Privacy Policy

This text presents a general overview of how The Ideias Dinâmicas Group treats personal data at its disposal in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council - General Regulation on Data Protection ( RGPD) - and other applicable legislation on privacy and data protection, including local legislation supplementing the RGPD. Whenever personal data are required, the use of such data is described in terms of this document and with respect to data protection legislation. The Privacy Policy of The Ideias Dinâmicas Group, henceforth only the Group, describes the relevant points about the data that are collected, for what purposes, as the holders can consult them, among others.  


1) The Ideias Dinâmicas Group

The Ideias Dinâmicas Group integrates a group of companies with an international vocation dedicated to providing services in various business areas.

It is made up of teams with recognized competencies in their areas of activity, evaluating new business opportunities and creating conditions for different entrepreneurs to develop and formalize their ideas and projects. Ensures solid platforms for the launch of new business projects considering the degree of innovation as a differentiating factor.

The Group comprises the following companies:

  • In Portugal: ITGest – Software e Sistemas Informáticos, Lda.; Kentra Technologies, Lda.; Pryog Technologies, Lda.; PositiveBlue – Soluções Tecnológicas, Lda.; Wakaru Consulting, Lda.; Ideias Dinâmicas Serviços, Lda.; Ideias Dinâmicas Tecnologias, Lda.; Ideias Dinâmicas, SGPS, Lda.; Ideias Dinâmicas Consulting, Lda.; e Think Tank – Management and Marketing Experts, Lda.
  • In Angola: ITGest, Lda.; Think Tank – Marketing, Comunicação e Design, Lda.; TT – Nova Arquitectura & Design de Interiores.
  • In Mozambique: ITGest Moçambique, Lda.; Ideias Dinâmicas Tecnologias de Moçambique, Lda
  • In Cape Verde: ITGest – Software e Sistemas, Lda.
  • In South Africa: ITGest South Africa (pty), Ltd.
  • In Índia: Ideias Dinâmicas, Tecnologies India Private Limited.

 

 

2) Scope of Application

The Group is committed to protecting the privacy and personal data of its Workers, Clients, Users of the websites and Service Providers and, in this context, has prepared this Privacy Policy in order to demonstrate its commitment and respect for the rules privacy and protection of personal data.

 

3) Definitions

Personal Data – is any information related to the Data Owner and that allows him to identify.

Data Holder – any identified or identifiable natural person to whom the Personal Data is associated. The natural person may be directly or indirectly identifiable or identified, including by name, civil or tax identification number, location data, online identifiers (such as IP addresses and logs). Identification can also be made through factors of physical, physiological, genetic, mental, economic, cultural or social identity. The user of the website, applications and digital platforms is considered as Data Holder in relation to the Group.

Treatment – any operation carried out in the scope of Personal Data, by means of automatic or not, such as the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, dissemination by transmission, dissemination or, alternatively, availability, harmonization or association, restriction, elimination or destruction. Any other operation contemplated under the RGPD is also considered to be the Treatment of Personal Data.

 

4) Responsible Entity and Responsibilities

The Group has internally implemented a "Personal Data Protection Commission", which is responsible for ensuring compliance and compliance with the RGPD standards.

This Committee is made up of the Head of Personal Data Protection of each company of the Group, representatives of the Department of Information Technologies, representatives of the Legal Department, as well as representatives of the Department of Human Resources and Department of Organization and Quality.

You may contact the Commission on any matter related to this privacy policy by:

  • E-mail: dpd@ideiasdinamicas.com or - the following contacts (from 9 am to 12 noon and 2 pm to 6 pm)
  • Postal code: Ideias Dinâmicas Group Personal Data Protection Commission Rua Álvaro Castelões, 821 - 2nd, room 2.2 4450-043, Matosinhos
  • Phone number: 229 398 320

 

5) Collection and Processing of Data

The Group only compiles the data considered essential, making the necessary processing according to the purpose.

The collection of your data, including personal data, takes place in the interactions with the Group, namely:

  • Contacts;
  • General requests for information;
  • Download documentation;
  • Business process;
  • Sales process;
  • Customer management process;
  • Accounting, tax and administrative management;
  • Compliance with legal and regulatory obligations;
  • Litigation management;
  • Human resource management process;
  • Marketing and event management (in person and / or online);
  • Information security control;
  • Other data that is in the documentation delivered to the company or obtained as a result of the relationship established.

Depending on the nature of the interaction, and only when necessary, the Group may request some personal data, such as: name, email address, address / locality, telephone, mobile phone, citizen / passport card number, tax identification ( both in physical and digital media), date of birth, nationality, marital status, academic qualifications, profession, bank details, and, in general, any documentation and information of contacts maintained with the customer by different means, including marketing campaigns.

The processing of data for marketing purposes will be carried out according to the consent option expressed by the data subject. Consent must be prior, free, informed, specific and unambiguous, expressed in a written, oral or through the validation of an option. The data subject may object to the processing of data for marketing purposes at any time and by any means.

Optionally, the data subject may authorize the collection of complementary data that can assist the Group in providing a better and more personalized service or provision of services.

 

6) Purpose of the Processing of Personal Data

The personal data provided by the data subject or generated in relation to the service provided, will be processed and stored by computer, intended to be used by the Group.

The Group collects and processes the strictly necessary data, which are only requested when related to the purpose in question, and for legitimate purposes, such as:

  • Provide an adequate and targeted response to requests for information / proposal;
  • Communicate better with the holders of personal data, for relevant matters and only as often as necessary, according to the characterization of their data and their preferences;
  • Comply with business purposes, namely, statistical data to improve the performance of the various services provided;
  • Comply with the assumptions of human resources management;
  • Comply with legal or regulatory requirements, on which the validity of the certificates of some of the services provided depends, namely, training actions;
  • Bill services / products.

Personal data are processed by the Group only for the period of time necessary to carry out the defined purpose.

The Group collects and processes the strictly necessary data, which are only requested when related to the purpose in question, and for legitimate purposes, such as:

- Human Resource Management

Includes the data processing necessary for the conclusion, performance and termination of a contract of management, working time management, absences and vacations, salary processing and other benefits, relationship with the Tax Administration and Social Security, promotions and career development, training, evaluation, representation and communication expenses with workers, exercise of power disciplinary.

- Internal and Business Management

Includes activities such as project planning, recording of working hours, asset management of the company, providing centralized services to increase the efficiency of operations, conducting audits and investigations, implementation of management controls, use of internal databases, archive management, insurance, conflict prevention, preparedness and management.

- Safety, Hygiene and Health at Work

Includes activities related to safety, hygiene and health at work, protection of workers and company assets, worker authentication and access management.

- Analysis and Management

Includes activities such as satisfaction questionnaires, management of mergers, acquisitions and sales of business units and the processing of employee data for reporting and analysis purposes.

-   Compliance with Legal Obligations

Includes the processing of personal data strictly necessary for the fulfillment of your obligations such as the disclosure of data following court orders, collaboration with regulators and the defense of the Group's legitimate interests.

- Protection of Vital Interests

The processing of personal data to protect the vital interests of workers.

- Recruitment

Includes recruitment activities such as research and selection, as well as related activities. In this scope will also deal with data on salary processing and human resources management.

- Execution of Contracts

Includes activities such as entering into contracts with customers and partners, as well as communication with third parties involved in the contracts (insurance companies, beneficiaries, intermediaries).

- Development and Improvement of Services

Includes activities necessary for the development and improvement of the services provided by the Group, activity analysis and processing for statistical and scientific purposes.

 

7) Automated Decisions

In order to justify and execute the commercial relationship, the Group generally does not use decision-making procedures decision based exclusively on automated treatment, as provided in the RGDP. If you have or come using this procedure, data subjects will be informed.

 

8) Access and Sharing of Personal Data

Within the Group, employees who need them to carry out the due diligence or contractual / pre-contractual and legal obligations, or treatments for which there is consent explicit and informed.

The data can be used in the Group companies in the context of the provision of shared services between Group companies and for internal reporting purposes, always preserving the principle of lawfulness treatment.

Can also be made available to suppliers and other subcontracting entities that, under the terms of RGDP, can access the data for these specific purposes, but subject to the guarantee measures in data protection and always acting on behalf and on behalf of the Group.

In certain circumstances, certain personal data may have to be communicated to authorities public authorities, such as Working Conditions Authority, Health Regulatory Entity, Courts and Security Forces.

The transmission of data to other countries (countries outside the European Union) only occurs if the data subject personal data has granted an express authorization for that purpose or if necessary as a result of cool. If third country service providers are required, they will be obliged to comply with the written instructions on this matter, to comply with the data protection level applicable in the European Union.

 

9) Data Retention Time

Personal data are kept for different periods of time, depending on the purpose for which intended and taking into account legal criteria, necessity and minimization of conservation time, or by legally defined periods for investigation purposes and criminal actions or criminal criteria medico-legal.

After the retention period ends, personal data is destroyed.

 

10) Rights of Personal Data Holders

The Group guarantees all rights of data subjects in relation to the processing of their data and the anytime. Namely:

  • Lawfulness of treatment and conditions applicable to consent (Articles 6 and 7)
  • Right of access for the data subject (Article 15)
  • Right of rectification (Article 16)
  • Right to erasure (Article 17)
  • Right to limit the processing of data (Article 18)
  • Right of opposition (Article 21)
  • Right of portability (Article 20)

In addition, without prejudice to the possibility of complaining to the Group, the data subject may submit a complaint directly to the Data Protection Control Authority, using the following channels:

  • Telephone: +351 21 392 84 00
  • Website: http://www.cnpd.pt/
  • Mail: National Data Protection Commission - CNPD Ava D. Carlos I, 134 - 1st 1200-651 Lisbon

At any time, customers or potential customers of the Group, as data owners, may withdraw consent previously given and exercise any of the rights mentioned above.

The exercise of rights can be requested through:

  • Email address: dpd@ideiasdinamicas.com;
  • Postal address: Grupo Ideias DinâmicasCommission for the Protection of Personal Data Rua Álvaro Castelões, 821 - 2o, sala 2.2 4450-043 Matosinhos Telephone: 229 398 320

 

11) Obligation to Provide Personal Data

In the scope of the commercial relationship, you will have to present the personal data necessary to establish and create a business relationship and to fulfill pre-contractual and contractual obligations and diligences derivatives and those that are legally required to collect. Without these data, the Group will, as a general rule, to refuse to conclude the contract or, still, you will not be able to keep the contract, having to terminate it.

 

12) Security of Personal Data

The Group protects your personal data against destruction, loss, accidental or unlawful alterations and unauthorized disclosure or access. For this purpose, the Group uses security systems, rules and other procedures, in order to guarantee the protection of personal data, as well as to prevent access unauthorized use of data, improper use, disclosure, loss or destruction.

 

13) Changes to the Privacy Policy

The Group may change this Privacy Policy at any time and without prior notice. According to defined practices, this policy is reviewed at least once a year.

The changes will be duly published (website).

When a change in the Privacy Policy has a substantial impact on a treatment carried out based on your consent, the Group will contact the data subjects or make efforts to make this change clear if individual contact proves impractical, to obtain a new consent.

 

14) Cookies