LEGAL INFORMATION ON DATA PROTECTION

At FLOAT, we understand that our use of your personal data requires your own trust. We are subject to the highest privacy standards, under which we will only use your personal data for clearly identified purposes and in accordance with your data protection rights.
The confidentiality and integrity of your personal data is one of our primary concerns.
The present Privacy Policy, while setting out how FLOAT uses its customers and potential customers’ personal data, comprises the following sections1:

• Who is FLOAT
• Who is responsible for processing your personal data
• How we collect your personal data
• For what purposes and on what basis your personal data may be used
• Which personal data may be collected
• How we keep your personal data secure
• For how long shall we keep your personal data
• With whom we may share your personal data and how we keep it secure
• How you can change or withdraw your consent
• Contact us, your data protection rights and the right to lodge a complaint with your supervisory authority

Who is FLOAT
FLOAT – PUBLICIDADE, UNIPESSOAL Lda., with its head office located at Rua Luís de Camões, 118 A – Alcântara – 1300-362 Lisboa PORTUGAL, registered at the Commercial Registry Office of Cascais, under the single registration and taxpayer number 506275906 (hereinafter solely “FLOAT”).
All references to FLOAT, under the current Privacy Policy, refer to the above identified entity.
Who is responsible for your personal data’s processing FLOAT is responsible for processing the personal data, from its customers and/or potential customers, who which to fill-in their details and submit
FLOAT’s Marketing Communications Consent Form through this Webpage.
How we collect your personal data Your personal data will be collected and processed under the following
situations:

If you fill-in your personal data and submit our Online Forms, namely the one on this webpage, and/or If you purchase and/or use a product or service provided by FLOAT.
For which purposes and on what basis your personal data may be used Your personal data will be collected and used for Customer Service, Commercial and Marketing purposes (communication of information and
services from FLOAT and its customers), under the strict terms, selected by you, in the Consent Forms, included in this Homepage.
Under the current European Union’s data protection legislation (the General Data Protection Regulation), the use of personal data must be justified under, at least, one legal ground for personal data processing. You can check the explanation on each one of these grounds’ scope.*
The legal basis applicable to the collection and use of your personal data, for customer service, commercial and marketing purposes, is your consent.
*Legal basis for personal data processing Whenever you have given consent to the processing of your personal data (for these purposes you will be provided with a consent form, for the use of your data, which you may, subsequently, withdraw);
Whenever the processing is necessary for entering into a contract with you or to proceed with its execution;
Whenever processing is necessary to comply with legal obligations, to which FLOAT is subject;
Whenever the processing is necessary, in order to achieve a legitimate interest and our reasons for its use outweigh your data protection rights;
Whenever processing is necessary, in order for us to assert, exercise or defend a right in legal proceedings against you, us or a third party.
Which personal data may be collected The following categories of personal data may be collected through the channels and services described in this Privacy Policy:

Data collected by FLOAT
Contact Information: Name; address; telephone and e-mail.
Identification data: customer number; contract number.
Customer history: Offers received; service(s) purchased, campaign/response history; event participation (location, company); complaint history.
If the customer has registered or authenticated, the following data may be used: average application usage (behaviour within the applications); location information; usage of the float.co.uk website; usage of FLOAT’s social networks (for example, visits and posts on forums).

How we keep your personal data secure
We use a variety of security measures, including encryption and authentication tools, in order to help protecting and maintaining your personal data’s security, integrity and availability.
Although transmission of data, via the internet or website, cannot guarantee full security against intrusion, we and our service providers and business partners use best efforts to implement and maintain physical, electronic and procedural security measures, aimed at protecting your personal data, in compliance with applicable data protection requirements. Amongst others, we have implemented the following:

• Restricted personal access to your personal data, on a “need to know” basis, and only within the scope of the communicated purposes;
• Transfer of collected data only under an encrypted form;
• Protection of the information technology systems through firewalls, in order to prevent unauthorised access to your personal data;
• Permanent monitoring of access to information technology systems, in order to prevent, detect and prevent misuse of your personal data.

For how long shall we keep your personal data We will only keep your data for as long as it is necessary, for the purpose to which they were collected.
Once the maximum storage period has elapsed, your personal data will be irreversibly anonymised (anonymised data may be retained) or will be securely destroyed.
For the purposes described in this Privacy Policy (customer service, commercial and marketing) your personal data will be kept until the maximum period of 24 months, from the collection of your consent, or the last contact made (whichever occurs last) and if, within this period, you have not withdrawn your consent.
With whom we may share your personal data and how we keep them secure FLOAT is a national company but with global ambition and spirit. Therefore, your personal data may be accessed by our suppliers or service providers, located in countries outside the EEA (European Economic Area) for the purposes described in this Privacy Policy, where data protection laws may be less stringent than in the EEA.
We will ensure that your personal data, exported outside the EEA, are processed under appropriate security measures.
Certain countries located outside the EEA, such as Switzerland and Canada, have already been recognised by the European Commission, as offering an adequate level of data protection and, therefore, no additional safeguards will be necessary for this purpose.
Your personal data is stored on the secure servers of our suppliers/service providers or partners and is accessed and used only in accordance with our policies and standards (or equivalent policies and standards from our suppliers/service providers).
Our suppliers/service providers or partners may be:

• Cloud hosting service providers, to help us store your data
• IT service providers, who support our internal IT processes
• Analytical marketing companies, who give us relevant information on who buys our services
• Companies who help us sending you marketing communications, whenever you visit websites or social networks
• Companies specialising in sending and collecting quality and satisfaction information. about our services and those of our clients
• Transport and delivery service companies
• Law firms
• Regulators and law enforcement agencies
• Search engine operators that help us improve the visibility of our websites and our clients’ websites
* Contact and Data Protection Officer’s Details

FLOAT
Data Protection Officer
[email protected]

Customer service
Telephone line: +351 21 352 40 46/48, available from 10:00 a.m. to 06:00 p.m., from Monday to Friday
E-mail: [email protected]

How you can modify or withdraw your consent
You may, at any time, change or withdraw your consent, effective for the future.
Upon full withdrawal of your statements of consent, you will no longer be contacted and will no longer receive communications for the purposes described in this Privacy Policy.
To withdraw your consent statements, submitted to Float, simply log back into the Contact Page, fill in your personal details and re-submit the Consent Form, by selecting the check boxes according to your preferences, namely the option to withdraw consent. The last submitted Consent Form will take precedence over all previous Consent Forms.
Contact us, your data protection rights and the right to lodge a complaint with your supervisory authority If you have any questions regarding our use of your personal data, you should, first, contact our services, on the Contact Us page of our website. In addition, you may contact the Data Protection Officer.
Subject to certain conditions, you may have the right to request us to:

• provide you with additional information about our use of your personal data;
• provide you with a copy of the personal data you have provided us;
• provide the personal data you have provided to another officer, at your request;
• update any inaccuracies in the personal data we maintain;
• delete personal data, whose use is no longer lawful;
• limit the way in which we use your personal data, until the lodged complaint has been investigated.

Your exercise of these rights is subject to certain exceptions designed to safeguard the public interest (prevention or detection of crimes) or our interest (maintenance of professional secrecy).
If you exercise any of these rights, we will review it and we will respond to you, hopefully within 1 (one) month.
If you are unhappy with our use of your personal data, or with our response after exercising any of these rights, you have the right to lodge a complaint, with your supervisory authority (Comissão Nacional de Proteção de Dados – CNPD | Rua de São Bento, n.º 148, 3º, 1200-821 Lisboa, Portugal | Tel: 351 213928400 | Fax: +351 213976832 | e-mail: [email protected]).