Privacy Policy
Date of publication: 13.03.2026
SISCOG is committed to arespecting the privacy of your personal data and has created this set of rules (“Privacy Policy”) to inform you how the personal data of data subjects (“Users”) are processed, both in the context of using the websites https://www.siscog.pt, https://www.siscog.eu and https://www.siscog.com, and in the context of other activities and services provided by SISCOG, such as managing applications for job vacancies, managing commercial relationships with potential clients and suppliers, managing commercial and marketing communications, among others.
This Privacy Policy has been developed in strict compliance with the applicable legislation in this field, namely Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”) and Law 58/2019 of 8 August – the Personal Data Protection Law, which implements the GDPR into Portuguese law, as well as the guidelines issued by the National Data Protection Commission (“CNPD”).
This Privacy Policy describes, where applicable, the types of personal data we collect and how we process it after collection.
1. Data Controller. The entity responsible for processing personal data under this Privacy Policy is SISCOG – Sistemas Cognitivos, S.A., a commercial company registered at the Lisbon Commercial Registry Office under company number 501707336, with its registered office at Campo Grande, No. 378 – 3rd floor, 1700 – 097 Lisbon, Portugal (“SISCOG”).
SISCOG has appointed a Data Protection Responsible (“DPO”), who may be contacted for any questions related to the processing of personal data at the following email address: ims@siscog.pt.
2. Scope of personal data processing and types of information collected. The purposes, legal basis and categories of personal data processed by SISCOG are described in the following table:
|
Purposes |
Categories of Data |
Legal Basis |
|
Site navigation management |
Navigation data (IP address, browser, cookie preferences) |
Performance of a contract and SISCOG’s legitimate interest in optimising the browsing experience |
|
Management of applications for job vacancies |
Identification data (Title e.g., Mr, Mrs, Name, Company, Role, City, District, Country, Curriculum Vitae (CV), LinkedIn profile, Academic degree, Application area); Navigation data (IP address, browser, cookie preferences, download date and time, identification of downloaded document) |
Taking pre-contractual steps |
|
Management of commercial relationships with clients and service providers |
Identification data (Title, Name, Company, Role, City, District, Country); Contact data (Address, Telephone, Email) |
Taking pre-contractual steps and performance of a contract |
|
Accounting management and invoicing |
Identification data (Title, Name, Company, Role, City, District, Country); Contact data (Address, Telephone, Email); Accounting data (Tax ID, IBAN) |
Compliance with legal obligations |
|
Managing information requests about SISCOG and its products and services |
Identification data (Title, Name, Company, Role, City, District, Country); Contact data (Address, Telephone, Email) |
Taking pre-contractual steps and SISCOG’s legitimate interest in responding to requests |
|
Management of commercial and marketing communications |
Identification data (Title, Name, Company, Role, City, District, Country); Contact data (Address, Telephone, Email) |
Consent |
|
Statistical analysis of website usage |
Navigation data (IP address, browser, cookie preferences, download date and time, identification of downloaded document) |
Consent |
|
Exercise or defence of SISCOG’s rights in judicial, administrative or extrajudicial proceedings |
Identification data (Title, Name, Company, Role, City, District, Country); Contact data (Address, Telephone, Email); Accounting data (Tax ID, IBAN) |
SISCOG’s legitimate interest in defending its rights and securing outstanding payments |
The User guarantees that the personal data provided to SISCOG is true and accurate.
3. Conditions of processing. SISCOG, as the entity responsible for processing the personal data provided by Users, complies with all legal provisions applicable to the processing of collected data.
SISCOG guarantees the integrity and confidentiality of the data entrusted to the company, as well as the legitimacy of its processing under the law, namely: lawfulness, security, confidentiality of processing and the prohibition of using personal data for purposes other than those stated at the time of collection, unless the User subsequently gives express consent. Data will only be retained for the period necessary to fulfil the purposes for which they were collected/processed.
SISCOG implements appropriate technical and organisational measures to protect Users’ personal data against alteration, disclosure and/or unauthorised access. SISCOG uses appropriate systems and procedures to protect and safeguard the integrity of the personal data provided, including organisational, technical and physical security restrictions to access servers, access server controls, among others. Only authorised employees may access personal data in the performance of their duties and for the purposes described herein.
Notwithstanding the above, and to the maximum extent permitted by law, SISCOG shall not be held liable for attacks or any unlawful acts by third parties.
4. Data retention period. Personal data shall be retained by SISCOG: (i) for as long as necessary for the purposes for which they were collected; (ii) for the period for which SISCOG is legally required to store them; or (iii) where applicable, until Users withdraw their consent and/or exercise their right to deletion.
In particular, SISCOG has implemented the following retention periods:
i. Management of job applications: for the period necessary to pursue the respective purpose.
a) If the candidate is hired, their data will be retained for the duration of the contractual relationship, unless longer retention is legally required.
b) If not hired, data will be kept for up to 2 years from the date the CV was received.
ii. Management of commercial relationships: data will be processed for the duration of the contract and for 20 years after its termination.
iii. Management of accounting and invoicing: data will be stored for 10 years or longer if necessary for SISCOG’s legal defence.
iv. Management of information requests about SISCOG and its products and services: data will be stored for 10 years after the last communication.
v. Management of commercial and marketing communications: data will be processed until the User withdraws consent, without prejudice to longer storage for legal obligations and/or defence of SISCOG rights.
vi. Website navigation and statistical analysis: data will be processed for 5 years.
vii. Exercise or defence of SISCOG rights: data will be processed until outstanding amounts are paid or the dispute is resolved.
5. Data disclosure. Users’ personal data will be processed by SISCOG employees who are duly authorised to carry out such processing in the performance of their duties, and who are functionally and contractually bound to process Users’ personal data in accordance with the law and this Privacy Policy.
Except where required by law or by a competent authority, SISCOG undertakes not to share this information with third parties without the User’s prior authorisation, unless necessary for the operation of the Site or for managing interactive programmes with Users.
SISCOG expressly accepts that the personal data may be disclosed:
i. to other companies within the Group, including entities located outside the European Union;
ii. to other countries where the servers supporting the Site are located (including transferring such data back to the country of residence), for operating and developing the Site and SISCOG’s services.
In both cases, SISCOG will ensure that access to your personal data is granted strictly on a need to know basis and that any international data transfer is carried out in full compliance with Regulation (EU) 2016/679 (“GDPR”), ensuring that all appropriate safeguards are implemented, namely the existence of an adequacy decision by the European Commission, the conclusion of standard contractual clauses approved by the Commission, or the implementation of other legally permissible safeguards that ensure a level of protection essentially equivalent to that of the European Union.
SISCOG may engage processors for website management, database hosting or analysis of applications. These processors act solely on SISCOG’s instructions and are prohibited from using personal data for other purposes. Their services are subject to confidentiality obligations in line with applicable legislation.
Additionally, personal data may be disclosed, where legally required, to judicial or police authorities or any entities legally entitled to receive it, such as administrative and judicial bodies in the context of proceedings for breaches of the Site’s terms of use. Users’ personal data may, in particular, be disclosed to administrative and judicial authorities in the context of proceedings arising from breaches of the Site’s terms of use, for the purpose of determining any civil, administrative, or criminal liability.
6. Traffic data and “cookies”. SISCOG uses software and IT systems on its Site that, during normal operation, collect certain personal data (known as log files), the transmission of which is inherent to internet communication protocols. This information is not collected with the intention of associating it with identified individuals; however, due to its nature, it may allow user identification through processing and combination with data held by third parties.
SISCOG reserves the right to monitor and analyse traffic and “clickstream” patterns—i.e., how and when pages are accessed for statistical purposes and to better understand Users’ habits, with a view to improving and personalising the Site. Information may also be stored on the User’s device to improve Site performance. This information is commonly known as “cookies”. Cookies are stored on the User’s hard drive, not on the Site. They allow the collection of certain information about the User’s computer, including IP address, operating system, browser type, website traffic patterns and demographic profile, though anonymously.
When visiting the Site, our server also automatically records the IP (Internet Protocol) address. An IP address is automatically assigned to the User’s computer by their Internet Service Provider (ISP) whenever they access the Internet. SISCOG only uses IP addresses to compile aggregate, non-personal information about the number of visitors to the Site, or to restrict access to certain users. In general, these data are also used to obtain anonymous statistical information about Site usage and to verify that it is working properly.
SISCOG provides on the Site a cookie management platform which allows the user to view the cookies installed, obtain further information on each one and choose which should be installed on their device. Additionally, if the user does not wish to receive cookies or wants to be informed of their installation, it is possible to configure the web browser accordingly, where permitted. Please note that disabling cookies may prevent certain parts of the Site from functioning correctly.
If the user gives consent for the installation of cookies for statistical analysis and marketing purposes, we inform them that we use the following services:
1. Google Analytics
We use Google Analytics, a web service provided by Google Ireland Limited (“Google”), headquartered at Gordon House, Barrow Street, Dublin 4, Ireland.
For this purpose, we use cookies that are stored on your device and collect anonymous information about your use of our Site, such as how often you visit it, the time you spend on it, and how you interact with the respective pages (for example, whether you made a purchase or performed a search).
The information collected by these cookies regarding your use of our Site is generally transferred to a Google server in the USA and stored there. However, your IP address will be anonymised before any further transfer by Google outside the Member States of the European Union or other States of the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and anonymised there. We ensure an adequate level of data protection for this transfer through the adoption of standard contractual clauses approved by the European Commission.
Google will use this information on our behalf to analyse your use of the Site, provide reports on Site activity (such as loading times, etc.), and provide us with other services related to Site usage. We will use this information and these reports to improve our Site. Google may also transfer this information to third parties where required by law or when such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.
We use Cross Device Tracking, a Google Analytics feature that allows data, sessions, and interactions across multiple devices to be assigned to a pseudonymous user, enabling us to analyse a user’s activities across different devices. This includes the Google Signals feature, which allows us to add aggregated demographic information (e.g., age, gender, interests) to Google Analytics. However, this only occurs if you are logged into a Google service when visiting our Site and have simultaneously activated the “personalised advertising” option in your Google account settings. In any case, we do not have access to personal data or user profiles the data remain anonymous to us.
We make use of the Google Analytics advertising feature, which allows us to collect information on the performance of our campaigns through Google Ads cookies and receive corresponding demographic information, provided the user has consented to the use of Google Ads cookies.
The data sent by us and linked to cookies, user identifiers (e.g., User ID), or advertising IDs are automatically deleted after 14 months. Data whose retention period has expired is automatically deleted once a month.
You may also prevent Google from collecting data generated by cookies and relating to your use of our Site by downloading and installing the browser plug in available at:
https://tools.google.com/dlpage/gaoptout. An opt out cookie will be set, preventing future collection of your data when you visit our pages.
To prevent Google Analytics from collecting data across different devices, you must opt out on all systems used. If you do not wish to use Google Signals, you may also disable “personalised advertising” in your Google account settings.
7. Links to third party websites. The SISCOG Site may contain hyperlinks (links) to other third party websites. We therefore recommend consulting the pages within those websites that refer to their respective privacy policies. SISCOG’s Privacy Policy does not apply to third party websites. SISCOG is not responsible for the privacy policies nor for the content available on third party websites.
We do not use social media plug ins on our Site. If our Site contains icons of the following social networks, these are used solely to establish a passive link to the pages of the respective providers:
1. SISCOG Facebook Page
SISCOG’s profile on Facebook can be found at: https://www.facebook.com/siscog.page.
For users located outside the USA and Canada, Facebook is operated by Meta Platforms Ireland Limited.
Even if you are not registered on Facebook and visit our Facebook page, Facebook may collect usage data. For further information, consult Facebook’s privacy policy at: https://www.facebook.com/privacy/policy/ and https://www.facebook.com/legal/terms/information_about_page_insights_data. This policy also contains information about your Facebook account settings.
Meta Platforms Ireland Limited may share your data within the Facebook group and with third parties. This may include the transfer of personal data to the USA and other countries for which there is no adequacy decision issued by the European Commission. In such cases, Meta Platforms Ireland Limited relies on standard contractual clauses approved by the European Commission under Article 46(2) (a) and (c) GDPR. Further information is available in Facebook’s privacy policy.
Additionally, SISCOG and Meta Platforms Ireland Limited act as joint controllers for the processing of “Insights data” when our Facebook page is visited. Using this information, Meta Platforms Ireland Limited analyses behaviour on our Facebook page and provides us with this data in an anonymous format. A joint controller agreement has been concluded with Meta Platforms Ireland Limited regarding the data treatment, available at: https://pt-pt.facebook.com/legal/terms/page_controller_addendum. Under this agreement, Meta Platforms Ireland Limited undertakes, among other things, to assume primary responsibility under the GDPR for the processing of Insights data and to comply with all obligations under the GDPR.
2. Instagram
SISCOG’s Instagram profile can be found at https://www.instagram.com/lifeatsiscog/#.
For users located outside the USA and Canada, Instagram is operated by Meta Platforms Ireland Limited.
For more information, consult Instagram’s privacy policy at: https://help.instagram.com/155833707900388.
3. YouTube Channel
SISCOG’s YouTube channel can be accessed at: https://www.youtube.com/user/siscogchannel.
For users located outside the USA and Canada, the Google Service is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
For more information, consult Google’s privacy policy at: https://policies.google.com/privacy?hl=cz.
4. LinkedIn
SISCOG’s LinkedIn profile can be found at: https://www.linkedin.com/company/siscog/.
For users residing in the European Economic Area and Switzerland, LinkedIn is operated by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland (“LinkedIn Ireland”).
LinkedIn Ireland’s privacy policy can be found at:
https://cz.linkedin.com/legal/privacy-policy?trk=organization-guest_footer-privacy-policy. This policy also contains information on how to configure your LinkedIn profile settings.
LinkedIn Ireland also transfers personal data to the USA and other countries outside the EEA where no adequacy decision exists. Relevant information can be found at:
https://www.linkedin.com/help/linkedin/answer/62533?trk=microsites-frontend_legal_privacy-policy.
SISCOG acts as a joint controller with LinkedIn Ireland for the processing of “Page Insights data” collected when you visit our LinkedIn page. A joint controller agreement has been concluded with LinkedIn Ireland, available at: https://legal.linkedin.com/pages-joint-controller-addendum. LinkedIn Ireland undertakes, among other things, to assume primary responsibility under the GDPR for the processing of the “Page Insights data” and to comply with all GDPR obligations relating to the processing of the “Page Insights data”.
We also receive from LinkedIn Ireland non identifiable information and analytics on the use of our account or interactions with posts on Page Insights. This enables us to analyse and optimise the effectiveness of our LinkedIn activities. For this purpose, LinkedIn Ireland processes data that users have provided via their LinkedIn profile, such as:
- Role/job title
- Industry
- Seniority (years of experience)
- Company size
- Professional status
LinkedIn Ireland also processes information regarding how users interact with our LinkedIn company page, such as: (i) whether you follow our LinkedIn company profile; (ii) whether you applied for a job through our LinkedIn page; (iii) how you interact with our posts.
8. User rights. The User has, in certain cases and under specific circumstances, the right to access, rectify, erase, restrict, and port their personal data. These rights may be exercised at any time, in writing, from the User’s email address, by contacting: ims@siscog.pt.
SISCOG will respond in writing (including by electronic means) to the User’s request within a maximum period of 30 (thirty) days from receipt of the request, except in cases of particular complexity, in which case this period may be extended by a further 30 (thirty) days, subject to prior justification being provided.
The User also has the right to lodge complaints with the National Data Protection Commission (CNPD) or another supervisory authority competent in matters of personal data protection.
The CNPD’s contact details are as follows: Av. D. Carlos I, no. 134, 1º, 1200 651 Lisbon - Tel: +351 213 928 400 – Fax: +351 213 976 832 – Email: geral@cnpd.pt – Website: www.cnpd.pt
9. Modifications. SISCOG complies with the legislation in force and is bound by this Privacy Policy. Any amendment to the Privacy Policy will be published on the Site, and Users are therefore advised to consult this document regularly. The version published on the Site is the version currently in force.
Notwithstanding the above, SISCOG may alter this Privacy Policy or alter, modify, or discontinue access to this Site without any prior or subsequent direct notice. We therefore recommend that you read and review it each time you access the Site, in order to remain informed of any changes. SISCOG shall likewise have the right to review its security policies and data protection safeguards, processes, and provisions as it deems appropriate.
10. Consent. By using the Site, the User expressly, unequivocally, and freely consents to SISCOG processing, through automated means, the personal data provided by them (including the collection, registration, storage, and alteration of such personal data, as well as their integration and organisation within a database) under the terms set out in this Privacy Policy.
More detailed information on the protection of personal data may be obtained by consulting the applicable legislation, namely the GDPR.