Privacy Policy
Introduction
This Privacy Policy regulates the processing of personal data of users (hereinafter, "User" or "Users"), collected in connection with the use of the website (hereinafter, "website") and other activities related to the services provided by Kaizen Tech, S.A.
Our Commitment
We ensure compliance with the obligations arising from Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, General Data Protection Regulation (hereinafter "GDPR"), Law No. 58/2019 of August 8, and other legislation on the protection of personal data and privacy.
Respect for your privacy, the protection of your personal data, and compliance with applicable legal obligations are priorities for us. We are committed to processing only the personal data strictly necessary to provide you with the best service, ensuring respect for your privacy, transparency in information, and the application of best practices in security and personal data protection.
Who is Responsible for Processing Your Personal Data?
The Data Controller is Kaizen Tech, S.A. (hereinafter, "Kaizen Tech" or "we"), headquartered at Rua Comendador Américo Ferreira Amorim, 380, 4535-186 Mozelos VFR, Santa Maria da Feira, Portugal, with the legal entity number (NIPC) 516602543.
For What Purpose Will Your Personal Data Be Processed?
Without prejudice to browsing data necessary for the proper management of the website, you can access and use this website without necessarily providing any personal data.
In this context, the processing of your personal data through the website has the following purposes, legal bases, and retention periods:
Contact Management
Kaizen Tech provides various means of contact on the website, including phone numbers, emails, and an online form, to allow Users to contact us regarding issues related to the services provided.
The legal basis for this processing is pre-contractual procedures. Your data will be retained until it is no longer necessary to provide the appropriate assistance or clarification.
Newsletters
The processing of this personal data is necessary for Kaizen Tech to send you personalised electronic communications, including newsletters.
This processing is based on the consent given by the User for this purpose, under the terms defined in applicable legislation. Your data will be kept until you withdraw your consent (opt-out).
Recruitment ("Careers")
Kaizen Tech processes the personal data provided by candidates for the purpose of reviewing applications, evaluating professional profiles, contacting candidates, and making hiring decisions.
This processing is based on your consent, expressed by submitting your application via the online form available in the "Careers" section.
If you are not selected for the position you applied for, we will retain your personal data for a period of 12 (twelve) months, after which your CV will be deleted.
With regard to the processing of personal data carried out through services provided to customers by Kaizen Tech, these have the following purposes and legal bases:
Project Management
The processing of this personal data is necessary for Kaizen Tech to provide its services. This processing is based on the fulfilment and execution of the contractual relationship with the customer.
Regarding billing data, it will be retained for 10 years, under the terms and in accordance with applicable law.
Regarding the processing of analytical data, in the context of providing services to its customers, Kaizen Tech acts as a subcontractor and ensures the regularisation of such processing through the conclusion of data processing agreements. Kaizen Tech retains this data for the period determined and agreed with the customer.
What Categories of Personal Data Do We Process?
In the context of the processing carried out via the website, we collect the following categories of data from users (and job applicants):
- Browsing data (e.g., IP address, web browser version, operating system, location, browsing behaviour: clicks, duration, number of visits, source of visits)
- Personal identification and contact data (e.g., name, email)
- Data relating to professional experience (CV, educational qualifications)
In the context of personal data processing carried out in the context of project management and service provision to customers, we collect the following categories of data:
- Contact details (project contact person: name and email)
- Customer identification data
- Financial data for contracted products (NIPC)
- Communications (voice, email) for transaction analysis and automatic classification
Information Security Objectives
The objectives of Kaizen Tech with the implementation of ISO 27001 are:
- Ensure the confidentiality, integrity, and availability of information, services, and infrastructures
- Obtain and maintain an ISO/IEC 27001 certification
- Ensure that processes and policies comply with the requirements of relevant stakeholder laws or regulations
- Raise awareness and make the concern with information security in Kaizen Tech's team a day-to-day practice
- Keep the number of incidents low
With Whom May We Share Your Personal Data?
The data collected is processed by internal employees, designated for this purpose and authorised to process the data through specific instructions given in accordance with current legislation. In certain cases, Kaizen Tech may disclose your personal data, to the extent strictly necessary, to third parties who provide services to us ("Subcontractors") for the purposes mentioned above and under contractual obligations and instructions established with them.
Kaizen Tech does not transfer and/or store personal data outside the European Economic Area.
Your data may be communicated to authorities or third parties when the transmission is carried out in compliance with a legal and/or contractual obligation, at the request of the National Data Protection Commission ("CNPD") or another relevant supervisory authority and/or by court order.
What Are Your Rights and How Can You Exercise Them?
Under applicable law, and as the owner of personal data, you may at any time request the following:
Right of Access
Obtain confirmation of whether your data is processed and a copy of it.
Right to Rectification
Correct inaccurate or incomplete personal data we hold.
Right to Erasure
Request deletion of your personal data under certain conditions.
Right to Restrict Processing
Limit how we use your data in specific circumstances.
Right to Object
Object to processing based on legitimate interests or direct marketing.
Right to Portability
Receive your data in a structured, machine-readable format.
In cases where you have given your consent to certain processing of your personal data, you may withdraw it at any time.
To exercise any of these rights, send a request to: privacy@kaizen.tech
Without prejudice to the foregoing, you may also lodge a complaint with the National Data Protection Commission (CNPD — www.cnpd.pt) if you believe that the processing of your personal data violates applicable law.
How Do We Protect Your Personal Data?
We have a variety of information security measures in place, in line with national and international best practices, to protect your personal data, including technological controls, administrative, technical, and physical measures, and procedures that ensure the protection of your personal data, preventing its misuse, unauthorised access, disclosure, loss, improper or inadvertent alteration, or destruction.
However, it is the responsibility of Users to ensure and guarantee that the devices and equipment used to access this website are adequately protected against harmful software, computer viruses, and worms.
Links to Other Websites
We may provide links to other websites of interest, but we are not responsible for the privacy policy, cookie policy, or terms of use of those websites.
When you access other websites through the links provided, the entities managing those websites may collect information about you. We recommend that when you access other websites, you consult all the information and conditions mentioned above.
Privacy Policy Update
This Privacy Policy may be reviewed and updated at any time, and these changes will be duly publicised on the website.