1. The privacy and protection of user (User) personal information is of utmost importance to Network Electronics 2000 C.R.I. Unip. Lda. (NE2K) who is responsible for operating the App and related services as well as collecting and processing any User personal data (Data), as described in this Privacy Policy (Policy).
2. The processing of the Data is governed by the General Data Protection Regulation (GDPR) — Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016.
3. Technical and organisational security measures have been implemented to protect the Data against involuntary or illegal deletion, update, loss, and non-authorised disclosure or access.
4. The interpretation of the Policy is exclusive to NE2K who reserves the right to change it at any time. Significant changes shall be communicated via the App and/or Google Play before entering into force. If the User does not agree with such changes, they shall cease to use the App.
5. NE2K only processes the Data as described herein, except when the Data is necessary for:
6. NE2K does not sell the Data.
7. The User accepts that the only legally-binding version of the Policy is the one written in Portuguese and that any translations to other languages are merely informative.
8. The information included in the Policy may become out of date or incomplete over time. NE2K will use their human and technical resources in order to try to keep the Policy up to date and complete.
| Data | Means |
|---|---|
| Location, date/time, IP address | NFC tag validation functionality |
| Data | Purposes |
|---|---|
| Location, date/time, IP address | Fraud risk mitigation |
| Data | Lawfulness basis |
|---|---|
| Location | User consent |
| Date/time, IP address | Systems security according to recital 49 of the GDPR |
The date/time and the IP address are not subject to individual analysis, unless security incidents occur, in which case they may be reported to the competent authorities. Thus, it is considered that there is no risk of User's privacy intrusion and that therefore NE2K's legitimate interests are not overridden by Users' rights and freedoms referred to in Article 6 (1)(f) of the GDPR.
The Data are stored for as long as is strictly necessary to fulfil their processing purposes or the exercise of the User's right to object or to erasure, or until withdrawal of consent. The Data is then deleted or anonymised, unless the storage period turns out to be insufficient, or a legal obligation or authorisation exists.
| Data | Storage period |
|---|---|
| Location, date/time, IP address | 30 days |
| Data | Access |
|---|---|
| Location, date/time, IP address | NE2K |
No Data are transmitted to third parties.
1. Under the terms of the GDPR and other applicable legislation, the User has the right of access and to rectification, erasure and portability of the Data, and to restriction, object and withdrawal of consent to their processing.
2. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
3. The User may exercise their rights via email at info@ei-tag.com.
4. The answer to User's requests to exercise their rights shall be provided free of charge. Where requests are manifestly unfounded, excessive or unjustifiably reiterated, NE2K may either charge a reasonable administrative fee or refuse to act on the request.
5. The answer to User's requests shall be provided within one month of receipt of the request. Such period may be extended by two further months where necessary, taking into account the complexity and number of the requests.
6. The User has the right to lodge a complaint about the processing of the Data with the Portuguese Data Protection Authority (CNPD).
1. The Data may be used for the purposes of aggregate statistical analysis where no connection to individual Users is established.
2. Aggregate information is anonymous, thus devoid of personal identification or private information.
3. Aggregate analysis may allow detecting usage patterns, based on which the App can be improved.
4. Aggregate information may be disclosed to third-parties or publicly.
Last update: 31/07/2023