⁨⁨⁨⁨ ⁩⁩⁩⁩

Privacy policy

Atualizado em
Updated in
December 2022

About Us

Bee Engineering, S.A. is an Information Technology consultancy that supports organizations in finding the right technological solution to catalyze their growth. We bring the best engineering and technology practices to global-scale projects in consulting, game development, R&D and training. We move as one to achieve a single purpose: success.

Headquartered at Rua Sousa Martins, nº10, 4th Floor, 1050-218 Lisbon, and registered with the Lisbon Commercial Registry Office under the registration and legal entity number 513063145, Bee Engineering, S.A., within the scope of its consulting and engineering services, needs to collect and process personal data of candidates, employees, clients, suppliers and third parties.

As the protection of privacy and personal data of everyone who interacts with Bee Engineering, S.A. is a concern and a priority for us, this Privacy and Data Protection Policy has been drawn up accordingly. In this way, it is possible to clearly and transparently convey good practices regarding this process.

Any personal data provided will be processed with the guarantee of security and confidentiality required by the legal framework regarding the protection of personal data.

Framework

This policy describes a set of guidelines, rules and principles that must be observed by Bee Engineering, S.A. in order to ensure the protection of the rights of data subjects.

Bee Engineering, S.A. undertakes to comply with this policy in accordance with the obligations of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as “GDPR”).

In this sense, Bee Engineering, S.A. seeks to ensure that its internal procedures are in compliance with the legal obligations of the GDPR and that the personal data of its employees, clients, suppliers or service providers, and of any other data subjects whose personal data Bee Engineering, S.A. processes in the exercise of its activity, are processed in accordance with the applicable regulatory and legal standards and are kept securely.

Data Controller

Bee Engineering, S.A., headquartered at Rua Sousa Martins, nº10, 4th floor, Lisbon, registered with the Lisbon Commercial Registry Office under the registration and legal entity number 513 063 145, is the entity responsible for the processing of personal data, and undertakes to apply the necessary technical and organizational measures, taking into account all aspects that may influence compliance with the General Data Protection Regulation (hereinafter referred to as “GDPR”), in order to safeguard the Fundamental Rights of Data Subjects.

For this purpose, Bee Engineering, S.A. has several technological measures (“privacy-enhancing technologies”), which we constantly seek to update, and has employees specifically assigned to this objective, demonstrating our concern and commitment to the Data Subject.

In addition, we maintain a record of the nature, scope, context and purposes of the processing of the data collected, which allows us to ensure and demonstrate that the processing is carried out in such a way as to guarantee the full Protection of Data Subjects, as a commitment that attests to our accountability.

Contacts:
Postal address: Rua Sousa Martins, nº10, 4th Floor, 1050-218 Lisbon
Telephone contact: +351 213 137 691
Email: gdpr@bee-eng.pt

Application and Scope

This Privacy Policy also applies to the respective employees, subcontractors, joint controllers, suppliers, clients, users of this website, trainees and candidates who operate within the universe of this company.

For the purposes of this Privacy Policy, each company belonging to the Moongy, S.A. Group and holding its own tax identification number has its own Privacy Policy, independent and autonomous. Therefore, for the purposes of Data Controller responsibility, each Company (and its assets) belonging to this Group has its own independence, and none of these entities shall be responsible for the acts or omissions of the other entities of the group with regard to Data Protection.

Global Projects Department

The Global Projects Department (GPD) is part of Moongy, S.A., which is the parent company of the Moongy Group, to which Bee Engineering, S.A. also belongs.

The Department is made up of professionals with different technical and organizational backgrounds who provide support in several areas, including: Information Security and Data Protection.

The GPD assists Bee Engineering, S.A. in the application of the GDPR and is properly and timely involved in all matters related to the protection of personal data, taking into account the risks associated with processing operations, such as their nature, scope, context and purposes. It also ensures compliance with all established processes with the aim of preserving data confidentiality.

With regard to requests for the exercise of data subjects’ rights, the communication of personal data breaches and other communications related to the GDPR, this is the contact point: gdpr@bee-eng.pt

YOUR PERSONAL DATA

What are Personal Data?

Personal Data are information relating to an identified or identifiable natural person (Data Subject), excluding data relating to legal persons.

An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, etc., or to one or more elements specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

What data do we need to collect?

The personal data collected are strictly necessary and limited to the purposes for which they are intended, which are determined, explicit and legitimate, and are kept only for the strictly necessary period of time for those purposes.

Personal data must be processed lawfully, fairly and transparently in relation to the data subject.

For the performance of its business activity and as the data collection controller, Bee Engineering, S.A. needs to collect and process the following data:

Se quiseres, eu posso:

  • Adaptar este texto para formato de página web
  • Dividir em secções prontas para Webflow
  • Revisar o inglês para ficar ainda mais juridicamente polido ou mais simples.

Categoria de dados Informação a Recolher
Dados de Candidatos – Recrutamento Nome; data de nascimento ou idade; sexo; nacionalidade/cidadania/local de nascimento; endereço de residência; número de telefone e fax; endereço eletrónico, língua materna; dados e cópia do documento de identificação; estatuto de imigração (no caso de necessitar de uma autorização de trabalho); habilitações literárias; histórico académico; histórico profissional; fotografia; estado civil; agregado familiar e dados sobre quaisquer dependentes.
Dados de Candidatos – Processo Contratual (Admissão) Nome; data de nascimento ou idade; sexo; nacionalidade/cidadania/local de nascimento; endereço de residência; número de telefone e fax; endereço eletrónico, língua materna; dados e cópia do documento de identificação (cartão de cidadão ou passaporte), incluindo número de segurança social (ou equivalente no seu país) e NIF; dados e cópia da sua carta de condução e/ou outro comprovativo de morada; informação financeira (país de domiciliação bancária, titular da conta, domiciliação (nome do banco), IBAN, BIC (ou SWIFT)); outras informações fiscais; estatuto de imigração (no caso de necessitar de uma autorização de trabalho); habilitações literárias, comprovativo de habilitações, histórico académico; histórico profissional, fotografia, contactos de emergência; estado civil, agregado familiar e dados sobre quaisquer dependentes.
Dados de Clientes – Processo Contratual Nome, número de telefone e endereço de e-mail de colaboradores da empresa cliente.
Dados de Fornecedores – Processo Contratual Nome, número de telefone e endereço de e-mail de colaboradores da empresa cliente, bem como informação financeira (país de domiciliação bancária, titular da conta, domiciliação (nome do banco), IBAN, BIC (ou SWIFT)).
Dados de Formandos Externos Nome completo; endereço de residência; endereço de e-mail; número de telefone e emprego; número e validade do Cartão de Cidadão; NIF; nacionalidade; naturalidade; data de nascimento.
Dados de Utilizadores do Site Os cookies recolhem informações genéricas, nomeadamente: i) endereço de IP; ii) data, hora, duração e frequência com que acede ao site; iii) a forma como chega e utiliza o website; iv) informação relacionada com as suas preferências; v) a zona do país através da qual acede ao site.

What is the purpose of the treatment?

Categoria de dados Informação a Recolher
Dados de Candidatos – Recrutamento São utilizados para recrutamento:
  • Enquadrar o candidato nas respetivas oportunidades de negócio;
  • Realização de entrevistas;
  • Encaminhar o candidato para qualificação em cliente;
  • Apresentação de pré-proposta.
Dados do Colaborador São utilizados para:
  • Gestão de recursos humanos;
  • Seleção de pessoal e recrutamento;
  • Processamento de remunerações, prestações e abonos, incluindo penhoras de vencimentos e reembolso de despesas;
  • Segurança e saúde no trabalho;
  • Gestão de sanções disciplinares;
  • Formação profissional;
  • Videovigilância;
  • Controlo de horário / assiduidade.
Dados de Clientes Os dados recolhidos dos nossos Clientes são bastante limitados, sendo a principal razão desta recolha assegurar que as disposições contratuais estabelecidas são devidamente aplicadas, de modo que a relação se desenrole sem constrangimentos. A utilização destes dados assenta nas principais finalidades:
  • Fornecer um serviço de consultoria;
  • Caso o serviço que lhe prestamos seja efetuado em associação com algum dos nossos parceiros, teremos de partilhar os seus dados de modo a lhe prestarmos o melhor serviço possível;
  • Prestar serviços de formação.
Dados de Fornecedores Utilizamos os dados apenas para garantir que as disposições contratuais cumprem as obrigações legais, que a nossa relação e comunicação se desenrole sem quaisquer constrangimentos, bem como para garantir o processamento dos pagamentos.
Dados de Formandos Externos São utilizados para:
  • Efeito de gestão e realização de sessões de formação;
  • Emissão de certificados;
  • Efeitos de histórico;
  • Para nos ajudar a melhorar a experiência da formação e conteúdos.
Dados de Utilizadores do Site São utilizados para:
  • Melhorar a experiência de utilização do nosso site.

What is the Legal Purpose of the Processing?

The purposes of processing personal data are determined by the execution of the various types of formalized legal contracts that become necessary to carry out the company’s entire activity, including, among others:

  • the execution of service provision contracts that we maintain with our clients;
  • employment contracts that we maintain with our employees;
  • management of internal processes of clients and employees;
  • accounting, tax and administrative management;
  • litigation management;
  • control of physical security and compliance with legal obligations.

Under the GDPR, we are duly legitimized by the following legal bases for processing:

1 – Performance of contracts or pre-contractual steps – The processing is necessary for the conclusion, execution and management of contracts to which the data subject is a party, or at the request of the data subject.

2 – Compliance with a Legal Obligation – For the fulfilment of a legal obligation to which the company is subject. For example, the communication of tax data.

3 – Pursuit of a legitimate interest – Such as the security of people and property, the improvement of service quality, and the promotion of transparency within the scope of Social Responsibility. Bee Engineering, S.A. carries out a duly recorded balancing test that ensures the legitimacy of the processing.

4 – Consent – Whenever the legal bases listed above are not applicable, Bee Engineering, S.A. requests the consent of the Data Subject. Consent is a free, specific, informed and explicit manifestation of will, by means of a declaration or an unequivocal (and written) act by which the Data Subject authorizes the Processing.

The withdrawal of consent may be requested at any time by sending a simple request to the email address: gdpr@bee-eng.pt.

The personal data collected by us will be processed and stored in accordance with the purposes and for the minimum period legally required.

To whom may we disclose the data?

Within the scope of its core activities, Bee Engineering, S.A. may disclose the data collected in order to fulfil the purposes indicated in this policy. Only the data strictly necessary for the execution of the service will be provided to entities of the Bee Engineering, S.A. network, based on the fulfilment of a legal obligation (for example, payroll processing or any tax obligation that so requires). They may also, to the extent necessary, be communicated to official entities whenever legally required and may be processed by entities subcontracted by the company (for example, internal and external auditors that allow us to preserve and improve the quality of the service).

In this sense, the entire scope of this policy also extends to processing carried out by third parties and subcontractors, taking into account:

  • Compliance of the processing with the GDPR, this privacy policy and lawful, fair and transparent processing;
  • The data collected are merely instrumental to our activity, intended to pursue a determined, specific and legitimate purpose, and no subsequent processing incompatible with the determined purposes may take place;
  • The data collected shall be strictly necessary for the purpose, being adequate, relevant and necessary for the purposes and collection of processing, taking into account the principle of data minimization;
  • The data shall be kept accurate and up to date in order to ensure the principle of accuracy and to guarantee their integrity and confidentiality;
  • With regard to integrity and confidentiality, there shall be no unlawful or unauthorized processing, in order to prevent any loss, destruction or damage to the data, by adopting all appropriate technical and organizational measures;
  • The retention of the Data Subject’s data is a concern for Bee Engineering, S.A., and therefore the data will remain identifiable solely and exclusively for the period necessary for the purposes for which they are processed.

How we design new products

Whenever a new product is developed, it is ensured at the design stage itself (as a primary aspect) that it includes the most advanced technical and organizational measures available to Bee Engineering, S.A., taking into account the risks arising from the processing for the rights and freedoms of data subjects, as well as the risks arising from the processing for the rights and freedoms of natural persons, being aware of the variability of probability and severity, and never failing to have privacy as a pillar throughout the entire processing.

In this way, the application of all principles set out in the GDPR is ensured from the design stage, protecting Data Subjects and safeguarding their rights.

In summary, Bee Engineering, S.A. undertakes to implement and keep privacy present at the product development stage and throughout all processing in order to ensure data protection from the very conception of the product (“Privacy by Design”).

What is the data retention period?

The data will be retained for:

  • the period necessary for the purposes for which they are intended and for which they are processed within the scope of our activity;
  • a maximum period of 5 years for staff selection and recruitment;
  • the periods required by the legal obligations to which we are subject.

YOUR RIGHTS

Rights of the Data Subject

The Data Subject has the following rights, which may be exercised easily and free of charge by sending an email to: gdpr@bee-eng.pt. Only in the case of requests that are manifestly unfounded or excessive may a fee be charged for the exercise of these rights (under Article 15(3) of the GDPR).

Right of Access

The Data Subject has the right to ask whether or not their data are being processed and, if so, the right to access their personal data and to be provided with the following information:

  • Purpose of the processing;
  • Categories of data being processed;
  • Recipients to whom the data will be disclosed;
  • Foreseen storage periods or, if not possible, the criteria used to determine that period;
  • Existence of the right to request rectification, erasure, restriction of processing or to object to processing;
  • Security measures and destination related to the transfer of data to third countries;
  • Right to lodge a complaint with the supervisory authority.

The Data Subject also has the right to obtain a copy of the personal data that are being processed.

Right to Rectification

The Data Subject has the right to request and obtain the rectification of inaccurate data and to request that incomplete personal data be completed without undue delay.

Right to Erasure / Right to be Forgotten

The Data Subject has the right to request the erasure of their personal data without undue delay whenever they are no longer necessary for the purpose that led to their collection or processing. The Data Subject may also decide to withdraw consent for the processing of their personal data whenever they wish to exercise the right to object.

There are some exceptions to this right, such as when this would conflict with the exercise of freedom of expression and information, when the data are necessary for compliance with legal obligations, for reasons of public interest or public health, for archiving purposes in the public interest, scientific or historical research, for statistical purposes, or for the establishment, exercise or defence of legal claims. In such cases, the Data Subject shall be informed of the reason why it is not possible to comply with the request.

Right to Restriction of Processing

The Data Subject has the right to limit/restrict the processing of their personal data whenever one of the following situations occurs:

  • If the data are inaccurate and are contested during the period necessary to verify their accuracy;
  • If the processing is unlawful, but the Data Subject opposes the erasure and requests only the restriction of their use;
  • If the controller no longer needs the data for processing purposes, but the data are required by the Data Subject for the establishment, exercise or defence of legal claims;
  • If the Data Subject has objected to the processing and it has not yet ceased, either (i) for overriding and legitimate reasons presented by the controller or (ii) for the establishment, exercise or defence of legal claims.

In the above situations, the suspension of processing or the limitation of the scope of processing to certain categories of data (e.g. only provision of full name and address) or even to specific processing purposes may be requested.

Right to Notification

Whenever rectification, erasure or restriction of processing of data is requested by the Data Subject, the controller shall inform them that it has complied with the request, unless such communication proves impossible or involves a disproportionate effort. If the Data Subject so requests, the controller shall provide information about the respective recipients.

Right to Data Portability

The Data Subject has the right to receive the personal data concerning them in a structured, commonly used and machine-readable format, and Bee Engineering, S.A. may not oppose this under Article 20(1) of the GDPR, where:

  • the processing is based on a contract;
  • the Data Subject has given consent;
  • the processing is carried out by automated means.

How can I exercise my rights?

To exercise any of these rights or for any questions regarding the processing of your personal data, the Data Subject must submit a request to the entity responsible, by sending an email to gdpr@bee-eng.pt.

Although these rights are explained to the Data Subject at the time their personal data are collected, if there are any doubts, they may contact the controller through the email address gdpr@bee-eng.pt.

RESPONSIBILITIES


How do we protect your data?

Bee Engineering, S.A. has been working to maintain and preserve personal data with a high level of security. In compliance with the principles of security, confidentiality and privacy, we ensure that your data are processed only by authorized persons, and that only those who are duly entitled to do so may access and process your data, always in a strictly confidential manner.

The “need-to-know” principle has been adopted, whereby employees may only access personal data if this is strictly necessary for the performance of their duties. Any processing outside this scope is considered prohibited and subject to disciplinary sanctions, in accordance with our internal security and confidentiality policies and procedures, which are periodically updated as needed.

Depending on the nature, scope, context and purposes of the data processing, as well as the risks arising from the processing for the rights and freedoms of the data subject, we apply, both at the time of defining the means of processing and at the time of the processing itself, the necessary and appropriate technical and organizational measures to protect the data.

Employees are not permitted to use personal data for private or economic purposes, to transmit them to unauthorized third parties and/or to allow access in any other way. Bee Engineering, S.A. also undertakes to ensure that, by default, only data that are relevant, necessary and appropriate for each specific purpose of the processing are processed, and that such data are not made available, without human intervention, to an indeterminate number of people.

Although it is not currently foreseen, should a transfer of personal data to countries outside the European Union take place, the applicable legal provisions will be observed, namely with regard to the determination of the adequacy of such country in terms of data protection and the requirements applicable to such transfers.

Security measures have also been defined, ranging from good practices to the prevention of external threats. These are described in the security policy. If you wish to have access to it, you may request it by sending an email to gdpr@bee-eng.pt.

Global Projects Department (GPD)

Bee Engineering, S.A., supported by the GPD, is responsible for:

  • Acting as the controller with regard to all duties and obligations set out in the GDPR;
  • Monitoring and controlling the compliance of processes with the GDPR and with the implemented policies in an appropriate and timely manner;
  • Ensuring that it has all the necessary resources to perform its functions;
  • Acting as a contact point for requests from Data Subjects regarding the processing of their personal data and the exercise of their rights;
  • Carrying out a data protection impact assessment whenever a certain type of processing so requires.

Personal Data Breach

A personal data breach is considered to be any act that compromises the security of such data, whether accidental or unlawful, and that results in the destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored or otherwise processed.

We reiterate that Bee Engineering, S.A. has been working to maintain and preserve personal data with a high level of security, having technical staff dedicated exclusively to this mission within the company. However, minor deviations from what is expected may still occur.

If any of our candidates, employees, clients, subcontractors or even third parties detect or suspect a possible data breach, they must immediately send an email to gdpr@bee-eng.pt, describing what happened and identifying the data that may be involved. In this way, the responsible department will be able to act quickly and appropriately in accordance with the rules established by the GDPR.

In the event of a data breach, and insofar as such breach is likely to result in a high risk to the rights and freedoms of clients, employees and other collaborators and/or partners, Bee Engineering, S.A. undertakes to notify the National Data Protection Authority within 72 hours of becoming aware of the incident, and to notify the data subjects whenever such breach is likely to result in a high risk to their rights.

COOKIES

What are cookies?

Cookies are small text files that are stored on your computer or mobile device through your internet browser. As you browse, they record your preferences and allow the website to recognize your device the next time you visit.

At any time, you may choose to be notified about the receipt of cookies, consult or change the type of cookies, as well as block their entry into your system, through your internet browser settings.

Why are they used?

Cookies are an essential part of the functioning of our website and of facilitating your navigation on the Platform, and their main purpose is to improve the user’s browsing experience. For example, they are used to help determine the usefulness, interest and number of uses of the website, allow faster and more efficient navigation, and also eliminate the need to repeatedly enter the same information.

The information collected by Cookies also allows us to improve the website through estimates and usage patterns, and to adapt it to the individual interests of users.

As described below, the website uses technical or strictly necessary cookies, performance cookies, functionality cookies and advertising cookies. Each of these cookies may be installed by Bee Engineering, S.A.’s websites (first-party cookies) or by websites external to Bee Engineering, S.A. (third-party cookies), and may be removed as soon as the user leaves the website (session cookies) or remain on the terminal equipment after the user leaves the website (persistent cookies).

The cookies currently used by the website are as follows:

Technical or Strictly Necessary Cookies

Technical or strictly necessary cookies are cookies installed for the purpose of enabling navigation on the website, allowing for a proper user experience, namely with regard to website security or consent management. For this reason, these cookies do not require your consent.

Cookie Cookie Name Purpose Nature Duration
Google _grecaptcha Allows you to distinguish between humans and bots. It is necessary for site usage reports to be reliable. Third Party Persistent
Cookiebot CookieConsent Stores the user's consent state cookie for the current domain. Third Party 1 year
www.bee-eng.pt wordpress_test_cookie Checks whether the browser supports cookies. First Party Session
Google rc::a Allows you to distinguish between humans and bots. It is necessary for site usage reports to be reliable. Third Party Persistent
Google rc::b Allows you to distinguish between humans and bots. Third Party Session
Google rc::c Allows you to distinguish between humans and bots. Third Party Session
YouTube CONSENT Used to detect whether the user has accepted the Marketing category in the cookie banner. This cookie is required for GDPR compliance. Third Party 6063 days

Performance Cookies

Performance cookies allow us to count visits and traffic sources, so that Bee Engineering, S.A. can measure and improve the performance of the website. These cookies help us understand which pages are the most visited and how visitors use the website. All information collected by these cookies is anonymous.

Cookie Cookie Name Purpose Nature Duration
Google _ga Registers a unique ID that is used to generate statistical data on how the visitor uses the website. Third Party 2 years
Google _gat Used by Google Analytics to manage request rate. Third Party 1 day
Google _gid Registers a unique ID that is used to generate statistical data on how the visitor uses the website. Third Party 1 day

Functionality Cookies

Functionality cookies allow the website to provide enhanced functionality and personalization, such as remembering the language in which you want to view the website on a future visit. If you do not allow these cookies, some or even all of these features may not function properly.

Cookie Cookie Name Purpose Nature Duration
www.bee-eng.pt pll_language Determines the visitor’s preferred language. Allows the website to set the preferred language on the visitor’s return. First Party 1 year
Google test_cookie Checks whether the browser supports cookies. Third Party 1 year
Google _GRECAPTCHA Allows you to distinguish between humans and bots. It is necessary for site usage reports to be reliable. Third Party 179 days
YouTube VISITOR_INFO1_LIVE Attempts to estimate users’ bandwidth on pages with embedded YouTube videos. Third Party 179 days
YouTube YSC Registers a unique ID to keep statistics of which YouTube videos the user has watched. Third Party Session
YouTube yt.innertube::nextId Registers a unique ID to keep statistics of which YouTube videos the user has watched. Third Party Persistent
YouTube yt.innertube::requests Registers an ID to keep statistics of which YouTube videos the user has watched. Third Party Persistent
api.itjobs.pt itjobs_pt Pending Third Party 30 days

Withdrawal and Management of Consent

The user may, at any time, withdraw or change the consent preferences previously given. To do so, simply access the cookie management tool.

The use of cookies can also be defined in your browser preferences, namely in the privacy options. For this purpose, we recommend that you consult the help section/menu of your browser or visit the website of the respective provider.

Complaint to the Supervisory Authority

Notwithstanding Bee Engineering, S.A.’s commitment to resolving any type of situation, the Data Subject has the right to lodge a complaint with the competent Authority (CNPD) if any of their rights are denied.

Supervisory Authority:
National Data Protection Commission (Comissão Nacional de Proteção de Dados)
Av. D. Carlos I, 134 – 1.º
1200-651 Lisbon / Portugal
Tel: +351 213 928 400 / Fax: +351 213 976 832
www.cnpd.pt

Changes to the Privacy Policy

Bee Engineering, S.A. reserves the right to change this Privacy Policy at any time, and such changes will be duly published here.

In any case, we suggest that you review this Policy regularly so that, if changes occur or updates are introduced, you will always be properly informed about them.

Applicable Law and Jurisdiction

This Privacy Policy, as well as the collection, processing or transfer of data of clients, employees and partners, is governed by the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, and by the legislation and regulations applicable in Portugal, namely Law No. 58/2019 of 8 August.

Any disputes arising from the validity, interpretation or execution of the Privacy Policy, or related to the collection, processing or transfer of Customer data, shall be submitted exclusively to the jurisdiction of the judicial courts of the District of Lisbon, without prejudice to the applicable mandatory legal rules.

Contact

If you have any questions, wish to exercise your rights, or have suggestions or complaints regarding Data Protection and this Privacy Policy, you may contact us at the following email address: gdpr@bee-eng.pt.

⁨⁨⁨ ⁩⁩⁩