{"id":471,"date":"2025-06-28T02:18:50","date_gmt":"2025-06-28T01:18:50","guid":{"rendered":"https:\/\/brflegal.pt\/?page_id=471"},"modified":"2026-02-06T01:44:30","modified_gmt":"2026-02-06T01:44:30","slug":"privacy-policy","status":"publish","type":"page","link":"https:\/\/brflegal.pt\/pt\/privacy-policy\/","title":{"rendered":"Privacy Policy"},"content":{"rendered":"<p>INTRODUCTION<br \/>\nWe take our duty to protect all personal data we process seriously and diligently, whether it belongs to users of our website, employees, service providers, suppliers, or customers. In this regard, we strictly comply with the General Data Protection Regulation (GDPR) and Law No. 58\/2019 of August 8, as well as other applicable legislation.<\/p>\n<p>2. WHO IS RESPONSIBLE FOR PROCESSING?<br \/>\nThe controller of your personal data is BENTO RIBEIRO, FRASER &amp; ASSOCIADOS &#8211; SOCIEDADE DE ADVOGADOS, S.P., LDA, NIPC: 518723836, with headquarters at Passeio Neptuno, 5B, Parque das Na\u00e7\u00f5es, 1990 169, Lisbon &#8211; Portugal.<\/p>\n<p>3. GENERAL PRINCIPLES OF OUR PRIVACY POLICY<br \/>\ni) Only authorized persons process data that is strictly necessary for specific and legitimate purposes.<br \/>\nii) The security of your data processing is a constant priority, reviewed periodically.<br \/>\niii) The data belongs to its owners; we process it only in accordance with the law, guaranteeing your rights with appropriate technical and organizational measures.<br \/>\niv) We promote good practices in Privacy, Data Protection, and Information Security internally, in a process of continuous improvement.<\/p>\n<p>4. CONCEPTS (according to Article 4 of the GDPR, among others)<br \/>\n\u2022 Personal data \u2013 information relating to an identified or identifiable natural person.<br \/>\n\u2022 Processing \u2013 any operation performed on personal data.<br \/>\n\u2022 Consent \u2013 a freely given, specific, informed, and unambiguous indication of the data subject&#8217;s wishes.<br \/>\n\u2022 Controller \u2013 the entity that determines the purposes and means of the processing.<br \/>\n\u2022 Processor \u2013 an entity that processes data on behalf of the controller.<\/p>\n<p>5. CATEGORIES OF DATA COLLECTED ON THE WEBSITE<br \/>\n\u2022 Identification (name, email, telephone number, nationality).<br \/>\n\u2022 Browsing data (IP, operating system, device, language, cookies).<br \/>\n\u2022 Professional data contained in CVs sent (qualifications, positions, employer, etc.).<br \/>\nWe only collect what is strictly necessary (\u201cprinciple of minimization\u201d).<\/p>\n<p>6. HOW AND WHEN WE COLLECT DATA<br \/>\n\u2022 Subscription to the BRF newsletter.<br \/>\n\u2022 \u201cContact us\u201d form.<br \/>\n\u2022 Registration or participation in events.<br \/>\n\u2022 Submission of applications to work at BRF (directly or via agencies).<br \/>\nThe data is stored in databases and processed for specific and legitimate purposes. Special categories (\u201csensitive data\u201d) are only processed in the exceptions provided for in the GDPR; the data subject may withdraw consent at any time without affecting the lawfulness of the previous processing.<\/p>\n<p>7. PURPOSES OF PROCESSING<br \/>\ni) Management of the contractual relationship: provision of services, billing, legal communications, insurance.<br \/>\nii) Recruitment and management of applications.<br \/>\niii) Sending relevant information and communications.<br \/>\niv) Responding to requests for information or complaints.<br \/>\nv) Compliance with legal obligations.<br \/>\nvi) Exercising or defending rights in legal proceedings.<br \/>\nvii) Monitoring website security and personalizing navigation.<br \/>\nviii) Organization and management of events.<\/p>\n<p>8. LEGAL BASIS<br \/>\n\u2022 Pre-contractual performance or steps.<br \/>\n\u2022 Compliance with legal obligations.<br \/>\n\u2022 Legitimate interest of BRF.<br \/>\n\u2022 Consent of the data subject.<br \/>\n\u2022 Protection of vital interests.<\/p>\n<p>9. COMMUNICATION OF DATA TO THIRD PARTIES<br \/>\nWe only communicate data when necessary to:<br \/>\n\u2022 Comply with legal or contractual obligations.<br \/>\n\u2022 Send newsletters or other consented communications.<br \/>\n\u2022 Subcontractors who process data on our behalf, under a contract that ensures adequate safeguards.<br \/>\nInternational transfers comply with the safeguards provided for in the GDPR.<\/p>\n<p>10. RETENTION PERIODS<br \/>\n\u2022 These vary depending on the purpose and legal obligations (e.g., applications are retained for 1 year).<br \/>\n\u2022 When there is no legal deadline, we only retain data for as long as necessary; after that, we securely delete or anonymize the data.<\/p>\n<p>11. DATA SUBJECT RIGHTS<br \/>\n\u2022 Access, Rectification, Erasure (\u201cright to be forgotten\u201d), Objection, Portability, Restriction, Complaint to the supervisory authority (CNPD in Portugal), Compensation, Not subject to automated decisions, Withdrawal of consent.<\/p>\n<p>12. SECURITY MEASURES<br \/>\nWe take appropriate technical and organizational measures (pseudonymization, encryption, system resilience, recovery plans, regular testing) to ensure the confidentiality, integrity, and availability of data. Despite our efforts, we cannot guarantee absolute security on open networks such as the Internet.<\/p>\n<p>13. LINKS TO OTHER WEBSITES<br \/>\nThe website may contain links to third-party websites. BRF is not responsible for the content or policies of these websites; we recommend that you read their privacy policies.<\/p>\n<p>14. USE OF COOKIES<br \/>\nSee our Cookie Policy for more information.<\/p>\n<p>15. EMPLOYEE TRAINING<br \/>\nWe continuously train all BRF employees on privacy, data protection, and information security matters.<\/p>\n<p>16. CONTACTS<br \/>\nEmail<\/p>","protected":false},"excerpt":{"rendered":"<p>INTRODUCTION We take our duty to protect all personal data we process seriously and diligently, whether it belongs to users of our website, employees, service providers, suppliers, or customers. In this regard, we strictly comply with the General Data Protection Regulation (GDPR) and Law No. 58\/2019 of August 8, as well as other applicable legislation. [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-471","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/brflegal.pt\/pt\/wp-json\/wp\/v2\/pages\/471","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/brflegal.pt\/pt\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/brflegal.pt\/pt\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/brflegal.pt\/pt\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/brflegal.pt\/pt\/wp-json\/wp\/v2\/comments?post=471"}],"version-history":[{"count":3,"href":"https:\/\/brflegal.pt\/pt\/wp-json\/wp\/v2\/pages\/471\/revisions"}],"predecessor-version":[{"id":4378,"href":"https:\/\/brflegal.pt\/pt\/wp-json\/wp\/v2\/pages\/471\/revisions\/4378"}],"wp:attachment":[{"href":"https:\/\/brflegal.pt\/pt\/wp-json\/wp\/v2\/media?parent=471"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}