Introduction
Purpose of this document
Balwurk is committed to protecting your privacy. This Privacy Policy governs our data collection, processing, and usage practices.
This document, together with a set of supporting policies, processes, guidelines, and procedures, is part of the Information Security Management System.
Scope
It applies to the information we obtain through your use of our websites, services, products subscription (free and paid), marketing campaigns (e.g., events and webinars), or whenever you interact with Balwurk.
Review and audit
Management review
We may revise this policy and make changes whenever necessary or required, so users are advised to consult it periodically.
Following each revision, the older version will be updated, and all the updates will become an integral part of the Policy.
General information
If our information practices change significantly at some time in the future, we will notify you of the policy changes before we use your data for these new purposes, and we will provide you with the ability to opt out of these new uses.
This Privacy Policy and our privacy practices were built according to the applicable European and Portuguese laws.
General Principles of our Privacy Policy
- Balwurk – Consulting and Technology, LDA is responsible for processing personal data, acting as a data controller.
- In your relationship with us, whether when you access our website, provide us with your personal data or interact with us in a way that we can collect it, we make it clear that you accept our Privacy Policy, which is based on the following principles:
- Only authorised persons use authorised data for authorised purposes
- We understand that the security of your data is a priority which we review periodically in line with technological innovation
- We are aware that personal data is not ours but belongs to its owners
- We promote good practices in Privacy, Data Protection and Information Security and continually review them from the standpoint of continuous improvement
Definitions
- Personal Data: any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person
- Processing: any operation or set of operations which is performed on personal data or on sets of personal data, whether by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction
- Websites: All Balwurk websites under the master domain: balwurk.com
- Cookies: Small data files stored on your hard drive or in device memory
Information We Collect
What information do we collect?
We can collect the following information about you:
- Contact information such as name, email address, phone number, country, city
- Profile information such as job title, company, or other business information
- Image and/or video from events promoted by Balwurk
- Pictures, photos
- Billing information such as tax ID
- Software preferences, including software use and interests
- User web behaviour
- IP addresses, URLs visited, and related information
- Cookies (see our Cookie policy)
- Education and work experience
- Usage data and information about the systems running our products
The personal data we collect is subject to computerised processing and stored in databases in strict compliance with the legislation in force on Data Protection and the rules on Information Security.
We shall only process your personal data following a specific and legitimate purpose or purposes determined at the time of collection. Such data shall not be further processed in a manner incompatible with those purposes, except for archiving in the public interest, scientific or historical research, or for statistical purposes, in which cases, under the terms of the General Data Protection Regulation (GDPR), the incompatibility does not exist.
- In the event of collecting special categories of personal data (“sensitive data”), they will only be processed per the exceptions set out in Article 9, paragraph 2 of GDPR.
Where do we collect information?
- These are the activities where you will be asked to give us personal information:
Activity where we ask for Personal Data
|
Data we ask
|
Website
|
All websites
|
Cookies
|
Webinars application forms
|
Contact and profile information
|
Training application forms
|
Contact, profile and billing information
|
Events application forms
|
Contact, profile, event pictures
|
Newsletter subscription
|
Contact information
|
Download content (e-books, case studies or others)
|
Contact and profile information
|
Access online support
|
Contact information
|
Product Sandboxes
|
Contact information, user web behaviour
|
Job application form
|
Contact information, CV
|
Contact requests
|
Contact information
|
Digital surveys
|
Contact information, software preferences
|
Paper surveys
|
Contact information, software preferences
|
Events attendance
|
Contact information, software preferences
|
Recruitment activities (when you submit a spontaneous application or directly for an advertised position via our website; in job fairs, events, via a third-party, when applying through referrals provided by our employees and interviews)
|
Contact and profile information, education and work experience or other relevant information
|
How do we use the information collected?
The information we collect about you is processed for the following purposes:
Purpose
|
Data collected
|
Marketing and communication campaigns
|
Contact information, pictures, software preferences
|
Sales and to explore new marketing opportunities
|
Contact information, profile information, software preferences
|
Manage contractual relationships (if one exists)
|
Contact information
|
Send important notices, regarding changes to our terms, conditions, and policies
|
Contact information
|
Explore new market opportunities
|
Profile information
|
Process and complete transactions and send related information, including purchase confirmations and invoices
|
Contact information, Billing information
|
Improve our products
|
User web behaviour
|
Improve your browsing experience
|
Cookies
|
Recruitment
|
Education and work experience
|
Improve user experience
|
Anonymised product usage data and metrics
|
Resolve technical problems
|
Anonymised product usage data and metrics
|
Personal Data of minors
Balwurk products and services are not directed to minors.
If we become aware that a child has provided us with Personal Information, we will delete that information immediately.
If you become aware that a child has provided us with their Personal Information, please contact us immediately.
Security of your Personal Data
We use various security technologies and procedures to help to protect your Personal Data from its dissemination, loss, misuse, alteration, unauthorised access or disclosure, as well as against any other form of illicit treatment.
We secure the Personal Information you provide on computer servers in a controlled, secure environment, protected from unauthorised access, use or disclosure.
We have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate:
- The pseudonymisation and encryption of personal data
- The ability to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services
- The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident
- A process for regularly testing, assessing, and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing
Information Sharing and Disclosure
- We will not share or disclose any of your Personal Data with third parties except as described in this policy
- We do not sell Personal Data. We will not provide Personal Data to any third-party, without previous consent, that doesn’t have, at least, the same level of security as the one we have. We ensure the necessary procedures are in place to preserve your legal rights over Personal Data
- Social Media Features: Our websites include social media features, such as the “LinkedIn” Like widgets, the “share this” button and/or other interactive mini programs that run on our sites. Social Media Features and Widgets are hosted by a third-party or hosted directly on our websites, so this Privacy Policy does not apply to these features
- Your interactions with these features are governed by the Privacy Policy and other policies of the companies providing them
- Links to third party-sites: Our websites may include links to other websites whose privacy practices may differ from ours. If you submit Personal Data to any of those sites, your information is governed by their privacy policies. We encourage you to carefully read the Privacy Policy of any website you visit
- Testimonials: We may display personal testimonials of satisfied customers. With your previous consent, we may post your testimonial and your name. If you wish to update or delete your testimonial, you can contact us anytime
- With your previous consent: We will share your Personal Data with third parties only when we have your consent to do so
- We reserve the right to use or disclose your Personal Data if required by law or if we reasonably believe that use or disclosure is necessary to protect our rights or to comply with a law, court order, or legal process, but as far as is legally possible, we will inform you about such disclosure terms.
Your Rights
Under the provisions of the GDPR, we guarantee you the exercise of your following rights as a data subject:
- Right to Access – You have the right to request from us, among others, information regarding whether your data is being processed, what data we process and for what purposes. You may also request a copy of your personal data processed by us. Further copies may be subject to payment of a reasonable fee, considering the administrative costs. If the request is submitted in an electronic format, and unless you indicate otherwise, the information will be provided by us in a commonly used electronic format
- Right to Rectification – You have the right to have inaccurate personal data concerning you rectified and incomplete data completed without undue delay
- Right to Erasure – Also referred to as the right to be forgotten – you may request, under certain circumstances, that your personal data be deleted from our records without undue delay, where any of the reasons set out in the GDPR apply
- Right to Object – You have the right to object, on grounds relating to your situation, to certain types of data processing determined in the GDPR, such as processing for the purposes of direct marketing, in which case we shall cease processing for that purpose
- Right to Portability – You have the right to transfer your personal data that we keep to another organisation or to receive it in a structured, commonly used, and machine-readable format
- Right to Restriction of Processing – The right to obtain the restriction of the processing of your personal data where you wish, for example, to contest the accuracy of your personal data for a period that enables us to verify its accuracy, where the processing is unlawful or where you have exercised your right to object
- Complaint – The data subject also has the right to complain to a supervisory authority. The Portuguese Supervisory Authority is CNPD (Comissão Nacional de Proteção de Dados).
Within 30 (thirty) days, you will receive a duly substantiated communication from us after exercising these rights.
Retention of Personal Data
- The period your data is stored varies according to the purpose for which the information is processed. In general, Balwurk will maintain your Personal Data records for the time needed to accomplish the purposes of processing and for legal reasons
- Above, in general terms, Balwurk will maintain your Personal Data records for no more than six civil years since the last contact with the data subject unless special reasons may determine that Balwurk maintains your Personal Data for a more extended period, as authorised by law
- The Personal Data included in any agreement, invoice, or other legal document or statement will be retained for the legally necessary period
- In any case, Balwurk will always notify you of the deletion of your Personal Data
Do we transfer your personal data internationally?
- We may need to communicate personal data to third countries or international organisations. In this case, we will strictly comply with the applicable legal provisions and determine the suitability of the country or organisation in question regarding the requirements applicable to such transfers
- We will ensure that the data is securely transmitted, that the third parties are contractually bound to respect the confidentiality of the data received and that they do not use the data for any purpose other than the purpose for which it was transmitted
How do we use cookies on our website?
- To learn more about cookies and how we use them on our corporate websites, please access our Cookie Policy
Contact us about privacy questions
- If you have requests, questions, or concerns about Balwurk Privacy Policy or data processing, you may contact our ISMS Manager:
- Email – [email protected]
- Address – Campo Grande n. º 28, 7.º D, 1700 – 093 Lisboa
Revisions of our Privacy Policy
- We reserve the right to change the content of our Privacy Policy without prior notice to you
- We will post the changes on our website, and such changes will become an integral part of the Privacy Policy
After such publication, you are bound by the new terms when browsing our website and interacting with us.