Personal Data Processing Information Sheet

Personal Data Processing Information Sheet


The companies of the Rovensa Group (*) (hereinafter Rovensa), sell products and provide services to its various establishments, in accordance with the terms of use in force in each of these establishments. They carry out personal data processing activities for the development of their business activities, such processing being carried out in accordance with data protection regulations, including the General Data Protection Regulation, the Personal Data Protection Act, or special legislation and in accordance with the following parameters:


1.    Responsible for data processing: 


Postal Address: Edificio Lumnia, Rua António Mega Ferreira, N.º 61 - 5B 1800-424 Lisboa - Portugal

General E-mail:

General Telephone: +351 213 222 750



2.    Contact of the data protection officer: the data protection officer has a specific email address for the purposes of personal data protection, and the data protection officer is available at


3.    Categories of the data owners: data owners, potential clients, customers or users of the various products, services or events offered by Rovensa, through its establishments or direct communication channels.


4.    Personal data to be processed: data necessary to respond to requests for information, to participate in events, to submit offers, to enter into contracts or to use any direct communication channel with Rovensa, namely, civil and tax identification data, banking and financial data, contact data deemed necessary to enter into Contracts or contact data deemed optional for the purposes of responding to requests, sending information, managing subscriptions or providing ancillary services, depending on the conditions of use of products, services or direct communication channels.


5.    Context and purpose of processing: information, promotion, marketing, organisation of events, support or assistance, communication with data subjects for the purposes of marketing products, providing services and related ancillary services.


6.    Legal basis: depending on the specific situation, processing is based on the management of the contractual relationship, on compliance with legal obligations, on the pursuit of legitimate interests or, in specific cases of ancillary services, on the data subject's consent.


7.    Consequences of not communicating mandatory data: failure to communicate data necessary for answering requests or for concluding contracts, such as civil and fiscal identification data, banking and financial data and the contact details deemed necessary, makes it impossible to answer or conclude a contract and therefore to provide services.


8.    Consequences of failing to provide optional data: the data subject is not obliged to authorise the processing of optional data. Thus, if he/she does not consent, or if he/she subsequently withdraws consent previously given, the data will not be processed, in which case, upon request, the personal data in question will be deleted, or the corresponding use will be cancelled for the purpose of providing ancillary services, without affecting the legality of the operations carried out up to the day on which consent was withdrawn.


9.    Recipients: the controller processes on his own account (through professionals subject to the obligation of professional secrecy) or on his behalf, through subcontractors approved for the provision of services selected by him and bound by strict technical and organisational measures, adjusted to the protection of personal data.


10.    Security measures: appropriate technical and organisational security measures are implemented to ensure a level of security of processing appropriate to the risk.


11.    Data collection place: data is collected upon request, by the data subject, for information requests, participation in events, purchase of products or services or use of direct communication channels, through the various channels of receipt of the data controller, being guaranteed the privacy or confidentiality of its collection and the integrity, quality, and accuracy of the data.


12.    Storage period: without prejudice to exceptional situations of extension of the storage period provided for by law or considered necessary for the defence of rights or legitimate interests, the personal data processed shall be kept for a period of ten years after termination of the contractual relationship. After this period, the data will be erased.


13.    Signage: all reception points where personal data processing operations are carried out are duly signposted, with the application of specific signage with the commitment to data protection in the reception and reception of customers, users or users, and transparency and information on the correct use of personal data processing systems and procedures is ensured within the establishment responsible for processing.


14.    Data communication: except in situations of legal obligation to communicate data or data communication operations between Group companies (*), there are no data communication operations, as personal data is not communicated to third parties.


15.    Data interconnection and automated decisions: no interconnection operations of personal data are carried out. Thus, only manual, or computerised processing systems are integrated into the management of the contractual relationship for the purpose of processing requests for information, products, or services. Thus, only the automated decisions necessary for the execution of the contracts concluded are taken.


16.    Data subject's rights: the data subject has the right to request from the controller access to, rectification of or erasure of their personal data, as well as limitation or opposition to processing and data portability, in accordance with the law. He or she may also withdraw his or her consent for the processing of the data, in cases where this constitutes a ground for the legitimacy of such processing.


17.    Right to complain to the supervisory authority: the data subject may always exercise, if he or she deems it necessary, the right to lodge a complaint with the supervisory authority - Comissão Nacional de Proteção de Dados.


18.    Address for the exercise of rights: to request any information, present complaints or request the exercise of rights, please contact us by sending an email to


19.    Conditions of use: the conditions of use of the various communication channels, platforms or websites may be consulted by any interested party at reception points or at any of the Group companies' service desks.


20.    Data Protection Policy: personal data is processed in accordance with the Data Protection Policy available at or


(*) Rovensa Group companies: Tradecorp, OGT, Rodel Flowers, SDP, Microquimica, Even Agro, Agrichem, Idainature, Agrotecnología, Ecoproyectos, Ascenza, Selectis