The user warrants that he/she is of legal age and that the information he/she provides is true, accurate, complete and up-to-date; the user is solely responsible for any inconsistencies in this regard. If such data belongs to a third party, the user warrants that he/she has informed said third party about the provisions set forth in this document and that he/she has obtained permission to provide such data to EDP SA for the aforementioned purposes.
1. Scope of application and entity responsible for the processing of personal data
The entity responsible for processing this data is:
EDP - Energias de Portugal SA, with the single Commercial Registry and legal person number 500697256, headquartered at Avenida 24 de Julho no. 12, 1249-300 Lisbon, with share capital of €3.656.537.715;
- Postal Address: Avenida 24 de Julho, 12 1249-300 Lisbon
- Email Address: comunicação.edp.pt
2. Data processing purposes and legal basis
Personal data collected through the forms available on the edp.com website will be used in the following operations:
- Analyzing and responding to messages sent by users
- Regular mailing of information
The processing of personal data is necessary to carry out the aforementioned operations. Its legal basis is the permission of the respective owner when addressing the matter to EDP, SA, requesting that it be subject to appraisal.
The user's personal data may be transferred to a suitable service provider outsourced by EDP SA, or to other companies within the EDP Group, which will process the data solely for the purposes determined by EDP SA and under its instructions.
4. International data transfers
Data processing for the aforementioned purposes may require that it be shared with EDP Group companies operating in countries outside the European Economic Area (more information about the regions where EDP operates at the website of EDP Group). The transfer of personal data is based on information systems equipped with appropriate information security measures, such as content and communication encryption and the use of secure servers. Pursuant to GRPD provisions, the processing of personal data will only be carried out with the explicit consent of the owner, which will be requested in the respective form where the transfer can occur.
5. Retention period
Collected data will be retained for a period of 5 years, although such data may be kept beyond that period for the fulfillment of legal obligations or archiving purposes; in the latter case, appropriate technical and organizational measures will be implemented.
6. User rights
Pursuant to personal data laws, the user has the right to access, rectify and delete any personal data concerning him/her. Moreover, the user may also exercise his/her data portability rights or the right to limit or oppose the processing of his/her personal data.
The user also has the right to submit a complaint to the National Data Protection Commission if he/she believes that his/her personal data rights have been violated.
- Email address: firstname.lastname@example.org