Privacy Policy

This Privacy Policy governs the processing of personal data of users (hereinafter the “User” or “Users”) collected in the context of their interactions with Vieira de Almeida & Associados – Sociedade de Advogados SP RL (“VdA”), as controller responsible for the processing, by the use of all VdA websites (hereinafter jointly referred to as "Sites"), namely the main site (www.vda.pt), from which the site https://techhub.vda.pt is dependent.

Providing your personal data entails your knowledge and acceptance of the terms and conditions of this Privacy Policy. This Privacy Policy must be read together with the Terms of Use and the Cookie Policy.

This Privacy Policy contains information on:

Personal data collection and processing
Personal data storage
Under what circumstances is personal data disclosed to other entities?
Security
Data transfers to third countries
Cookies
Data subject rights
Complaints
Queries and suggestions
Changes to the Privacy Policy

1. Collection and processing of personal data

In your interactions with VdA you may be asked to provide us with personal data, which we will process for different purposes and, accordingly, based on different legal grounds.

The table below provides more information on the data collected and the purposes and legal grounds for its processing:

Purpose			Legal grounds	Personal data processed
Provision of legal services	Opening of client files, client registration and management		VdA’s legitimate interests in organizing its client portfolio	Identification, contact and professional data
	Check of new clients and potential conflicts of interest		Compliance with legal requirements	Identification, contact and professional data
	Provision of the contracted services		Performance of the services agreement	Identification data, communication-related data, among other types of data that may be required in the context of the contracted services, communicated in due course. This data may include special categories of data (such as data relating to union membership or health-related data) or data relating to criminal convictions and offenses
	Storage of information relating to the services provided		VdA’s legitimate interests in maintaining its documentation organized	Personal data processed in the context of the service provision
Service procurement	Procurement of offers to provide the services we need		Pre-contractual procedures	Identification and contact data and data relating to the service provided
	Hiring and performance of the services we need		Performance of the services agreement	Identification and contact data and data relating to the service provided
Billing			Compliance with legal requirements	Identification and contact data, information on the legal services provided and payment data
Sending of communications	Sending of newsletters and other updates		Data subject’s consent	Name and email address
	Reply to a contact request		VdA’s legitimate interest in ensuring an answer to any request for information from visitors to the Site	Identification and contact data, the message sent us and any data provided therein
	Sending of relevant communications		VdA’s legitimate interest in maintaining personal contact with its former clients or staff	Identification and contact data
	Sending of communications to alumni		Data subject’s consent	Identification and contact data, country of residence and professional data
Event organization and management	Management of registrations and communications sent to event participants		VdA’s legitimate interest in organizing and promoting its events	Identification and contact data, and academic and professional data
	Internal and external promotion of organized events		Data subject’s consent	Identification data, academic and professional data and/or image and voice data of participants
Security of people and property on VdA's physical premises			VdA’s legitimate interest in ensuring the safety of guests and property on its premises	Image, identification data and the reason for your visit
VdA’s participation in legal directories or applications for industry awards			Data subject’s consent	Identification data, data concerning your profession and contact data, where applicable
Submission of recruitment applications			Pre-contractual procedures at the user's request	Identification and contact data, and academic and professional data
Use of the website and your interaction with the communications we send you		Availability of the website and analysis of your use and interaction with it	VdA’s legitimate interest or the data subject’s consent	Data relating to your interaction with our website. For more information see our Cookie Policy
		Analysis of your interaction with the communications we send you	VdA’s legitimate interest in understanding the reach of our communications	Data relating to your interaction with the communications we send you, for example whether you open the documents attached to our newsletters

Where your data is necessary to ensure compliance with our legal obligations or the performance of pre-contractual procedures or of an agreement, failure to provide this data may prevent you from establishing a relationship with VdA.

When providing us with third-party personal data, such as data relating to your employees, service providers, counterparties, or others, you should ensure, where possible, that the relevant data subjects are informed of how we may process their personal data.

2. Personal data storage

Any personal data collected will be processed in strict accordance with the applicable law. Personal data will be stored in accordance with its purpose and for the applicable legal deadlines. Whenever there is no specific legal requirement, the data will be stored and kept only for the period and to the extent necessary for the purposes for which it was collected, unless the right to object, the right to erasure or the right to withdraw consent is exercised within the applicable legal deadlines.

Learn more about the applicable storage deadlines

Purpose	Storage period
Opening of client files and client management	For as long as the contractual relationship for the provision of legal services continues
Provision of the contracted services	For as long as the contractual relationship for the provision of legal services continues
Storage of information relating to the services provided	Twenty years from the termination of the relevant service agreement
Procurement of offers to provide the services we need	For as long as required to contract the relevant service
Hiring and performance of the services we need	For as long as required to perform the relevant agreement
Billing	Ten years
Sending of newsletters and other updates	For as long as your consent remains valid
Reply to a contact request	For as long as required to reply to your request
Sending of other relevant communications	One year from the last contact, without prejudice to your right to object to processing
Sending of communications to VdA alumni	Until you withdraw your consent
Management of registrations and communications sent to event participants	For as long as required to organize the event and send any subsequent relevant communications
Internal and external promotion of organized events	For as long as required to promote the event, without prejudice to your right to withdraw your consent
Security of people and property on VdA’s physical premises	Thirty days
VdA’s participation in legal directories or applications for industry awards	For a period of one year or until consent is withdrawn
Submission of recruitment applications	One year
Website use	In accordance with our Cookie Policy

Please note that in the event of any potential or actual litigation in which VdA is directly involved, it may be necessary to extend the relevant data storage period until the litigation is terminated.

3. Under what circumstances is personal data disclosed to other entities?

VdA may disclose your personal data:

a) When relying on other entities for the provision of certain services, as this provision of services may entail access by these entities to your personal data. As such, any of VdA’s subcontracted entities will process your personal data, in the name and on behalf of VdA, in accordance with our instructions and the relevant data processing agreement;

b) To VdA Academia, the Vasco Vieira de Almeida Foundation and to VdA Legal Partners member entities (listed here), for the purposes set out above;

c) To third-party entities, where VdA deems such disclosure required or adequate: (i) under the applicable law, (ii) to ensure compliance with legal obligations/judicial orders, (iii) in line with decisions of the relevant supervisory authorities, or (iv) to respond to requests issued by public or governmental authorities.

In any of these situations, VdA will take all appropriate measures to ensure the effective protection of your personal data.

The Site offers the option to share content through your social networks. Use of the content sharing icons found on the Site implies the transfer of your personal data to the providers of the respective social media networks when you are logged into your account. To prevent access to your personal data (collected through the Site) by any social media network, please ensure that you are not logged into your social media accounts. You may also refuse the placement of third-party cookies used to enable this sharing of content under the terms better described in our Cookie Policy.

4. Security

VdA endeavors to protect Users’ personal data from unauthorized access. It relies on its security systems, rules and other procedures to ensure this protection and to prevent any unauthorized access to, improper use of, disclosure, loss or destruction of your personal data.

Users are, however, responsible for ensuring that the devices and equipment used to access the Site are appropriately protected against any damaging software, viruses and worms.

Users should further be aware that failure to adopt adequate security measures (for example, the secure configuration of the browser, updated antivirus software, the use of a firewall and the non-use of questionable software) will increase the risk of personal data and passwords being accessed by unauthorized third parties.

If any defect, bug or anomaly is detected in the Site, Users must immediately communicate this to VdA and not seek to exploit such defect, bug or anomaly to access commercial information or the personal data of other users, change the features of the Site or use it in an irregular or unlawful manner or contrary to VdA’s design.

5. Data transfers to third countries

VdA may transfer personal data to third countries (located outside the European Union or the European Economic Area) or to international organizations, for the purposes set out in this Policy, for which there is no adequacy decision adopted by the European Commission. In these cases, VdA undertakes to adopt appropriate security measures to ensure the confidentiality and protection of the personal data, in strict compliance with the applicable personal data protection legislation. Any data transferred will be subject to the appropriate safeguards and additional measures will be taken to ensure that the personal data enjoys a level of protection essentially equivalent to that existing in the European Union.

Data collected during your use of the Site may be transferred to countries outside the European Economic Area if you consent to the placement of certain categories of cookies (e.g. analytics or advertising cookies). These files are placed by third-party entities, based in countries that do not have an adequacy decision by the European Commission and, therefore, do not offer a level of protection of your data equivalent to the level guaranteed in the European Union. For example, the use of cookies placed by Google Analytics (provided by Google) or AddThis (provided by Oracle Corporation) may imply disproportionate access to your personal data by U.S. state security authorities or prevent you from effectively exercising your rights.

For more information on the use of these cookies, please read our Cookies Policy.

You can request additional information on the transfer of your data by sending a written request to privacy@vda.pt.

6. Cookies

The Site uses cookies. For more information, read our Cookie Policy here.

7. Data subject rights

Under the applicable legislation, Users may request access to their personal data at any time, as well as its rectification, erasure, portability and the restriction of or objection to its processing.

Users may obtain confirmation as to what personal data concerning them areis being processed, and a copy of the data being processed will be provided upon request.

Users are also entitled to withdraw their consent for the processing of their data for the stated purposes. This will not, however, affect the lawfulness of any processing carried out before consent was withdrawn..

To exercise any of these rights, Users will need to submit a written request addressed to:

E-mail: privacy@vda.pt
Address: Rua Dom Luis I, 28, 1200-151 Lisboa, Portugal

8. Complaints

Without prejudice to any other form of administrative or judicial appeal, Users are entitled to file a complaint with the relevant supervisory authority, in accordance with the law, should they believe that VdA’s processing of their personal data breaches the legal framework in force from time to time.

9. Queries and suggestions

Users can contact VdA with any queries regarding the processing of their personal data and the exercise of their rights under the applicable legislation, as detailed in this Policy, through the following contacts:

Telephone: (+351) 21 311 3400
E-mail: privacy@vda.pt
Address: Rua Dom Luis I, 28, 1200-151 Lisboa, Portugal

10. Changes to the Privacy Policy

VdA reserves the right to, at any time, change the current personal data processing terms. Any changes will be published on the Site and/or communicated to Users via the contacts provided by them.

Date of last update: 04/05/2023.