Commitment to Data Protection and Privacy

ROVENSA, S.A. complies with all applicable EU and national legal rules in the area of data protection, privacy and information security.

ROVENSA, S.A. is implementing a Personal Data Protection System and an Information Security System in order to ensure regulatory compliance and demonstration of institutional responsibility for data protection and information security, implementing all necessary technical and organizational measures, both to comply with the general legal regime of the current Data Protection Law and to comply with the special legal regime of the General Data Protection Regulation applicable from 25 May 2018.

For any clarification or additional information or to exercise rights in this area, please contact the ROVENSA, S.A. Data Protection Office by email at dataprotection@rovensa.com.

Definitions

“Personal data”

‘Personal data’ means information relating to an identified or identifiable natural person (‘data subject’); an identifiable person is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier. Personal identifiers may be, for example, a name, an identification number, location data, identifiers by electronic means or one or more specific elements of the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

“Processing of Personal Data”

‘Processing’ means an operation or a set of operations carried out on personal data or on personal data sets by automated or non-automated means, such as collection, recording, organization, structuring, storage, adaptation or modification, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of disclosure, comparison or interconnection, limitation, deletion or destruction. 

“Cookies”

‘Cookies’ are small text files with information deemed relevant that the devices used for access (computers, mobile phones or portable mobile devices) download via the browser, when a website is visited by the Client or User.

Data Controller

ROVENSA, S.A., headquartered at Edifício Lumnia, Rua António Mega Ferreira, N.º 61 – 5B 1800-424  Lisboa  – Portugal enrolled in the Commercial Registry Office of Lisbon under No 514194910 and holding the same Corporate Person number, with a share capital of 232.200.591,00€, hereinafter referred to as ROVENSA, S.A is the entity responsible for the websites www.rovensa.com and for the computerized applications, hereinafter referred to as channels or applications, through which Users, Service Recipients or Clients have remote access to the services and products of the Agrobusiness, which are presented, marketed or provided, at any time, through them.

The use of channels or applications by any User, Service Recipient or Client may entail the performance of personal data processing operations, whose protection, privacy and security by ROVENSA, S.A., as the entity responsible for their processing, is in accordance with the terms of this Data Protection and Privacy Policy.

Data Controller Contact Details

For the purpose of contact with the ROVENSA, S.A. Data Protection Office, please send an email to dataprotection@rovensa.com describing the subject of the request and indicating an email address, a telephone contact number or a mailing address.

For any other purpose, the following general contact details of ROVENSA, S.A. may be used:

– Postal address: Edifício Lumnia, Rua António Mega Ferreira, N.º 61 – 5B 1800-424  Lisboa  – Portugal 

– General Telephone: +351 213 222 750

Collection and Processing of Personal Data

ROVENSA, S.A. processes the personal data strictly necessary to ensure the disclosure of information and the operation of its channels, according to the uses made by Users, Service Recipients or Clients, whether those provided by Users or Service Recipients for the purpose of registering requests or obtaining information, or those provided by Clients for the purposes of subscribing to those channels, or those resulting from the use of the services provided by ROVENSA, S.A. through them, such as access, consultation, instructions, transactions and other records relating to their use.

In particular, the use or activation of certain channel functionalities may involve the processing of a number of direct or indirect personal identifiers, such as name, address, contact details, device addresses or geographical location, provided that the express consent of the User, Service Recipient or User/Client for such use has been given.

In all cases, Users, Service Recipients or Clients will always be informed of the need to access such data for the use of the functionalities of the channels in question.

The personal data collected by ROVENSA, S.A. are processed electronically, in certain cases in an automated way, including file processing or profile definition and in the scope of pre-contractual, contractual or post-contractual relationship management with Users, Service Recipients or Clients, in accordance with current national and Community regulations.

Categories of Personal Data Processed

The categories or types of personal data of Users, Service Recipients or Clients processed are name, surname, date of birth, address, postcode, country, landline number, mobile number, e-mail, taxpayer number or identification document number (non-mandatory).

Legal Principles

All data processing operations comply with the fundamental legal principles in the area of data protection and privacy, in particular as regards their circulation, lawfulness, reliability, transparency, purpose, minimization, retention, accuracy, integrity and confidentiality, and ROVENSA, S.A. is prepared to demonstrate its responsibility to the data subject or any third party that has a legitimate interest in this matter.

Legitimate Grounds

All data processing operations are carried out by ROVENSA, S.A. on legitimate grounds, in particular, either because the data subject has given his/her consent to the processing of his/her personal data for one or more specific purposes, or because the processing is deemed necessary for the performance of a contract in which the data subject is a party, or for pre-contractual arrangements at the request of the data subject, or because the processing is necessary for compliance with a legal obligation to which the data controller is subject, or because the processing is necessary for the legitimate interests pursued by ROVENSA, S.A. or by third parties.

Purpose of Processing

All personal data processed within the channels of ROVENSA, S.A. are exclusively intended for the provision of information to Users, the management of the personal information of Service Recipients deemed necessary for the purpose of managing the relationship or communication, as well as the provision of the services contracted by Clients and, in general, the management of the pre-contractual, contractual or post-contractual relationship with Users or Clients.

The personal data collected may also be processed for statistical purposes, for information disclosure or promotional activities, and for commercial or marketing activities, in particular to promote actions to disseminate new functionalities or new products and services, by means of direct communication, either by correspondence, or by electronic mail, messages or telephone calls or any other electronic communications service.

Provided the prior information and the collection of the express authorization for the latter purposes are always assured, Users or Clients may at any time exercise their right of objection to the use of their personal data for other purposes that extrapolate the management of the contractual relationship, namely for marketing purposes, for sending information communications or for inclusion in lists or information services, and should, for this purpose, send a written request addressed to the ROVENSA, S.A. Data Protection Office, in accordance with the procedures indicated below.

Data Storage Periods

Personal data will be stored only for the period necessary for the purposes that led to their collection or subsequent processing, and compliance with all applicable legal rules on archiving is ensured.

Use of Cookies

ROVENSA, S.A. may possibly use two broad categories of cookies: cookies in the field of online websites and cookies within the scope of direct electronic communication channels, and in either of the categories they may be disabled by Users or Clients.

ROVENSA, S.A. uses cookies on its websites in order to improve the performance and browsing experience of Users and Clients, increasing, on the one hand, the speed and efficiency of response and, on the other hand, eliminating the need to repeatedly enter the same information.

The use of cookies helps websites to recognize the devices of Users and Clients the next time they visit them, and in some cases it is also essential for their operation. 

The cookies used by ROVENSA, S.A. in all its channels do not collect personal information that allows the identification of Users or Clients, and keep only generic information, namely the form or geographic location of access and the way in which they use the channels, among others. The cookies retain only information related to the preferences of Users and Clients, and no personal identifiers are recorded.

Users, Service Recipients and Clients may at any time, through the computer application that they use to navigate the Internet (‘browser’), make the decision to be notified about the receipt of cookies, as well as to block their entry to their system. 

Depending on the intended purposes, ROVENSA, S.A. may, where appropriate, use three different types of cookies, according to the following specifications:

(i) essential cookies – some cookies are essential for accessing specific areas of on-line channels, allowing the browsing and use of applications, such as access to secure areas of the sites, through user registration – without these cookies, services which require this cannot be provided;

(ii) functionality cookies – functionality cookies allow user browsing preferences to be remembered, thereby avoiding the need to reconfigure and customize for each visit;

(iii) analytical cookies – these cookies are used to analyse how users use websites, highlighting articles or services that may be of interest to users, monitoring site performance, and identifying the most popular pages, the most effective means of linking pages, or to determine why some pages receive error messages – these cookies are only used for statistical analysis and creation, without ever gathering information of a personal nature. 

For these purposes, ROVENSA, S.A. can provide a high-quality experience to Users or Clients, personalizing information and offers and identifying or correcting any problems that might arise in the course of their use.

Regarding the type of validity, there are two types of cookies:

(i) permanent cookies – are cookies stored in devices used to access channels (computers, mobile phones, etc.) at the level of the computer application used for browsing the internet (‘browser’), and are used whenever Users or Clients re-visit any channel – in general, they are used to direct browsing according to the User’s or Client’s interests, allowing ROVENSA, S.A. to provide a more personalized service;

(ii) session cookies – these are temporary cookies that are generated and are only available until the end of the session, since the next time the Client/User accesses their browser cookies will no longer be stored – the information obtained allows sessions to be managed, problems identified and a better browsing experience provided.

Users and Clients may disable some or all of the cookies at any time – they must follow the instructions available in each of the computer software applications used for browsing the Internet (‘browsers’). However, disabling cookies may lead to the loss of access to some of the sites’ functionalities.

ROVENSA, S.A., in the context of direct electronic communication channels, may also use cookies in the opening of the different electronic communications sent, such as newsletters and electronic mail, for statistical purposes – revealing whether such communications have been opened and monitoring clicks through links or ads within those communications. 

Also in this category of cookies, Users and Clients always have the possibility to disable the sending of electronic communications through the specific option in the footer of the same.

Communication of Data to Other Entities

The disclosure of information or the provision of services by ROVENSA, S.A. to its Users or Clients through the channels may possibly involve the use of services of subcontracted third parties, including entities with head offices outside the European Union, to provide certain services, which may imply access by these entities to the personal data of Users or Clients. 

In these circumstances and whenever necessary, ROVENSA, S.A. will only resort to subcontracted entities that present adequate guarantees of execution of adequate technical and organizational measures in a way that the processing meets the requirements of the applicable standards, such guarantees being formalized in a contract signed between ROVENSA, S.A. and each of these third parties.

Data Recipients

Except in the scope of compliance with legal obligations, in no case will there be any communication of the personal data of Users, Service Recipients or Clients to third parties that are not subcontracted entities or legitimate recipients, and also no other communication will be carried out for any purposes other than those mentioned above.

International Data Transfers

Any transfer of personal data to a third-party country or an international organization shall only be carried out within the framework of the fulfilment of legal or guaranteed obligations which is in conformity with the applicable Community and national legal rules in this regard.

Security Measures

Taking into account the most advanced techniques, the costs of application and the nature, scope, context and purposes of processing, as well as the risks, of probability and variable gravity, for Users or Clients, ROVENSA, S.A. and all entities that are its subcontractors shall apply the appropriate technical and organizational measures to ensure a level of security appropriate to the risk.

To that end, a number of security measures are adopted to protect personal data against unauthorized disclosure, loss, misuse, alteration, processing or access, as well as against any other form of illegal processing. 

It is the sole responsibility of Users, Service Recipients or Clients to keep the access codes secret, not sharing them with third parties, and in the particular case of the computer applications used to access the channels, to maintain and keep the access devices in conditions of safety and follow the safety practices recommended by manufacturers and / or operators, in particular regarding the installation and updating of the necessary security applications, among others, antivirus applications.

In light of the need to subcontract services to third parties that may have access to the personal data of Users or Clients, ROVENSA, S.A.‘s subcontractors will be obliged to adopt security measures and protocols at the organization level and technical characteristics necessary to protect the confidentiality and security of personal data, as well as to prevent unauthorized access, loss or destruction of personal data.

Exercise of Rights by Personal Data Subjects

As personal data subjects, ROVENSA, S.A.’s Users and Clients may, at any time, exercise their data protection and privacy rights, in particular the rights of access, rectification, deletion, portability, limitation or objection to processing, under the terms and limitations set forth in the applicable standards.

Any request for the exercise of data protection and privacy rights must be addressed, in writing, by the data subject, to the Data Protection Office, according to the procedure and contact details described below.

Complaints or Suggestions and Incident Reporting

Users and Clients of ROVENSA, S.A. have the right to submit a complaint by submitting a complaint to the data protection control authorities. ROVENSA, S.A’s Users and Clients may also make suggestions through electronic mail sent to the Data Protection Office.

Incident Reporting 

ROVENSA, S.A. has implemented an incident management system in the scope of data protection, privacy and information security.

Any User or Client who wishes to report the occurrence of any situation of violation of personal data that causes, accidentally or unlawfully, the unauthorized destruction, loss, alteration, disclosure or access to personal data transmitted, stored or otherwise processed, may contact the Data Protection Office or use the general contact details of ROVENSA, S.A. described above.

Amendment of Privacy Policy

In order to ensure its updating, development and continuous improvement, ROVENSA, S.A. may, at any time, make any changes considered appropriate or necessary to this Data Protection and Privacy Policy, and its publication is assured in the different channels to guarantee their transparency and information to Users and Clients.

Express Consent and Acceptance

The terms of the Data Protection and Privacy Policy are complementary to the terms and provisions regarding personal data provided in the General Conditions of Use of ROVENSA, S.A.’s channels. 

The free, specific and informed disclosure of personal data by the data subject implies the knowledge and acceptance of the conditions contained in this Policy, considering that, by using the channels or by making their personal data available, Users, Service Recipients and Clients expressly authorize their processing, in accordance with the rules defined in each of the applicable channels or collection instruments.

Data Protection Office

For the exercise of any kind of data protection and privacy rights or for any subject related to data protection, privacy and information security issues, Users, Service Recipients and Clients of ROVENSA, S.A. may contact the Data Protection Office via e-mail dataprotection@rovensa.com, describing the subject of the request and indicating an e-mail address, a telephone contact number or a mailing address for reply.