Privacy Statement

 

 
General Privacy Statement

Introduction
This Privacy Statement describes how BDO Portugal collects and uses personal data, assuming itself as Data Controller or Data Processor, depending on the services to be provided.

This Statement applies to personal data provided directly to BDO Portugal by the data subject in question and / or to personal data transmitted by companies and other entities.

We are committed to treating your personal data in a fair and transparent manner. If you have any questions you need to clarify about this Privacy Statement, please ask our Data Protection Officer:

By e-mail – dpo@bdo.pt
By post – Avenida da República 50 10º 1069-211 LISBOA

To know more about how and why we treat personal data, see the relevant section of this Privacy Statement (using the layers on the right).

Websites that are linked to this BDO website, are not governed by this privacy statement, so we encourage visitors to review each of the privacy statements of these other websites before disclosing any personal data.

Data Controller
BDO Portugal is a member of BDO International Limited (BDOI), a UK company limited by guarantee, and form part of the BDO worldwide network of independent legal entities, each of which providing professional services under the name "BDO".

For the purpose of protecting personal data, BDO Portugal is understood as the following set of companies:

BDO & Associados SROC, Lda;
BDO Consulting, Lda;
BDO Outsourcing, Serviços de Contabilidade e Organização, Lda.;
BDO II Advisory, S.A.;
BDO Outsourcing, Serviços de Contabilidade e Organização II, Lda.;
BDO, Ferro & Associado, Sociedade de Revisores Oficiais de Contas, Lda. and
BDO EnviEstudos, SA
 
Security of personal data
BDO Portugal guarantees the use of the appropriate techniques, organizational and security measures, to protect personal information by preventing its loss, misuse, alteration or destruction, guaranteeing its veracity, integrity, availability and confidentiality. For this, all employees are required to keep this information confidential. Only personnel authorized and bound by the duty of secrecy and confidentiality should have access to this information.

International transfers of personal data
Personal data may be transferred, archived or processed in a country other than the one in which it was collected and the data subjects was originated, including countries outside the EEA. Data transfer cases are made in accordance with the requirements of the General Data Protection Regulation. When the transfer of personal data is made to a country outside the EEA, adequate guarantees will always be provided by the use of binding rules and with legal force, as standard clauses approved by the European Commission.

Provision of personal data to third parties
We may hire other companies or individuals to manage your request for information, maintain this website or carry out our business activities. We may therefore give these companies access to your personal data, but always for the purposes that were collected and always under our direction and responsibility. We may also share your personal information with other companies in the BDO network, provided that for the same purposes for which they were collected.

In response to a court order, subpoena, government investigation or otherwise required or permitted by law, we may disclose your personal data.

We do not make information available to third parties for their own marketing purposes and we do not conduct marketing operations for third parties.

We may, as a result of a sale, merger, consolidation, change of management, transfer of assets, reorganization or liquidation of our companies (“Organizational Event”), transfer your personal data to third parties involved in the Organizational Event.

Your Rights
You have the right to request access to the personal data you send us, to update or correct your details, to choose not to receive other information from BDO, to request that your personal data be deleted from our systems, or the portability of them, at any time through the contacts referred to in the Introduction note of this Privacy Statement.

When we process your personal data based on your consent, you have the right to withdraw it at any time. This option of withdrawing your consent does not prevent us from contacting you, by email or otherwise, in order to manage the existing professional relationship with us.

Complaints
If you have any reservations about how we use your personal data, you have the right to submit a complaint to the competent supervisory authority – Comissão Nacional de Proteção de Dados - through its website at the following address: https://www.cnpd.pt.

For any questions you may have about this Privacy Statement, please contact us at the addresses provided.

Data Retention
We will keep personal data only for as long as necessary for the purposes for which it was collected or as required by applicable law or regulation.

Unless there are any prevailing legal, regulatory or contractual requirements, we will retain a record of the services provided (which may include personal data) in accordance with our conservation policy.

During the conservation period, access to data is guaranteed, as well as its confidentiality, integrity, resilience.    

Changes To The Privacy Statement
This Privacy Statement may be changed at any time. The latest change date is in this Statement. Changes are effective from the last change date indicated. Check this Privacy Statement regularly to check for any changes in the way we use your personal information.

22 November 2021 version


Privacy Statement - Assurance Services – ROC

Scope

BDO & Associados, SROC (hereinafter referred to as BDO) company of statutory auditors (SROC) registered at Ordem dos Revisores Oficiais de Contas under the number 29 and at CMVM (Comissão de Mercado de Valores Mobiliários) under the number 20161384, performs the functions of public interest under the terms of the Ordem dos Revisores Oficiais de Contas Statutes (EOROC), approved by Law number 140/2015, of September 7th and in international auditing standards, as EOROC legally imposes.

With the entry into force of the General Data Protection Regulation (GDPR), Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27th, personal data is an additional concern to the ethical and statutory principles to be observed by BDO, whose compliance overlaps with the referred principles, but which will simultaneously safeguard the BDO's obligations underlying the GDPR.

In the exercise of public interest functions, BDO verifies the financial statements (accounts), other equity acts or facts of companies or other entities (hereinafter referred to as Clients), having to consult, use and often retain information, which, being not an object of its work but being necessary for its verification, it may include personal data of workers, clients, suppliers or other third parties transmitted by the indicated entities, issuing at the end a report on the financial statements, other acts or patrimonial facts, in observance of the applicable International Quality Control, Auditing, Review, Other Assurance and Related Services Pronouncements.

Introduction
This statement applies to BDO, partners, workers, collaborators and other persons to whom information containing the personal data to which this statement refers is made available, and must therefore be complied with by all those concerned.

This statement is limited to the personal data that BDO has to process in order to fully exercise the functions of public interest, expressly excluding from it the personal data treated for other purposes, namely those related to its employees, the own clients (and prospective) and related to contracts entered into with suppliers, among others, highlighting at this level the general Privacy Statement available at the website (www.bdo.pt) or, failing that, the principles and rules implemented according to the GDPR and to the national Data Protection Law.

Responsibility for data processing and contact
BDO must guide its behaviour by observing the ethical principles and conduct fundamental to the exercise of functions of public interest, namely those of independence, integrity, objectivity, professional competence, professional behaviour and zeal and confidentiality, maintaining professional scepticism and resorting to their professional judgment, in order to have conditions to issue an opinion on the financial statements or other equity facts of the responsibility of companies or other entities that effectively increases the degree of confidence of the respective recipients, this being the main objective of their intervention.

In this context, BDO may access to information containing client data, consult, copy and maintain as audit evidence or in the audit file, which is legally mandatory in the scope of the legal and voluntary account review, information which may include personal data processed by the client as Data Controller or Data Processor for the respective treatment and for which BDO will assume its responsibility, in the exercise of public interest functions.

For the purposes of this Privacy Statement, BDO may be reached at the following address:

Avenida da República, nº 50 - 10º1069-211 Lisboa; and
By the following e-mail address: dpo@bdo.pt
 
Purpose of personal data processing
Under the terms of article 41 of the EOROC, the following are functions of public interest for the Statutory Auditors and the Societies of Statutory Auditors: (i) the audit of the accounts (comprising, under the terms of Article 42 of the EOROC, the legal and voluntary accounts and related services, with limited scope or specific purpose); and (ii) the exercise of any other functions that by law require the own and autonomous intervention of the ROC on certain equity facts of companies or other entities.

In terms of auditing the accounts, the ROC / SROC has to sign a contract for the provision of services with the client, reduced to writing (Article 53 of the EOROC), and must do so also for other functions of public interest.

The personal data that the ROC / SROC may access is intended to become possible the exercise of the said functions of public interest (as well as other functions, although not provided for in this policy, such as the fulfilment of contractual and / or legal duties).

Personal data categories
BDO may request access to any data, including personal data processed by the Entities, namely, clients, users or their employees, being able to consult and use them to perform the necessary procedures in the analysis of the accounts, complying with its legal obligations as a Revisor Oficial de Contas.

It is not BDO's responsibility to require information or access to data, but if any restrictions are placed on access to information or data, it is BDO's responsibility to consider the effect of this restriction on the issuance of its report.

Principles for the treatment of personal data provided by Clients
1 - Lawfulness: legal basis for treatment
The services of Revisor Oficial de Contas (ROC) comprise access, consultation and verification of a set of information, which BDO, in the context of its independent professional judgment, selects as necessary for the performance of its public interest functions and which will retain as audit evidence (which eventually contains information regarding personal data).

The fulfilment of the duties resulting from the Ordem dos Revisores Oficiais de Contas Statutory and auditing standards, in particular the subjection to professional secrecy, within the scope of its public interest functions, sufficiently accommodates the duties of the GDPR, without requiring additional steps, namely, obtaining consent from the data subjects.

Thus, the legal basis for the intervention of the ROC / SROC, within the scope of the exercise of public interest functions and regarding the personal data previously processed by the client, is based on the public interest underlying its intervention and the need for its treatment to comply with a legal obligation (article 6, paragraph 1, c) and e) of the GDPR), namely, of the EOROC.

 2 - Purpose limitation
The personal data referred to in this policy will initially be collected directly by its Clients or by another entity (if the client is a Data Processor), but not by BDO.

The personal data processing (for example: consultation, use and retention) by BDO will be limited to the underlying purpose, that is, the fulfilment of the public interest functions to be performed.

BDO specifically undertakes not to use personal data, as well as any other information, which it accesses due to the exercise of the referred functions for any other purpose, commercial or other, which does not result in the performance of audit procedures and the respective opinion.

3 - Data minimisation
BDO will analyse on a case-by-case basis the need to use and keep copies of the elements that include personal data provided by the client, seeking, whenever possible, to minimize their collection, use and conservation to what is necessary in the context of planning and evidence of job.

4 - Data accuracy
The principle of accuracy, as recommended by the GDPR, is not applicable to BDO's performance in the exercise of public interest functions and with regard to the data transmitted by its Clients.

5 - Data storage limitation
The file in support of the work carried out by BDO, whether or not it includes personal data, in accordance with EOROC and international auditing standards, must be kept for a minimum period of five years (minimum term).

Even though the auditing standards determine a minimum period for the retention of information (coinciding with the legal term of five years), they do not determine a maximum period, stating that the working documents must be kept for a sufficient period to satisfy the needs of BDO or as required by law or regulation, depending, for example, on whether work documentation is required as a record of matters of continued importance for future work.

Also, in this context, EOROC determines the conservation of the documents for a period of more than five years, providing that the Revisores Oficiais de Contas keep the information until judicial, supervisory or administrative proceedings are underway. For the most part, since the Revisores Oficiais de Contas are subject to such proceedings, until the right of action of the holders of the respective rights is prescribed, the information (the file) must be maintained for the maximum period of prescription of the legal proceedings and administrative offense, which may correspond to the general prescription period of contractual civil liability of twenty years.

In particular, with regard to all the information that shows the compliance by the BDO with Law No. 83/2017, of 18 August, which establishes measures to combat money laundering and terrorist financing, namely, the identification duty, must be maintained for a minimum period of seven years. 

6 - Integrity and confidentiality
The reports issued by BDO, although they may be public knowledge, do not contain personal data, as previously mentioned, the audit evidence that must support it and that may contain personal data is subject to professional secrecy. In addition to the freedom of access to information, essential for the ROC's independence in the exercise of its functions, the duty of confidentiality is imposed on the ROC. Thus, the ROC is legally prohibited from using the information it accesses for any purpose other than to evidence the procedures that has performed to support the conclusions drawn in the report it issues. The ROC is also prohibited from disclosing (except for rare judicial exceptions) any information it has obtained in the exercise of its functions.

The international quality control standard (ISQC1) and the international audit standards (ISA) impose confidentiality on the Revisores Oficiais de Contas, as well as on all employees and collaborators, as a transversal and essential requirement in the exercise of their respective functions, which should provide for effective measures for their guarantee.

In this context, BDO annually presents to its employees and collaborators a confidentiality agreement, which is signed and returned, which expressly refers to the confidentiality of the personal data included in the client’s information.

BDO only allows access to the information of a specific client, in particular that which includes personal data, to its employees who are part of the work team (including those responsible for quality control) and to the extent that they need it to carry out their tasks.

Treatment safety measures
BDO has implemented the appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, accidental loss, alteration, dissemination or unauthorized access and against any other form of unlawful treatment, always with a level of security adequate to the risks that the treatment implies for the people to whom the data respect, taking into account the most advanced techniques, the costs of application and the nature, scope, context and purposes of the treatment, as well as the risks, probability and variable severity, for the rights and freedoms of natural persons, which is ensured by the fulfilment of the duty of secrecy required by EOROC.

Rights of data subjects
This Privacy Statement aims to comply with the rights of data subjects, namely, the right to information. BDO, as part of the exercise of public interest functions, regarding personal data transmitted by Clients, as a rule, does not collect them from their respective data subjects, limiting themselves to consulting them, using them in the procedures and tests that performs and keeps them in its working documents, subject to confidentiality, legally imposed (EOROC and other legislation, namely, from EU).

Taking into account the above, the exercise of the rights of data subjects consigned in the GDPR (see articles 15, 16, 17, 18, 20 and 21), regarding access, rectification, erasure, restriction of processing, portability and objection, will not, in general, be applicable to BDO, overlapping the exercise of such rights, the public interest underlying the exercise of public interest functions, that such rights may compromise.

Despite this fact, BDO undertakes to always clarify data subjects of any doubts they may have regarding any aspect of the treatment, without prejudice to the confidentiality underlying their work and working documents, with the exception that the data subjects may complain of any circumstances that they deem disrespectful of their rights, with the Comissão Nacional de Proteção de Dados.

Transfers of personal data outside the European Union
Personal data used by BDO in the course of exercising public interest functions will be kept in the audit file or as evidence of the performance of its functions in accordance with the auditing standards. As a rule, such data will be not transferred outside the European Union. However, in cases where there is an effective need for personal data to be transferred outside the European Union, BDO ensures that this will be carried out in accordance with the requirements of the General Data Protection Regulation (GDPR) and other legislation on data protection. 

30 September 2020 version
 


Privacy Statement - Corporate Clients (and individuals connected with our corporate clients)

Corporate clients (and individuals connected with our corporate clients)

Our protection data policy aims to process personal data only to the extent needed for us to provide our services to our clients and/or for other agreed purposes.

Where personal data is required for us to perform services for our clients, we request that our clients provide all necessary information to relevant individuals (known as “data subjects”) about our use of personal data about our privacy policy. Our clients may therefore refer data subjects to this Privacy Notice.

We generally collect personal data directly from our clients or from third parties acting on their instructions.

Such personal data may be used for the following purposes:
Provision of professional services, other than public interest functions (see Privacy Statement – Assurance Services BDO) - we undertake a wide range of services, including Tax, Advisory and Outsourcing services (e.g. accounting). We may have to process personal data in order to perform such services and/or provide advice and deliverables to our clients;
Managing, administering and developing our business - We process personal data in order to manage our relationship with clients, develop our business and services, maintain and develop our IT systems, manage and host events, and to administer and manage our website, systems and applications.
Quality and risk management and security - we use various measures to protect personal data and other client information, which include monitoring the services provided to clients to detect, investigate and resolve security threats. Such monitoring may involve processing personal data. Our client take-on procedures involve processing personal data that may be obtained (i) from the client himself; or (ii) from publicly available sources (such as databases and general internet searches, etc.) to identify any risks relating to individuals and organisations that may prevent us from working for a particular client or on a particular matter;
Providing information about our services to our clients - unless the individual, employee or service provider of a BDO client, has opted-out, we may use client business contact details to provide information about our services and activities and events that may be of interest for him or his organization (see Privacy Statement – Newsletters subscription and sending).
Compliance with legal and regulatory obligations – as a regulated firm, we are subject to various legal, regulatory and professional obligations that may require us to process and/or retain personal data held on our client files.
 
30 September 2020 version
 

Privacy Statement - Private Clients

Our protection data policy aims to process personal data only to the extent necessary for us to provide our services to our clients and/or for other agreed purposes.

Where personal data is required for us to perform services for our clients, we request that our clients provide all necessary information to relevant individuals (known as “data subjects”) about our use of personal data about our privacy policy. Our clients may therefore refer data subjects to this Privacy Notice.

We provide a range of services to personal clients. We may therefore process a range of personal data, as is appropriate for the performance of services, including contact details, business activities, family information and financial information such as details of income, taxation, financial interests and/or investments. 

Certain services may also require us to process special categories of personal data such as race or ethnic origin, physical and mental health, sexual life and orientation, criminal records, and political, religious and philosophical beliefs. We will only process such personal data with the individual’s consent or as otherwise required by law or regulation.

We generally collect personal data directly from our personal clients or from third parties acting on their instructions. Such personal data may be used for the following purposes:Page Content

Provision of professional services, other than public interest functions (see Privacy Statement – Assurance Services BDO) - we undertake a wide range of services, including Tax, Advisory and Outsourcing services (e.g. accounting). We may have to process personal data in order to perform such services and/or provide advice and deliverables to our clients;
Managing, administering and developing our business - We process personal data in order to manage our relationship with clients, develop our business and services, maintain and develop our IT systems, manage and host events, and to administer and manage our website, systems and applications.
Quality and risk management and security - we use various measures to protect personal data and other client information, which include monitoring the services provided to clients to detect, investigate and resolve security threats. Such monitoring may involve processing personal data. Our client take-on procedures involve processing personal data that may be obtained (i) from the client itself; or (ii) from publicly available sources .(such as databases and general internet searches, etc.) to identify any risks relating to individuals and organisations that may prevent us from working for a particular client or on a particular matter;
Providing information about our services to our clients - unless the individual, employee or service provider of a BDO client, has opted-out, we may use client business contact details to provide information about our services and activities and events that may be of interest for him or his organization (see Privacy Statement – Newsletters subscription and sending).
Compliance with legal and regulatory obligations – as a regulated firm, we are subject to various legal, regulatory and professional obligations that may require us to process and/or retain personal data held on our client files.
 
30th September 2020 version
 


Privacy Statement – Contacts

Contact Management

As part of the provision of our professional services, we collect and process personal data classifiable in the category of business contacts, referring to current clients, prospective clients and their employees or representatives.

Such business contacts typically include the name, the employer's identity, position, email address, professional address, telephone number.

We collect such personal data directly from whom the personal data relates, or from their employer.

We may use such personal data and make it accessible to our employees for the following purposes:

Managing, administering and developing our business - We process personal data within the scope of the relationship established with our customers, as well as for the development of our business and services, to maintain and develop our IT systems, event management, website and other management systems.
Providing information about our services to current clients - unless the data subject has exercised his right of opposition, we may use your professional contact details to provide information about our services, activities and events that may be of your interest (see privacy statement - newsletter subscription).

We do not sell or otherwise release any personal data, collected by us, to third parties, unless we have first obtained the consent from the data subjects to do so.

30th September 2020 version
 

Privacy Statement - Website

Privacy Statement – www.bdo.pt

Consent

By using this site (www.bdo.pt), you agree with the use that we may do about your personal information that has been submitted and/or collected, according to the scope and terms of the current Privacy Statement.

Please, note that other country or specific websites contained on www.bdo.pt are provided by BDO member companies or related entities that managed them and therefore are not BDO responsibility. Those sites, as well as other sites that may be linked to this site, are not ruled by this Privacy Statement. We encourage visitors to review each one of the privacy policies, from those sites, before disclosing any personal information.

What personal data is collected when I visit your site (www.bdo.pt)?
We do not require registration in order for you to access  our site, but if you participate in any of the activities or services offered by the website, we will collect and process the personal data that we need in order to provide you with those services, such as name, email address, company, job title, company address, country, city and telephone number.

We do not seek to collect any sensitive personal information from you. Sensitive information includes data such as: race or ethnic origin, political opinions, religious or other similar beliefs, physical or mental health, sexual orientation or criminal record. Whenever you voluntarily provide to us sensitive information, we assume your explicit consent to us using that information in connection with the purpose for which it has been provided.

Technical Information
By visiting this site, technical information will be collected, information such as your IP address (Internet Protocol), pages visited and which browser you used to view the site.

This website collects technical data to measure and improve the effectiveness of this website, to help diagnose problems with our server, to administer this website, to see where website traffic is coming from and to identify our users. We may also collect other information via www.bdo.pt, such as website usage activity and preferences, also known as profile data. In this connection we may use "cookies" to collect this information. For more information see our Cookies Policy.

When is the personal information collected by the Site www.bdo.pt?
A Personal information is collected in the following circumstances:

  • By subscribing any of our newsletters and publications;
  • By registering for a spontaneous job application (sending a CV) or a job opportunity;
  • By registering to attend a training;
  • By registering to attend seminars or other events; or
  • By contacting us to request more information.

We collect the minimum amount of information necessary to enable us to deal with your request. We will indicate where the provision of information is voluntary or compulsory. We would normally only request additional information to enable us to provide the most appropriate response to your request.

Visitors may also send us e-mails through the site. Each message will have the user’s name and e-mail address, as well as additional information that the user may consider important to include in the message. Since our website is a recruitment tool, a visit to our site may also result in sending a user’s curriculum to a BDO recipient.

How are going to be used my personal data?
Your personal information provided by you will only be used to manage your request and services provided through this site, as mentioned in this Privacy Statement.

We only will use your personal data just to answer to the requests you submit to us and to use the company’s site, in order to allow us to provide the best and most pleasant browsing in using our provided services.

When ordering material or asking someone to contact you, you will always have the option to receive other information that may be of interest to you.

30th September 2020 version
 

Privacy Statement - Candidates

Collection of Personal Data

BDO may collect personal data using a variety of sources, including the information we request from you when applying for a job and the information we collect from other sources allowed by law, namely sources through which your data was made public by you (for example, from LinkedIn or other social networks).

In order to comply with all obligations, the processing of personal data is needed in order to be able to assess the information provided and its suitability for the job requirements that we intend to fill.

The lack of this information may prevent or delay the fulfillment of these obligations.

Personal data that we request
The categories of personal data we may request from you include:

  • Identification data (e.g. name, date of birth);
  • Contacts (e.g. address, phone, e-mail); and
  • Educational qualifications, professional career and other data related to your job application (e.g. Curriculum Vitae, Cover Letter).

BDO does not collect sensitive personal data from candidates (relating, for example, to the candidate's health, philosophical or political beliefs, party or union affiliation, religious faith, private life and racial or ethnic origin). However, if BDO has access to that type of data due to the candadate´s submission, it will be considered provided, for all legal purposes, his express consent for BDO to process it.

How we use your personal data and what are the legal bases
We use your personal data as a result of your spontaneous application and / or a job vacancy at BDO to:

  • comply with our obligations in connection with entering into an employment contract;
  • exercise our rights under your employment contract;
  • respond to questions and requests you may ask us; and
  • keep our records correct and up to date.

 
Your rights regarding your personal data
Your personal data will be kept by BDO until a job is filled, until you exercise your right to erase it or when it is considered out of date by our Human Resources department (maximum 2 years).

During the period of data retention, we appreciate that you inform us of any changes in the information we have about you, so that we have the correct and current information in our systems.

You can access your personal data through a request made for that purpose addressed to the following contact: dpo@bdo.pt

Privacy of minors under 13
It is neither our policy nor BDO's intention to collect and intentionally process personal data from minors. However, as part of the recruitment procedure, we may process personal data for members of your family, including those under the age of 13.

When we do, we will comply with data protection laws applicable to minors.

30th September 2020 version
 


Privacy Statement – Newsletters subscription and sending

Definitions and Responsibilities

For the purpose of this Privacy Statement, the following definitions and responsibilities should be considered:

  • Information/Newsletters: BDO Alerts, BDO Newsletters and information about training courses sent by BDO through electronic media (email).
  • Clients: for the purpose of this Privacy Statement are considered as clients, data subjects that may be considered under the following categories:
    • 1. Corporate clients (individuals connected with our corporate clients)
    • 2. Clients (private individuals)
  • Non-clients: for the purpose of this Privacy Statement are considered as non-clients, those subjects whose contacts were collected by BDO through non-professional relationships and/or through public private information (for example, contacts collected through social networks, etc.).

 
Lawfulness for sending newsletters
Natural persons connected with BDO corporate clients or private individual clients

BDO considers purposes of the legitimate interests, as a valid lawfulness to send information to staff and clients, taking into account the recommendation of the recital number 47 of the GDPR and based on their business activity.

Natural persons connected to non-BDO clients and/or other private individuals
In the specific case of data subjects, classified as non-clients, that is, with whom BDO has no relationship, based on their business activity, consent from the data subject is required in order to send information.

Non-individual persons
Sending electronic communications (direct marketing) to non-natural persons (e.g. companies, entities, organizations) is allowed according to the Law number 41/2004, of 18th August (changed by Law number 46/2012, of 29th August that transposed the Directive 2002/58/EC of the European Parliament and of the Council of 12 July, concerning the processing of personal data and the protection of privacy in the electronic communications sector - Directive on privacy and electronic communications), provided that the following conditions:

  • The entity is not registered in the opposition list available at the Direção Geral do Consumidor; or
  • The entity, in previous contacts, as not “opted-out”.

Terms, conditions and frequency
The objective of our newsletter service is to send BDO news and publications.

Subscribing our newsletter service is not mandatory and you can, at any time, exercise of the right to object regarding to sending of the newsletter.

Newsletters will be sent, normally, on a monthly basis, unless for technical questions and/or of importance to the client and/or lead us to change the sending frequency of the newsletter.

Information collection – subscription
BDO collects personal information, mandatory and optional, using the subscription form, available through the current site.

In order to fulfil all obligations, the processing of your personal data is needed so that we may be able to conclude your inscription in our database in order to send publications to you.

The lack of this information may prevent, delay or block the subscription process and, therefore, sending publications.

Data that may be requested from you
Data categories that may be requested from you include:

  • Identification data – Mandatory - (Name);
  • Contacts – Mandatory - (E-mail); and
  • Other optional personal information (Employer’s name, Job title and Country).

How your personal data will be used
Your personal data collected from subscriptions will be used for:

  • Disclosing updated and relevant information about matters related to services provided by BDO;
  • Keeping the subscribers updated about legislation, applicable to most business activity sectors;
  • Keeping the subscribers updated about services provided by BDO; and
  • Disclosing training courses and/or other corporate events.

Your rights about your personal data
We would be grateful for letting us know of any changes of the information we have about you, in order to allow us to have your information correct and updated, in our systems.

You have the right to access and update your personal information through the option to manage subscriptions available in the communications (newsletters) sent to you.

You have the right to object to process of your personal data at any time, stopping the data processing. The withdraw of the consent will not affect the legality of previously performed data processing based on consent or other activities of data processing legally required.

You may also request the restriction of processing of your personal data, whenever:

  • Contest the inaccurate of the personal data;
  • The data processing does not occur for the purpose informed is this Privacy Statement;
  • BDO no longer need the data, e. g., because publications have been suppressed;
  • Object to data processing, for example, through cancelling the subscription of newsletters, which may occur at any time.

In order to exercise the rights mentioned, please inform us through the contacts available in our privacy policy.

30 September 2020 version