This Privacy and Cookies Policy (“Policy”) governs the processing of personal data of users (hereinafter “User” or “Users”) collected in the context of the use of the websites within the universe of the Association Academia Cidadã (hereinafter “websites”), by the Association Academia Cidadã (“Association”), reflecting the institutional concerns of the Association regarding privacy and the processing of personal data in these contexts.
The provision of personal data in the context of browsing the websites implies knowledge of and express acceptance of the conditions set out in this Policy.
1. Controller for the processing of users’ personal data The Association is the entity responsible for the processing of Users’ personal data and may process such data directly and/or through subcontracted entities for this purpose.
2. Collection and processing of personal data Access and general browsing on the websites do not necessarily require the provision of personal data. Any User can (i) freely navigate the websites and view the available content, and may even become a member of the Association without the need to register (in which case, only the data necessary for payment processing will be requested); and (ii) freely subscribe to the Association’s newsletters through the websites, in which case their email address will be requested.
The Association processes the personal data of Users for the following purposes:
2.1. Disclosure of Association activities With the User’s consent, the Association will send newsletters and/or process the User’s personal data for the purpose of promoting events and campaigns.
2.2. Processing of spontaneous applications and recruitment processes The Association also processes personal data for the purpose of processing applications, both spontaneous and as part of recruitment processes, submitted via email. This personal data mainly includes the User’s name, email, ID number, date of birth, educational qualifications, professional background, and other data found in their CV, such as their image if their CV contains a photograph. User’s personal data will be processed for the management of the Association’s recruitment processes based on the legitimate interest of the Association in processing the User’s application, as well as for compliance with the Association’s legal obligations.
2.3. Statistical analysis In the context of the purposes mentioned above, and with the User’s consent or based on the legitimate interest of the Association in managing and evaluating its activities, the collected data, which may be mandatory or optional depending on the purpose (such as date of birth, gender, level of education, profession, or nationality), may be processed for statistical purposes. The statistical processing of the collected data is done in an aggregated and non-individualized manner, preventing the identification of the User.
2.4. External audits As part of audits carried out by external entities, the Association will provide the data necessary for the audit.
3. Disclosure of personal data
3.1. The Association may transmit the User’s data to partner entities and subcontracted entities for the purposes mentioned above, in accordance with contracts entered into with them in compliance with applicable law.
3.2. The processing of data by the Association and the service providers mentioned above may involve the transfer of personal data to third countries (outside the European Economic Area).
4. Retention of personal data
4.1. Personal data necessary for joining as a new member will be retained for as long as the User wishes to maintain their membership.
4.2. Personal data processed for spontaneous application processing will be retained for one year after submission.
4.3. Other personal data collected through the websites will be retained for the period necessary to achieve the purpose for which they were collected, as described in this Policy.
4.3. Some of the personal data collected at events held by or for the Association may be retained for the period necessary for managing the Association’s cultural, intellectual, and artistic assets.
5.1. In order to provide a more personalized service that meets User expectations, the Association uses its own and third-party cookies to collect and store information.
5.2. A cookie is a text file that is automatically stored in users’ web browsers when they access certain websites. The cookie allows the Association and third parties to identify the web browser on the server, enabling the storage of information to improve user experience and analyze website performance.
5.3. Cookies can be classified as session cookies or persistent cookies. Session cookies expire automatically when the internet browser is closed. Persistent cookies remain in the internet browser until their expiration date or until they are deleted. Expiration dates vary for each cookie, with some expiring after a few minutes and others after several years.
5.4. Within the websites, the Association uses the cookies located at the following address.
5.5. Cookies and other tracking technologies do not collect personal data about the User unless such information is voluntarily provided, such as when registering on the website or sending communications, in which case these technologies may be used to gather more information about their use of the website.
6.1. The Association ensures privacy and security when transmitting User data through the use of SSL (Secure Sockets Layer) encryption for all information exchanged with the Association via the internet.
6.2. Additionally, the Association affirms that it has and will maintain all technical means available to prevent the loss, misuse, alteration, unauthorized access, and unauthorized appropriation of the personal data provided or transmitted. In any case, it should be noted that when data is transmitted over an open internet network, it is not possible to completely eliminate the risk of unauthorized access and use, so Users should implement appropriate security measures when browsing the websites.
6.3. Whenever payments are made through the website servers, the information sent will be encrypted, and additional security measures appropriate to industry standards and market best practices will be employed.
7. User Rights
7.1. In accordance with applicable law, the User may, at any time, request access to personal data concerning them, as well as its correction, deletion, or restriction of processing, data portability, or objection to processing (in the case of profile creation, where applicable, request clarification of the criteria used and/or object to profile creation).
7.2. The User may also obtain confirmation that personal data concerning them is being processed and access this data. If requested, a copy of the data being processed can be provided to the User.
7.3. According to the law, the User also has the right to withdraw their consent at any time for the processing of their data based on consent, without affecting the validity of the processing carried out until that date, based on previously given consent.
7.4. In accordance with the law, the User also has the right to request the restriction of processing or data portability, subject to legally applicable conditions.
7.5. The User’s rights mentioned above can be exercised through the contact methods provided in point 9.
In addition to any other administrative or judicial remedies, the User has the right to file a complaint with the National Data Protection Commission or another competent supervisory authority under the law if they believe that the processing of their data by the Foundation violates the current legal framework.
If you have any questions regarding the processing of your personal data and the exercise of the rights conferred by applicable law, as outlined in this Policy, you can contact us at the following email address:
Changes to Personal Data Processing Terms The Association may change this Policy at any time. These changes will be duly publicized on the website pages.
Last updated: October 30, 2023