The collection and processing of personal information are necessary for compliance with Anti-Money Laundering and Counter-Terrorist Financing (AML/CTF) obligations prior to the commencement of a business relationship, in the case of occasional transactions, and for the monitoring and continuation of such relationships. Failure to provide this information may prevent or delay the completion of the contractual relationship.
Additional information about you may also be collected, directly or indirectly, through official public information sources or private databases specialised in AML/CTF matters, for the purpose of validating or updating existing data or for assessing and verifying your risk profile (KYC/KYT).
The personal data collected and processed will be used for the following purposes:
i. Management of the contractual relationship, based on the performance of the contract(s);
ii. Assessment of client risk and proper recovery of amounts due under the contract(s), based on the pursuit of legitimate interests;
iii. Assessment and management of AML/CTF risk and the performance of mandatory reporting obligations to the competent authorities, in accordance with legal requirements.
Blue Marlin informs that it does not use automated decision-making processes or artificial intelligence in the internal analysis of personal data.
You may, at any time, request access to your personal data and request its rectification, which Blue Marlin will carry out as promptly as possible. In accordance with Articles 17 to 21 of the GDPR, you may object to the processing of your personal data, restrict its use, request its erasure, or request that we share such data with other organisations.
If you wish to exercise your rights, please contact us using the details provided below.
Blue Marlin undertakes to cooperate to the fullest extent possible regarding complaints related to the processing of personal data. If you consider that Blue Marlin has not adequately resolved a complaint, you have the right to lodge a complaint with the competent supervisory authority – the Portuguese Data Protection Authority (CNPD).
As a general rule, Blue Marlin does not transfer or share personal data with third parties, except where required by legal or regulatory obligations.
However, on an exceptional basis, Blue Marlin may engage third-party service providers where this is necessary or considered to add value, under its full direction and responsibility (for example, companies performing identification and due diligence procedures, in whole or in part, for the purpose of complying with AML/CTF legal requirements). In such cases, Blue Marlin shall take all necessary measures to ensure that such service providers offer adequate safeguards regarding the protection, security and confidentiality of the shared personal data and act exclusively in accordance with Blue Marlin’s instructions.
Blue Marlin ensures the implementation of appropriate technical, organisational and security measures to protect personal information, preventing its loss, misuse, alteration or destruction, and ensuring the integrity, availability and confidentiality of the data.
Only authorised personnel, subject to duties of secrecy and confidentiality, shall have access to personal data.
Your personal data shall be retained only for the period strictly necessary for the purposes of processing or as required by legal or regulatory provisions. During the retention period, data integrity and access are ensured at all times.
Blue Marlin’s main information support systems are hosted on servers located in Portugal and/or within the European Economic Area (EEA).
However, in the context of using website analytics and management tools, such as Google Tag Manager (GTM) and Google Analytics, personal data may be transferred to countries outside the EEA, namely to the United States of America.
Such transfers are carried out in compliance with the General Data Protection Regulation (GDPR), through the implementation of additional technical and organisational measures designed to ensure an adequate level of protection of personal data, including the execution of standard data protection clauses, the use of binding and legally enforceable rules, or the explicit consent of the data subjects.
Blue Marlin makes every effort to ensure that users’ personal data are processed securely and in compliance with applicable data protection legislation.
For any questions related to the processing of your personal data, please contact us:
Address: Praça do Liége, 189, 4150-455 Porto
Telephone: +351 226 104 240
Email: protecaodados@bluemarlin.pt
