Skip to main content

Privacy Policy

General Scope

Soren is committed to protecting and ensuring the security of its customers’ information and privacy. This Privacy Policy aims to make known the general privacy rules and the terms of processing the data we collect, in strict respect and compliance with the applicable legislation in this area, in particular, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“General Data Protection Regulation” or “GDPR”).

The person responsible for processing personal data

Isa Conceição

Telephone: +351 910 030 423 (call to national mobile network)
Email: info@soren.pt
Address: Estrada das Escanxinas, Edifício Irbosol, 8135-105 Almancil
Website: https://www.soren.pt/

1. Collection and processing of personal data

This Privacy Policy applies to all personal information collected and stored by the Soren website in paper and/or digital formats.

The personal data voluntarily provided by its owner, and whose processing is a contractual and/or legal obligation of Soren, are treated confidentially, by employees or subcontractors duly authorized for that purpose, who must follow the specific instructions of Soren.

Your data may be collected directly or by telephone, when you make a request for information or service, by opening a customer file, with the creation of a process number that identifies the file, when you visit or use one of the contact forms available on our website, for information requests or requests for quotes and services.

The personal information we collect is:

  • Full name;
  • Email address,
  • Telephone number;
  • Address;
  • VAT number;
  • Other supplementary information, not classified as personal.

When navigating the website, whenever it is necessary to identify and collect personal data, the user will have to authorize its collection through authorization mechanisms that may vary according to the case, but which will be clear in their objective and intuitive as to their use.

For example on a contact form, there will be a box where the user must click to indicate that they consent to the collection and processing of the personal data entered into the form and subsequent contact by the Soren team. However, please note that you will not be able to send your message or contact Soren’s team through the website without consent.

The processing of personal data once authorized will be done in accordance with this Privacy Policy, and your authorization shall assume that it has been read and understood.

2. Purposes of collection and categories of data

Grounds (Article 6(1)(b), (c), (d), and (f) of the GDPR): Processing is necessary for the performance of a service to which the data subject is a party, or for taking pre-contractual steps at the request of the data subject; for compliance with legal obligations to which Soren is subject; for the protection of vital interests of the data subject; for the purposes of the legitimate interests pursued by Soren.

With regard to data processing carried out by Soren in the context of compliance with legal obligations, the lawful basis for carrying out such processing – mostly data communications to external entities – will be the necessity of the processing for the purpose of compliance with these legal obligations by the Controller.

We therefore collect your data to:

  • Order processing
  • Invoice management: issuing invoices for the purchase of goods and services
  • Home deliveries: to be able to deliver your purchases to your home
  • Customer service: We use your personal data to provide customer support
  • Customer comments: We may use your contact details to invite you by email to write a review after your order. By doing so, you can help other customers to choose the most suitable product
  • Marketing activities: we also use your data for marketing-related activities to the extent permitted by law. When we use your personal data for direct marketing purposes, such as commercial newsletters and marketing communications about new services and products or other offers we think you may be interested in, we include a link you can use if you do not want us to send messages in the future
  • Other communications: There may be other occasions when we contact you by email, post, telephone, or text messages, depending on the contact details you share with us
  • Legal scope: In certain cases, we need to use the information you provide, which may include personal data, to handle and resolve legal disputes or claims, for legal investigations, or to enforce agreements or comply with legal requests from competent authorities (for example, communications to SEF), to the extent required by law

If we use automated means to process personal data that produces legal effects or significantly affects you, we will implement appropriate measures to safeguard your rights and freedoms, including the right to obtain human intervention.

3. Data Communication

Soren will implement the necessary and adequate measures under the applicable law to ensure the protection of personal data subject to communication, strictly complying with the legal provisions regarding the requirements applicable to such communications, namely by informing the Customers.

In cases where Soren communicates personal data to third parties, it will define clear rules for contracting the processing of personal data with its subcontractors and will require them to adopt appropriate technical and organizational measures to protect your personal data.

The data may be provided to judicial or administrative authorities, as long as in compliance with legal obligations, as well as communicated to public and private bodies related to the activity of Soren The data, depending on the purpose for which they were collected, may be provided to the following categories of recipients:

  • Public entities;
  • Subcontracted service providers;
  • Other entities subcontracted by Soren whose object is essential for the pursuit of the purpose for which the data was collected.

4. Transfer of data to third countries

The information collected will not, in principle, be transferred to third countries. In the event of data transfers to countries outside the EU priority will be given to countries that are covered by an adequacy decision issued by the EU under Article 45 of the GDPR.

Soren will take the necessary measures in order to ensure the privacy and security of your personal data under Article 46 of the GDPR and to use it only for the purposes for which it was collected.

5. Conservation of personal data

Your Personal Data is kept by Soren for as long as the existing relations between this Entity and the respective Holders remain in force, or for the legal term of conservation or for the purpose for which they were collected, in order to allow the identification of the Holders until such time as these relations or obligations have been definitively terminated.

The data collected will be destroyed at the end of its legal retention period. The period of time for which data is stored and retained varies according to the purpose for which the information is used. There are, however, legal requirements to retain data for a certain period of time.

6. Safety measures

Soren is committed to ensuring the confidentiality, protection, and security of its Customers’ personal data by implementing appropriate technical and organizational measures to protect their data against any form of improper or illegitimate processing and against any accidental loss or destruction of this data.

To this end, we have established procedures to prevent unauthorized access, accidental loss, and/or destruction of personal data, undertaking to comply with the legislation on the protection of Customers’ personal data and to process such data only for the purposes for which they were collected, as well as to ensure that such data is treated with adequate levels of security and confidentiality.

Access to your personal data will be limited to those who need to know it in order to carry out their functions, strictly to the extent necessary to fulfill the purposes of the processing.

Soren is not responsible for the data that the user makes available on social networks. The use of Soren’s social networks may involve the transmission of data to social network service providers, who may be based outside the European Union or the European Economic Area

7. Information storage

The data will be stored electronically on a server maintained and controlled by Soren, located in Portugal, and Cloud service providers based in the European Union.

Security is always monitored in terms of infrastructure and data access. Access is restricted and protected by various access management and encryption tools so that unauthorized third parties cannot gain access. The risk of loss/destruction is thus minimized, but not eliminated and there is always the possibility of illegal access to the data. In this case, leakage containment measures will be implemented.

8. Rights of the data subject

Right to information – at the time of collection or processing, the holder of the personal data has the right to be informed about the purpose of the processing, the person responsible for the processing, the entities to which their data may be communicated, the conditions of access and rectification and which compulsory and optional data will be collected.

Right of access – the holder of the personal data has the right to access them, without restrictions or delay, as well as to know what information is available about the origin of the data, the purposes of the processing, and the communication of the same to third parties.

Right of rectification – the data subject has the right to demand that data about him or her is accurate and up to date, and may at any time request its rectification from the data controller.

Right of erasure – the data subject has the right to have their data no longer processed, erased, and deleted, under certain conditions, in the event that:

  • Deixarem de ser necessários para a finalidade que foram recolhidos;
  • the data subjects withdraw their consent or object to their processing;
  • If the processing of the data does not comply with the legal provisions.

Right to restriction of processing – the personal data subject has the right to have their data limited to what is essential for the purpose of the processing.

Right to data portability (data transfer) – the data subject has the right to receive their data or to request the transmission of their data to another entity that becomes the new controller of their personal data (only if technically possible).

Right of opposition – the data subject shall have the right to object, on request and free of charge, to the processing of their personal data for the purposes of direct marketing or any other form of prospecting and to their personal data being disclosed to third parties, unless otherwise provided by law.

Right not to be subject to automated decisions or profiling – As a data subject, you have the right not to be subject to any decision taken solely on the basis of automated processing, including profiling.

Right to know about a data breach – the personal data subject has the right to be informed if there is a security breach that compromises their data.

Right of complaint to supervisory authority– the personal data subject has the right to complain not only to the company’s personal data controller but also to the supervisory authority, the National Commission for Data Protection (CNPD).

You also have the right to withdraw or change, at any time, the consent you have given us to use your personal data, where this has legitimated the use of such data.

9. Obligations of the entities involved in data processing

Each of the entities involved in the processing of your data is obliged to comply with the applicable legislation on data protection, in particular with regard to the security and confidentiality of their processing.

Those responsible for processing personal data, as well as those who, in the course of their duties, have knowledge of such data, are bound by professional secrecy, under the terms of the law.

10. Contact the Data Protection Officer

Isa Conceição

Telephone: +351 910 030 423 (call to national mobile network)
Email: info@soren.pt
Address: Estrada das Escanxinas, Edifício Irbosol, 8135-105 Almancil
Website: https://www.soren.pt/

11. Changes and updates to the privacy policy

Soren reserves the right to make changes or updates to this Privacy Policy at any time, such changes will be duly posted on our website.