Within the scope of its activity, Divervalor, S.A., a public limited company, headquartered in Braga, at Avenida Central nº.9, NIFC: 508 785 766 (hereinafter referred to as “Valores”) collects from its Customers personal data related to them, either in person or remotely, through its websites and mobile applications (Valores Apps), ensuring that its treatment is carried out in accordance with the protection rules of the privacy arising from Regulation (EU) 2016/679 and other applicable national legislation.
The data collected correspond to data that are provided by the Customers themselves by filling in forms, such as sales or purchases of precious metal items or watches in our agencies, or even personal data that result from these same relationships, including date and amount of payments made. Additionally, Valores processes data from its Customers that it collects, under the terms of applicable law, within the scope of money transfer services as a Moneygram agent.
B. ENTITY RESPONSIBLE FOR THE TREATMENT
The entity responsible for the treatment is Valor insofar as it is responsible for determining the purposes and means of processing the personal data of its Customers/Users.
C. TYPE OF DATA PROCESSED BY VALORES
The personal data collected correspond to the identification and address data that are provided by the Customers themselves by filling in forms, such as sales or purchases of precious metal items or watches in our agencies, or even personal data that result from of these same relationships, including the date and amount of payments made.
In particular with regard to the use of Apps Valores, the activation of certain features also implies the collection of the ID of the mobile device associated with the App Valores used and may also imply access by Valores, when consented by Customers/Users , to the data/information indicated below, although such access does not imply registration in the Valores databases or any other type of treatment: (i) access to the geographic location, with the purpose of locating and suggesting the nearest branches; (ii) access to the telephone to allow calls to be made to the Customer assistance numbers or to the Valores branches.
In any case, the Customer will always be informed of the need to access such data for the use of the features in question, and the customer may not consent.
It is important to bear in mind that under the Law to Combat Money Laundering and the Financing of Terrorism, carrying out an occasional transaction may be, in some cases, conditioned to the collection and processing of the following identification data and respective evidence: (i) photography; (ii) full name; (iii) signature; (iv) date of birth; (v) nationality shown on the identification document; (vi) type, number, expiration date and issuing entity of the identification document; (vii) tax identification number or, when there is no tax identification number, the equivalent number issued by a competent foreign authority; (viii) profession and employer, if any; (ix) full address of permanent residence and, when different, tax domicile; (x) naturalness; and (xi) other nationalities not included in the identification document.
D. PURPOSES OF TREATMENT
The personal data collected by Valores are processed for the following purposes:
(a) The establishment of commercial relationships between individual Customers and Valores, namely the sale of precious metal items or watches, money transfers through the Moneygram service and also the purchase of items in installments;
(b) Commercial valuation;
(c) Identification of products and/or services that may be of interest to its Customers, using statistical techniques and the definition of Customer profiles/segmentation, with the aim of carrying out direct marketing actions (direct marketing) ;
(d) Compliance with regulatory obligations, namely related to the legal framework for goldsmiths and assay offices, the prevention and control of fraud, the fight against money laundering and terrorist financing or obligations in tax matters;
(e) Adoption of means and procedures for the security of people and goods that imply, in certain cases, the collection of images in the context of video surveillance;
(f) Actions or intervention in lawsuits of any judicial nature with a view to exercising or defending the rights of Valores;
E. AUTOMATED TREATMENT AND PROFILING
Valores uses statistical and customer segmentation techniques (profiling) to adapt its offer to its customers and to carry out direct marketing actions using the data identified above and, when applicable, browsing data on the Valores and App Valores, such as accesses, queries, instructions, transactions and other records relating to their use.
In its analysis and treatment, namely in the creation of customer profiles/segments, Valores does not use personal data provided by third parties, with the exception of data that result from the establishment, through Valores, of commercial relationships between its customers and the Commercial partners of Valores and in which Valores acts as an agent, such as Moneygram.
The use of profiling/profiling techniques does not, however, imply an exclusively automatic decision-making on the part of Valores.
As already mentioned, Valores collects and processes the personal data necessary for the availability and operation of its Websites and mobile applications (Valores Apps), hereinafter referred to as Digital Channels or simply Channels, guaranteeing, however, adequate levels of security and protection of the personal data of Customers/Users who have adhered to them.
For this purpose, several physical, logical, technical and organizational security measures were adopted, in order to protect personal data against its dissemination, loss, misuse, alteration, treatment or unauthorized access, as well as against any other form of illicit treatment.
Notwithstanding the security measures adopted by Valores, the Customer/User of the Channels must keep the access codes secret, not sharing them with third parties, and must also maintain and conserve the devices with which they access the Channels, under security conditions. and follow the security practices recommended by the manufacturer and/or operator, namely regarding the installation and updating of the necessary security applications, namely, antivirus.
Valores uses different types of cookies, as described below:
(i) Essential cookies – some cookies are essential to access specific areas of the Valores Websites, allowing navigation and use of their applications, such as access to secure areas of the website, through login. Without these cookies, services that require them cannot be provided;
(ii) Functionality cookies – functionality cookies allow remembering the user’s preferences regarding browsing the Websites, thus not needing to reconfigure and customize it each time you visit it;
(iii) Analytical cookies – These cookies are used to analyze how users use the Websites, allowing to highlight articles or services that may be of interest to users, and to monitor the performance of the websites, knowing which pages are most popular, which method of linking between pages that is most effective or to determine why some pages are receiving error messages. These cookies are used only for the purpose of creating and analyzing statistics, without ever collecting personal information. Thus, Valores can provide a high quality experience by customizing its offer and quickly identifying and correcting any problems that arise.
Also in terms of validity, there are two types of cookies: (i) Permanent cookies – these are cookies that are stored on the access devices (computer, mobile phone, smartphone or tablet), at the level of the internet browser (browser), and are used whenever the Customer/User visits any website of Valores again. In general, they are used to direct navigation according to the user’s interests, allowing Valores to provide a more personalized service; (ii) Session cookies – these are temporary cookies, which are generated and are available until the session ends. The next time the Client/User accesses his/her internet browser (browser) the cookies will no longer be stored. The information obtained allows you to manage sessions, identify problems and provide a better browsing experience. Customers/Users may deactivate part or all of cookies at any time. By disabling cookies, Valor’s websites may not function properly.
G. DATA RECIPIENTS
Valores is obliged by law to communicate to the regulatory authorities that oversee its activity, and to other public/official entities, personal data of its customers, related to their identity and transactions carried out, including to the following entities:
(a) Tax and Customs Authority;
(b) Central Department of Investigation and Criminal Action (DCIAP), Financial Information Unit and other judicial, police and sectoral authorities under the terms set out in the Legal Regime for Goldsmiths and Contrastarias and also in the Law to Combat Money Laundering and the Financing of Terrorism;
(c) INCM, ASAE, Judicial Police and other judicial and police authorities in order to comply with the provisions of numbers 5, 7 and 8 of article 66 of Decree-Law no. 120/2017 of 15 September.
In addition, whenever Valores intends or intervenes in proceedings of any nature for the exercise or defense of a right that assists it in a legal proceeding, the personal data of identification customers and related to the proceedings in question are communicated to the intervening judicial authorities.
Finally, Valores uses, for the exercise of its activity, service providers who may have access to the personal data of its Customers. Valores ensures that in these circumstances it adopts all technical and organizational measures considered appropriate in order to ensure that the subcontracted entities that have access to the data are reputed and offer the highest guarantees at this level, and that they guarantee compliance with the applicable legislation in terms of of privacy and protection of Customer data, including with regard to the exercise of rights of data subjects.
H. DATA STORAGE TERM
The processing of data by Valores will continue as long as they are necessary for the business relationship established with its customers. Upon termination of the commercial relationship, the personal data of its customers will be kept for the mandatory legal periods or until the rights arising therefrom prescribe, under the terms of the law. In any case, upon termination of the relationship with customers, the data will no longer be processed for commercial purposes, except when they expressly authorize it.
It is important to bear in mind that (i) supporting documents for the purchase and sale of precious metals must be kept for a period of 5 years, as provided for in paragraph 8 of article 66 of Decree-Law no. 120/2017 of 15 September; (ii) the company’s accounting records must be kept for a period of 12 years, pursuant to article 123, no. 4 of Law no. 2/2014; (iii) documents supporting money transfer transactions through the Moneygram service must be kept for a period of 7 years.
I. RIGHTS OF PERSONAL DATA HOLDERS
Under the terms of applicable law, Customers, holders of personal data, have the following rights:
(a) Right to Information, which consists of the right of Customers to be informed by Valores, among other things, about the purpose of data processing, to whom they can be communicated, what rights they have and under what conditions the can exercise, as well as which data they must provide;
(b) Right of Access, which consists of the right of Customers to access their personal data that they have provided, without restrictions, delays or excessive costs, as well as to know any available information about the origin of such data;
(c) Right of Rectification, which consists of the right of Customers to demand that their data be accurate and current, and may request its rectification from Valores;
(d) Right of Deletion (or “forgetfulness”), which consists of the right of Customers to demand the deletion of their personal data from the records of Valores when they are no longer used for the purposes for which they were collected, without prejudice, however, the retention periods imposed by law;
(e) Right of Opposition, which consists of the right of Customers to object, at their request and free of charge, to the processing of their personal data for the purposes of direct marketing;
(f) Right to Portability, which consists of the right of Customers to receive the personal data they have provided to Valores, in a structured, commonly used and machine-readable format, and to transmit this data to another person responsible for the treatment;
(g) Right to Limitation of Treatment, which consists of the right that Customers have to, in certain circumstances, request from Valores to limit the processing of their data, namely (i) when they contest the accuracy of their personal data, for a period that allows Valores to verify its accuracy; (ii) if the treatment is unlawful and the Customer opposes the erasure of the data, requesting, in return, the limitation of its use; or (iii) when Valores no longer needs the Customer’s personal data for processing purposes, but such data is required by the Customer for the purposes of declaring, exercising or defending a right in a legal proceeding;
(h) Right to Complain to the CNPD, which consists of the right to submit, without prejudice to any other administrative or judicial remedy, a complaint to a supervisory authority, in particular in the Member State of your habitual residence, your place of place of work or the place where the infringement was allegedly committed, if the data subject considers that the processing of personal data concerning him violates the General Data Protection Regulation (Regulation (EU) 2016/679) and other applicable national legislation . In Portugal, the supervisory authority is the National Data Protection Commission.
In order to exercise any of their rights, including accessing their data or requesting its rectification, elimination or opposing its treatment under the law, Customers may go to any Valor agency, or use another channel that Valores make available for this purpose.
Customers may also withdraw their consent at any time, when applicable, by contacting the Valores agency, or using any other channel that Valores makes available for this purpose.
J. DATA PROTECTION COORDINATOR
To obtain any clarification related to this Privacy and Cookies Policy, the Customer/User may contact the Data Protection Coordinator of Valores through the following email address: coordinator.rgpd@Preto e Pinho.pt or by letter sent to the following address :
data protection coordinator
Avenida Central, no. 9