1. COMMITMENT TO THE PROTECTION OF INDIVIDUALS
Recognizing the importance of protecting individuals regarding the processing of their personal data, LOOP has defined rules which ensure that the holders of personal data are aware of how LOOP treats the information and what rights are in accordance with the provisions of the European Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April (RGPD).
In this context, LOOP discloses to its employees, customers and community the general rules of privacy and security of the personal data that collects and manage, in order to improve the understanding about the processing of personal data.
“Data processing” shall means the operation or set of operations carried out on personal data or sets of personal data by automated means, or not, in particular the collection, registration, organization, structuring, adaptation, retrieval, consultation, use, dissemination, comparison, interconnection, limitation, erasure or destruction.
In order to work daily to ensure the protection of privacy and personal data, it is intended to make it clear and explicit that all those working in and for the LOOP team act in accordance with the legislation that bases this document.
2. BUT WHAT IS “PERSONAL DATA”?
“Personal data” means any and all information of any nature and regardless of its support, including sound and image, relating to an identified or identifiable natural person (data subject). This person is considered identifiable, directly or indirectly, by reference to one or more specific elements of his physical, physiological, economic, cultural or social identity.
3. DATA COLLECTED BY LOOP AND ITS PURPOSE
LOOP, as an audiovisual production company, with the perspective of improving relations and interactions with all its stakeholders, needs to collect a set of personal data that are the subject of necessary treatment, for example, for the opening of employee’s form or client card, which highlights the need to collect the full name and address and identification numbers.
The data collected by LOOP are those required for the provision of its services and products, as well for the legal and normative compliance to which it is subject.
The collection of the data to the employees is defined and delimited in a declaration of own consent and takes place at the time of hiring or at a later time, as necessary and possible.
The collection of data to other interested parties, in addition to those already mentioned, may also include e-mail, function, telephone / mobile / fax, website, date of birth and nationality, and takes place after the first award or at a later date, as necessary and possible, via face-to-face, e-mail and / or telephone.
This collection takes place due to the need to create a customer card to maintain and continuously improve the business relationship. Some of the data is legally required, such as the NIF, for billing purposes. Information on the processing of personal data is provided at the time of its collection from the data subject.
If LOOP intends to process personal data for a purpose other than that for which it was collected, explicit consent shall be sought from the data subject with information about the intended treatment.
Personal data may be made available to the courts and other competent authorities, in strict compliance with the provisions of the Law, in particular when they are necessary for the resolution of disputes relating to billing and activities related to the protection of public security, defense and security of the State and to the prevention and investigation of criminal offenses. If this happens, the data owners will be informed.
In summary, personal data collected will only be processed when consent is given by the data subject or when processing is required for the performance and management of a contract, compliance with a legal obligation, or pursuit of a legitimate interest of LOOP or third parties.
4. ACCESS AND PROTECTION OF PERSONAL DATA
The personal data will be treated in order to ensure your security. LOOP commits itself to protect personal data against unauthorized access or disclosure, to protect personal data against copy, reproduction, adaptation, modification, alteration, deletion, destruction, dissemination, transmission or other form that makes available to third parties the personal data to which it had access or that are transmitted to it, without having been expressly authorized to do so and to ensure that personal data are available when necessary and permitted, and without undue delay.
Access to and protection of personal data are provided in the Internal Regulation – General Framework and Internal Rules for the Use of the Computer System.
As provided in these internal documents, only personal data, regardless of origin, will be accessible to LOOP employees with permission and / or LOOP partners who are properly qualified and authorized as required to provide certain services.
In cases of subcontracting, the LOOP shall adopt necessary technical and organizational measures to protect personal data as indicated at the beginning of this point.
5. CONSERVATION OF PERSONAL DATA
The personal data will be processed, stored and kept only for the period necessary for the purposes that led to their collection or subsequent processing, until a request for “forgetting” by the data subject (which is processed as follows), or according to laws and regulations, at which time they will be eliminated.
6. RESPONSIBILITY FOR THE PROCESSING OF DATA BY LOOP AND RIGHTS OF THE DATA HOLDER
The responsibility for the processing of personal data rests with LOOP, as it determines the purposes and means of processing such data.
For the exercise of their rights, in particular, access, correction, opposition and elimination of personal data, including the provision of additional information or clarification of doubts, the owner of that personal data should contact LOOP for this purpose through the e-mail address: firstname.lastname@example.org, dislocate itself to the physical premises of LOOP or through written communication to Via do Oriente, 16, E13, 1990-514, Lisbon, Portugal.
In addition to being able to submit complaints directly to LOOP, through the means made available for this purpose, the data subject can directly complain to the Control Authority – National Commission for Data Protection (CNPD) -, using the contacts made available by that entity for the purpose.
8. REVISIONS AND CHANGES
If LOOP makes revisions and changes to this declaration, they will be made available on the LOOP website and in an internal system.