Privacy Policy

In the scope of providing the website hosted on www.symetrix.pt ("Site"), entering into any contracts (namely services of other sports activities, n. e), the provision of information, content, including newsletter, reserved access areas, sale of services/products, any telephone or email contacts (together, the "Services") to its users ("User") and other entities related to it, the company Merete Holtskog & Ricardo Aguiar, Lda owner of SYMETRIX PILATES & FUNCTIONAL TRAINING STUDIO, with headquarters at Avenida Mário Soares, n. º 43 e 45,Edifício Alameda Formosa, bloco B, lojas W e V 9000-246 Funchal, registered in the Funchal Commercial Registration Office under the single registration and taxpayer number 511 063 466 ( hereafter "Symetrix") values the privacy of its members and, in that sense, undertakes to respect, accept the confidentiality and protection of data recorded by users.

This Privacy Statement is intended to provide users with the conditions of Security and Privacy, and only the data necessary to provide the service are requested and collected, according to the explicit indications on the site. The User is free to access, correct or delete their data.

We make the following commitments to users:

  • Process data lawfully and fairly, collecting only the information necessary and relevant to the target requirements.
  • Allow the data subject to access and correct some information about them.
  • Keep data accurate and, if necessary, use.
  • Guarantee free of charge the right to delete the data used when requested by the data subject.
  • Have a security mechanism that prevents a consultation, alteration, destruction or addition of data by an unauthorised person.
  • Do not interconnect personal data unless authorised by law.

1. IDENTIFICATION OF THE PERSON RESPONSIBLE FOR PROCESSING

  • Company: Merete Holtskog & Ricardo Aguiar, Lda (SYMETRIX PILATES & FUNCTIONAL TRAINING STUDIO)
  • NIF: 511 063 466
  • E-mail:  This email address is being protected from spambots. You need JavaScript enabled to view it.

1.1. COLLECTION AND PROCESSING OF USER DATA

As a rule, Personal Data are requested when the User registers on the Site, requests a contact and / or sending newsletters, subscribes to a particular service, provides or requests information, purchases a product or establishes a contractual relationship with Symetrix.

Personal Data collected and processed consists primarily of information relating to name, gender, date of birth, phone, mobile phone, email, address, tax identification number, credit card data (collected for billing purposes only), although it may be collected other Personal Data that may be necessary or convenient for the provision of services or billing by Symetrix.

After the collection of Personal Data, Symetrix provides the User with detailed information about the nature of the data collected and about the purpose and treatment that will be carried out in relation to Personal Data, as well as the information mentioned in clause 8.

Symetrix also collects and processes information about your hardware device characteristics and browser/software characteristics as well as information about the pages visited by the User within the Site. This information may include your browser type, domain name, access times and the links through which you accessed the Site ("Usability Information"). We use this information only to improve the quality of your visit to our Site.

Usability Information and Personal Data are referred to in this Privacy Policy as "User Data".

For purposes of this Privacy Policy it is understood by contractual relationship any contract established between Symetrix and the entities that relate to it, regardless of their object.

 

1.2. INFORMATION AND CONSENT
The General Data Protection Regulation (GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, following the "GDPR") ensures the protection of individuals with regard to the processing of personal data and the free movement of such data.

In legal terms, "personal data" means any information of any nature and on its medium, including an image and a person, relating to an identified or identifiable natural individual, and the protection does not cover the data of legal persons.

By accepting this Privacy Policy, you give your informed, express, free and unambiguous consent to the personal data provided by the website https://www.symetrix.pt are included in a file with the responsibility of Symetrix, with the use under the GDPR must perform appropriate technical and organisational security measures.

Symetrix maintains a database with a booking request from its customers. The data presented in this database is only the data data at the time of your registration / booking and is collected and processed automatically in accordance with the terms approved by the National Data Protection Commission, by Symetrix, or by an entity responsible for the corresponding file.

Information about crimes or affiliated policies, party affiliation or indicators, religious crimes, private life and racial or ethnic origin, as well as data on health and sex life, including genetic data, will not be requested.

Under no circumstances carry out any of the following activities with personal data, available on the following websites:

  • Grant other persons or other entities, without the prior consent of the data subject;

 

1.3. DATA COLLECTION CHANNELS

Symetrix may collect data directly (ie, directly from the User) or indirectly (ie, through partner entities or third parties). The collection can be done through the following channels:

Direct collection: in person, by telephone, by email and through the Website;

Indirect collection: through partners.

 

2. GENERAL PRINCIPLES APPLICABLE TO THE PROCESSING OF USER DATA

In terms of general principles regarding the processing of personal data, Symetrix undertakes to ensure that User Data processed by it are:

  • Object of processing in accordance with the law, fairly and transparently in relation to the User;
  • Collected for specified, objective and legitimate purposes and not further processed in a manner contrary to those purposes;
  • Adequate, justified and limited to what is necessary in relation to the purposes for which they are processed;
  • Accurate and up-to-date where necessary, with all necessary steps being taken to ensure that data which are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
  • Kept in a form which permits identification of the User only for the period necessary for the purposes for which the data are processed;
  • Processed in a manner that ensures their security, including protection against unauthorised or unlawful processing and against their loss, destruction or unforeseen damage, with appropriate technical or organisational measures being taken.


Data processing carried out by Symetrix are permitted and legal when at least one of the following situations occurs:

  • The User has unquestionably given consent to the processing of User Data for one or more specific purposes;
  • The processing is necessary for the performance of a contract to which the User is a party, or for pre-contractual procedures at the request of the User;
  • Processing is necessary for compliance with a legal obligation to which Symetrix is subject;
  • Processing is necessary in order to protect the fundamental interests of the User or another individual;
  • Processing is necessary for the purposes of legal interests pursued by Symetrix or third parties (unless the interests or fundamental rights and freedoms of the user that require protection of personal data prevail).
  • Symetrix undertakes to ensure that the processing of User Data is only done under the conditions listed above and with respect for the principles mentioned above.

When the processing of User Data is carried out by Symetrix based on the User's agreement, the User has the right to withdraw their consent at any time. The withdrawal of consent, however, does not compromise the legality of the processing carried out by Symetrix based on the consent previously given by the User.

The period of time during which data is stored and retained varies according to the purpose for which the information is processed.

In fact, there are legal requirements that require data to be kept for a minimum period of time. Therefore, unless there is a specific legal obligation, the data will be stored and kept only for the minimum period of time necessary for the purposes for which they were collected or subsequently processed, after which they will be deleted.

 

3. USE AND PURPOSES OF PROCESSING USER DATA

In general terms, Symetrix uses User Data for the following purposes:

  • Provision of web services and associated services (graphic design, hosting, domain registration, etc.);
  • Management of contacts with the User;
  • Invoicing and billing the User;
  • Registering the User on the Website;
  • Inform the User, upon request, of new products and services available on the Site, special offers and campaigns, updated information on the activity of Symetrix and, in general, for marketing purposes of Symetrix, through any means of communication, including electronic support; Allow access to restricted areas of the Site, according to previously established terms;
  • Ensure that the Site meets the User's needs, by developing and publishing content that is as appropriate as possible to the User's requests and type, by improving the Site's search capabilities and functionalities and by obtaining associated or statistical information regarding the User's profile (analysis of consumer profiles);
  • Providing Services, and other services, such as newsletters, opinion surveys, or other information or products requested or purchased by the User;
  • Symetrix may combine Usability Information with anonymous demographic information for research purposes, and may use the result of such combination to provide more relevant content on the Site. In certain limited areas of the Site, Symetrix may combine Personal Information with Usability Information to provide the User with more personalized content.

User Data collected by Symetrix is not shared with third parties without consent of the User, with the exception of the situations mentioned in the following paragraph. However, if the user contracts with Symetrix services that are provided by other entities responsible for processing personal data, user data may be consulted or accessed by these entities, insofar as necessary for the provision of such services.

Under applicable legal terms, Symetrix may transmit or communicate User Data to other entities in case such transmission or communication is necessary for the execution of the contract established between the User and Symetrix, or for pre-contractual diligence at the request of the User, in case it is necessary for compliance with a legal obligation to which Symetrix is subject or in case it is necessary to obtain the legitimate interests of Symetrix or third parties. In the event of a transfer of User Data to a third party, reasonable efforts will be made to ensure that the transferee uses the transferred User Data in a manner consistent with this Privacy Policy.

 

4. TECHNICAL, ORGANIZATIONAL AND SECURITY MEASURES IMPLEMENTED

To ensure the security of User Data and maximum confidentiality, Symetrix treats the information you provide us with absolute confidentiality, in accordance with its policies and internal procedures for security and confidentiality, which are updated periodically as needed, as well as the terms and conditions provided by law.

Depending on the nature, scope, context and purposes of data processing, as well as the risks arising from the processing for the rights and freedoms of the User, Symetrix undertakes to implement, both when defining the means of processing and at the time of the processing itself, the technical and organizational measures necessary and appropriate to protect User Data and compliance with legal requirements.

It also undertakes to ensure that, by default, only the data that is necessary for each specific purpose of the processing shall be processed and that such data shall not be made available without human intervention to an indefinite number of persons.

Communication between the user's device and the Symetrix Site is carried out over secure channels and communications using the HTTPS protocol and SSL security standard. Still, in terms of general measures, Symetrix adopts the following.

Awareness and training of staff involved in data processing operations.

Mechanisms capable of ensuring the permanent confidentiality, availability and resilience of information systems.

Mechanisms that ensure the re-establishment of information systems and access to personal data in an expeditious manner in the event of a physical or technical incident.

5. TRANSFER OF DATA OUTSIDE THE EUROPEAN UNION

Personal data collected and used by Symetrix are not made available to third parties established outside the European Union. If, in the future, such a transfer takes place for the reasons mentioned above, Symetrix undertakes to ensure that the transfer complies with applicable legal provisions, particularly with regard to determining the adequacy of such a country with regard to data protection and the requirements applicable to such transfers.

6. USE OF COOKIES
When you visit our Site, your consent will be required for the creation and recording on your computer of a text file (Cookie). This file will allow you to access the Site more easily and faster and to personalise the Site according to your preferences. Most browsers accept these files (Cookies), but the User may delete them or automatically block them. In the "Help/Help" menu of your browser you will find how to make these configurations. However, if you do not allow the use of cookies there may be some features of the Site that you will not be able to use.

7. RIGHT TO INFORMATION

7.1 Information provided to the User by Symetrix (when data is collected directly from the User):

  • The identity and contacts of Symetrix, data controller and, if applicable, its representative;
  • The contacts of the Data Protection Officer;
  • The purposes of the processing for which the personal data are intended, as well as, if applicable, the legal reasons for the processing;
  • If the data processing is based on legitimate interests of Symetrix or a third party, indication of such interests;
  • If applicable, the recipients or categories of recipients of the personal data;
  • If applicable, indication of whether the personal data will be transferred to a third country or an international organisation, and the existence or not of an adequacy decision adopted by the Commission or reference to appropriate or adequate transfer safeguards;
  • Term of conservation of personal data;
    The right to request Symetrix to allow the personal data, as well as its correction, deletion or limitation, the right to object to the processing and the right of  accessibility to the data;
  • If data processing is based on the User's consent, the right to withdraw it at any time, without compromising the legality of the processing carried out based on the consent previously given;
  • The right to lodge a complaint with the CNPD (Portuguese data protection authority) or other supervisory authority;
  • Indication whether or not the communication of personal data constitutes a legal or contractual obligation, or a necessary requirement to enter into a contract, as well as whether the holder is obliged to provide the personal data and the possible consequences of not providing such data;
  • Where applicable, the existence of automated decisions, including profiling, and information concerning the basic concept, as well as the significance and the envisaged consequences of such processing for the data owner.
  • In the event that User Data is not collected directly by Symetrix from the User, in addition to the information mentioned above, the User is also informed about the categories of personal data subject to processing, as well as about the origin of data and, possibly, if they are from publicly available sources.
  • If Symetrix intends to further process User Data for a purpose other than that for which the data was collected, prior to such processing Symetrix will provide the User with information about this purpose and any other information of interest, under the terms mentioned above.

7.2 Procedures and measures implemented in order to fulfill the right to information.

The information referred to in 7.1. is provided in writing (including by electronic means) by Symetrix to the User prior to the processing of personal data concerned. Under applicable law, Symetrix has no obligation to provide the User with the information mentioned in 7.1. when and insofar as the User is already aware of it.

The information is provided by Symetrix free of charge.

 

8. RIGHT OF ACCESS TO PERSONAL DATA

Symetrix ensures the means to allow the user to consult their personal data.

The User has the right to obtain from Symetrix confirmation that personal data concerning him or her are subject to processing or not and, where appropriate, the right to access their personal data and the following information:

  • The purposes of the data processing;
  • The categories of personal data concerned;
  • The recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients established in third countries or belonging to international organisations;
  • The term of conservation of personal data;
  • Right to request Symetrix to correct, delete or limit the processing of personal data, or the right to prevent such processing;
  • Right to lodge a complaint with the CNPD or other supervisory authority;
  • If the data has not been collected from the User, the information available on the origin of such data;
  • The existence of automated decisions, including profiling, and information regarding the underlying logic as well as the importance and the expected consequences of such processing for the data subject;
  • The right to be informed of the appropriate guarantees associated with the transfer of data to third countries or international organisations.
  • Upon request, Symetrix will provide the User, free of charge, a copy of the User Data that is being processed. The provision of other copies requested by User may incur administrative costs.

 

9. RIGHT TO CORRECTION OF PERSONAL DATA

The User has the right to request at any time the correction of their Personal Data and also the right to have their incomplete personal data completed, including by means of an additional declaration.

In case of correction of data, Symetrix communicates to each recipient to whom the data have been transmitted the respective correction, unless such communication is deemed impossible or involve a disproportionate effort for Symetrix.

 

10. RIGHT TO ERASURE OF PERSONAL DATA ("RIGHT TO BE FORGOTTEN")

The User has the right to obtain, from Symetrix, the deletion of their data when one of the following reasons apply:

  • The User's Data is no longer necessary for the purpose that motivated its collection or processing;
  • The User withdraws consent on which the processing of data is based and there is no other legal basis for such processing;
  • The User objects to the processing under the right to object and there are no overriding legitimate interests justifying the processing;
    In the event that User Data is unlawfully processed;
  • If User Data must be deleted to comply with a legal obligation to which Symetrix is subject;
  • Under applicable legal terms, Symetrix has no obligation to delete User Data insofar as the processing is necessary to comply with a legal obligation to which Symetrix is subject or for the purposes of declaration, exercise or defense of a right of SPFTS in a legal proceeding.
  • In case of data deletion, Symetrix will communicate to each recipient/entity to whom the data has been transmitted the respective deletion, unless such communication proves impossible or involves a disproportionate effort for Symetrix.

When Symetrix has made public the User Data and is required to delete them under the right of such deletion, Symetrix undertakes to ensure measures that are reasonable, including of a technical nature, taking into account the technology available and the costs of its implementation, to inform those responsible for the actual processing of personal data that the User has requested them to delete links to such personal data, as well as copies or reproductions thereof.

 

11. RIGHT TO LIMITATION OF PROCESSING OF PERSONAL DATA


The User has the right to obtain, from Symetrix, the limitation of the processing of User Data, if one of the following situations applies (limitation consists of inserting a flag in the personal data retained for the purpose of limiting their processing in the future):

  • If you contest the accuracy of the personal data, for a period that allows Symetrix to verify its accuracy;
  • If the processing is unlawful and the User opposes the deletion of data, requesting instead the limitation of its use;
  • If Symetrix no longer needs the User Data for processing purposes, but such data is required by the User for the purposes of the declaration, exercise or defence of a right in legal proceedings;
  • Where the User has opposed the processing, until it is ascertained that the legitimate reasons of Symetrix prevail over those of the User.
  • When User data is subject to limitation, may, with the exception of conservation, only be processed with the consent of the User or for the purposes of the establishment, exercise or defence of a right in legal proceedings, defence of the rights of another natural or legal person, or for reasons of public interest legally provided.

The User who has obtained the limitation of the processing of their data in the aforementioned cases will be informed by Symetrix before the limitation of processing is cancelled.

In case of limitation of data processing, Symetrix will communicate each recipient to whom the data have been transmitted the respective limitation, unless this communication proves impossible or involves a disproportionate effort for Symetrix.

12. RIGHT TO PERSONAL DATA PORTABILITY

The User has the right to receive personal data concerning him or her that he or she has provided to Symetrix, in a structured, commonly used and machine-readable format, and the right to transmit such data to another controller, if:

  • The processing is based on consent or a contract to which the User is a party; and
  • The processing is carried out by automated means.

The right of portability does not include inferred data or derived data, i.e. personal data that are generated by Symetrix as a consequence or result of the analysis of data subject to processing.

The User has the right that their personal data are transmitted directly between data controllers, where technically possible.

 

13. RIGHT TO OBJECT TO PROCESSING

The User has the right to object at any time, for reasons relating to his or her particular situation, to the processing of personal data concerning him or her that is based on the exercise of legitimate interests pursued by Symetrix or when processing is carried out for purposes other than those for which the personal data were collected, including profiling, or when personal data are processed for statistical purposes.

Symetrix will terminate the processing of User Data, unless it provides urgent and legitimate grounds for such processing that override the interests, rights and freedoms of the User, or for the purposes of asserting, exercising or defending a right of Symetrix in legal proceedings.

When User Data is processed for direct marketing purposes (marketing), the User has the right to object at any time to the processing of data concerning him or her for the purposes of such marketing, which covers profiling insofar as it relates to direct marketing. If the User objects to the processing of their data for direct marketing purposes, Symetrix will cease processing the data for this purpose.

The User shall also have the right not to be subject to any decision taken solely on the basis of automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her, unless the decision

  • Is necessary for the conclusion or performance of a contract between the User and Symetrix;
  • Is authorised by legislation to which Symetrix is subject; or
  • Is based on the User's explicit consent.

 

14. PROCEDURES FOR THE EXERCISE OF USER RIGHTS

The right of access, the right of rectification, the right of deletion, the right to limitation, the right of portability and the right to object may be exercised by the User by contacting the Data Protection Officer of Symetrix, by email This email address is being protected from spambots. You need JavaScript enabled to view it. and / or through the page available on the Site.

Symetrix will respond in writing (including by electronic means) to the User request within a maximum period of one month from receipt of the request, except in cases of particular complexity, where this period may be extended to two months.

If requests made by the User are manifestly unjustified or excessive, in particular due to its repetitive nature, Symetrix reserves the right to charge administrative costs or refuse to grant the request.

 

15. PERSONAL DATA BREACHES

In case of data breach and insofar as such breach is likely to involve a high risk to the rights and freedoms of the User, Symetrix undertakes to communicate the personal data breach to the User concerned within 72 hours from knowledge of the incident.

Under the legal terms, the communication to the User is not required in the following cases:

  • In case Symetrix has applied appropriate protection measures, both technical and organisational, and these measures have been applied to the personal data affected by the personal data breach, especially measures that make the personal data incomprehensible to any person not authorised to access such data, such as encryption;
  • where Symetrix has taken subsequent measures to ensure that the high risk to the rights and freedoms of the User is no longer likely to materialize; or
  • In case the communication to the User would involve a disproportionate effort for Symetrix. In that case, Symetrix will make a public communication or take a similar measure by which the User will be informed.

 

16. CHANGES TO PRIVACY POLICY

Symetrix reserves the right to amend this Privacy Policy at any time. In case of modification of the Privacy Policy, the date of the last change, available at the top of this page, is also updated. If the change is substantial, a notice will be posted on the Site.

 

17. APPLICABLE LAW AND JURISDICTION

The Privacy Policy, as well as the collection, processing or transmission of User Data, are governed by the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 and by the laws and regulations applicable in Portugal.

Any disputes arising from the validity, interpretation or execution of the Privacy Policy, or that are related to the collection, processing or transmission of User Data, shall be submitted exclusively to the jurisdiction of the judicial courts of the district of Funchal, without prejudice to the applicable mandatory legal rules.

Last update:  02 January 2021.

Image
Avenida Mário Soares, n.º 43 e 45,
Edificio Alameda Formosa, bloco B, lojas W e V
9000-246 Funchal
geral@symetrix.pt
Reception: 291 743 464 e 931 439 030
Coordenation: 963 284 047
«Call to national fixed and mobile network»
window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-Z58H97Q2XR');