SITE n4IT – Privacy Policy
This Privacy Policy explains how we collect, use and treat your personal data and how we comply with our legal obligations towards you. Your privacy is important, and we are committed to protect and safeguard your personal data.
A. Who’s responsible for collecting and processing your personal data
The processing of any personal data collected by n4IT, or provided to it, is the responsibility of the company n4IT Lda, whose contact details can be found further down in this Privacy Policy (hereinafter “n4IT” or “we”).
n4IT designated a Data Protection Officer who can be contacted by the email info@n4it.pt or by registrated letter with a reception warning to Rua Barão de São Cosme 166 – 1º Direito 4000-501 Porto.
B. How we collect your personal data and what type of data is obtained
Please note that you are not required to provide n4IT any data that may be solicited (you have the right to decline). But if you choose not to do so, we may not be able to offer our services, manage your application or answer any questions you may have.
n4IT may collect your data in a variety of ways, namely when you subscribe to our newsletter, send us spontaneous applications, register on the Universities’ employment platforms, job fairs, references of employees or former employees, workshops and partnerships with the intention of being informed by n4IT, conclude a contract with us (work, service or other), fill out your customer record, or communicate with our customer support team.
If you are a candidate, in order to identify and get the best possible job opportunities or services for you, we need to process certain information. We only ask for information that will be relevant to us, such as your name, age, contact details, information about your education, employment history, emergency contact, immigration status, financial information (in case we have to verify financial context) and social security number. When appropriate, and in agreement with the legislation, we may also collect information or diverse data on any criminal convictions.
In case you’re a n4IT customer, we need to collect and use information about you or the people in your company within the scope of our service provision, in order to provide you with the most complete service possible and for our contractual relationship unfold correctly. As such, in this context, we may ask you for some personal information such as name, email, job position and contact number of all of the employees relevant to the services.
If you are a supplier, we need to obtain information regarding your personal data, in order to ensure the correct operation relationship between you and n4IT. We need contact details so we can communicate with you, as well as your bank details so that we can pay you for the services you provide (if this is part of the contractual arrangements between us).
When referring to suppliers we intend to include all companies (including sole traders) and atypical service providers, such as independent contractors and self-employed, who provide services to n4IT. In certain circumstances, n4IT may subcontract the services to suppliers who perform on the behalf of n4it. In this context, suppliers who are sole traders, self-employed persons or employees of suppliers will be treated as candidates for the purposes of data protection. Please note that, in this context, N4IT requires the suppliers to communicate the relevant parts of this Privacy Policy (namely the sections addressed to candidates) to their employees.
Certain categories of personal data, such as those that reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, union affiliation, genetic data, biometric data to uniquely identify a person, relative data health or relating to sex life or sexual orientation are classified as “special categories of personal data” and benefit from additional protection under the terms of the General Data Protection Regulation (“GDPR”). n4IT limits the circumstances in which it collects and processes these special categories of data and only does it by consent. In order to provide our users with greater speed and customisation of the services provided by n4IT, we may use a “browser” feature called “cookies”, which will allow us to customise its services and website according to their interests and needs, allowing you to streamline your future activities and your experience on the n4IT website. In this way, data related to parameters and settings related to the browser, operating system and geo-location can be collected. During part of your browsing on the n4IT website, we may also use software tools to measure and collect information about the session, including page response times, download errors, duration of visits to certain pages, information regarding your interaction, and the methods used to quit. We may also collect technical information to help us identify your device for fraud prevention and diagnostic purposes.
C. Purposes and grounds for the processing of your personal data
The purposes and fundamental basis on which n4IT treats your personal data depend on your status as a candidate, employee or supplier.
If you are a candidate (where we include suppliers who are sole traders, self-employed or employees of suppliers), please bear in mind that your personal data will be collected and processed, namely, for the following purposes:
- Recruitment – includes recruiting activities to provide services or back-office functions, such as research and selection. In the case of service provision, there is an approach to current and potential n4IT clients in order to find an opportunity, placement in n4IT, as well as related activities. In this context, data related to salary processing and human resources management will also be treated;
- Contracts – includes activities such as concluding contracts with n4IT and partners, as well as communication with other parts involved in the contracts (insurance companies, beneficiaries, intermediaries);
- Service development and improvement – includes the necessary activities for the development and improvement of the services provided by n4IT, activity analysis and processing for potential future opportunities.
If you are a supplier or a customer, your personal data will be collected and processed, for the following purposes:
- Execution of contract – includes all necessary activities for the execution of the service provision contract, regarding to payment processing;
- Communications – includes all the necessary contacts so that we can contact you regarding our contracts;
- Development and improvement of services – includes the necessary activities for the development and improvement of services provided to or by n4IT, activity analysis, processing for statistical and scientific purposes, as well as to offer services or to obtain support from you;
- Fulfilment with legal obligations;
- In certain circumstances, to help us declaring, exercising or defending a right.
n4IT may use external service providers, who perform functions on behalf of n4IT, such as companies that host or operate the n4IT website, process payments, analyse data, provide services to the client and sponsors that collaborate directly with the activity developed by n4IT, so your personal data can be processed for the purposes described in this Privacy Policy.
When we collect your personal data for the purposes described above or for other purposes, we inform you in advance or at the time of collection, and we will seek your consent whenever necessary to legitimise the processing of your data. When you have provided your consent for processing activities, you have the right to withdraw your consent at any time.
However, there may be some cases that it won’t be your consent that legitimises the processing of your data but one of the following grounds:
- When it is necessary to conclude a contract or proceed with its execution;
- When it is necessary to comply with the legal obligations to which n4IT may be subject;
- When processing data is necessary to achieve n4IT’s legal interest- respecting your rights and privacy. This legal basis will only be used when there’s no other less invasive way of handling your personal data. We can assure you that if the legitimate interest is used as a reason to process your personal data, we will keep a record of that action and you will have the right to request that information;
- When is necessary the handling with the purposes of declaring, exercising or defending a right in a judicial proceeding.
D. The security of your personal data
n4IT undertakes all the possible measures to ensure the confidentiality and security of your personal data, carrying out all efforts and security measures to protect your information from misuse, interference, loss, unauthorised access, modification or disclosure.
Our measures include the implementation of the appropriate access controls to ensure in order to ensure the encryption and anonymity of personal data whenever possible.
Access to your personal data is only allowed under the terms already described above, always depending on the actual need of your agreement, and susceptible to strict contractual confidentiality obligations when processed by third parties.
Although data transmission over the internet or on a website cannot guarantee complete security against intrusions, n4IT and its service providers offer the best efforts to implement and maintain physical, electronic and procedural security measures designed to protect your personal data, in compliance with the applicable data protection requirements.
E. Retention time of your personal data
n4IT will keep your data for the period strictly necessary to fulfil the purpose for which it was collected. In case of personal data collected in the context of recruitment processes, it will be kept for a period of 10 (ten) years after the last contact with the candidate.
As for the personal data of our suppliers and customers, it will be kept for a period of 10 (ten) years.
If the holder requests the elimination of his data and there’s a legal obligation on n4IT to keep them, or if these prove necessary in the context of a judicial process, the limitation of the treatment is guaranteed, and its elimination will occur once the legal period has elapsed.
F. With whom your personal data will be shared
In addition to the internal sharing of your data (for reasons based on Point C of this Privacy Policy), your personal data may be shared with our customers, within the scope of technological consultancy services.
Your personal data may also be shared with external service providers that perform functions on behalf of n4IT. In this context, your personal data may be shared with the companies currently subcontracted by n4IT, as well as other service providers that we may appeal to in the future.
Under the terms of the applicable law, n4IT is required to disclose data to the Tax Administration, Social Security, the Working Conditions Authority, and, following judicial mandates, to the judicial authorities.
G. International data transfers
n4IT shares personal data internally or with third parties for the purposes described in this Privacy Policy.
n4IT will only send personal data collected within the European Economic Area (EEA) to foreign countries whenever it is necessary to follow their instructions, to comply with a legal duty, or to work with agents and consultants who help us to manage our business and services.
If you transfer personal data outside the EEA, n4IT will ensure that it is protected in the same way as if it were being used in the EEA. For this purpose, we will use one of the following safeguards:
- Transfer to a non-EEA country whose privacy legislation ensures an adequate level of protection of personal data similar to those existing in the EEA;
- Implementation of a contract with the foreign entity that requires it to protect personal data according to the same standards used in the EEA; or
- • Transfer of personal data to organisations with specific international data transfer agreements with the European Union (for example, Privacy Shield, a framework that sets privacy standards for data shared between the United States and European countries).
H. What are your rights?
As the holder of your personal data, you are guaranteed a set of rights in relation to your personal data and the way they are treated, which are as follows:
- Right to opposition – that is, the right to object at any time, for reasons related to your particular situation, to the processing of personal data concerning you, under the terms of the GDPR;
- Right to information – that is, the right to be given concise, transparent, understandable and easily accessible information, using clear and simple language, on how we use your personal data and on your rights;
- Right to access – the right to access your personal data at all times;
- Right to rectification – that is, the right to rectify inaccurate personal data concerning you, or to complete them if they prove to be incomplete;
- Right for limitation – under certain conditions, the data subject has the right to limit the processing of his personal data;
- Right to erasure – under certain conditions, the data subject has the right to obtain the erasure of his personal data from the controller, without justified delay;
- Right to the portability of your personal data – that is, the right to receive personal data that concerns you and that you have provided, in a structured format, in current use and automatic reading, as well as the right to transmit that data to another responsible person for treatment, under certain conditions;
- Right to complain to the supervisory authority about the way we treat your personal data – which will be the National Data Protection Commission, with address in Rua de São Bento, n.º 148 – 3.º, 1200-821 Lisboa, telefone +351 213928400, fax +351 213976832, e email geral@cnpd.pt;
- Right to withdraw your consent – in this case, the withdrawal of consent does not compromise the lawfulness of the treatment carried out based on the consent previously given;
- Right not to be subject to decisions based on automated processes that produce legal or other significant effects.
These rights can be exercised at all times, by means of a communication addressed to n4IT Lda., to the contacts indicated in this Privacy Policy.
Your requests will be treated with special care so that we can ensure the effectiveness of your rights.
You may be asked to provide proof of your identity to ensure that personal data is shared only with the holder.
I. N4IT contact details
If you have any questions about this Privacy Policy or about the treatment and use we make of your personal data or if you wish to file a complaint about a possible violation of privacy laws, please contact the Data Protection Officer via email info@n4it.pt, or through the postal address Rua Barão de São Cosme 166 – 1º Direito 4000-501 Porto.
n4IT will update its Privacy Policy whenever necessary to reflect feedback from data subjects, changes to our services, as well as to comply with all legal requirements.
If such changes imply a significant modification of this Privacy Policy, the data subjects will be duly notified, and their consent requested whenever necessary.
Your satisfaction is very important to us: please do not hesitate to contact us about any question you may have.