Legal Notices

TERMS OF USE, PRIVACY AND SECURITY POLICY, AND LEGAL NOTICE

1. Introduction

This Policy aims to inform users of the BUPi website about how their personal data are collected, used, protected, and their rights under the General Data Protection Regulation (GDPR) and Law No. 58/2019, of 8 August.

2. Data Controllers

The data controllers are eBUPi and the IRN – Institute of Registries and Notary (Instituto dos Registos e do Notariado).

3. Purpose and Legal Basis

Personal data are processed for the following purposes:

• Management of contact requests (name, email, telephone) — based on your consent [Art. 6.º, n.º 1, (a)];
• Newsletter subscription — based on your consent [Art. 6.º, n.º 1,(a)];
• Ensuring website security and functionality — based on public interest [Art. 6.º, n.º 1,(e)];
• Compliance with legal obligations.

4. Data Retention

Data will be stored for the period necessary for the purposes for which they were collected, or until consent is withdrawn. Retention periods may also be extended where justified by public interest, historical, scientific, or statistical reasons.

5. Disclosure to Third Parties

Personal data may be shared with duly contracted service providers, in strict compliance with confidentiality obligations and in accordance with the GDPR.

6. Data Subjects' Rights

Under the GDPR, users may, at any time:

• Access their data (Art. 15);
• Rectify inaccurate data (Art. 16);
• Request erasure of data (Art. 17);
• Restrict processing (Art. 18);
• Object to processing (Art. 21);
• Request data portability (Art. 20).

These rights can be exercised via the “Remove my email” link or by directly contacting the Data Protection Officer (see section 11).

Right to Lodge a Complaint with the CNPD

If you believe that your data are not being processed in accordance with applicable law, you have the right to lodge a complaint with the national supervisory authority:

National Data Protection Commission (CNPD)

Address: Av. D. Carlos I, 134, 1st floor, 1200-651 Lisbon

Phone: +351 213 928 400
Email: geral@cnpd.pt
Website: www.cnpd.pt

7. Cookies

This website uses cookies and other similar technologies to improve performance and the user’s browsing experience, by increasing responsiveness and eliminating the need to re-enter the same information repeatedly.

Cookies help recognise the user’s device on subsequent visits and are often essential for proper website functionality.

The cookies used do not collect personal information that would allow the user to be identified. Only generic information is retained, such as access mode or region/city, among others.

Information generated by the use of cookies may be sent to third parties for trend analysis, navigation tracking, and performance monitoring, without identifying any individual.

Users may disable cookies in their browser settings. However, if this option is limited, some features or tools may not function correctly.

8. Information Security

We adopt appropriate technical and organisational measures to ensure the security of personal data, in accordance with Art. 32 of the GDPR and the principles of ISO/IEC 27001:2022 and QNRCS.

9. Intellectual Property

The content of this website is protected by Copyright, Related Rights, and Industrial Property Rights, under national and EU legislation and international conventions. It may not be used outside the conditions set out on this site.

Information provided on the site may be copied, imported, or used free of charge for personal or educational purposes, provided the source is always acknowledged.

The information may not be used for profit or for offensive purposes.

Any attempts to alter information or actions that could cause damage or jeopardise system integrity are strictly prohibited under current legislation. Users must strictly comply with all applicable legislation, particularly concerning cybercrime and intellectual property rights, and are solely responsible for any violations.

10. Disclaimer

eBUPi and IRN shall not be held liable for any damages or losses under civil liability (including, but not limited to, consequential damages, loss of profits, or moral damages), directly or indirectly arising from the correct or incorrect use of this website and its contents by the user, including unauthorised access by third parties to the user’s computer system.

Viewing legal provisions on this website or on the platform does not exempt users from consulting the official legal texts published in the official formats (namely, the Diário da República or the Official Publication of the European Union).

11. Data Protection Officer

The Data Protection Officer (DPO) is responsible for ensuring compliance with applicable legal obligations on personal data protection and acts as a point of contact between data subjects, the data controller, and the supervisory authority.

Data subjects may exercise their rights or raise any concerns regarding the processing of their personal data at any time by contacting the DPO at: epd@bupi.gov.pt

12. Policy Updates

This policy may be updated. Changes will take effect on the date of their publication on the website.

Last updated: 12/06/2025

13. Governing Law and Jurisdiction

These terms are governed by and shall be interpreted in accordance with Portuguese law. The court of the Lisbon area shall have exclusive jurisdiction to resolve any disputes arising from the interpretation or application of these terms.