At Infosistema – Sistemas de Informação SA (Hereinafter called Infosistema) the trust and satisfaction of our customers, employees, and other stakeholders are the main critical factors of our success and, therefore, we want to ensure the security of their personal data as well as the enforcement of all of their rights.
Scope of Application:
This policy applies to our customers, suppliers, candidates, those interested in our products, services, and events, and other parties who have applied to receive information about our services or any of our marketing and communication materials.
In our relationship with stakeholders, we process different personal data collected through various forms and at different times, such as:
- Business Management: Through our website, when you fill out and submit forms or use an email address provided by us for a contact request, download provided materials or registration for our events, training, and other initiatives through our public websites and social networks, third party and partner databases, and directly from the Data Holder themself, the information typically collected includes name/surname, company name, title, email address, and telephone contact;
- Service Management and Contractual Relations: Through the contract, our website, email, in-person and by telephone, when requesting information or following the contracting of services, purchasing products, clarification of questions or performance of surveys and evaluation of the services provided, the information typically being collected includes name/surname, company name, position, telephone contact, and email address;
- Recruitment and Selection Processes: Through our website and recruitment management platform, when you fill out or submit an application, the information typically collected includes name/surname, email address, address, and telephone contact.
Purposes and Lawfulness of Data Processing
The processing of personal data is essential for us to add value to stakeholders, so we use personal data in strict compliance with the provisions of the RGPD and for the following purposes:
- Marketing and Business Actions – We will use personal data, based on consent, to share news, send invitations, conduct questionnaires and market studies, present products and services related to Infosistema and its business group, share studies and research, and disseminate market trends within our industry;
- Recruitment and Selection – We will use personal data, based on consent, to integrate into recruitment processes, share information about ongoing recruitment processes, share data with Infosistema clients, and send communication of opportunities and gauging professional interests;
- Contractual Customer Management – We will use personal data, based on the need to perform the contract, for electronic and telephone contact, in order to improve our service and enhance the partnership relationship, to share news, new products, and complementary services, and invitations, to conduct questionnaires, market studies, satisfaction surveys, and evaluations of the services provided.
The personal data processed will be kept and processed only for the minimum period necessary and proportional to the purposes of its collection. Retention periods, which are unequivocally clear in applicable laws, will be strictly adhered to.
In the case of recruitment processes and in accordance with Labor Law and Labor Code, data will be retained for a period of 2 years.
Subcontracting and Data Sharing
In order for us to add value to our stakeholders, Infosistema may need to share personal data with other external entities that help us with different aspects of our products and services. Thus, Infosistema may disclose information in the following cases:
- Authorities and Public Bodies – Under applicable law, Infosistema is required to disclose personal data to public authorities or bodies so that they may perform their duties, such as Tax Administration, Social Security, Working Conditions Authority, and to judicial authorities within the framework of judicial mandates;
- To JOYN Group – Infosistema is part of a multinational business group – JOYN Group and its data may be disclosed to other group companies in the context of shared services between group companies, joint disclosure, commercial actions, and for the purpose of internal management;
- To Infosistema Clients – Strictly within the scope of the recruitment, selection, and integration processes of human resources, only the personal data that proves necessary for those purposes will be pseudonymised, communicated, and transferred;
- To third party service providers of Infosistema – We ensure technical and organizational measures so that third party service providers may have secure access to personal data in strict compliance with the law by formalizing specific agreements with us governing the use of personal data.
Data Subject Rights
In compliance with the provisions of the GDPR, Infosistema facilitates the Data Subject exercising the rights granted to him or her, subject to proof of identity, including the right to oppose the use of their Personal Data and procedures for requesting and, where appropriate, obtaining free access to that data and its rectification or deletion.
Thus, the Data Subject is granted the following rights:
- Right of access – The Data Subject has the right to obtain from Infosistema confirmation of whether or not they are being processed and, if appropriate, the right to access his or her personal data and information about how we use it, the entities with which it is shared, and the period during which the data is stored among other issues;
- Right of rectification – The Personal Data Holder has the right to request Infosistema to rectify inaccurate data concerning them;
- Right to delete data (“right to be forgotten”) – The Holder has the right to request from Infosistema the deletion of their personal data whenever the data is not necessary for the purpose for which it is used, the Data Subject withdraws their consent, the Data Subject has objected to the processing of Personal Data and there are no prevailing legitimate interests that justify the processing, and Infosistema fulfils a legal obligation under Union or Member State law;
- Right to limitation of processing – The Personal Data Holder has the right to request Infosistema temporarily limit use of their personal data when it is considered to be inaccurate until it is verified or updated, when the data is no longer needed to accomplish its intended purpose, when they oppose the use of their data for any purpose, and while assessing whether Infosistema’s legitimate interest prevails over their right to oppose its use;
- Right of Opposition – The Personal Data Holder has the right to object to the use of their personal data for any of the stated purposes;
- Right to Portability – The Personal Data Holder has the right to receive personal data concerning him or her in a structured format;
- Automated Individual Decisions including Profiling – The Data Subject has the right not to be subject to any decision made solely on the basis of automated processing including profiling that has effects on his or her legal sphere or significantly affects him or her a similar way.
The rights listed above may be exercised by contacting Infosistema and its Data Protection Officer (contacts below).
Any complaints should be addressed to the National Data Protection Commission (CNPD), which is the competent data protection supervisory authority.
Security of Personal Information
Infosistema is committed to the protection and security of personal information by implementing appropriate technical and organizational measures to ensure a risk appropriate level of security and confidentiality and to protect personal data and information from unauthorized access, use, or disclosure. Technical and organizational measures include storing personal data in encrypted databases, maintaining physical and logical access to restricted servers and equipment located in controlled facilities, protecting transmitted data through encryption, such as the Secure Socket Layer (SSL) protocol.
Data Protection Officer
It is the responsibility of the Data Protection Officer to ensure, among other things, that data processing complies with current legislation. Infosistema has appointed a Data Protection Officer and may be contacted directly using the means provided below on all matters relating to the processing of your personal data and the exercise of the rights of Data Holders.
Infosistema – Information Systems S.A.
Ed. Atlas II, Av. José Gomes Ferreira 11, 2nd Floor – 1495-139 Algés – Portugal
Changes to this Statement
Last updated: 2019-11-08