BSO Logo White and green / branco e verde

PRIVACY POLICY

Introduction

BSO Consulting (hereinafter “BSO”) understands that the use of your personal data requires your trust. The confidentiality and integrity of your personal data are among our main concerns. We are committed to the highest privacy standards and will only use your personal data for clearly identified purposes.
By providing personal data when using our website at https://www.bsoconsulting.pt (hereinafter the “site”), you are deemed to be aware of and expressly accept the conditions set out in this Privacy Policy.
This Privacy Policy, as well as the collection, processing or transmission of User Data, is governed by the provisions of the General Data Protection Regulation (“GDPR”) – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 – and other data protection laws.

Data Controller

BSO is the data controller for personal data provided through the website, in accordance with the GDPR, and is therefore responsible for the processing of your personal data as explained below.
Any requests or questions regarding the processing of personal data should be sent to the address provided.

Data Processing

BSO complies with applicable European Union privacy and personal data protection legislation. Accordingly, personal data processing activities consist of the collection, analysis and processing of the data identified in the table below, together with their respective purposes:

Types of data Data collected Purposes Retention
Personal identification data first name, surname, tax ID Provision of services 2 years after service ends
Personal contact information telephone number, email address Marketing communications, promotion of services, responding to contact requests made by email or phone 2 years
Workplace personal data workplace, job title Contact regarding opportunities or service provision 2 years
Browsing data IP address, pages visited, session duration Statistical analysis and improving the user experience 14 months

Confidentiality of personal data

Personal data will be treated as confidential information, subject to all legal restrictions and BSO’s internal procedures for confidential data handling.

Cookies

The BSO website uses cookies. Cookies are files that store information on the user’s hard drive or browser, allowing for a more personalised experience. They are used to monitor and analyse website usage, enabling better service to users.
You may configure your browser to refuse or disable cookies, but this may affect the functionality of the site. Cookies can be deleted from your browser at any time. We do not trade or sell any information collected through cookies. For further details, please see our Cookie Policy.

Processing of personal data

Duration of processing

Personal data will only be processed for as long as is strictly necessary to fulfil the purposes stated, as shown in the table above.

Removal of personal data

Once the stated purposes have been fulfilled, personal data may be passively retained for 30 days, after which all personal data will be permanently destroyed.

Return of personal data

Upon written request from the client, sent to dpo@bsoconsulting.pt, BSO will destroy, amend or return such personal data to the client and destroy any copies, unless EU or Member State law requires retention of the data.

Use of personal data

In the course of providing services, BSO will only process personal data in accordance with documented instructions. If EU or Member State law requires BSO to process data for any other purpose, BSO will inform the respective data subjects of this requirement before processing, unless such law prohibits disclosure on public interest or judicial grounds.

Record storage

BSO reserves the right to retain certain log information (not including personally identifiable information) for security purposes.

User rights

You will always retain control and authority over your personal data and retain at all times the ownership, intellectual property rights and other rights in relation to your personal data, regardless of the form in which they arise, including:

  • Right to information and communication transparency: BSO provides, in this policy, contact details for exercising your rights (dpo@bsoconsulting.pt).
  • Right of access: You have the right to obtain confirmation from BSO as to whether your personal data is being processed and, where that is the case, access to your personal data.
  • Right to rectification: You have the right to obtain without undue delay the rectification of inaccurate personal data.
  • Right to erasure (“right to be forgotten”): You have the right to obtain the erasure of your personal data without undue delay.
  • Right to restriction of processing: You have the right to obtain the restriction of processing of your personal data, without prejudice to Articles 18(2) and 18(3) of the GDPR or other applicable legal or regulatory obligations.
  • Right to data portability: You have the right to receive your personal data, which you have provided to BSO, in a structured, commonly used and machine-readable format, and the right to transmit those data to another controller without hindrance.
  • Right to object: You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data, including objection to processing for decision-making based solely on automated processing.Introduction
    BSO Consulting (hereinafter “BSO”) understands that the use of your personal data requires your trust. The confidentiality and integrity of your personal data are among our main concerns. We are committed to the highest privacy standards and will only use your personal data for clearly identified purposes.
    By providing personal data when using our website at https://www.bsoconsulting.pt (hereinafter the “site”), you are deemed to be aware of and expressly accept the conditions set out in this Privacy Policy.
    This Privacy Policy, as well as the collection, processing or transmission of User Data, is governed by the provisions of the General Data Protection Regulation (“GDPR”) – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 – and other data protection laws.