Skip to content

Privacy Policy

Last update: July 2023

This privacy notice tells you about the information we collect from you when you use our website. By collecting this information, we are acting as a data controller, and by law, we are required to provide you with information about us, why and how we use your data and the rights you have over your data.

1. Who are we?

We are Endiprev. Our address is Rua António Nicolau D’Almeida 45, 4.10, 4100-320 Porto.

This Privacy Policy describes the collection, use, and disclosure of personal data by Endiprev, with Endiprev Group S.A. as the main data controller. “Endiprev,” “we,” or “us” refers to the parent company or any of its subsidiaries and affiliated companies, whose details can be found on our website (www.endiprev.com).

Endiprev is responsible for ensuring that personal data is used in compliance with the General Data Protection Regulation.

Endiprev only collects and processes your personal data if we have a legal basis for processing under applicable laws.

According to current legislation, for processing your personal data, whenever there is no legitimate interest for that purpose, we will collect your consent, fulfilling an agreement with you, as we are legally obliged to do so.

Endiprev will comply with the following principles in the processing of personal data:

  • We will only collect personal data for specific purposes.
  • We will not collect personal data beyond what is necessary to achieve those purposes.
  • We will not use personal data for purposes other than those for which the data was collected, except as indicated in this document or with prior consent.
  • We will not transfer personal data to third parties or across borders except as stated herein or with prior consent.
  • We will apply high technical standards to make our processing of personal data secure.
  • Unless otherwise indicated here, we will not store personal data in an identifiable form for longer than necessary to fulfill its purpose or as required by law.

We are not required to have a data protection officer, so any inquiries about our use of your personal data should be addressed to the contact details above.

2. When you use our website

You can use our website without revealing your identity.

When you use our website to browse our products and services and view the information we make available, we may automatically collect non-personal data such as the type of internet browser and operating system used, the domain name of the website you came from, the number of visits, average time spent on the site, and pages viewed.

This collection is done through the use of cookies.

Cookies are files with a small amount of data commonly used as an anonymous unique identifier. Those are sent to your browser from the website that you visit and stored on your computer’s hard drive.

Our website uses these ‘cookies’ to collect information and to improve our website. You have the option to either accept or refuse these cookies and know when a cookie is being sent to your computer. If you choose to refuse our cookies, you may not be able to use some portions of our website.

The cookies used are those already predefined by your browser.

You can find more specific information on how to manage your cookie preferences in your browser settings, namely, for example:

  1. Google Chrome: “Turn cookies on or off – Computer – Google Account Help”
  2. Microsoft Edge: “Microsoft Edge, browsing data and privacy – Microsoft Support”
  3. Safari: “Safari – Official Apple Support”

Service Providers

We may employ third-party companies and individuals due to the following reasons:

  • Facilitate our website.
  • Provide the website on our behalf.
  • Perform website-related services.
  • Assist us in analyzing how our website is used.

These third parties may have access to your personal information. The purpose of this access is to perform tasks assigned to them on our behalf.

Endiprev takes all appropriate organizational and technical security measures to protect your personal data and has implemented the necessary security measures to safeguard your data. Any personal data submitted will be treated as strictly confidential and will only be processed for the purposes for which it is collected.

Which personal data do we process, and why do we process it?

Endiprev may process the following categories of personal data:

  1. Contact information, such as full name, email address, and phone number;
  2. Organizational data, such as company name;
  3. Location-related data.

Generally, we process your data when you subscribe to our Newsletter, fill out our contact form, or apply for a job opportunity.

In this regard, Endiprev will have the following purposes for data processing:

  • Communication by disclosing events organized by us or third-party companies with whom we collaborate.
  • Regulatory and compliance purposes, such as fulfilling our legal obligations and compliance-related obligations to prevent illegal activities.
  • Security purposes, such as maintaining and protecting the security of our products, services, and websites, and preventing and detecting security threats, fraud, or other criminal or malicious activities.
  • Dispute resolution purposes, such as enforcing our contractual agreements and establishing, exercising, or defending legal claims.

In data processing, we will always pursue legitimate interests.

Endiprev’s legitimate interests include managing its activities, always in accordance with legal and fair business practices.

In exceptional cases, and only when no other legal basis can be applied, Endiprev may separately request your consent for the processing of your personal data.

If consent is obtained, you always have the right to withdraw your consent, which, however, will not affect the lawfulness of the processing based on the consent provided earlier.

Disclosure and Transfer of Your Personal Data

Endiprev is a global business. Our business partners and operations are spread across the world.
As a result, we collect and transfer personal data on a global basis. That means we may transfer your personal data to locations outside your country. When we transfer your personal data to another country outside the EEA, we will ensure that they are protected and transferred in a manner consistent with legal requirements.
We have internal policies in place to ensure an adequate level of protection, regardless of where Endiprev and your data are located.

We may also share your personal data outside the Endiprev Group, as described below:

  1. With third-party service providers for the purpose of providing us with services that enable or support the fulfillment of the purposes described in this notice (e.g., IT and communication vendors). These third parties will be subject to appropriate data protection obligations.
  2. With the platform that assists Endiprev in human resources management for selection and recruitment processes.
  3. To the extent required by law, for example, if we have a legal obligation to disclose your personal data to comply with any legal obligation or to establish, exercise, or defend our legal rights.

If a third-party service provider processes your personal data outside the EU/EEA, such transfer shall be based on a legal basis, recognized by relevant authorities or courts as providing an adequate level of protection for personal data, including, among others, the EU-U.S. Privacy Shield, the EU Commission’s Standard Contractual Clauses, or other mechanisms periodically recognized or approved by the relevant authorities.

When you submit an inquiry via our website

We request the following information: your name, company name, and email address.

We use this information to respond to your query, including providing you with any requested information about our services. We may also email you several times after your inquiry in order to follow up on your interest and ensure that we have answered it to your satisfaction. We will do this based on our legitimate interest in providing accurate information.

Your inquiry is stored and processed as an email, which is hosted by Microsoft within the European Economic Area (EEA). It is also logged on a CRM system on a cloud server in a country that the EU says has adequate data protection laws in place to protect your data.

We do not use the information you provide to make any automated decisions that might affect you.

We keep inquiry emails for two years, after which they are securely archived and kept. CRM records are kept for three years after the last contact with you.

For the purposes of the present processing, the following contact information should be considered available:

Email: end-grp-bdp-marcom@endiprev.com

Phone: +351223170070

3. When you sign up to receive our newsletter

When you sign up to receive our newsletter, we ask for your name, the name of your company, and your email address.

We will ask for your consent to use your name and email address to email you our newsletter, which contains information about services and other information that we feel might be of interest to you. 

You can withdraw your consent at any time, and we will stop sending you the newsletter.

We do not use the information you provide to make any automated decisions that might affect you.

We keep your personal data for as long as we produce and distribute our newsletter. If you withdraw your consent, we will mark your details so they are not used and delete them.

If you withdraw your consent, we will mark your data to no longer be used and will proceed to delete it.

The processing of your data will be carried out by the Marketing and ICT teams only to the extent necessary for the purpose of sending the subscribed newsletter.

For the purposes of this processing, the following contacts should be considered available:

Email: end-grp-bdp-marcom@endiprev.com

Phone: +351223170070

When you apply for our job opportunities

When applying for our job opportunities, we ask for your name, phone number, and email address. To this information, it is mandatory to add your resume.

We use this information to analyze your qualifications and to contact you if your application is valid for what we are looking for in our company. We will do so based on our legitimate interest in prospects for our services and needs.

We do not use the information you provide to make any automated decisions that may affect you.

Your data will be stored for one year after submission. After that, it will be properly deleted.

The analysis of your data is carried out internally by the company, specifically by the People Department.

For the processing carried out by the People Department, the following contacts should be considered available for the purpose of this treatment:

Email: end-grp-ppl@endiprev.com

Phone: +351223170070

Your rights as a data subject

By law, you can ask us what information we hold about you and correct it if it is inaccurate. If we have asked for your consent to process your personal data, you may withdraw that consent at any time.

If we are processing your personal data for reasons of consent or to fulfill a contract, you can ask us to give you a copy of the information in a machine-readable format so that you can transfer it to another provider.

If we are processing your personal data for reasons of consent or legitimate interest, you can request for your data be erased.

You have the right to ask us to stop using your information for a period of time if you believe we are not doing so lawfully. Finally, in some circumstances, you can ask us not to reach decisions affecting you using automated processing or profiling.

If you wish to exercise your right to access your personal data, object to its processing, or rectify the processed data, please contact us at the following address: end-prt-bdp-marcom@endiprev.com.

If you have any complaints about the use of your information, we prefer that you contact us directly in the first instance so that we can address your complaint.

Additionally, if you have any complaints about the processing of your personal data by Endiprev, you can contact the National Data Protection Commission (Comissão Nacional de Proteção de Dados) in Portugal, here CNPD.

Links to Other Websites

Our website may contain links to other sites. If you click on a third-party link, you will be directed to that website. Note that these external websites are not operated by us. Therefore, we strongly advise you to review their Privacy Policy. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services.

Children’s Privacy

Our website does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13. In the case we discover that a child under 13 has provided us with personal information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to do the necessary actions.

Your right to complain

If you have a complaint about our use of your information, we would prefer you to contact us directly in the first instance so that we can address your complaint. 

Updates to this privacy policy

We regularly review and, if appropriate, update this privacy policy from time to time and as our services and use of personal data evolve. If we want to make use of your personal data in a way that we haven’t previously identified, we will contact you to provide information about this and, if necessary, ask for your consent.

We will update the version number and date of this document each time it is changed.

Contact Us

If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us.