics Remarketing to the cross-device capabilities of Google AdWords and Google DoubleClick. This allows advertising to be displayed based on your personal interests, identified based on your previous usage and surfing behavior on one device (e.g. your mobile phone), on other devices (such as a tablet or computer).

Once you have given your consent, Google will associate your web and app browsing history with your Google Account for this purpose. That way, any device that signs in to your Google Account can use the same personalized promotional messaging.

To support this feature, Google Analytics collects Google-authenticated IDs of users that are temporarily linked to our Google Analytics data to define and create audiences for cross-device ad promotion.

You can permanently opt out of cross-device remarketing/targeting by turning off personalized advertising in your Google Account; follow this link: https://www.google.com/settings/ads/onweb/.

The aggregation of the data collected in your Google Account data is based solely on your consent, which you may give or withdraw from Google per Art. 6 GDPR. For data collection operations not merged into your Google Account (for example, because you do not have a Google Account or have objected to the merge), the collection of data is based on Art. 6 GDPR. The website operator has a legitimate interest in analyzing anonymous user behavior for promotional purposes.

For more information and the Google Privacy Policy, go to: https://www.google.com/policies/technologies/ads/

 

GOOGLE ADWORDS AND GOOGLE CONVERSION TRACKING

This website uses Google AdWords. AdWords is an online advertising program from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States (“Google”).

As part of Google AdWords, we use so-called conversion tracking. When you click on an ad served by Google, a conversion tracking cookie is set. Cookies are small text files that your internet browser stores on your computer. These cookies expire after 30 days and are not used for personal identification of the user. Should the user visit certain pages of the website and the cookie has not yet expired, Google and the website can tell that the user clicked on the ad and proceeded to that page.

Each Google AdWords advertiser has a different cookie. Thus, cookies cannot be tracked using the website of an AdWords advertiser. The information obtained using the conversion cookie is used to create conversion statistics for the AdWords advertisers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, advertisers do not obtain any information that can be used to personally identify users. If you do not want to participate in tracking, you can opt-out of this by easily disabling the Google Conversion Tracking cookie by changing your browser settings. In doing so, you will not be included in the conversion tracking statistics.

Conversion cookies are stored based on Art. 6 GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.

For more information about Google AdWords and Google Conversion Tracking, see the Google Privacy Policy: https://policies.google.com/privacy .

You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.

 

FACEBOOK PIXEL

Our website measures conversions using visitor action pixels from Facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”).

These allow the behavior of site visitors to be tracked after they click on a Facebook ad to reach the provider’s website. This allows an analysis of the effectiveness of Facebook advertisements for statistical and market research purposes and their future optimization.

The data collected is anonymous to us as operators of this website and we cannot use it to draw any conclusions about our users’ identities. However, the data are stored and processed by Facebook, which may make a connection to your Facebook profile and which may use the data for its own advertising purposes, as stipulated in the Facebook privacy policy. This will allow Facebook to display ads both on Facebook and on third-party sites. We have no control over how this data is used.

Check out Facebook’s privacy policy to learn more about protecting your privacy: https://www.facebook.com/about/privacy/.

You can also deactivate the custom audiences remarketing feature in the Ads Settings section athttps://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You will first need to log into Facebook.

If you do not have a Facebook account, you can opt out of usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/ .

 

YOUTUBE

Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.

If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 GDPR.

Further information about handling user data, can be found in the data protection declaration of YouTube under

https://www.youtube.com/intl/en-GB/yt/about/policies/#community-guidelines

 

GOOGLE MAPS

This site uses the Google Maps map service via an API. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

By default, when displaying a map, this website presents only the map placeholder image, and Google Maps is not activated until the visitor requests the actual map, by clicking it.

To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.

The use of Google Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 GDPR.

Further information about handling user data, can be found in the data protection declaration of Google at https://policies.google.com/privacy .

 

FACEBOOK PAGES PLUGIN

This site uses the Facebook Pages plugin service via an API. It is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”).

By default, when displaying the facebook pages plugin, this website presents only the logout version of the plugin, not sending any data to Facebook. Only if the visitor chooses to login to Facebook, will Facebook receive any personal data.

We have access to the aggregated “engagement” data from the API, i.e., the ammount of people who have made a login and some additional statistics on the API usage on our site.

The data collected is anonymous to us as operators of this website and we cannot use it to draw any conclusions about our users’ identities. However, the data are stored and processed by Facebook, which may make a connection to your Facebook profile and which may use the data for its own advertising purposes, as stipulated in the Facebook privacy policy. This will allow Facebook to display ads both on Facebook and on third-party sites. We have no control over how this data is used.

Check out Facebook’s privacy policy to learn more about protecting your privacy: https://www.facebook.com/about/privacy/.

 

SOCIAL SHARING BUTTONS

This site uses offline social sharing butons. This means that when navigating in the site, no personal data is transmitted to the respective social network providers.

Only when a visitor clicks a sharing button he is taken to a sharing page, on that specific social netowrk, where he is asked to login or, if already logged-in, he can share the post in his social network account.

 

JETPACK BY AUTOMATTIC

This site uses Jetpack, a service provided via API by Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110-4929, USA.

The Jetpack plugin provides several specific functionalities,out of which the following are active and being used in this website:

Protect:

Jetpack Protect is a service to protect websites against traditional brute force attacks and distributed brute force attacks that use many servers against our site. Jetpack’s botnet security features work automatically by blocking malicious login attempts.

Data Used

In order to check login activity and potentially block fraudulent attempts, the following information is used: attempting user’s IP address, attempting user’s email address/username (i.e. according to the value they were attempting to use during the login process), and all IP-related HTTP headers attached to the attempting user.

Activity Tracked

Failed login attempts.

Jetpack sets a cookie (jpp_math_pass) for 1 day to remember if/when a user has successfully completed a math captcha to prove that they’re a real human.

Data Synced to Jetpack’s servers

Failed login attempts, which contain the user’s IP address, attempted username or email address, and user agent information.

Image CDN:

The image CDN (formerly Photon), is an image acceleration and editing service for sites hosted on WordPress.com or on Jetpack-connected WordPress sites. That means that a visitor of our website will receive it’s images from wordpress.com servers instead of from the website server.

The servicce works by automatically rewriting the image links from our addresses into the image CDN addresses, so no visitor personal data is transmitted or stored in Jetpack’s servers.

Jetpack’s Privacy Policy and detailed descritpion can be found here: https://jetpack.com/support/privacy/

Automattic Privacy Policy can be found here: https://automattic.com/privacy/

Automattic Cookie Policy can be found here: https://automattic.com/cookies/

 

AKISMET BY AUTOMATTIC

This site uses Akismet, an anti-spam service provided via API by Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110-4929, USA.

The Akismet service collects information about visitors who comment on this website and compares it against a spam database.

Data Used

In order to check for spam activity and potentially block fraudulent comments, the following information is used: attempting user’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address and the comment itself.

Automattic Privacy Policy can be found here: https://automattic.com/privacy/

Automattic Cookie Policy can be found here: https://automattic.com/cookies/

 

 

HOW LONG WE RETAIN YOUR DATA

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

Session cookies are only retained when navigating our website, being automatically deleted once you close your browser. The language cookie lasts for one day. The “GDPR opt-in/opt-out” preference cookie (CookieConsent) that is set when you accept or customize our data privacy banner is set for 60 days.

The remaing information, including contact form data or third-party cookies are only retained for the minimum amount of time required for the data to be processed, being anonymized or deleted afterwards. The duration of data retention of each third party service can be found in it’s respective Privacy Policy, linked in this page.

 

 

WHAT RIGHTS YOU HAVE OVER YOUR DATA

As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given below if you have further questions on the topic of personal data.

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. Typically for visitors that have left comments, the data will be their email address, any IP addresses assigned to them at the time of leaving the comments and the user agent strings of the browsers they used. The rest of the data is public as published by the visitors. You can also request “to be forgotten”, that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

There are two ways for you to exercise your rights on personal data.
If you whish to access, correct, amend, or delete inaccurate data, you can direct your request to rgpd@ricardo-barbosa.com. We will respond within a reasonable timeframe, not to exceed one week.

Or, you can use the “self-service” tools available in this site, by using the form below.

 

PERSONAL DATA REQUEST

If you want to Delete (“Be Forgotten”) or Export your personall data in this site, please use the form below. You will receive an email and, after validation, the site administrator will comply with your request.

Select your request:


 

WHERE WE SEND YOUR DATA

Some of our Automated Data Processors have servers located outside the European Union, namely in the United States of America. All the traffic sento to those server abides to their respective Privacy Policy and to the EU-US Privacy Shield

You can have additional information on the EU-US Privacy Shield here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_en

The Privacy Policy of each Automated Data Processor can be found above in this document.

 

 

HOW WE PROTECT YOUR DATA

The security and reliability of our service is our number one priority. We invest heavily in the training of our staff and our infrastructure to ensure that best practices are followed in everything that we do.

 

WORDPRESS CORE SECURITY

We use WordPress as the Content Management system for this website. WordPress is an open-source solid and secure content management system, the most widely used in the world and supported by thousands of volunteers. WordPress also has a dedicated WordPress Security Team, made up of approximately 50 experts including lead developers and security researchers.

See wordpress.org/about/security for details on the security of the WordPress core itself.

Prevention is best when it comes to security, and as a first step, we follow all WordPress Code Standards in the plugins that we use.
In addition, we have an internal review process in place specifically to prevent potential security vulnerabilities in our plugins and services.

 

ACCESS TO DATA

All staff that has access to the content management system (including any contractors) undergo initial training to ensure proper understanding of all security-related processes. Staff review and agree, in writing, to all policies and procedures annually.

We only use third-party services that are fully vetted and adhere to the highest levels of privacy and security practices and comply with GDPR or the EU-US Privacy Shield.

 

DATA CENTER

Our website is hosted in Lisbon, Portugal in a speciallized Datacenter.

This datacenter is a Quality Certificate (UNE-EN-ISO 9001: 2000, EFQM and Six Sigma), Environment (UNE-EN-ISO 14001: 1996) and Information Security Management Systems and Information Systems 7799 and BS 15000).

More detail on the datacenter can be found here: https://ptisp.pt/#why/datacenters

The privacy policy and certifications of the datacenter can be found here: https://ptisp.pt/#company/legal

 

SSL OR TLS ENCRYPTION

This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar.

If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

 

FIREWALL AND JETPACK PROTECT

By protecting our site against hackers, both services ack as an additional layer of protection to prevent an outside party to access your personal data.

 

 

WHAT DATA BREACH PROCEDURES WE HAVE IN PLACE

Should any event occur where customer data has been lost, stolen, or potentially compromised, our policy is to alert our customers via email no later than 48 hours of our team becoming aware of the event. We will also report such incident to any required data protection authority. We will work closely with any customers affected to determine next steps such as any end-user notifications, needed patches, and how to avoid any similar event in the future.

 

 

WHAT THIRD PARTIES WE RECEIVE DATA FROM

Visitor comments may be checked through Akismet, an automated spam detection service. The Privacy and EU-US Privacy Shield of Akismet can be found above.

Blacklisted IP’s are periodically downloaded to our firewall, via a GDPR compliant service. The compliance documentation can be found here: https://www.wordfence.com/help/general-data-protection-regulation/

 

 

WHAT AUTOMATED DECISION MAKING AND/OR PROFILING WE DO WITH USER DATA

We donot engage in any kind of automated decision making and/or profiling with website user data

 

 

PRIVACY POLICY CHANGES

Although most changes are likely to be minor, we may change our Privacy Policy from time to time, and in our sole discretion. When possible, we will notify clients by email when making changes.

 

CHANGELOG

May 24, 2018 – Updated language of the policy to be more user-friendly, specifically outlining requirements for meeting the GDPR.