At RM Academy we respect individual privacy so our commitment will always be to protect your personal data.
1. IDENTIFICATION OF THE PERSON RESPONSIBLE FOR TREATMENT AND DATA PROTECTION MANAGER
- Company: RM Academy
- Headquarters: Rua do Doutor Alfredo Magalhães, nº 60, 4000-062 Porto
- NIPC: 514717025 li>
- Phone: +351 967 566 491
- E-mail: firstname.lastname@example.org
2. INFORMATION AND CONSENT
The Personal Data Protection Act (hereinafter “LPDP”) and the General Regulation on Data Protection (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, hereinafter “RGPD”) ensure the protection of natural persons with regard to the processing of personal data and the free movement of such data.
In legal terms, “personal data” means any information of any nature and regardless of its support, including sound and image, relating to an identified or identifiable natural person, and protection does not cover the data of legal persons.
The formalization of reservations through our website implies the introduction into the system by the user of personal identification data, such as aspects relating to personal preferences, special circumstances affecting him or others, data relating to credit cards and debit, which will be used to facilitate and enable the contracting and booking of the concrete services that make up the client’s request, as well as to provide information regarding RM Academy products and services.
Information on philosophical or political beliefs, party or trade union membership, religious belief, private life and racial or ethnic origin, as well as data on health and sex life, including genetic data, shall not be solicited.
In no case shall we carry out any of the following activities with the personal data provided through this site:
- Give to others or other entities without the prior consent of the data subject;
- Transfer outside the European Economic Area (EEA) without the prior consent of the data subject.
3. PURPOSES OF THE PROCESSING OF PERSONAL DATA
- The personal data that we treat through this page will be used only for the following purposes:
- (i) Proper of the activity;
- (ii) Provision of the services requested by the user to fulfill the reservation / service contracted by the User;
- (iii) Management, administration, provision, extension and improvement of the services that the user chooses to subscribe and register or use the suitability of these services to the preferences and tastes of the user;
- (iv) Check credit cards and other types of cards used for payment and indicated by the User;
- (v) The study of users’ use of the services;
- (vi) verify, maintain and develop statistical systems and analyzes;
- (vii) Advertising, promotion and commercial prospecting activities, if duly authorized and consented to by the User;
- (viii) Submit survey forms to which the user is not obliged to respond;
- (ix) Send SMS messages for direct sale, advertising or related to the contracted service, if duly authorized and consented by the User.
- You may allow RM Academy to process your Personal Information for the purpose of determining your profile and providing you with appropriate products and services. These services can be owned by third parties.
- On the other hand, the user consents to the information about the service contracted with RM Academy in order to be able to offer additional services to the contractor.
- Personal data collected through the “Newsletter” form or other forms related to the activity of the website are the necessary and appropriate, and that the user can voluntarily make available, without the lack of response implying a decrease in quality or quantity of the corresponding services. Nevertheless, failure to respond to the data considered as mandatory, will imply that it is impossible to access the specific service for which the data was requested or the query required by the data subject.
- If you do not agree to the above conditions, RM Academy will not be able to contract with you and consequently will not be able to accept your reservation.
4. CEDENCY OF PERSONAL DATA
- RM Academy may disclose user information to third parties solely for the purpose of completing the requested reservation and for administrative reasons under current legislation to provide travel / service for certain countries.
- Any data collected in this way on the web page will be transmitted, in accordance with the legislation on data protection in force, to the entities involved to contract the required services to the extent absolutely necessary for the realization of the reservation / service intended and for compliance with the legislation of the countries of destination.
- In addition, you will expressly consent to the transfer of personal data to:
- (i) National and international authorities responsible for tourism, combating terrorism or crimes against human rights;
- (ii) Any legal entity which is a subsidiary or subsidiary of RM Academy or the company that has contracted the service (hotels, water carrier, land, rail, air, rental, etc.) for use with purpose of a correct provision of each service requested by the user.
- The user guarantees that the information provided is true, accurate, complete and current and is responsible for any direct or indirect damage or loss that may be caused as a result of breach of this obligation. In the event that the data provided belongs to a third party, you warrant that you have informed the third party of the details contained in this document and have been authorized to provide your data to RM Academy for the purposes indicated.
5. SAFETY PRECAUTIONS
- RM Academy declares that it has implemented and will continue to implement security measures of a technical and organizational nature necessary to ensure the security of personal data provided to prevent unauthorized alteration, loss, processing and / or access, taking into account the current state of the technology, the nature of the data stored and the risks to which it is exposed.
- Personal data is treated with the legally required level of protection to ensure its security and prevent unauthorized alteration, loss, processing or access, taking into account the state of the technology, and the user is aware and accepting that Internet security measures are not impregnable.
- The RM Academy is equipped with peripheral control technical infrastructures, namely network firewalls, private circuits and VPNs that comply with security requirements. The computer servers are housed in a datacenter operator which performs a digital information protection service for the hosted servers. The service includes backup of files, conservation according to the policy defined and restore at the request of the RM Academy.
- Credit card data is only used to make payment and, after the transaction, is deleted from our records.
- RM Academy accessing any personal data, commits to:
- To store them by means of legally enforceable security measures of a technical and organizational nature that guarantee their security, thus avoiding unauthorized alteration, loss, processing or access, in accordance with the state of technology in each the nature of the data and the possible risks to which they are exposed;
- Use the data exclusively for the purposes previously defined;
- Make sure that the data are handled only by the employees whose intervention is necessary for the provision of the service and they are bound by the duty of secrecy and confidentiality. If it is possible for the information to be disclosed to third parties, they should be obliged to keep the confidentiality in accordance with the provisions of this document.
6. COMMERCIAL AND PROMOTIONAL COMMUNICATIONS
One of the purposes for which we treat personal data provided by you is to send electronic communications with information relating to commercial and promotional communications.
Whenever we make a communication of this type, it will be directed exclusively to the user who has previously authorized it expressly.
If you wish to stop receiving commercial or promotional communications from RM Academy, you can request the opposition of the service by sending an e-mail to the following address: email@example.com or through the link enabled for that purpose in the communications itself.
7. EXERCISE OF THE RIGHTS OF THE DATA HOLDER
In accordance with the provisions of the LDPD and the RGPD, you may exercise your rights of access, rectification, erasure, limitation, opposition and portability at any time by means of a written request by any of the following means, a certified copy of a document proving the identity of the data subject and specifying the right or rights that he wishes to exercise.
- E-mail: firstname.lastname@example.org
8. CONTROL AUTHORITY
Under the legal terms, the data subject has the right to submit a complaint regarding the protection of personal data to the competent control authority, the National Data Protection Commission (CNPD) www.cnpd.pt