Privacy Policy

Data Protection

Privacy Policy

In compliance with the rules concerning the protection of personal data, namely Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, on the protection of individuals regarding the processing of personal data and the free movement of such data (GDPR), as well as Law No. 58/2019 of 8 August, which ensures the execution, in the national legal order, of the GDPR, this privacy policy seeks to inform you of the way in which your data will be processed.

The Privacy Policy will apply to all types of processing carried out by REN Group companies (hereinafter “REN”), except for those that, due to their specific processing activities, already have their own privacy policy, such as: https://www.portgas.pt/politica-de-privacidade.

Likewise, any essential information regarding the processing of your personal data, provided directly to you, may contain specific conditions that will prevail over this privacy policy.

To ensure correct management in the processing of your data, REN has appointed a Data Protection Officer, who can be contacted regarding any matter that may arise related to your personal data at the following address: protecaodados@ren.pt.

REN may modify this privacy policy whenever it deems necessary. If changes occur, REN will inform you of them through this website, or through other means, so that you are aware of the new privacy conditions. By continuing to use the features provided by REN, having been informed of these modifications, it means that you agree to them, except in situations where your express consent is necessary.

Dados REN

Who is responsible for the processing of your data?

Your data will be processed by REN – Redes Energéticas Nacionais, SGPS, S.A. and/or by other companies that are part of the REN Group, depending on the company receiving your request, or on the relationship established with each of these companies.

You can consult the companies that are part of the REN Group, at any time, at: https://www.ren.pt/en-gb/investors/corporate-governance.

What types of data does REN process and from what source are they collected?

REN may process the following types of data, depending on the relationship established with the user:

  • Identification and contact data (e.g., names, identification documents, mobile phone, e-mail, residence).
  • Browsing data (e.g., use of the website, sections visited).
  • Other types of data. Exclusively in cases where the user has voluntarily provided other types of data that they consider relevant to their request and/or by any other means.

The data that REN processes as a result of the interactions exchanged with the user via the website come from the following sources:

  • Data provided by the user by filling out forms provided by REN, by sending e-mails, or through any other means through which the user establishes contact with REN.
  • Data generated as a result of browsing and using the web.

For what purposes will REN process personal data and what are the grounds for lawfulness?

Personal data is collected by REN for specific and legitimate purposes, respecting the principles of loyalty, transparency, minimisation, integrity, and confidentiality.

Your personal data is used by REN to comply with legal and contractual obligations, to manage its activity, and to provide you with services, and your data is not used for purposes other than those for which they were collected, which will always be communicated to you.

You can find additional detailed information regarding the carried out processing at: https://www.ren.pt/media/mz1d1e2k/direito-%C3%A0-informa%C3%A7%C3%A3o-aos-titulares.pdf.

The personal data and any other information that you provide to us when filling out an electronic form available on the Portal (“Data”) will be processed by REN for the purpose of managing the required service, to respond to your request. The filling out of the forms is voluntary, and only the personal data necessary to respond to your request is collected. Thus, only the questions marked with an asterisk (*) are essential, and without such data REN cannot fulfil, or perfectly fulfil, the identified purposes.

With your consent, your personal data may be processed by REN to send you information that is of interest to you, by sending newsletters. This personal data will be kept for the period of the respective processing, and for as long as you do not object to their processing.

How long do we keep your personal data?

Personal data is kept only for the period strictly necessary to allow (i) the fulfilment of legal and regulatory obligations, (ii) the fulfilment of an established contract with the data subject, (iii) the management of the company’s activity, and (iv) the delivery of information and/or products requested by the data subjects.

After the expiry of this period, the personal data is deleted by REN.

Which entities will your data be shared with?

Among the entities to which the data may be transmitted are service providers contracted by REN, national authorities (e.g., CNPD [the Portuguese National Data Protection Commission], City Councils, Tax Authority), regulatory entities in the sector (e.g., ERSE [the Portuguese Energy Services Regulatory Entity], DGEG [the Portuguese Directorate-General of Energy and Geology]), and banking institutions.

If necessary for the fulfilment of the purposes, REN may transmit personal data to service providers, who will access this data as subcontractors. In the event that such access involves transfers of personal data outside the European Economic Area, REN will ensure the implementation of the mechanisms and guarantees established in the applicable regulations (e.g., Standard Contractual Clauses) to ensure that the provider applies a level of security equivalent to that required by European standards.

All REN providers who have access to your personal data, as a result of the services they provide to REN, have signed contracts that include data protection clauses, in accordance with the provisions of Article 28 of the GDPR, and are obliged to comply with these obligations, namely: to apply technical and organisational measures, to process the data exclusively for the contracted purposes, to process the data only in accordance with REN’s written instructions, and to delete the data upon the termination of the services provided.

Security Measures

REN makes every effort to ensure the highest possible levels of security appropriate to the nature of the data being processed. Therefore, REN undertakes to implement the appropriate and necessary technical and organisational measures to protect the personal data it processes against accidental or unlawful destruction, loss, alteration, dissemination, or unauthorised access and use.

When communicating data to third parties, REN takes appropriate measures to ensure that the entities that have access to the data are reputable and also adopt the necessary technical and organisational measures to protect personal data and ensure its confidentiality, integrity, and availability, which will be duly recorded and safeguarded in a contract to be signed between REN and the third-party entity/entities.

Any entity subcontracted by REN will process the personal data of the subjects, on behalf of REN, and REN will remain responsible for the personal data provided to it.

In any case, it should be noted that technical security in a medium such as the Internet is not impregnable, and malicious actions by third parties may occur, even though REN makes every effort at its disposal to prevent such actions.

What are your rights as the subject of the data you provide to REN?

The data subject may exercise the rights of access, rectification, and limitation of the processing of data that specifically concern them, at any time, by means of written communication addressed to REN’s Data Protection Officer at the following addresses:

In the cases provided for in the GDPR, the holder may also request the deletion or object to the processing of their data, withdraw their consent to the processing, request the portability of the data, and not be subject to automated decisions regarding their personal data by contacting the same addresses in writing.

How can you file a complaint?

You also have the right to file a complaint with the Portuguese National Data Protection Commission (CNPD).

For any additional information regarding the protection of personal data, please consult the CNPD website or send an e-mail to this entity at geral@cnpd.pt.

Newsletter

Receive all the details of the operation,
trends and news we share
with all the energy.

Frequency *
0:00
/
0:00