This Privacy Policy explains what we do with your personal data. It describes the way we gather, use and handle your personal data and, by doing so, how we comply with our legal obligations towards you. Your privacy is important to us and we are focused on protecting and safeguarding your personal data.

 

Please take a few moments to get to know our privacy practices. If you have any question, contact us through the email address rgpd@primeit.pt, or through the postal address Avenida 5 de Outubro, no. 125 – 9º andar, 1050-052 Lisbon.

 

We try to keep this Privacy Policy as simple as possible but, in the case you are not familiarized with any of the terms used or if you have any questions, don’t hesitate to contact PRIME IT CONSULTING, S.A. to know more.

 

Occasionally, we may alter this Privacy Policy. If you want to keep up to date, visit this page, as all alterations shall be published here.

 

A. Who gathers your personal data and who is the authority responsible for its handling

 

The handling of any personal data gathered by PRIME IT, or provided to them, are responsibility of the company PRIME IT – CONSULTING, S.A., a public limited company, legal person no. 506 396 010, with registered office at Avenida 5 de Outubro, no. 125 – 9º andar, 1050-052 Lisbon, which contact data may be found later on this Privacy Policy (hereinafter referred to as “PRIME IT” or “we”).

 

B. How are my personal data gathered and what type of data are gathered

 
Please be aware that you are not forced to provide to PRIME IT your personal data that the company might request (being able to, at any time, exercise your right of opposition), but, if you choose not to do so, we might not be able to provide you ourservices, manage your application or answer to any question you might have.
PRIME IT may gather your personal data on many ways, namely when you subscribe our newsletter, send us spontaneous applications, register yourself on University’s employment platforms, job fairs, references of collaborators or ex-collaborators, workshops and partnerships aimed to be contacted by PRIME IT, enter a contract with us (work, provision of services or other), fill your customer’s form or communicate with our customer support teams.
If you are a candidate, aiming to identify and find the best job opportunities and/or possible services adapted to you, we have to handle certain information about you. We only request data that will be relevant to us, such as your name, age, contact data, information on training, employment history, emergency contact, immigration status, financial information (in case we need to verify the financial context) and social security number (and, obviously, you may opt to share with us other relevant information). When it is appropriate, and accordingly to the law, we may also gather diverse information or data on any criminal convictions.

 

If you are a PRIME IT customer, we need to gather and use information about you or about the people of your company in the scope of our provision of services, in order to provide to you a service as complete as possible and so that our contractual relationship may correctly progress. As so, in this scope, we may request some personal data such as your name, email address, position and contact number of relevant employees for the provision of services.

 

If you’re a supplier, we need a small amount of information concerning your personal data, in order to ensure that everything works correctly. We need the contact data of certain people of your company, so we can communicate with you, as well as other information, such as your bank data so we can pay you for the services provided (if that is part of the contractual provisions entered between us). We may also hold information that someone on your company has chosen to share with us.

 

When we talk about suppliers, we aim to include any companies (including traders working individually) and atypical service providers, such as independent contractors and freelance workers, which provide services to PRIME IT. Under certain circumstances, PRIME IT shall subcontract the services provided to customers to third-party suppliers that perform their services on behalf of PRIME IT. In this context, the suppliers which are traders working individually, freelance workers or supplier’s collaborators shall be treated as candidates for the purposes of data protection. Be aware that, in this context, PRIME IT demands that the suppliers inform their collaborators of the relevant parts of this Privacy Policy (namely the sections aimed for the candidates).

 

Certain personal data categories, such as the ones which reveal the racial or ethnic origin, political opinions, religious or philosophic beliefs or the union membership, the genetic data, the biometric data to unquestionably identify a person, the data concerning health, sexual life or sexual orientation, are classified as “special categories of personal data” and benefit from an additional protection under the terms of the General Data Protection Regulation (“GDPR”). PRIME IT limits, as much as possible, the circumstances in which it gathers and handles these special categories of data, only doing so when your consent has been given.

 

In order to give our users a greater speed and customization of the services provided by PRIME IT, this company shall resort to a browser operation called “cookies”, which allows PRIME IT to customize your services and website accordingly to your interests and needs, enabling the optimization of your future activities and experience on the PRIME IT website. Therefore, data concerning parameters and configuration of your browser, operating system and geolocation may be gathered. During part of your browsing on PRIME IT website, we may also use software tools to measure and gather information about the session, including response times of the pages, download errors, duration of the visit to certain pages, information concerning your interaction with them and methods used to leave them. We may also gather technical information to help us identify your device for purposes of fraud prevention and diagnose.

 

C. Purposes and grounds for the handling of your personal data

 

The purposes and grounds based on which PRIME IT handles your personal data depends on your quality as a candidate, collaborator or supplier.

 

If you are a candidate (where we include suppliers which are traders working individually, freelance workers or supplier’s collaborators), please know that your personal data are gathered and handled, namely, for the following purposes:

 

  • Recruitment – includes recruiting activities for the provision of services or Backoffice functions, such as research and selection. In the case of provision of services, there is an approach to current and potential PRIME IT customers, aiming to find an opportunity, be placed at PRIME IT, as well as related activities. In this scope, data concerning the processing of salaries and human resources management will also be handled;
  • Contract execution – includes activities such as entering contracts with PRIME IT and partners, as well as the communication with third parties involved on the contracts (insurance companies, beneficiaries, intermediates);
  • Service development and improvement – includes the necessary activities for the development and improvement of the services provided by PRIME IT, analysis of the activity and processing for potential future opportunities.

 

If you’re a supplier or a customer, your personal data are gathered and handled, namely, for the following purposes:

  • Contract execution – includes all the necessary activities for the execution of the provision of services contract, namely concerning the payment processing;
  • Communications – includes the necessary contacts so we can contact you about our contracts;
  • Service development and improvement – includes the necessary activities for the development and improvement of the services provided to or by PRIME IT, analysis of the activity, processing for statistical and scientific purposes, as well as to offer you services and obtain support and services from you;
  • Compliance with the legal obligations;
  • On certain circumstances, to help us on the statement, exercise or defense of a right.

 

PRIME IT may resort to third parties, external service providers, which operate on behalf of PRIME IT, such as companies which hold and operate the PRIME IT website, process payments, analyze data, provide services to the customer, and sponsors and other third parties which directly collaborate with the activity developed by PRIME IT, so that your personal data may be handled by these third parties for the purposes described on this Privacy Policy. These third entities shall process your personal data accordingly to this Privacy Policy and accordingly the applicable law.

 

When we gather your personal data for the above-mentioned purposes or for other purposes, we inform you previously or upon the moment of the gathering, and we aim to get your consent whenever necessary to legitimize the handling of your data. When you have consented to the handling activities, you shall have the right to withdraw your consent at any time.

 

Nevertheless, there may be some cases in which it is not your consent that legitimizes the handling of your personal data, but one of the following grounds:

 

  • When the handling is necessary to enter a contract with you or carry out its execution;
  • When the handling is necessary for the compliance with the legal obligations to which PRIME IT is subject;
  • When the handling is necessary to reach a legitimate interest sustained by PRIME IT, which doesn’t endanger your interests, rights and fundamental freedoms that demand the protection of personal data – this legal base shall only be used if there is no less intrusive way to handle your personal data. We can assure that if the legitimate interest is used as a reason to handle your personal data, we shall keep a registry of this action and you shall have the right to request this information;
  • When the handling is necessary for purposes of declaration, exercise or defense of a right on a legal process.

 

D. The safety of your personal data

 

PRIME IT uses all the possible measures to ensure the confidentiality and safety of your personal data, carrying out all the efforts and safety measures to protect your personal data from misuse, interference, loss, non-authorized access, modification or disclosure.

 

Our measures include the implementation of appropriate access control, to ensure that we encrypt, pseudo-denominate and make anonymous the personal data whenever possible.

 

The access to your personal data is only allowed on the above-mentioned terms, always according to the effective need of your knowledge, and subject to strict contractual confidentiality obligations whenever processed by third parties.

 

Even though the data transfer through the internet or website may not ensure a complete safety against intrusions, PRIME IT and their service providers use the best efforts to implement and maintain physic, electronic and procedural safety measures aimed to protect your personal data, accordingly to the applicable data protection requirements.

 

E. Storage period of your personal data

 

PRIME IT shall store your data only for the strictly necessary time to fulfill the purpose for which they have been gathered.

 

Namely in the case of the personal data gathered on the scope of recruitment processes, these shall be stored for a period of 10 (ten) years after the last contact with the candidate.

 

In the case of the personal data of our suppliers and customers, there shall be stored for a period of 10 (ten) years.

 

F. With who will your personal data be shared

 

PRIME IT is comrpised on a business group, so your data may be disclosed to other companies of the group within the context of the provision of services shared between the companies of the group and for purposes of internal report.

 

On the other hand, your personal data may be shared with our customers, in the scope of technological consulting services.

 

As mentioned on Point C of this Privacy Policy, your personal data may be shared with external service providers that operate on behalf of PRIME IT. In this scope, your personal data shall be shared with the companies currently subcontracted by PRIME IT, as well as with other service providers to which we may resort in the future.

 

Pursuant to the applicable law, PRIME IT is bound to disclose data to the Tax Administration, Social Security, Work Conditions Authority and, in the aftermath of judicial mandates, to the legal authorities.

 

G. International data transfers

 

PRIME IT shares your personal data internally or with third parties for the purposes described on this Privacy Policy.

 

PRIME IT shall only send personal data gathered within the European Economic Area (EEA) to foreign countries on cases in which this is necessary to follow their instructions, comply with a legal obligation or work with agents and consultants that help us manage our businesses and services.

 

If a personal data transfer to the exterior of EEA occurs, PRIME IT shall ensure that these are protected as if they were being used on the EEA. For this purpose, we shall use one of the following safeguards:

 

  • Transfer to a country non-belonging to the EEA which privacy legislation ensures an adequate level of personal data protection similar to the ones on the EEA.
  • Implementation of a contract with the foreign authority which bounds them to protect the personal data accordingly to the same standards used on the EEA; or
  • Transfer of personal data to organizations with specific agreements of international data transfers with the European Union (for instance, the Privacy Shield, a structure which defines standards of data privacy shared between the United States and the European countries).

 

H. Which are your rights?

 

As holder of your personal data, you are granted a set of rights concerning your personal data and the way they are handled, as follows:

 

• Right of opposition – that is, the right to oppose, at any moment, for reasons concerning your individual situation, to the handling of your personal data, under the terms of the GDPR;

• Right of information – that is, the right that you are granted a concise, transparent, understandable and easy to access information, using a clear and simple language, about the way we use your personal data and about your rights.

• Right of access – that is, the right to access, at all time, to your personal data.

• Right of rectification – that is, the right to rectify your inaccurate personal data or complete them if they are incomplete;

• Right of limitation – on certain situations, the holder of the data has the right to limit the handle of your personal data;

• Right of deletion – on certain situations, the holder of the data has the right to make the responsible for the handling delete their personal data, with no justified delay;

• Right of portability of your personal data – that is, the right to receive your personal data or the data you have provided, on a structured format, of current use and automatic reading, as well as the right to transfer these data to anther responsible for the handling, on certain situations;

• Right to present a claim to the control authority on the way we handle your personal data – which shall be the National Commission of Data Protection, domiciled at Rua de São Bento, no. 148 – 3º, 1200-821 Lisbon, telephone +351 213928400, fax +351 213976832, email address geral@cnpd.pt;

• Right to withdraw your consent – in this case, the withdrawal of the consent doesn’t compromise the lawfulness of the performed handling based on the previously given consent;

• Right to not be subject to decisions uniquely based on automatized processes which produce legal effects or other significant effects.

 

The above-mentioned rights may be exercised at all times through a communication sent to PRIME IT – CONSULTING, S.A., for the contacts established on this Privacy Policy.

 

Your requests will be handled with exceptional care, in order to ensure the efficiency of your rights.

 

You may be requested to prove your identity, in order to ensure that the sharing of personal data is only carried out with its holder.

 

I. Contact details concerning PRIME IT

 

If you have any question about this Privacy Policy or about the handling and use we carry out with your personal data, or if you want to present a claim on a possible breach of the privacy laws, please contact the responsible for the data handling through the email address rgpd@primeit.pt, or through the postal address Avenida 5 de Outubro, no. 125 – 9º andar, 1050-052 Lisbon.

 

PRIME IT will update this Privacy Policy whenever necessary to reflect the feedback of the data holders, the changes on your services, as well as to comply with all the requirements legally required.

 

In the case these alterations imply a significant modification of this Privacy Policy, the data holders shall be duly notified, and their consent might be requested whenever necessary.

 

Your satisfaction is very important to us. As such, don’t hesitate to contact us with any question you might have, through the indicated contacts.