Data Protection Registration and Declaration

This is the data protection registration and declaration of Nordic Homesteads LDA, in accordance with the Personal Data Protection Act (§10 and §24) and the EU General Data Protection Regulation (GDPR). Prepared on 25.08.2022.

1. Data Controller Nordic Homesteads LDA (PT517939126), Rua Hermano Neves, Nº 18, Piso 3, Escritório 7, V2474 1600-477 Lisboa, Portugal.
   info@nordicasas.pt

2. Name of the Register Customer Register of Nordic Homesteads LDA, Online Service User Register, and Marketing Register.

3. Legal Basis and Purpose of Personal Data Processing The legal basis for processing personal data according to the EU GDPR is:

   • Consent of the individual (documented, voluntary, specific, informed, and unambiguous).
   • Contract to which the individual is a party.
   • Legitimate interest of the data controller (e.g., customer relationship, employment relationship, association). The purpose of processing personal data is to communicate with customers, maintain customer relationships, and direct advertising and marketing. Data is not used for automated decision-making or profiling.

4. Content of the Data Register The data recorded includes: person's name, contact information (phone number, email address, address), IP address of the internet connection, information about ordered services and changes, billing information, and other information related to the customer relationship and ordered services.

5. Regular Sources of Data Data is obtained from the customer through messages sent via forms on the nordicasas.pt website, email, phone, social media services, contracts, customer meetings, and other situations where the customer provides their information.

6. Regular Data Disclosures and Transfer of Data Outside the EU or EEA Data is not regularly disclosed to third parties. Data may be published to the extent agreed with the customer. Data may be transferred by Nordic Homesteads LDA outside the EU or EEA.

7. Principles of Register Protection Register processing is conducted with care, and data processed through information systems is adequately protected. When register data is stored on internet servers, the physical and digital security of the equipment is ensured. Nordic Homesteads LDA ensures that stored data, server access rights, and other critical information related to personal data security are handled confidentially and only by authorized employees within their job duties.

8. Right of Access and Right to Correct Data Each registered individual has the right to verify their registered data and request correction of any incorrect information or supplementation of missing information. Requests must be sent in writing to the data controller. Nordic Homesteads LDA may request proof of identity if necessary. Nordic Homesteads LDA will respond within the timeframe set by the EU GDPR (usually within one month).

9. Other Rights Related to Personal Data Processing Each registered individual has the right to request the deletion of their personal data from the register ("right to be forgotten"). Additionally, registered individuals have other rights under the EU GDPR, such as restricting the processing of personal data in certain situations. Requests must be sent in writing to the data controller. Nordic Homesteads LDA may request proof of identity if necessary. Nordic Homesteads LDA will respond within the timeframe set by the EU GDPR (usually within one month).