GDPR Compliance

Information about OMNI's compliance with the General Data Protection Regulation (GDPR).

1. Introduction

OMNI® is committed to protecting your personal data in compliance with the European Union's General Data Protection Regulation (GDPR). This page describes how we apply GDPR principles and your rights as a data subject.

2. GDPR Principles

OMNI® processes personal data based on the following principles:

Lawfulness, Fairness and Transparency

Data is processed legally, fairly and transparently.

Purpose Limitation

Data is collected for specified, explicit and legitimate purposes.

Data Minimisation

We only collect data that is adequate, relevant and necessary.

Accuracy

We keep data accurate and up to date.

Storage Limitation

Data is kept only for as long as necessary.

Integrity and Confidentiality

We protect data against unauthorised or unlawful processing.

3. Data Subject Rights

Under the GDPR, you have the following rights:

  • Right of access to your personal data.
  • Right to rectification of inaccurate data.
  • Right to erasure ('right to be forgotten').
  • Right to restriction of processing.
  • Right to data portability.
  • Right to object to processing.
  • Right not to be subject to automated decision-making.
  • Right to withdraw consent at any time.

4. Legal Basis for Processing

OMNI® processes your personal data based on the following legal grounds:

  • Free, specific, informed and explicit consent.
  • Performance of a contract or pre-contractual measures.
  • Legal obligation to which OMNI® is subject.
  • Legitimate interests of the data controller.
  • Protection of vital interests of the data subject.

5. Data Protection Measures

We implement the following technical and organisational measures:

  • Data encryption in transit and at rest.
  • Restricted access control and strong authentication.
  • Logging and monitoring of processing activities.
  • Data Protection Impact Assessments (DPIA).
  • Data breach notification procedures.
  • Regular staff training on data protection.

6. International Data Transfers

OMNI® may transfer personal data to countries outside the European Economic Area (EEA) when necessary for service delivery. In such cases, we ensure adequate protection levels through standard contractual clauses approved by the European Commission or other safeguards provided by the GDPR.

7. Complaints

If you believe that your data processing violates the GDPR, you have the right to lodge a complaint with a supervisory authority.

In Portugal, the supervisory authority is the National Data Protection Commission (CNPD).

Supervisory Authority: Comissão Nacional de Proteção de Dados (CNPD)

CNPD Website: https://www.cnpd.pt

8. Contact

To exercise your rights or clarify questions about GDPR compliance, please contact us.

Conformidade RGPD | OmniPartners