Privacy Policy

This Privacy and Personal Data Protection Policy explains the terms under which eBooks Discounts processes the personal data of customers, as well as the rights they can exercise, in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and the Council – General Data Protection Regulation (GDPR) – and other applicable national legislation on privacy and data protection, in particular Law No. 58/2019, of 8 August, which ensures the implementation, in the national legal order, of that Regulation. The purpose of this policy is to communicate to customers in a transparent manner so that determined, explicit and legitimate purposes, their personal data are collected and processed, at each moment of the commercial relationship established between eBooks Discounts and the customer, as well as the basis lawfulness of the necessary treatments that eBooks Discounts does.

I – Purposes of the collection and processing of personal data:

In general, the personal data collected is aimed at the management of customers, suppliers and employees, the contracting and management of the contractual relationship with customers, suppliers and employees, the receipt and provision of contracted supplies, the adequacy of the provision of supplies to the needs and interests of the customer, customer service, sending suggestions, information and marketing actions, publicizing campaigns, promotions, advertising and news about products, conducting market studies and satisfaction surveys, managing complaints, accounting and tax management and administrative, litigation management, judicial evidence, fraud detection, revenue and audit protection, network and systems management, information security and physical security control, facility security, compliance with legal obligations and for other purposes for which the Law recognizes eBooks Discounts a legitimate interest. When collecting data, or when you request it, you will be informed in more detail about the treatment we take of your data.

II – Measures we take with a view to the security of your personal data:

eBooks Discounts observes the best practices, for which it adopts the technical and organizational measures appropriate to the risk, in the area of security and protection of personal data, having approved and implemented a demanding plan of compliance with the objectives, the Law and the interest of the holders of personal data, capable of safeguarding the protection of the data made available to us by all those who in any way relate to us, in order to protect them against their dissemination, loss, misuse, alteration, treatment or unauthorized access, as well as, against any other form of unlawful treatment. Thus, the forms for the collection of personal digital data or on paper, are securely stored in our physical repositories or digital systems.

All the personal data that you give us about you, can be found in a data center of eBooks Discounts itself, or its subcontractor, covered by all the advanced physical and logistical security measures, which we believe to be indispensable for the protection of your personal data.

Despite these security measures, we advise everyone who surfs the Internet to adopt additional security measures, namely, to ensure that they use a device and a web browser updated in terms of properly configured security “patches”, with active firewall, antivirus and anti-spyware and, make sure of the authenticity of the websites you visit on the Internet, avoiding websites whose reputation you do not trust.

III – The entity responsible for the processing of personal data:

The entity responsible for the collection and processing of personal data is eBooks Discounts, which, in the context of the relationships it maintains with the holder of personal data, establishes, always on a lawful and legitimate basis, what data is collected, the means of processing and the purposes of such collection and treatment.

IV – Types of personal data collected and processed:

Within the scope of its activity eBooks Discounts collects and treats, namely:

  • Personal data necessary to provide products and services to its customers, treating in this context data such as name, tax identification number, address, telephone number, and email address, among others, which are strictly necessary, proportionate and lawful;
  • Personal data necessary for the execution of the employment contract or services rendered with our employees, treating in this scope data such as the name, number of identification document and other data of this nature, tax identification number, composition of the household, number of social security, address, telephone numbers and email address, health data, access data, location, among others, strictly necessary, proportionate and lawful;
  • Personal data necessary to comply with legal obligations, either with public entities or with private entities, dealing in this scope with data such as name, identification document number and other data, tax identification number, household composition, number of social security, address(es), telephone numbers, email address, health data, among others, which are strictly necessary, proportionate and lawful;
  • Data necessary for the management of customers and suppliers, the contracting and management of the contractual relationship with customers and suppliers, the sending of suggestions, information and marketing actions, publicizing campaigns, promotions, advertising and news about products, management complaints, addressing, in this context, address(es), telephone numbers and email address, among others strictly necessary, proportionate and lawful;
  • All personal data necessary for the exercise of the rights of eBooks Discounts, within the scope of the relationships mentioned in the previous items, and in the pursuit of its activity and legitimate interest, especially accounting, tax and administrative management, litigation management, judicial proof , fraud detection, revenue and audit protection, network and systems management, information security and physical security control, and facility security.
  • Regardless of compliance with legal norms, or legitimate orders from the competent authority, regarding the conservation and transmission of data, eBooks Discounts proceeds only to the processing of personal data necessary for its activity, in the fair and strict measure required by the nature of the contractual relationship or of another nature, established with the holder of such data, or with the prior, legitimate, lawful, informed consent, if any.

V – Legal basis for the processing of personal data:

Our legitimacy to proceed with the present treatment of your personal data is provided for:

  • In point b) of paragraph 1 of article 6 of the GDPR when the collection and processing of your personal data is mainly based on the contractual relationship you have with us;
  • In point a) of paragraph 1 of article 6 of the GDPR when we inform you about campaigns, promotions, advertising and news about products and services, as it is based on your consent that we make them available;
  • In point c) of paragraph 1 of article 6 of the GDPR if treatment is necessary to comply with a legal obligation to which we are subject.

Whenever there is a specific legal requirement that requires you to keep the data for a minimum period, this will be observed by eBooks Discounts. eBooks Discounts will keep your personal data stored for the minimum period and strictly necessary for the purpose for which the information is collected and processed, after which it will be deleted.

VI – Time limits for keeping your personal data:

You have the right to request the data controller to exercise the following rights:

  • Right of access of the data subject: you have the right to obtain from the controller the confirmation that the personal data concerning you are or are not subject to processing and, if that is the case, the right to access your personal data and the information provided for in the General Data Protection Regulation.
  • Right of rectification: the holder has the right to obtain, without undue delay, from the controller the rectification of inaccurate personal data concerning him.
  • Right to data erasure (“right to be forgotten”): the data subject has the right to have the data controller erase his personal data without undue delay, and the data holder has the obligation to erase personal data without undue delay , when one of the following reasons applies in particular:
    • personal data are no longer necessary for the purpose that motivated their collection or treatment;
    • the holder withdraws the consent on which the processing of data is based (when it is based on consent) and if there is no other legal basis for said processing;
    • the holder is opposed to the treatment and there are no prevailing legitimate interests that justify the treatment;
    • personal data has been processed illegally;
    • personal data must be erased in order to comply with a legal obligation under Union law or a Member State to which the controller is subject;
    • personal data was collected in the context of information society services. However, it should be noted that this right includes certain exceptions.
  • Right to limitation of processing: the data subject has the right to obtain from the controller the limitation of processing, if one of the following situations applies:
    • challenge the accuracy of personal data for a period that allows the controller to verify its accuracy;
    • the processing is illegal and the data subject opposes the deletion of personal data and requests, in return, to limit its use;
    • the controller no longer needs personal data for processing purposes, but that data is required by the data subject for the purpose of declaring, exercising or defending a right in a judicial proceeding;
    • if you have opposed the processing, until it is found that the legitimate reasons of the controller prevail over those of the data subject.
  • Right of opposition: the data subject has the right to object at any time, for reasons related to his particular situation, to the processing of personal data concerning him. The controller ceases the processing of personal data, unless he presents compelling and legitimate reasons for such processing that prevail over the interests, rights and freedoms of the data subject, or for the purposes of declaring, exercising or defending a right in a judicial process. When personal data are processed for the purpose of direct marketing, the data subject has the right to object at any time to the processing of personal data concerning him for the purposes of said marketing, which covers the definition of profiles to the extent related to direct marketing. If the data subject opposes the processing for the purposes of direct marketing, personal data will no longer be processed for that purpose.
  • Right to data portability: the data subject has, under the terms and conditions defined in the law, the right to receive personal data concerning him and which he has provided to a controller in a structured format, in current use and automatic reading, and the right to transmit that data to another controller without the person to whom the personal data was provided can prevent it, if:
    • Treatment is based on consent or a contract;
    • Treatment is carried out by automated means.
  • Right not to be subject to any automated decision, including profiling: the data subject has the right not to be subject to any decision taken solely on the basis of automated processing, including profiling, which has an effect on its legal sphere or that significantly affects you in a similar way.
  • Right to withdraw consent: if data processing is based on consent, the data subject has the right to withdraw his consent at any time, without compromising the lawfulness of the processing carried out on the basis of the consent previously given.
  • Right to know of a data breach.
  • Right to lodge a complaint with a supervisory authority: the data subject has the right, at any time, to lodge a complaint with the competent supervisory and control authority, that is, the National Data Protection Commission (CNPD), based at Avenida D. Carlos I n ° 134, 1 °, 1200-651 Lisbon – Portugal, with the following contacts: telephone: +351 213 928 400; fax: +351 213 976 832; email: geral@cnpd.pt

The exercise of these rights is free, unless you make unjustified or excessive requests. In this case, a reasonable fee may be charged based on administrative costs. If you intend to exercise any of the mentioned rights, you must contact us through:

  • In its own form, available as soon as requested
  • From an order sent, by email address, to dpo@ebooksdiscounts.com​​​​​​​

VIII – Communication of data to other entities, subcontractors or third parties:

eBooks Discounts may use subcontractors for the purpose of collecting and processing data, with the same purposes as that aimed at, obtaining from these entities through contractual means, guarantee of reputation and obligation to develop the appropriate technical and organizational measures for data protection and ensure the defense of the rights of the holders. In certain circumstances determined by law, certain personal data may have to be communicated to public authorities, such as tax authorities, courts and security forces. In this way, any of these subcontracted entities will treat the personal data of our customers, in the name and on behalf of eBooks Discounts, under the obligation to adopt the technical and organizational measures appropriate to the risk in order to protect the personal data against destruction, accidental or unlawful loss, accidental loss, alteration, dissemination or unauthorized access and against any other form of unlawful treatment.

eBooks Discounts may, at any time, modify or update this Privacy and Data Protection Policy, which changes will be duly updated on our Platforms.

We therefore suggest that you consult them regularly to be aware of any changes.

For any request or clarification do not hesitate to contact us.

Last update: 18/01/2020