Privacy Notice

At AIS we are committed to the privacy of our students, guardians, employees and all people who in any way have a relationship with us, namely the users of our website.

In this Privacy Policy, we disclose how we collect the personal data of those who access our website and, and how we treat the personal data made available to us, whether in hard copy (printed documents and forms), or in digital format (namely through our website, information systems and email) by parents or guardians. We also disclose all the rights of personal data subjects.

We try to make this policy as clear and transparent as possible, but if something is not clear, please contact us at the following email address [dpo@ais-edu.pt].

 

• LEGAL FRAMEWORK

We guarantee strict compliance with the applicable legislation on personal data protection, namely Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016 (“GDPR”) and Law no. 58/ 2019, of 8 August, which implements the GDPR in the Portuguese legal system.

At the same time, and because the activity of AIS necessarily involves processing personal data of children, AIS always guides its action observing the essential principle of the best interest of the child, enshrined in several legal instruments, including the United Nations Convention on the Rights of the Child and the Charter of Fundamental Rights of the European Union.

 

• PERSONAL DATA CONTROLLER

The company Almada International School – Edu Lda. (“AIS” or “School”), headquartered at Rua Deniz Jacinto, 61, 2.º Esq., 2815-695 Setúbal, registered at the Commercial Registration Office under single registration and legal person identification number 517136481, is the personal data controller.

AIS is an entity dedicated to teaching children in nursery school, kindergarten, pre-school education, as well as first and second cycles of primary school, and, to that extent, shall process personal data of students, guardians, employees and other people who are somehow related to AIS.

 

• WHEN IS THE PERSONAL DATA OF STUDENTS AND TEACHERS AVAILABLE
• Upon expression of interest by guardians;
• When pre-enrolling the student;
• At the time of the student’s first registration at the School;
• In annual registration renewals;
• At the beginning of the school year.

In each case, when applicable, the consent of the guardians is requested and the purposes for which the data are required are clearly communicated.

 

• WHAT PERSONAL DATA DO WE PROCESS

Personal data is any information, of any nature and regardless of medium, that identifies or is likely to identify a natural person.

We only collect the data that we believe essential to provide our services and carry out the educational activity of the School, including admission and enrolment of students.

Specifically, we essentially process the following categories and types of personal data:

Student identification data: Name, gender, date of birth, nationality, native language, second language, tax identification number.

Students contact details: addresses.

Other student data required for pedagogical management: educational institution previously attended, number of siblings applying/attending the School, special educational needs, information on health status or provision of health care, dietary restrictions, image/photograph, religion.

Identification data of guardians: Name, gender, tax identification number, family situation, profession.

Contact details for guardians: address, telephone number, email address, other contact details.

Website user navigation data: information relating to how you use our website.

 

• PURPOSES AND LEGAL BASIS FOR TREATMENT

Under the terms of the General Data Protection Regulation, the use of personal data must be justified under at least one of the following legal grounds for its processing:

• When consent has been given for the processing of personal data;
• When processing is required to enter into an agreement or execute it;
• When processing is necessary to comply with the legal obligations that the controller is subject to;
• When processing is necessary to achieve a legitimate interest and that interest prevails over the rights of data subjects, in terms of data protection;
• When treatment is necessary to allow declaring, exercising or defending a right in legal proceedings by any of the parties involved or a third party.

 

AIS shall treat personal data on the following legal grounds and for the following purposes, which are essentially related to the educational activity carried out by the School:

Goal	Data categories	Legal basis
Pre-registration and selection of student applicants	Student identification and contact details; Identification and contact details of guardians	Execution of an agreement or pre-contractual steps; Legitimate interest of AIS
Student enrolment	Student identification and contact details; Other student data; Identification and contact details of guardians	Execution of an agreement
Provision of teaching services/Management and development of educational activities	Student identification and contact details; Other student data; Identification and contact details of guardians	Performance of an agreement; Legitimate interest of AIS
Communication/publicity of the School’s activities	Identification and contact details of guardians	Execution of an agreement
Safety and security of students, namely, provision of primary health care and medication when necessary	Student identification and contact details; Other student data	Performance of an agreement; Consent and/or defence of the student’s vital interests for the processing of health data
Management of initiatives for internal/external communication	Student identification data; Other student data (photograph)	Performance of an agreement; Consent for image data
Sending commercial communications (newsletters)	Identification and contact details of guardians	Consent; Legitimate interest of AIS
Compliance with legal obligations	Student identification and contact details; Other student data; Identification and contact details of guardians	Compliance with a legal obligation
Website operation management	Website user navigation data	Legitimate interest of AIS
Website quality improvement and user visit optimisation	Website user navigation data	Legitimate interest of AIS

 

• DATA SHARING WITH THIRD PARTIES

As part of providing our services as an educational establishment, we may be legally required to share personal information with relevant authorities or third parties, as required by law, such as in the following cases:

• To entities linked to the Ministry of Education (for example in the context of carrying out exams and assessment tests) and other State bodies to which the School is, in compliance with the legislation in force, obliged to send information (for example Tax Authority, Courts, Regulators and Criminal Investigation Authorities)
• To service providers such as:
  • Language certification bodies;
  • Software services (e.g. billing);
  • Tourism services (e.g. travel agencies);
  • Curriculum enrichment activity services;
  • Insurance companies.

In these cases, we shall ensure that contractual safeguards are in force to guarantee the privacy and protection of personal data, namely, limiting the processing of data to the strict purpose for which they are intended.

 

• RETENTION PERIOD

Personal data shall only be kept for the time required to fulfil the purpose for which they were collected. They may be kept for a longer period for archiving for public interest, scientific or historical, or statistical purposes. When this data is no longer needed or the maximum time allowed for us to keep it has been reached, it shall be destroyed or anonymised.

 

• RIGHTS OF DATA SUBJECTS 

We make every effort to ensure that personal data are correct, current and complete, in accordance with the purposes for which they were collected.

Without prejudice, the guardian has the right, namely, to access the personal data that they have made available to the School, and to request the rectification of inaccurate data, or, when applicable, to request its deletion whenever the data are no longer needed for the purposes for which they were collected.

We explain in the table below, briefly, the rights of data subjects:

 

RIGHT OF ACCESS	You can request information about the processing of your personal data and request access to them.
RIGHT OF RECTIFICATION	You have the right to rectify your personal data if they are incorrect or out of date and/or to complete them if they are incomplete.
RIGHT OF DELETION	You can request the deletion of any personal data at any time, unless there are circumstances that prevent immediate deletion of the data (for example, legal reasons or legitimate interests).
RIGHT OF OBJECTION	You have the right to object, at any time, to the processing of your personal data, for reasons related to your particular situation, whenever processing is based on the pursuit of the legitimate interests of the controller or of a third party, unless there are compelling reasons. and legitimate reasons that prevail over your interests, or in the case of legal proceedings. You may also, by exercising this right, object to the receipt of direct marketing communications at any time, through the option provided by AIS in each marketing email sent.
RIGHT OF PORTABILITY	You have the right to receive personal data concerning you, in a structured, commonly used and machine-readable format, and the right to transmit this data to another organisation. This only applies to data for which processing was based on your consent or entering into an agreement, and if processing is carried out by automated means.
RIGHT TO LIMITATION OF TREATMENT	You can request that, for a certain period of time, the processing of data be limited in its use, and the data cannot be communicated to third parties, transferred internationally or deleted.
RIGHT TO WITHDRAW CONSENT	You can withdraw the consent granted at any time. The withdrawal of consent does not compromise the lawfulness of the treatment carried out based on the previously given consent.
RIGHT TO FILE A COMPLAINT TO THE NATIONAL DATA PROTECTION COMMISSION	You also have the right to file a complaint with the national data protection authority, when your personal information is or is being used in a way that you believe is not in compliance with applicable law.

 

You may exercise any of these rights by contacting us using the contacts provided below (“CONTACTS”).

 

• INTERNATIONAL TRANSFERS

We shall not transfer your personal data to any country outside the European Economic Area.

 

• COOKIES

AIS uses cookies and similar devices on its website. Cookies are small text files stored on your computer or mobile device when you access certain websites or other online services, containing information regarding your navigation.

To find out more about the cookies used, please consult our Cookies Policy.

 

• INFORMATION SECURITY

Information security and protection of personal data are priorities for AIS. In this sense, we have implemented the necessary technical and organisational measures, including encryption and authentication tools, to help protect and maintain the security, integrity and availability of personal data of students and parents.

The technical, organisational and physical procedures that we have in place guarantee the confidentiality of your personal data, protecting them from accidental or unlawful destruction, loss, change, disclosure or unauthorised access and against other illegal forms of data processing.

Although the transmission of data over the internet cannot guarantee complete security against intrusions, we make our best efforts to implement and maintain physical, digital and organisational security measures aimed at protecting information, in compliance with applicable data protection requirements.

We highlight, among others, the following measures:

• Restricted personal access to personal data based on the “Need to Know” criterion and only within the scope of the purposes communicated;
• Transfer of data collected in encrypted form, using SSL certificates;
• Protection of information technology systems through firewalls, with a view to preventing unauthorised access from outside;
• All teachers and other employees of the School sign a confidentiality declaration, which includes clauses of duty of secrecy in the scope of the data to which they have access in the strict fulfilment of their obligations;
• Implementation of written procedures within the scope of processes that include the processing of personal data and their periodic reviews, documents that may be consulted at the request of Parents and Guardians;
• Permanent monitoring of access to information technology systems with a view to preventing, detecting and preventing misuse of information;
• Any entity that we subcontract shall be bound by equivalent security measures, permanently acting under our duly documented instructions.

In this regard, it is critical that the login data of guardians, namely passwords, be kept with utmost secrecy and care, thus preventing misuse.

 

• LINKS TO THIRD-PARTY SITES

The AIS Privacy Policy is not applicable to third-party websites, so if you visit or have access to another website, you should always read the privacy policy of that website and confirm that you agree with its terms before providing your data.

AIS is not responsible for the privacy policy or for the content made available on such third-party websites.

• CHANGES TO THE PRIVACY POLICY

Bearing in mind that practices regarding the processing of personal data may change from time to time, this Privacy Policy shall also be updated accordingly and with the same regularity, so we advise you to consult it from time to time. If there is a significant change, we shall inform you directly by email.

 

• CONTACTS

If you have any questions about this Privacy Policy or wish to exercise your rights as the personal data subject indicated in “RIGHTS OF PERSONAL DATA SUBJECTS”, please contact us using the following contacts:

• [dpo@ais-edu.pt]