We are De Risk Worldwide LDA (registration number: 517298830), a company registered and incorporated in accordance with the laws of the Portugal Republic, having its registered office at Rua Castilho, no 235 1 District, Lisboa Municipality, Lisboa Parish, Avenidas Novas 1070, Portugal, (“De Risk”, “we”, “our” or “us”).
The responsible data controller for any personal data collected and processed in connection with the use of this website is:
- De Risk Worldwide LDA (registration number: 517298830), a company registered and incorporated in accordance with the laws of the Portugal Republic, having its registered office at Rua Castilho, no 235 1 District, Lisboa Municipality, Lisboa Parish, Avenidas Novas 1070, Portugal.
- Please submit any questions, concerns or comments you have about this Policy or any requests concerning your personal data by email to: operations@ deriskinternational.com
- The information you provide when contacting us will be processed to handle your request and will be erased when your request was completed. Alternatively, we will restrict the processing of the respective information in accordance with statutory retention requirements, if applicable.
Informational use of the website
When you visit our website for informational reasons, i.e. without registering for any of our provided services and without providing us with personal data in any other form, we automatically collect your IP address in order to provide you with our website and to ensure system stability and efficiency and to implement proper safeguards as to the security of our website and services.
The personal data automatically collected is necessary to provide the website, Article 6 sec. 1 sent. 1 lit. b GDPR as far as this is necessary to operate our website or Article 6 sec. 1 sent. 1 lit. f GDPR (legitimate interest) with regards to our use of technical information to enhance our systems, make your usage of the websites more convenient or ensure the security of our websites. This is based on our legitimate interest as the data used for these purposes are stored for a limited period and do not allow us to personally identify a user. Personal data that is collected is deleted automatically after the above-mentioned purposes are fulfilled.
Analytical data received from our partners
In some cases, we may receive non-personal analytical data regarding the redemption process from our business partners and through our website. None of the information collected as analytical data is combined with any personally identifiable information.
If you have any questions, we offer you the opportunity to contact us using the form provided on the website. Your name and e-mail address are required in order to process your request and follow up as required. Other information such as further contact details can be provided voluntarily.
The data will be processed for the purpose of contacting us and in accordance with Article 6 sec. 1 sent. 1 lit. f GDPR as required to follow up on your request in which also our legitimate interest exists which may include the transfer to third parties such as other De Risk entities as far as this is necessary to follow up on your request (e.g. when it concerns the business of another De Risk entity).
The personal data collected by us for the use of the contact form will be deleted after your request has been processed.
Recipients and categories of recipients
Any access to your personal data is restricted to those individuals that have a need to know in order to fulfil their job responsibilities.
We may transfer your personal data for the respective purposes to the recipients and categories of recipients listed below.
- Data processors: certain third parties, including hosting and IT services companies, whether affiliated or unaffiliated, may receive your personal data to process such data on behalf of us under appropriate instructions as necessary for the respective processing purposes. The data processors will be subject to contractual obligations to implement appropriate technical and organizational security measures to safeguard the personal data, and to process the personal data only as instructed; and/or
- Governmental authorities, courts, external advisors, and similar third parties that are public bodies as required or permitted by applicable law.
Cross border data transfers
As data controller, we may transfer your personal data to countries outside of the European Economic Area (EEA). The transfer of this data is compliant with the applicable data protection law.
To ensure your data is treated with the same protection level as it would be within the EEA, we have implemented appropriate safeguards for international data transfers. This includes the use of Standard Contractual Clauses (SCCs), a set of data protection clauses approved by the European Commission, that impose equivalent data protection obligations directly on the recipient of the data outside of the EEA.
We accompany these with the additional technical and organizational measures to meet the legal developments concerning data transfers.
Further information about our data transfer mechanisms and copies of relevant documentation can be provided upon request by contacting our data protection officer at: operations@ deriskinternational.com
What are cookies?
The main purpose of cookies is to make it quicker for users to access the selected services. In addition, cookies make it possible to tailor the services offered by the website and by us, allowing information of interest or potentially of interest to be provided to users depending on their use of the services. A cookie is any kind of file or device that is downloaded to a user’s system for the purpose of storing data that may be updated or retrieved by the company responsible for its installation.
Types of Cookies
Depending on the company managing them:
- Own cookies:are those which are sent to the user’s system from a system or domain managed by the editor and from which the service requested by the user is provided.
- Third party cookies:are those which are sent to the user’s system from a system or domain that is not managed by the editor but by another company processing the data obtained through the cookies.
Depending on the period of time that they remain active:
- Session cookies:are those cookies designed for gathering and storing data while the user is using a web page. They are usually used to store information that is only intended for providing the service requested by the user on one single occasion (e.g. a list of purchased products).
- Persistent cookies:in this type of cookie the data continues to be stored on the system and may be accessed and processed during a specific period of time by the manager of the cookie, which may range between several minutes and several years.
Depending on purpose:
- Technical cookies:are those which allow the user to browse a website, platform or application and use the different options or services offered, such as, for example, controlling data traffic and communication, identifying the session, accessing restricted areas, recalling the parts of an order, carrying out the process for purchase of an order, making a request to register for or participate in an event, using security elements during browsing, storing contents for the transmission of videos or sound or sharing contents through social networks.
- Analytical cookies:are those which enable the manager to monitor and analyse the behaviour of the users of the websites to which they are linked. The information collected by means of this type of cookie is used to measure the activity of the websites, applications or platforms and to draw up browsing profiles and data analytics of the users of or product offerings and services of such websites, applications and platforms, products and services in order to introduce upgrades, understand and analyse product offering and services on the basis of the analysis of the data on the use of the service by users.
- Advertising cookies: are those which enable the most efficient management possible of the advertising space that the editor has included in a website, application or platform from which the requested service is provided on the basis of criteria such as the edited content or the frequency with which the advertisements are shown.
- Behavioural advertising cookies: are those which enable the most efficient management possible of the advertising space that the editor has included in a website, application or platform from which the requested service is provided. These cookies store behavioural information about users obtained through the ongoing observance of their browsing habits, which allows a specific profile to be defined in order to show advertising on the basis of such profile.
The data processed by technical cookies is required for the aforementioned purposes in order to protect our legitimate interests and those of third parties pursuant to Article 6 sec. 1 sent. 1 lit. f GDPR in order to provide you with our website and to ensure system stability and efficiency and to implement proper safeguards as to the security of our website and services.
The data processed by analytical, advertising and/or behavioural advertising cookies are not strictly necessary for visiting our website. We will only process data by analytical, advertising and/or behavioural advertising cookies if you gave us your prior consent pursuant to Article 6 sec. 1 sent. 1 lit. a GDPR.
We have reasonable state of the art security measures in place to protect against the loss, misuse and alteration of personal data under our control. For example, our security and privacy policies are periodically reviewed and enhanced as necessary and only authorized personnel have access to personal data. Whilst we cannot ensure or guarantee that loss, misuse or alteration of information will never occur, we use all reasonable efforts to prevent it.
We strive to keep our processing activities with respect to your personal data as limited as possible. In the absence of specific retention periods set out in this policy, your personal data will be retained only for as long as we need it to fulfil the purpose for which we have collected it and, if applicable, as long as required by statutory retention requirements.
Under the legislation applicable to you, you may be entitled to exercise some or all of the following rights:
- require (i) information on whether your personal data is retained and (ii) access to your personal data retained, including the purposes of the processing, the categories of personal data concerned, and the data recipients as well as potential retention periods;
- request rectification, removal or restriction of your personal data, e.g. because (i) it is incomplete or inaccurate, (ii) it is no longer needed for the purposes for which it was collected, or (iii) the consent on which the processing was based has been withdrawn;
- refuse to provide and, without impact to data processing activities that have taken place before such withdrawal, withdraw your consent to processing of your personal data at any time;
- object, out of grounds relating to your particular situation, that your personal data shall be subject to a processing. In this case, please provide us with information about your particular situation. After the assessment of the facts presented by you, we will either stop processing your personal data or present to you our compelling legitimate grounds for ongoing processing;
- take legal actions in relation to any potential breach of your rights regarding the processing of your personal data, as well as to lodge complaints before the competent data protection regulators; and/or
- require (i) to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and (ii) to transmit that data to another controller without hindrance from our side; where technically feasible you shall have the right to have the personal data transmitted directly from us to another controller;
- You may (i) exercise the rights referred to above or (ii) pose any questions or (iii) make any complaints regarding our data processing by contacting us under the contact details set out below.
This Policy may require an update from time to time for various reasons such as, the implementation of new technologies or the introduction of new services. We reserve the right to change or supplement this Policy at any time. We will publish the changes at http://www.deriskinternational.com and/or inform you accordingly (e.g., via email or hard copy letter communication).