Skip to Content

PRIVACY POLICY

In accordance with data protection legislation, this Privacy Policy informs users of the YOO Lisbon Resident Portal (hereinafter, the “Portal“) on the processing of their personal data.

1. Data Controller

The user of the YOO Lisbon Resident Portal (hereinafter, the “User”) is hereby informed that his/her personal data will be collected through the Portal and further processed by the Portuguese company HERDADE MONTEVERDE, S.A., legal person no. 517808790, with registered office at Avenida Fontes Pereira de Melo, 6, 5th floor, 1050 - 121 Lisbon, with share capital of € 50.000,00 (hereinafter, “HMSA”).

2. Purposes and legal bases for processing

HMSA will process personal data for different purposes. The table below lists those purposes and the lawful basis for each purpose.

Purposes of data processing

Legal basis

Account Management: To create and manage User accounts, authenticate Users, and provide access to the Portal.

Contractual Necessity: Account management is essential for fulfilling the contract with the User.

Service Provision: To facilitate and manage resident services, including maintenance requests and booking services.

Contractual Necessity: Service provision is essential for fulfilling the contract with the User.

Communication: To communicate with residents regarding their inquiries, requests, and updates about the community.

Legitimate interests: Communication is necessary for maintaining good customer relations and ensuring effective service delivery.

Billing and Payments (if this functionality is available in the Portal): To process payments, manage billing information, and handle financial transactions related to resident services.

Contractual Necessity: Billing and payments are essential for fulfilling the financial aspects of the contract with the User.

Security: To ensure the security of the Portal, prevent fraud, and protect against unauthorized access.

Legitimate interests: Prevention of equipment damages and data breaches, and guarantee service continuity.

Legal Compliance: To comply with legal obligations and respond to lawful requests from public authorities.

Legal Obligation: HMSA must carry out its business activity in abidance with the law.

Legal Claims: To establish, exercise or defend legal claims.

Legitimate interest: Protection of legal rights and interests (HMSA’s and/or those of the Users, as applicable).

Marketing Communications: to inform the User about offers promotions related to our services and promote our services.

Consent or
Legitimate Interest (as applicable): HMSA’s interest in promoting relevant services to the Users.

In addition to the purposes described above, HMSA may also process personal data of Users of the Portal for statistical purposes, limited, however, to the minimum necessary for such purpose and using anonymization. For more information, please read our Cookies Policy.

3. Mandatory information

To provide you with our services or respond to your requests, we require certain mandatory information. This includes, but is not limited to, your name and email, for example. Failure to provide any mandatory information may result in the inability to access or use certain features of HMSA services or communicate with us.

4. Data communications

The Users’ personal data may be communicated to the following parties:

Service Providers: Third-party companies that are payment service providers (if payments through the Portal are available); other companies that provide services on our behalf or in connection with the property, such as maintenance, security and leisure services; third-party entities with which HMSA collaborates to provide some of the additional services to residents.

Property Management: Authorized personnel within our property management team who need access to the data to perform their duties.

Legal and Regulatory Authorities: Government bodies, regulators, law enforcement entities and courts, as required by law or to protect our legal rights.

Other Residents: Limited information may be shared with other residents for community-related activities, provided there is sufficient legal basis for processing.

5. Retention of data

With reference to the personal data derived from the contractual relationship, the same shall be kept for as long as the agreement subsists and, afterwards, for the limitation period of any claims in connection with the same, in accordance with the law.

Regarding data processing based on consent or legitimate interests, the information shall be kept by HMSA for as long as the consent is not withdrawn by the User or until the data subject’s right to object is granted.

HMSA may retain personal data for as long as necessary to fulfil the purposes for which it was collected, including to comply with legal obligations. This means that we may keep your data for a period required by applicable laws and regulations. When personal data is needed by to prove compliance with contractual or other obligations, the data can be retained until the statute of limitations for the corresponding rights expires.

6. International transfers of data

The personal data of a User of the Portal may be transferred to, and processed in, countries other than Portugal. These countries may have data protection laws that are different from the laws of your country. We ensure that appropriate safeguards are in place to protect your personal data when it is transferred internationally, in accordance with applicable data protection laws. For this purpose, HMSA usually relies on the following safeguards at least:

  1. Standard Contractual Clauses (SCCs): We may use SCCs approved by the European Commission to ensure that your data is protected according to high standards during international transfers.
  2. Adequacy Decisions: When transferring data to countries recognized by data protection authorities as having adequate data protection laws, we ensure that these transfers comply with applicable regulations.

If the User wishes to obtain additional information or relevant documentation on international transfers of personal data, he/she may contact HMSA at the following e—mail address: markus@yoolisbon.com.

7. Users’ rights over their personal data

Users, as data subjects, have the following rights:

  • Right of access: Users have the right to request HMSA for information regarding the processing of their personal data and, if requested, a copy of their data subject to processing;
  • Right of rectification: in case of incomplete or inaccurate data, Users have the right to request their rectification;
  • Right to erasure: Users have the right to request the erasure of their personal data subject to processing by HMSA.
    However, this right is limited in certain situations, for example, when the processing of data is necessary to comply with legal obligations to which HMSA is subject, or when such processing is necessary for the establishment, exercise or defence of legal claims.
  • Right to restriction: Users have the right to request HMSA to restrict the processing of their personal data or to suspend processing activities in cases where:
    • Users contest the accuracy of their personal data, for a period that allows HMSA to verify its accuracy;
    • The processing is no longer necessary for HMSA but the data may be required for the establishment, exercise or defence of legal claims;
    • The Users have objected to processing, until verified whether the legitimate interests of HMSA or third parties override those of the Users.
  • Right to portability: Users have the right to receive their personal data, provided through a contract or based on consent, in a structured format, in common use and machine-readable format. They also have the right to have their data transmitted to another controller, whenever technically possible.
  • Right to object: Users have the right to object to the processing of their personal data in cases where the data is processed based on the legitimate interests of HMSA, except in cases in which HMSA presents compelling and legitimate reasons that prevail over the rights of the data subjects;
  • Automated individual decision-making, including profiling: Users have the right not to be subject to any decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.
  • Users also have the right to lodge a complaint to a Data Protection Authority if they consider that their rights over their personal data have been infringed. In Portugal, such authority is Comissão Nacional de Proteção de Dados.

As part of a request to HMSA regarding any of the rights identified above, Users may be asked to prove their identity in order to ensure that personal data is shared only with the relevant data subject. The exercise of rights is free, except in cases of manifestly unfounded or excessive requests, in which case a reasonable fee may be charged considering the costs.

8. Security

HMSA will endeavour to protect the confidentiality of Users' personal information. However, due to the design of the Internet, constant changes in technology and other factors outside our domain, we cannot guarantee that communications between the Users and the Portal will not be exempt from unauthorized access by third parties. To the maximum extent permitted by the applicable law, we do not accept any responsibility for the disclosure of personal information caused by errors in transmission or unauthorized or unlawful acts of third parties.

9. Updates and changes

HMSA may update or change this privacy policy, reason why we recommend that Users check this Policy regularly.