This policy describes the processing of personal data collected by Jerónimo Martins, SGPS, a public company with its head office at Rua Actor António Silva, No. 7, in Lisbon (hereinafter Jerónimo Martins), as data Controller, within the scope of the services provided by the Customer Ombudsman.
Data collected and purposes
When you contact the Customer Ombudsman, the necessary data is collected to answer your requests and to manage the complaints received. Data such as your name, email address, telephone number and information regarding the reason for your contact may be collected, which may be shared with the customer service channels available at the Jerónimo Martins Group’s companies (the full list is attached) regarding the situation communicated. Such data will be maintained for a maximum period of three years after your contact or, if applicable, up to the term of the legal proceedings in progress, at the end of which they will be eliminated.
Within the scope of Jerónimo Martins’ legitimate interest and always safeguarding the rights and liberties of its website users, Jerónimo Martins may also process users’ personal data for the following purposes: i) prevention and detection of fraud, ii) network and information security, iii) development and maintenance of the website, iv) providing technical assistance.
Rights of the Data Subjects and Means of Exercising Rights
Under the legislation in force, data subjects are guaranteed the right to access, rectify and erase their personal data, to restrict and oppose their processing, as well as the right to data portability and processing restriction. Whenever the sole legal condition for the processing is the user’s consent, the latter may also withdraw previously given consent, at any time, without affecting the lawfulness of processing based on consent before its withdrawal. Exercise of rights may be performed, with the limitations provided for in the applicable legislation, via email@example.com. The user also enjoys the right to lodge a complaint with the National Supervisory Authority (CNPD).
In its commitment to ensuring the security of its customers’ personal data, Jerónimo Martins has implemented technical, organized security measures deemed necessary for the processing activities.
Communication of Personal Data
Jerónimo Martins uses external partners, to develop, maintain and host information systems, marketing and communication agencies. In these cases, Jerónimo Martins ensures that its partners comply with the appropriate technical and organisational measures for the processing. In this regard, the data collected may be transferred to entities located in third countries (outside the European Union), with the assurance that the appropriate measures are taken in accordance with the legislation in force.
Personal data may also be shared with other entities in accordance with: a) applicable legislation, b) compliance with legal obligations, c) or in response to requests from public or governmental authorities.
Notwithstanding the situations expressly mentioned in this Policy, the data collected is not transferred to third parties without your consent.
Data Protection Officer
Jerónimo Martins has a Data Protection Officer, whom you may contact for any issues related to the processing of your personal data, by sending an email to firstname.lastname@example.org.
Amendments to the Data Protection Policy
Jerónimo Martins SGPS reserves the right to amend this data protection policy, at any time, the amendments being duly publicised.
Date of last update: 6 July 2018