In strict compliance with applicable legislation and with a constant concern for transparency and impartiality, we have introduced new security practices and improved procedures to ensure legality in its areas of operation.
The protection of data subjects in relation to the processing of Personal Data is a fundamental right, so their privacy is important to our company. Thus, we intend to clarify what Personal Data we collect, for what purposes it is used, what principles guide its use, what rights citizens/owners of such data have, and also how such data can be protected for the exercise of those rights.
Statement of Purpose
Although Cegoc is generally not a Data Controller (DC), particularly when there is no direct contractual link with the data subject, but rather a Subcontractor, we respect their right to privacy and deserve the trust they place in us.
We aim to treat data in a fair and equitable way and always lawfully, promoting the balance of interests and fundamental rights of all stakeholders in any data processing process.
This Policy applies to all natural persons whose data is being processed by Cegoc in the context of interventions directly contracted by the data owner, its employer or partner.
Your data will be processed by Cegoc, legal entity number PT 500 059 918, with headquarters at Rua General Firmino Miguel, Nº 3 A/B, R/C – 1600-100 Lisboa. This company is responsible for the processing of personal data under the terms of the General Data Protection Regulation.
Cegoc, as controller of your data:
- Ensures that the processing of your Personal Data is carried out according the purpose(s) for which they were collected or for purposes compatible with the initial purpose(s) for which they were collected;
- Undertakes the commitment to implement a culture of data minimisation, in which it only collects, uses and keeps Personal Data strictly necessary for the development of its activity and the satisfaction of citizens’ interests;
- Does not disclose or share your Personal Data for other purposes than those initially identified.
Data Protection Provider
For questions regarding the processing of your personal data, Cegoc has appointed a data protection provider, so you can contact the provider directly to have the questions you wish to ask clarified by the email firstname.lastname@example.org.
Note: This provider is not and does not perform exactly the same functions as a data protection responsible.
How we collect and use personal data
Your Personal Data may be provided through written requests, communication, participation, orally, on a website or otherwise lawful and in accordance with the legal system as a whole.
In addition to the specific purpose for which they are requested, personal data are used:
- For statistical purposes;
- To improve the services we provide;
We also collect the information you provide us and the content of the messages you send us, such as comments, suggestions and criticisms/complaints in a logic of continuous improvement.
Personal Data are processed on the basis of a lawful situation under the terms of the General Data Protection Regulations, according to the fulfilment of Cegoc’s strategic mission and whenever justified in the pursuit of its legitimate interests.
Personal data we collect
The Personal Data we collect depends on the scope of the services contracted with Cegoc, within the scope of its activity and in the fulfillment of the attributions that are legally assigned to the company.
The Data we collect may be as follows:
Identification (namely for preparation and development of the contracted service and/or business contacts/email marketing)
- Email address;
- Telephone contact;
Identification for the purpose of issuing training certificates in accordance with Ordinance n. 474/2010
- Full name;
- Birth date;
- Tax number;
- Number and validity of the Identification Document (ID/CC, Passport or Residence Permit);
- Country of origin;
- Place of birth;
If there is any legal relationship which implies any payment by the data subject, we collect the data necessary to issue the invoice/payment of the invoice, according to the method defined:
- Tax number;
- IBAN number (in the case of payments to be made by Cegoc to the data subject).
- When organizing conferences, webinars, networking events, and other events, we may collect the name, email address, job title, company, and phone number of each participant. In addition, we may collect details pertaining to professional profiles, including photos and information from social media profiles, as well as the names and email addresses of contacts from event partners. We may also collect any feedback or information participants, speakers, and/or partners have volunteered to provide to us via questionnaires submitted prior to or during events. We will use such data to organize and market such events, manage event participation, and present details about speakers and sponsors in the programs and/or brochures of such events, as well as on our website and via social media. We may share information on participants and speakers other than their contact details with our event partners, as listed on the event webpage, to prepare, improve, and organize the event, including the collection and review of event statistics, and to ensure that the event’s contents are relevant to and customized for the event audience.
Some public Cegoc events can be recorded by means of photographs, audio recordings, and/or videos. Such photographs and recordings may subsequently appear on the respective conference webpage, on social media, or in the press. All events to be thus documented will be clearly indicated as such. Cegoc may separately seek your consent prior to recording if you are to feature predominantly in the planned recording (e.g., speakers and participants in interviews).
- Based on participants’ and speakers’ consent, we may share participants’ and speakers’ contact details with our event partners, as listed on the event webpage, for any follow-up communication, including marketing communication, on a one-time basis. We may ask you for such consent during your event registration and/or during the course of the event. For more details on the withdrawal of your consent, please see the Your Rights section, below. Your consent for us to share your contact details with event partners is unrelated to any consent that you may grant directly to any event partner during event networking, including by allowing an event partner to scan your electronic business card.
- If you request us to arrange additional event-related services for you, such as booking accommodation and/or flight tickets, we will also use your personal data to secure the requested arrangements.
- Networking tools at events: Cegoc may provide specific tools during the event to enhance your networking opportunities — in particular, a networking application and electronic business cards, as described below.
- Mobile application: In the event mobile app, your name, company, and job title (along with your photo, profile, and social media information, as provided by you) are visible to all other event participants. Opting for “private mode” will ensure that your name and contact details do not appear in the application.
Cegoc will process your personal data for the following purposes
- Customer management
- Space management
- Human Resources Management
We will share your Personal Information with third parties:
- With your consent;
- In strict compliance with legal obligations;
- To defend Cegoc’s legitimate interests.
Your personal information may be disclosed:
- In the scope of the CEGOS Business Group;
- To Cegoc’s partners/ service providers;
- To regulators, certifiers and inspectors.
Your Personal Data may be processed by subcontractors by Cegoc, namely for the execution of services, technological support to Cegoc tools, web page hosting, sending information about new services, products ans events. These subcontractors are only provided with the personal data necessary for the provision of the service in question.
Cegoc guarantees that its subcontractors will process your data only according to the purposes that justify the treatment and within the legal boundaries required by the GRDP.
We use a set of appropriate security technologies and procedures to protect your Personal Data from unauthorized access, use or disclosure, such as access control and monitoring of databases and information systems, which ensure a complete audit and potential accountability of access.
Data encryption can also be used to achieve high levels of security.
How to exercise your rights
At your request, we allow you to exercise the following rights: the right to access, rectification and updating, limitation of processing, opposition, direct marketing and erasure of personal data, where the provisions of the regulation allow this under the established legal regime.
If the processing depends on your consent or agreement and it is carried out by automated means, you have the right to the portability of the personal data previously provided, in a structured, commonly used and computer readable form.
You have also the right to withdraw consent at any time without compromising the validity of the data processing carried out up to that point.
Your requests will be handled with special care so that we can ensure the exercise of your rights. You may be asked to prove your identity in order to ensure that the personal data is only shared with the data subject.
You should be aware that in certain cases (e.g. due to the complexity of the process) your request may not be fulfilled immediately, but as a rule we will try to comply with the legal deadline of one month and only exceptionally given the complexity of the request, we will exceed that deadline.
In any event, you will be informed of the steps taken in this regard within a maximum of one month from the time the request is made.
You also have the right to lodge a complaint with the National Data Protection Commission if you consider that your personal data protection rights have not been respected.
Specific identification of rights
- Right to be informed
- Right to access
- Right to rectify and update data
- Right to erase data (‘right to be forgotten’)
- Right to limit the data treatment
- Right to data portability
- Right to object
- Right of opposition to direct marketing
You may obtain further information and exercise your rights from Cegoc’s Data Protection Provider by the e-mail: email@example.com or by writing us to Rua General Firmino Miguel Nº 3 A/B, R/C – 1600-100 Lisboa.
Retention of personal data
We retain your Personal Data for as long as is necessary and reasonable and within the purpose(s) for which we collect it.
Personal data is kept only for the period necessary for the provision of the service or product, or for the fulfilment of Cegoc’s legal or contractual obligations. If we wish to retain the data for different periods, we will ask for your consent.
Deletion or transformation into statistical data
Personal data will be removed as soon as they are no longer necessary for the stated purpose, when consent is withdrawn or when there is no longer any legal obligation to preserve them, and they may also be transformed into statistical data which do not identify the data subject.
Cookies and similar technologies
The placement of cookies not only helps the websites to recognize the device of the Customer / User the next time he visits them, but it will also be essential for their functioning.
The cookies used by Cegoc in all its websites, do not collect personal information to identify the Customer / User, keeping only generic information, including the form or location / country of access of the Customer / User and the way they use the websites, among others. Cookies retain only information related to the preferences of Clients / Users.
This technology is used by Cegoc primarily for:
- Collect IP addresses from users. Cookie information identifies you and if you are subscribed to any service, promotion or event promoted by us, gives an order to the system to access the information about you that we have stored. In this way, we can personalize your preferences and make it easier for you to use our services.
- Carry out statistical studies to distinguish between regular users, in order to calculate the number of users and their growth.
- Recognize if users have visited a certain part of the website and thus avoid the repetitive appearance of the website.
On some occasions, we collect information on our website through temporary or session cookies. These cookies disappear when you close your Internet browser. They are not stored on the user’s hard disk; they are only stored in the temporary memory that is erased after the browser is closed. We use temporary cookies to determine, for example, how our website is used in order to improve its design and usefulness.
Temporary cookies are not associated with any personally identifiable information about you. In any case, you can limit or restrict the admission of cookies through the options of your browser.
For more information about Cegoc’s privacy practices and your rights you can contact us by the email: firstname.lastname@example.org.
When we post changes to this policy, we will simultaneously change its “update date”.
Update Date: September 19th, 2018