1. WHAT IS THIS POLICY ABOUT?

1.1. This Privacy Policy explains how we collect and process personal data that is necessary to provide services that are available through the website, describing the practices adopted for this purpose.

2. WHAT ARE PERSONAL DATA?

2.1. Personal data is all information relating to a person and that identifies that person, or makes that person identifiable, regardless of the nature and support of the information, including the sound and image of the person.
2.2. Identifiable means a person who can be identified, directly or indirectly, in particular by reference to an identification number or other specific elements of their physical, physiological, psychological, economic, cultural or social identity.

3. HOW WILL WE USE YOUR PERSONAL DATA?

3.1. The personal data processing operations we carry out are an essential tool for your satisfaction and for MFA’s activity and are carried out in accordance with applicable legislation and best practices.
3.2. Your personal data will not be reused for other purposes that are not previously identified or that have no relationship with those purposes for which they were initially collected.

4. WHAT ARE THE PURPOSES, BASIS AND PERIOD FOR STORING THE COLLECTED DATA?

4.1. The personal data we process has specific grounds, depending on the purposes for which it is intended, and will be kept for as long as necessary for the respective purposes, as listed in this Privacy Policy
4.2. The personal data collected is only that which is necessary and appropriate for the purposes indicated.
4.3. In the following table you can see the processing purposes and data collected for them, the respective grounds and the data retention deadlines or criteria:

GOAL	BASIS	DATA COLLECTED	STORAGE LIFE
To review and follow up on your application process to work with the MFA.	Consent for this specific purpose.	Full name, address, email, CV, motivation letter, mobile phone and other application details.	1 year
Para o envio de Newsletters.	Consent for this specific purpose.	Name, Email Address, Entity and Position.	5 years
Para analisar e responder aos seus pedidos de contacto.	Consent for this specific purpose.	Name, email, telephone number and message.	1 year
Para as operações de gestão do website.	Consent for this specific purpose (cookies); Legitimate interests pursued by the MFA.	Cookie data, IP address.	1 year
Para fins comerciais, como análise de dados, auditorias.	Consent for this specific purpose (cookies); Legitimate interests pursued by the MFA.	Cookie data, IP address.	1 year
Para prevenção de fraudes e segurança dos sistemas de informação.	Legitimate interests pursued by the MFA.	Cookie data, IP address.	1 year
Para a adaptação, melhoria e modificação dos serviços, nomeadamente, através da identificação de tendências de utilização, ou, para determinar a eficácia das campanhas promocionais.	Consent for this specific purpose (cookies); Legitimate interests pursued by the MFA.	Cookie data, IP address.	1 year

4.4. If the law provides for a specific or mandatory period, the data retention period will be that. In all other cases, personal data will be kept for a maximum of the times indicated above, periods that MFA understands as sufficient to fulfill the purposes.
4.5. After the retention period ends, all personal data collected will be deleted.

5. HOW DO WE COLLECT YOUR PERSONAL DATA?

5.1. We will collect your personal data through the forms on the website, but also through the website and the communication it makes with your equipment and email messages you send to us.
5.2. Your personal data is collected through your equipment as follows:
(a) Through your browser;
(b) Through cookies;
(c) Through pixel tags and other similar technologies;
(d) IP address;
(e) Through your User data.
5.3. MFA is committed to processing your data in accordance with the law and in a legitimate manner.
5.4. MFA will not sell, rent or share your personal data with third parties, except in cases clearly identified in this Privacy Policy (see Point 9 to understand how).
5.5. MFA services are not aimed at minors, and personal data of minors is not intentionally processed.

6. WHAT ARE COOKIES?

6.1. Cookies are small information files that help identify your browser and that can store information, for example, User settings and preferences.
6.2. MFA will store cookies on your device to personalize and make browsing as easy as possible, but also for troubleshooting, statistics, quality assurance, and to monitor system security.
6.3. With the exception of cookies specifically necessary for the performance of the website, the storage of other cookies will always depend on the User’s acceptance and consent, and this consent can be withdrawn at any time through specific browser tools.
6.4. To find out more about the cookies we use, you should consult our Cookies Policy.

7. HOW DO WE PROTECT YOUR PERSONAL DATA?

7.1. Your personal data is kept secure through the adoption of various security measures, of a technical and organizational nature, which ensure that only those Employees who must access them have access to personal data, in accordance with the need for access and rules created to ensure the effect.
7.2. To protect your personal data, we only use data center providers that offer us adequate and documented security measures, namely, guarantees that your personal data is stored on servers that are maintained in controlled environments with limited access.
7.3. Personal data, for sending the newsletter, is kept on secure servers at The Rocket Science Group, LLC (hereinafter, “MAILCHIMP”) with NIPC MOSS No. EU372008134 and headquarters at 675 Ponce De Leon Ave NE Suite 5000 Atlanta, GA 30308 USA, which offers us adequate security guarantees to protect personal data against dissemination, loss, misuse, alteration, unauthorized processing or access, as well as against any other form of illicit processing.
7.4. Likewise, when you browse the website, we protect your data with encryption, such as Transport Layer Security (TLS, is a security protocol that protects telecommunications via the internet).
7.5. Although we take the care and precautions we deem appropriate to protect the personal data you provide and collect, you must be aware that no security system is impenetrable.

8. HOW YOU CAN EXERCISE YOUR RIGHTS:

8.1. Before we explain how you can exercise your rights, it is important to know what they are. Therefore, the legislation gives you the right to request us to exercise the following rights:
(a) Access: right to obtain confirmation as to whether or not personal data concerning you are being processed and, if this is the case, the right to access your personal data;
(b) Rectification: the right to obtain the rectification of inaccurate personal data concerning you and to have your incomplete personal data completed;
(c) Erasure: the right to obtain the erasure of your personal data when one of the reasons listed in the legislation applies;
(d) Limitation of processing: the right to obtain limitation of processing if one of the situations listed in the legislation applies;
(e) Opposition: the right to object at any time to the processing of personal data concerning you;
(f) Portability: the right to receive personal data concerning you in a structured, commonly used and machine-readable format.
8.2. You also have the right to lodge a complaint with the competent supervisory authority (in Portugal, the National Data Protection Commission at www.cnpd.pt)
8.3. For the purpose of exercising the rights indicated above, you must contact MFA via the following email info@mfadvogada.pt.
8.4. If you ask us to delete some or all of your personal data, some of the services requested may not be provided to you and MFA will only retain the personal data necessary to comply with the legal obligations to which it is bound.

9. WHEN DO WE COMMUNICATE DATA TO THIRD PARTIES?

9.1. MFA may use third parties to provide certain services, in terms of maintenance, technical support, marketing, invoicing or payment management, and they may have access to some of the personal data, namely the data necessary for the contractual purposes.
9.2. The MFA ensures that the entities that have access to the data are credible and offer high guarantees of protection, with no data being transmitted to them beyond what is necessary to provide the contracted service, however, the MFA remains responsible for the personal data made available.
9.3. For example, for data center management purposes, MFA uses MAILCHIMP services.
9.4. MFA may also communicate your data to other partners (with prior authorization from you).
9.5. MFA may also transmit data to third parties within the scope of investigations, inquiries and judicial and/or administrative proceedings or of a similar nature, provided that it is duly ordered to do so by court order to that effect.

10. THIRD PARTY WEBSITES.

10.1. The website may contain links to other websites which may collect and process your personal data, and this processing is the sole responsibility of the owners of these websites, with MFA not having any responsibility for their policies and/or practices.
10.2. Examples of these third parties are Instagram, Facebook or LinkdIn through the buttons on the website.

11. DATA TRANSFERS OUTSIDE THE EUROPEAN UNION.

11.1. If data transfers may occur to third countries that do not belong to the European Union, MFA will comply with legal rules, particularly with regard to the suitability of the destination country in relation to the protection of personal data and the requirements that are applicable to these transfers. , personal data will not be transferred to jurisdictions that do not offer guarantees of security and protection.

12. THE MINORS.

12.1. The website is not aimed at minors under the age of 18, so we ask that minors do not provide us with personal data through the website, application, social networks and social media or emails.

13. SENSITIVE PERSONAL DATA.

13.1. MFA would like to thank you if you do not send us or make us aware of any sensitive personal data, i.e. information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic information, biometric information, health data or data relating to a natural person’s sex life or sexual orientation.
13.2. If you still send or disclose these categories of personal data to us, they will be immediately deleted.

14. CHANGES TO PRIVACY POLICY.

14.1. MFA reserves the right to readjust or change this Privacy Policy at any time, with these changes being publicized.

15. OUR CONTACT DETAILS.

15.1. If you have any questions or concerns related to this Privacy Policy, please contact us in writing via email at info@mfadvogada.pt.

16. LATEST VERSION.

16.1. July 17, 2024. Lisbon (Portugal).