ADENE – Portuguese Energy Agency (“ADENE”) is an association with a public interest status, registered at the Conservatória do Registo Comercial de Lisboa, with the ID number 501618392 and headquartered at Avenida 5 de Outubro, 208, in Lisbon. For more information regarding ADENE, please click here.
This Policy sets out how ADENE processes personal data/information that users provide via ADENE Sites. This Policy describes ADENE´s practices when using your personal data/information when visiting ADENE Sites.
Before using ADENE Sites or providing personal data/information via them, please read this Policy carefully, as the collection and processing of personal data may differ according to the specific features of each ADENE’s website or platform.
When accessing and using ADENE Sites, users (“User” or “Users”) accept and authorize the collection, use and disclosure of their personal data/information (any information that can identify them), as per the terms of this Policy.
ADENE, an association with a public interest status, registered at the Conservatória do Registo Comercial de Lisboa, with the ID number 501618392, and headquarters at Avenida 5 de Outubro, 208, in Lisbon, is the ‘data controller’ as defined in point 7 of Article 4 of the General Data Protection Regulation (“the Controller”) of the personal data you provide on ADENE Sites.
Before providing your personal data on ADENE Sites, you should carefully read this Policy and confirm if you agree with its terms in the specific forms.
Processing of Personal Data
- Legitimate Interests of the Controller
ADENE collects and processes personal data provided via ADENE Sites which are required to provide services available on ADENE Sites. Personal data you provide on ADENE Sites will be stored in a specific digital database owned by ADENE.
Providing personal data on ADENE Sites is optional. However, if Users wish to benefit from ADENE Sites’ services and/or receive related information and/or be contacted by ADENE, they must provide the required personal data and consent its processing by filling in all the mandatory fields of the applicable online forms.
ADENE will only process User’s personal data for promotional purposes in case that is explicitly consented by the User.
- Data Provided by Users
As the Controller, ADENE collects the following personal data from ADENE Sites: name and e-mail address, without prejudice to other data that may be requested for the purposes set out in this Policy, according to the specific characteristics of each ADENE Sites.
By default, ADENE Sites do not offer services directly to a child under the age of 18. ADENE does not collect or process any personal data of individuals under the age of 18 from ADENE Sites unless and to the extent that consent is given or authorized by the holder of parental responsibility over that individual (parents and/or legal representatives), in accordance with paragraph (a) of point 1 of Article 6 and Article 8, both of the General Data Protection Regulation, and any applicable law.
- Data Processing Purposes
ADENE processes personal data provided by Users via ADENE Sites for the following purposes:
- To provide ADENE Sites’ services;
- To comply with legal obligations for the performance of tasks carried out by ADENE in the public interest, such as the exercise of Public Systems Management or the performance by ADENE of other tasks carried out in the public interest;
- To provide customer service to Users, by improving or optimizing customer experience;
- To create profiles of energy consumers in order to provide Users with the best suitable solutions offered by economic operators in the energy sector, in accordance with ADENE’s legal attributions;
- For statistical purposes;
- For quality control purposes;
- To send promotional information regarding ADENE. In case the User gives the respective explicit consent in the due field of the registration form, ADENE may use User’s personal data for the purpose of sending promotional information regarding energy, energy efficiency, services, news, initiatives, events, promotions and newsletters published by ADENE and/or any third party operating in the supply of energy or energy equipment sector. Please note that you can withdraw your consent if you want to op-out from receiving promotional communications, using the “Remove” link available in all ADENE’s communications materials, or by contacting ADENE’s Data Protection Officer via email at the email@example.com. If you refuse to give your consent or chose to withdraw your consent, ADENE will no longer send you any information regarding initiatives, offers, news, advantages or financing opportunities that ADENE thinks will be of interest to you and/or commercial information regarding products or solutions in energy sector, with the aim of promoting, among economic operators and/or energy consumers, energy efficiency and renewable energy, the efficient use of water and energy efficiency in the mobility sector.
In no case will your personal data be processed by ADENE for the purposes of sending promotional communications without your explicit consent.
- Processors and Third Parties
Users’ personal data may be processed by ADENE workers and collaborators on behalf of ADENE in order to carry out the processing activities required to exercise their legal and contractual duties, under the terms of the applicable laws and in accordance with this Policy.
Users’ personal data may also be processed by processors, on behalf of ADENE, and as per ADENE’s instructions.
Processors shall comply with a set of legal and contractual obligations, including the respect of the provisions of the General Data Protection Regulation and other applicable data protection laws, committing themselves to confidentiality and preventing processing of such personal data for other purposes than those set out in this Policy and/or as consented by the respective data subject.
As per the purposes of processing, the legitimate interests and the specific terms of consent given by the Users, Users’ personal data may be disclosed by ADENE to energy suppliers or service providers, to the Portuguese Directorate-General for Energy and Geology (DGEG), to the Portuguese Energy Services Regulatory Authority (ERSE), to the Portuguese Agency for Administrative Modernization, IP (AMA) or to other third parties with which ADENE relates by virtue of its legal attributions and obligations.
ADENE may transfer Users’ personal data to other countries within the European Economic Area (EEA), to third countries outside the EEA and to international organizations in order to comply with its legal and/or contractual obligations. ADENE will only transfer your personal data to third countries or international organizations if the controller or processor ensure an adequate level of protection of such data and comply with the conditions laid down in the provisions of the General Data Protection Regulation and with other data protection applicable laws.
In addition to the above, Users’ personal data may be disclosed by ADENE when required by applicable law, to judicial or police authorities or any authorities that may legitimately receive them under applicable law.
- Data Processing Conditions
ADENE, as the Controller, complies with all applicable laws regarding data protection.
ADENE ensures quality, accuracy, integrity and confidentiality of data provided via ADENE Sites, as well as the legitimacy for its processing under applicable law, namely the lawfulness, security and confidentiality of such data processing. ADENE does not further processes personal data for other purposes than those for which they were initially collected, unless the data subject subsequently explicitly consents so, and such data is kept no longer than necessary to the extent allowed by the respective processing purpose.
- Security Measures
ADENE has implemented reasonable and appropriate technical and organizational measures with the aim of protecting ADENE Sites’ Users personal data and preventing accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure and/or access. ADENE uses appropriate systems and procedures to protect and safeguard the integrity of personal data you provided on ADENE Sites, namely, by only authorizing its employees to access the collected personal data exclusively for the performance of the their work duties and for the purposes set out in this Policy. Despite the referred security measures, and to the maximum extent permitted by law, ADENE cannot be held responsible for any attacks or any illicit acts from third parties.
ADENE makes reasonable efforts to protect Users’ personal data from unauthorized access via the Internet. For this purpose, it uses security systems, rules and other procedures, in order to guarantee the protection of Users’ personal data, as well as to prevent unauthorized access, improper use of data, its disclosure, loss or destruction.
It is, however, User’s responsibility to ensure that the computer he is using is adequately protected against harmful software, computer viruses and worms. In addition, you should be aware that, without the adoption of adequate security measures (for example, the secure configuration of the navigation program, updated antivirus software, security barrier software and the non-use of software of doubtful origin), you are exposed to unauthorized access to personal information you provide via ADENE Sites. Please note that you are responsible for maintaining the security of your credentials and passwords used to access any ADENE Sites service or account, and you must report any suspected unauthorized activity to ADENE.
In addition, it should be noted that whenever data collection is carried out on open networks, such as the Internet, your data may circulate without security conditions, with the risk of being seen and used by unauthorized third parties.
- Data Retention Periods
Under the terms of the applicable law, ADENE will only process Users’ personal data for as long as required to perform the purposes for which such data was collected to comply with applicable laws. If data are no longer required for compliance with contractual or statutory requirements, your data will be deleted or anonymized by ADENE.
For the purposes of providing services via ADENE Sites, Users’ data will be kept for a period of 24 (twenty-four) months after the termination of such services or if the respective payment is due, whichever occurs later, and for the period required by tax and corporate laws and regulations.
In case of claim against ADENE, your data will be kept for an additional period of 90 (ninety) days or until such claim is solved. This will generally be the length of the relationship between the User and ADENE plus the length of any applicable statutory limitation period under local laws.
Pre-contractual data will be kept for a period of 60 (sixty) days.
In order to comply with legal obligations, as a Public System Manager or similar, Users’ data will be kept for a period of 5 (five) years.
For the purposes of creating an energy consumer profile in order to present Users with the best suitable solutions offered by energy economic operators, in accordance with ADENE’s legal attributions, Users’ data will be kept for a maximum period of 24 (twenty-four) months from the last access to the ADENE Site.
For statistical purposes, Users’ data will be anonymized in a way that does not allow identification of the respective data subjects.
For quality control purposes, Users’ data will be kept for a period of 30 (thirty) days.
For the purposes of sending promotional communications, Users’ data will be kept for a period of 5 (five) years after the last contact.
- Data Subject Rights
ADENE guarantees to ADENE Sites’ Users the exercise of all legal rights regarding their personal data, namely their right to obtain confirmation that their data is being processed, as well as access to all information related to such processing, data sources, the recipients or categories of recipients to whom their personal data have been or will be disclosed, as well as knowing the respective expected retention period of their Personal Data. ADENE also ensures you the exercise of your right to access your personal data, your right to object to and/or restrict the processing, your right to withdraw your consent, your right to data portability, as well as your right to update, correct or delete your personal data.
ADENE will always allow ADENE Sites’ Users to exercise any of the above rights in accordance with the applicable law, by contacting ADENE in writing for this purpose.
Questions, information and requests regarding the exercise of data subject rights or any other regarding this Policy should be addressed to ADENE’s Data Protection Officer.
ADENE’s Data Protection Officer should be contacted through the following means:
Avenida 5 de Outubro, 208, 2.º
Email address: firstname.lastname@example.org
Such requests will be analyzed and answered by ADENE within 30 (thirty) days. This period may be extended for an additional 30 (thirty) days, if necessary and upon submission of prior justification by ADENE to the requesting User.
ADENE processes Users’ personal data in accordance with the provisions of the applicable law.
Without prejudice to the above mentioned, in case Users should have any concerns about how ADENE processes their personal data, they have the right to submit a complaint to the National Data Protection Authority.
- Navigation Data
ADENE uses software and computer systems on ADENE Sites that collect, during their current operation, some personal data (called “log files”), the transmission of which is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified persons. However, due to their nature, they can, through processing and integration with data held by third parties, allow the identification of Users. Such information includes the IP addresses or domain names of the computers used by Users to connect to the Site, addresses in the form of URL (uniform resource identifier) of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in the response, the numerical code indicating the status of the response issued by the server (completed, error, etc.) and other parameters related to the User’s operating system and computer environment.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of ADENE Sites and to verify that it is working properly.
A “cookie” is a small text file which includes a unique identifier that is sent by a web server to the browser on your computer, mobile phone or any other internet enabled device when you visit an on-line site. Cookies and similar technologies are widely used to make websites work efficiently and to collect information about your online preferences.
“Session” cookies are small text files containing an identifier that are used to improve your browsing experience. ADENE may collect navigation information for statistical purposes. Session cookies will be deleted from your computer when you close your browser or when, for any reason, it is no longer active.
“Persistent” cookies are small text files stored on your computer’s hard drive until deleted, or if they reach a specific expiry date. Persistent cookies store information on your computer for various purposes, such as retrieving certain information you previously provided (such as passwords), helping to determine which areas of the website are considered most valuable by visitors, and configuring the site based on your preferences on an ongoing basis. Persistent cookies stored on your computer may contain personal data, but only if such data collection has been registered or otherwise consented. Otherwise, our website’s server only knows that an unidentified visitor has re-entered the site.
The ADENE Sites may use Internet protocol (IP) addresses. An IP address is a number assigned to your computer by your Internet service provider so that you can access the Internet, and is generally considered to be non-personal and non-identifiable information, as in most cases, the IP address is dynamic (changing each time you connect to the Internet), and not static (specific to a particular user’s computer). The IP address can be used to diagnose problems with the server, report aggregate information, determine the fastest way to use your computer to connect to a website, and to administer and improve the website.
Internet tags (also known as one-pixel GIFs, GIFs without information, invisible GIFs, and 1-by-1 GIFs) are smaller files than cookies and transmit information such as the IP address to the website server and the type of browser relating to the user’s computer. The tags can be placed both on online ads that attract people to the site and on different pages of the site. These labels indicate how many times a page is opened and what information is consulted.
“Navigational Data” (log files, log servers and clickstream data) are used for system management, to improve the content of the site, for market research purposes and to communicate information to users.
- Types of Cookies
There are two main types of cookies: session cookies and permanent cookies.
Session cookies are temporary and only remain in the cookie file until the User closes the browser. This type of cookies are used to analyze traffic patterns, which facilitates the identification of problems.
Permanent cookies are stored in your computer until deleted or if they reach a specific expiry date. They are used whenever the User logs in order to custom the User’s browsing experience.
ADENE uses the following types of cookies on ADENE Sites:
- Analytical cookies are used anonymously for statistical purposes.
- Functionality cookies keep the User’s preferences.
- Third-party cookies measure the success of their applications and can be used to customize buttons, menus, icons and other graphical interface components with User data (called widgets).
Note that, in general, cookies do not include details that can be used to identify you, only the computer/device you are using.
ADENE Sites do not use advertising cookies.
- Cookies’ Management
All browsers allow the User to accept, refuse or delete cookies at any time, by configuring the appropriate settings in the respective browser. The User can configure cookies in the “options” or “preferences” menu of his browser.
Note that when deleting cookies, the User loses some automatic filling saved data, such as login details. In addition, some online services provided on ADENE Sites may not work properly, affecting the Users’ browsing experience.
- Direct Web Push Notifications
ADENE Sites may invite you to receive notifications directly in your browser (Webpush notifications). The User can accept or refuse the notification request whenever he receives it. Direct notifications in the browser will always be on relevant topics in relation to the site and do not collect any personal information from your computer.
ADENE Sites provide hyperlinks (links) to other websites that are not part of the services run by ADENE, so it is recommended to consult the respective privacy policies.
ADENE is not responsible for these third-party sites’ or their privacy practices, so please be aware that any information you provide to these sites is subject to the privacy policies of those sites and not to this Policy.
Nevertheless, ADENE reserves the right to amend this Policy without prior notice. Any changes to this Policy will be posted on ADENE Sites’, so it is recommended to regularly review ADENE Sites to ensure that you are always aware of ADENE’s privacy practices and any changes to such. Any changes to this Policy will go into effect on posting to ADENE Sites. The updated version of this Policy posted on ADENE Sites is the one currently in force, as well as the specific rules applicable to any kind of processing of personal data provided via each of ADENE Sites.
If you do not agree with this Policy, please do not provide your personal data.
We warn you, however, that if you do not provide required personal data, you will not be able to benefit from some services provided by ADENE Sites.
For any further detailed information on personal data protection, please consult the applicable legislation, in particular, the provisions of General Data Protection Regulation.
 Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, on the protection of natural persons with regard to processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.