This Privacy Policy regulates the processing of the personal data of users (hereinafter "User" or "Users"), collected in the context of their interactions with Medeiros, Fernandes de Almeida, Heitor & Associados - Sociedade de Advogados SP RL ("MFA Legal"), as the entity responsible for the processing, starting with the use of the website www.mfalegal.pt (hereinafter "Website").
The provision of your personal data implies knowledge and acceptance of the conditions contained in this Privacy Policy. This Privacy Policy is complemented by the Terms and Conditions of Use and the Cookies Policy.
This Privacy Policy includes information on:
In your interactions with MFA Legal you may provide us with personal data, which we will process for different purposes and, depending on the purpose, on different legal grounds.
You can find out more about the data collected and the purpose and lawfulness of the processing in the following table:
| PurposeLegal grounds | Legal grounds | Personal data processed | |
| Provision of legal services | Opening files, registering and managing clients | MFA Legal's legitimate interests in organising its client portfolio | Identification details, contact details and details of your professional occupation |
| Analysing new clients and potential conflicts of interest | Compliance with legal obligations | Identification details, contact details and details of your professional occupation | |
| Provision of the contracted service | Execution of the service contract | Identification data, data relating to communications that need to be analysed, among other data that may be necessary within the scope of the contracted service, communicated in due course. This data may include special categories of data (such as data relating to trade union membership or health data) or data relating to criminal convictions and offences | |
| Keeping information on the service provided | MFA Legal's legitimate interests in keeping its documentation organised | Personal data processed as part of the provision of services | |
| Purchase of services | Search for proposals to provide the services we need | Pre-contractual enquiries | Identification details, contact details and details of the service you provide |
| Hiring the services we need and carrying them out | Execution of the service agreement | Identification details, contact details and details of the service you provide | |
| Invoicing | Compliance with legal obligations | Identification and contact details; information on the legal services provided and payment details used | |
| Sending communications | Sending newsletters, alerts and other informative texts | Consent of the data subject | Name and email address |
| Response to contact request | MFA Legal's legitimate interest in guaranteeing a response to any request for information from visitors to the Website | Identification data, contact details, the message you have sent us and any data you have made available through this website. | |
| Sending relevant communications | MFA Legal's legitimate interest in maintaining personalised contact with its former clients or employees | Identification and contact details | |
| Organising and managing events | Management of participation and communication with participants in events | MFA Legal's legitimate interest in organising and promoting its events | Identification details, contact details, details of your academic and |
| Internal and external promotion of organised events | Consent of the data subject | Identification data, data relating to the academic and professional background and/or image and voice data of the participants | |
| Protecting people and property on MFA Legal's premises | MFA Legal's legitimate interest in guaranteeing the safety of visitors and the property on its premises | Image, identification data and reason for visiting us | |
| Participation of MFA Legal in legal directories or applications for sector awards | Consent of the data subject | Identification details, details of your professional occupation and, where applicable, contact details | |
| Application for recruitment | Pre-contractual enquiries at the request of the user | Identification details, details of your academic and professional career, contact details | |
| Use of the website and interactions with the communications we send you | Making the website available and analysing its use and interaction with it | Legitimate interests of MFA Legal or consent of the data subject, as applicable | Data relating to your interaction with our website. For more information on this processing, please consult our Cookie Policy |
| Analysing your interaction with the communications we send you | MFA Legal's legitimate interests in understanding the scope of the communications sent | Data relating to your interaction with the communications we send you, for example, whether you open the documents attached to our newsletters. | |
Whenever your data is necessary for the fulfilment of our legal obligations or for the performance of pre-contractual steps or for the execution of an agreement, failure to provide it may frustrate the possibility of establishing a relationship with us.
When you provide us with the personal data of third parties, such as your employees, service providers, counterparties or others, you should ensure, where possible, that they are informed of how we may process their personal data.
The personal data collected is processed in strict compliance with the applicable legislation. Personal data will be kept in accordance with the respective purposes and respecting the applicable legal deadlines. Therefore, and whenever there is no specific legal requirement, the data will be stored and kept only for the appropriate period and to the extent necessary for the purposes for which it was collected, unless the right to object, the right to erasure or the right to withdraw consent is exercised within the legal limits.
Find out more about the applicable conservation periods.
| Purpose | Shelf life |
| Opening files and managing clients | For the duration of the contractual relationship for the provision of legal services |
| Provision of the contracted service | For the duration of the contractual relationship for the provision of legal services |
| Keeping information on the service provided | 20 years after the termination of the service contract concluded |
| Search for proposals to provide the services we need | For the period necessary to contract the service in question |
| Hiring the services we need and carrying them out | For the period necessary for the performance of the contract |
| Invoicing | 10 years |
| Sending newsletters and other informative texts | As long as you keep your consent |
| Response to contact request | For the period necessary to respond to your request |
| Sending other relevant communications | 1 year after the last contact, without prejudice to the exercise of their right to object to processing |
| Management of participation and communication with participants in events | For the period necessary for the organisation of the event and subsequent relevant communications |
| Internal and external promotion of organised events | For the period necessary to publicise the event, without prejudice to their right to withdraw their consent |
| Protecting people and property on MFA Legal's premises | 30 days |
| Participation of MFA Legal in legal directories or applications for sector awards | For a period of 1 year or until you withdraw your consent |
| Application for recruitment | 1 year |
| Use of the website | In accordance with the Cookie Policy |
Please note that in the event of potential litigation or litigation in which MFA Legal is directly involved, it may be necessary to extend the retention of the aforementioned personal data until it is finalised.
MFA Legal may pass on your personal data:
a) When you use other entities to provide certain services, since this provision of services may imply that these entities have access to your personal data. Therefore, any subcontracting entity of MFA Legal will process your personal data on behalf of MFA Legal, following our instructions and under the terms of the subcontracting agreement signed with said entities;
b) To third parties, when it deems such data communications to be necessary or appropriate (i) in the light of applicable law, (ii) in fulfilment of legal obligations/court orders, (iii) the resolutions or decisions of supervisory authorities or (iv) to respond to requests from public or governmental authorities.
In any of the above situations, MFA Legal will take all appropriate measures to ensure the effective protection of personal data.
In addition, the Website provides buttons for sharing content via the User's social media. The use of these buttons implies the transmission of the User's data to the providers of the social media in which they are logged in with their user account. If you do not want any social network to have access to your information collected through the Website, you must ensure that you are not logged into your user accounts or terminate their sessions. On the other hand, you can also refuse the installation of third-party cookies used to make this content sharing possible, under the terms better described in the Cookies Policy.
MFA Legal makes every effort to protect Users' personal data from unauthorised access. To this end, it uses security systems, rules and other procedures to guarantee the protection of personal data, as well as to prevent unauthorised access to data, improper use, disclosure, loss or destruction.
It is, however, the responsibility of Users to guarantee and ensure that the devices and equipment used to access the Website are adequately protected against harmful software, computer viruses and worms.
In addition, Users should be aware that without the adoption of appropriate security measures (e.g. secure browser configuration, up-to-date antivirus software, use of a firewall and not using software of dubious origin), the risk of personal data and passwords being accessed by unauthorised third parties is increased.
In addition, in the event of any defect or anomaly being detected on the Website, the User must immediately notify MFA Legal of its existence and not seek to access commercial information, personal data of other users, alter the characteristics of the Website or, in any other way, exploit the defect or anomaly in order to use the Website in an irregular, unlawful or different way to that designed by MFA Legal.
MFA Legal may transfer personal data to third countries (located outside the European Union or the European Economic Area) or international organisations, within the scope of the purposes set out in this Policy, for which there is no adequacy decision adopted by the European Commission. In this case, MFA Legal undertakes to adopt the appropriate security measures to ensure the confidentiality and protection of personal data, under the terms of the applicable legislation on the protection of personal data. In particular, the data transferred will be subject to the appropriate safeguards laid down by law, and additional measures will be taken to ensure that personal data enjoy a level of protection essentially equivalent to that existing in the European Union.
Data collected during your use of the Website may be transferred outside the European Economic Area if you give your consent to the placement of certain categories of cookies (e.g. analytical or advertising cookies). These files are placed by third parties based in countries that do not have an adequacy decision from the European Commission and that do not offer a level of personal data protection essentially equivalent to that of the European Union (such as the United States of America). By way of example, the use of cookies placed by the tools "Google Analytics" (provided by Google) or "AddThis" (provided by Oracle Corporation) could imply disproportionate access to your data by US government authorities and intelligence services or the impossibility of effectively exercising your rights.
For more information on the use of these cookies, please see our Cookie Policy.
You can request additional information on the transfer of your data by writing to privacidade@mfalegal.pt.
The Website uses cookies. To find out more, see our Cookie Policy, here.
Under the terms of the applicable legislation, the User may at any time request access to personal data concerning them, as well as their rectification, erasure, restriction of processing, portability of their data, or object to their processing.
Users can also obtain confirmation of which personal data concerning them is being processed and, if they so request, a copy of the data being processed will be made available to them.
Under the terms of the law, the User is also guaranteed the right to withdraw their consent to the processing of data for the purposes indicated, although this does not invalidate the processing carried out up to that date on the basis of the consent previously given.
To exercise any of the above rights, the User must submit a written request to the following contacts:
Without prejudice to any other administrative or judicial remedy, the User has the right to lodge a complaint with the relevant supervisory authority under the terms of the law if they believe that the processing of their data by MFA Legal violates the legal regime in force at any given time.
Users may contact MFA Legal on all matters relating to the processing of their personal data and the exercise of the rights conferred on them by the applicable legislation, referred to in this Policy, through the following contacts:
MFA Legal reserves the right to amend these terms of processing of personal data at any time. These changes will be publicised on the Website and/or communicated to Users via the contact details provided.
Date of last update: 06/11/2023.