PRIVACY POLICY

This website is owned by Quidgest, Consultores S.A.

The purpose of this policy is to provide all data subjects who visit our website or that, by any digital means, provide us with information, the necessary knowledge about the management we make of your personal data.

This Privacy Policy applies only to the personal data for which Quidgest is responsible for the collection and its treatment.


Our commitment

The protection of privacy and personal data is a fundamental commitment of Quidgest. Personal data is not property of the companies but of the people, individually. They belong to you. To safeguard them, while increasing the value to the data subject and offering increasingly efficient, convenient and reliable software utilization experiences, Quidgest complies with all legal requirements in this matter, namely the provisions of Law No. 67/98 of October 26th, Personal Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27th 2016 on the protection of individuals with regard to the processing of personal data and to the free movement of such data.

Your privacy is an essential part of the services we provide and we appreciate the confidence you have in providing us with your personal information.

Data Processor and Data Protection Officer

Quidgest is the entity responsible for the collection and processing of personal data and decides what data is collected, means of processing and purposes for which it is used. Quidgest is committed to:

  • Process your personal data in a lawful and fair manner, collecting only the necessary and relevant information to the purpose for which it is intended;
  • Allow you, as the data subject, access and correction of the information that concerns you, transmitting them in a clearly and strictly language corresponding to the contents of the register;
  • Not using collected data for purposes incompatible with its collection;
  • Maintain accurate and, if necessary, current data;
  • Ensure the consent of the data subject under current legislation;
  • Guarantee the right to delete the data in accordance with the legislation in force;
  • Respect professional secrecy with regard to the processed data;
  • Limiting personal data interconnections to the minimum necessary;
  • Have adequate protection and security measures in place that prevent an unauthorized person from consulting, modifying, destroying or adding data.

The Data Protection Officer (DPO) ensures, among other things, the processing of data in accordance with the legislation in force, by verifying compliance with this Privacy Policy. The DPO also cooperates with the supervisory authority and provides information and advises the controller on its obligations regarding privacy and data protection.


Personal data, data subjects and categories of personal data

  1. What is personal data?

Personal data means any information of any nature and regardless of its support, relating to an identified or identifiable individual person. It’s considered to be an identifiable individual, a person who can be identified directly or indirectly, namely by reference to an identification number or to one or more specific elements of his or her physical, physiological, psychic, economic, cultural or social identity.

  1. Who are the personal data subjects?

 The Customer, Partner, Employee, or singular person to whom the data relates to and who enjoys the services or products of Quidgest.

The Potential Client, Contact or Visitor, as an individual person, to whom the data relates to.

  1. What categories of personal data do we collect, how do we collect them, and how do we process them?

 Quidgest may collect, store and use the following types of personal data:

  • Information for the purpose of registering in the general communication database. The data, requested and collected through the completion of an online registration form, according to the protection and security measures implemented by Quidgest, such as: name, title, telephone, email;
  • Any other information that, as data subject, elects to provide, for example, during support and technical assistance actions or during participation in training actions or events. The personal data provided may include, but not only:
    • Contact information; Professional data; Demographic data;
    • Information about technology preferences, management methodologies and software that you use in your organization;
    • Data relating to the purchase and use of products and services provided by Quidgest in your organization;
  • Personal information available in publicly accessible sources.

The provision of incorrect or inaccurate data is your sole responsibility as data subject. If you want to correct some of this data, you can do so directly in your reserved area.


Foundations, Purposes and Duration of the Personal Data Processing

  1. On what grounds can we treat your personal data?

The processing of personal data is only permissible if at least one of the following situations occurs:

Consent: When, as the data subject, you have given us your express written consent, orally or through the validation of an option, and if such consent is free, informed, specific and unambiguous for the processing of your personal data for one or more specific purposes. Whenever reasonably possible or required by applicable law, we will obtain your consent before collecting or using your personal data.

Compliance with contractual obligations and pre-contractual arrangements: Where the processing of personal data is necessary for the fulfilment of contractual obligations in which the data subject is part of, or for pre-contractual arrangements at the request of the data subject, such as for the preparation of a product and/or services proposal.

Compliance with legal obligations: When the processing of personal data is necessary to fulfil a legal obligation to which Quidgest is subject of, such as the communication of identification data to police, judicial, fiscal or regulatory entities.

Legitimate interest: When the processing of personal data corresponds to a legitimate interest of Quidgest or third parties, such as data processing for the improvement of quality of service and when our reasons for its use should prevail over the rights of data protection.

Defence of vital interests of the data subject or of another individual person: In case the data subject is physically or legally incapable of giving his/ her consent.

Exercise of functions of public interest: When the processing is necessary for the exercise of functions of public interest or for the exercise of the public authority of which the data processor is invested in.

 

  1. For what purposes do we treat your personal data?

The personal data collected is intended for the management and evaluation of needs, interests and expectations, information actions and/ or marketing activities, as well as their inclusion in the general database of communication and to answer questions, suggestions or complaints. Quidgest safeguards that some of the personal data collected, namely for the purposes of registration at one of our internal events, are mandatory, and therefore, in case of insufficient or lack of data, Quidgest can’t accept the registration.

Quidgest may also use your collected personal data to:

  • Provide improved offerings and experiences;
  • Sending information, namely about updates or changes to our products and services, changes to terms, Quidgest’s conditions and policies or commercial communications.
  1. For how long do we process your personal data

Where there is no specific legal obligation, personal data is treated by Quidgest only for the period of time necessary to achieve the defined purpose.


Data subject’s rights

In accordance with the applicable legislation, as a data subject, you have the right to access the data that concerns you, and you may request its rectification or addition by contacting Quidgest for this purpose, through the means and contacts indicated below:

  • Through the Data Holder Portal (when available); or
  • Through communication by email to the Privacy and Information Security Committee: sgsi@quidgest.pt

You may also, as the data subject, at any time, oppose to the processing of your personal data according to the legislation in force.

Subcontractors, Communication and Transfer of personal data

Within the scope of its activity, Quidgest may use subcontractors for all or part of the purposes identified and take the necessary measures to ensure that these entities are reputable and offer security guarantees and process the personal data of the data subjects which they, for that purpose, have access, in accordance with the law and with all the points of this privacy policy.


Cookies

Cookies are small text files that are stored in the device (computer, tablet, mobile phone) through the internet browser (“browser”) and are usually used to retain information about the visit to the site between several sessions (e.g. preferences, pages visited, etc.).

The cookies used on Quidgest sites respect anonymity and are not used to collect any personal information. The information stored in the “cookies” mentioned here are used exclusively by Quidgest, with the exception of Google Analytics, which is used and maintained by Google for statistical purposes and for analysis of searches. For more information on this, you should consult the Google Analytics privacy policy.

Your browser allows you to manage cookies in the configuration options, and may even block all cookies from Quidgest websites. However, Quidgest informs that by blocking cookies, it may not be possible to access certain parts of Quidgest websites or navigation may be less effective.


Protective measures

Quidgest has implemented the appropriate, necessary and sufficient logical, physical, organizational and security measures to protect personal data, namely:

  • Firewall and intrusion detection system;
  • Means of data protection from design (“privacy by design”) and also a set of privacy-friendly preventive measures (“privacy by default”);
  • Audit and control mechanisms to ensure compliance with security policies;
  • All employees are covered by a confidentiality agreement or subject to confidentiality, due to the employment relationship with Quidgest, concerning the data to which they have access related with the operations of their computer database, being duly informed of the importance of complying with that legal duty of confidentiality and being responsible for compliance with this confidentiality obligation;
  • Access rules for data subjects, in the Data Subject Portal, to strengthen control and security mechanisms, with records of operations performed on Logs.

Changes

Quidgest reserves the right to change this policy from time to time. The date of the last update is indicated at the end of this document. If we make changes to this policy and how we use the data subject’s personal data, we will provide an updated version of this policy by posting to our website.

Last updated: 04/05/2018