Privacy Policy

SourceLis Groupe SARL advises you to read this document, dedicated to privacy and protection of personal data.

In this document, SourceLis Groupe SARL expresses its strong commitment to protecting the privacy of personal data it processes. This policy explains what personal data we collect, how we use it, how it's processed, how long we store it, and how you can contact us to exercise your rights.

Purpose of Collected Data

The collected data is used for processing information requests, order processing, sending communications and notifications.

Your data will only be used if one of these conditions is met:

You've given consent by signing or accepting a digital form;

The data is necessary for contract fulfillment;

The data is required to comply with legal obligations;

Scope of Application

This Policy applies exclusively to personal data processing by SourceLis Groupe SARL, VAT number 515 704 490, headquartered at R. Salvato Feijó J, 4900-415
Viana do Castelo;

3. The categories of data subjects are:

Employees: governing bodies and/or members of SourceLis Groupe SARL, its workers, interns, service providers and attorneys, whether permanent, temporary or occasional.

Job Applicants: those who apply to work at SourceLis Groupe SARL for a position or job.
Client Employees: covered company representatives, their spouses and respective households, as well as other subjects including service providers.

The processed data may include identification details, family situation, academic qualifications, professional activity data, monthly income/expense data, and other personal data strictly necessary for contractual service execution, partnership agreements, employment relationship development, and legal compliance.

Legitimacy of Personal Data Processing

SourceLis Groupe SARL processes personal data based on principles of legality, fairness and transparency, fulfilling determined, explicit and legitimate needs.

Regarding employee relationships and collaborator contracts, personal data processing is based on contract execution, and when necessary for SourceLis Groupe SARL's legitimate interests.

As a subcontractor, SourceLis Groupe SARL processes data on behalf of Data Controllers, as necessary for executing signed contracts.

Personal data processing may also result from legal obligations when necessary to comply with legal requirements. For other situations not previously mentioned, explicit informed consent must always be obtained.

Purpose of Personal Data Processing

SourceLis Groupe SARL may process personal data necessary for its mission, with these purposes:

Administrative and operational contract management;

Pre-contractual and contractual execution;

Employment relationship processing;

Job application management (recruitment and selection);

Information campaigns (technical information);

Marketing and business prospecting;

Legal obligation fulfillment.

Personal Data Retention Periods

SourceLis Groupe SARL processes personal data according to collection purposes, only for the time necessary to fulfill those purposes, and always in compliance with the law.

Personal Data Recipients

Potential data recipients include:

- Entities requiring data disclosure by law or data subject request;

- Clients, within service provision relationships and by legal requirement;

- Financial institutions managing accounts for employee payments;

- Pension Fund or Social Security managers;

- Insurance companies for work/personal accident contracts;

- Training entities for certification issuance;

- Travel agencies or transport companies for travel documentation;

- Auditing entities (internal/external) for certification processes;

- External consulting entities providing consultancy services;

- IT management entities handling personal data.

External entities receiving personal data must comply with data protection laws as subcontractors.

Personal Data Transfers

SourceLis Groupe SARL does not transfer personal data to other countries.

When acting as subcontractor and required to transfer data internationally, SourceLis Groupe SARL informs the Controller before processing, unless prohibited by law for public interest reasons.

Job Applicants - Recruitment and Selection

For job applications, SourceLis Groupe SARL may process applicant data for recruitment processes. This processing is necessary for pre-contractual steps requested by applicants.

If hired, personal data will be kept for legally defined periods under labor law.

For unsolicited applications, data may be considered for suitable recruitment processes matching the applicant's profile.

Personal Data Security

SourceLis Groupe SARL implements appropriate technical and organizational measures to protect personal data.

Following data minimization principles, data is securely kept only for the minimum period necessary to fulfill contractual and legal obligations.

Data Subject Rights

Data subjects have rights to information, access, rectification, erasure, data portability, and to restrict or object to processing.

Consent can be withdrawn at any time, without affecting prior lawful processing.

To exercise rights, please email ... or send request to our headquarters. This is free unless requests are unfounded/excessive, when a reasonable fee may apply.

We respond within one month, extendable to two months for complex requests. We may request identity verification.

Data Breaches

In case of breaches posing high risk to rights/freedoms, SourceLis Groupe SARL as Controller will notify the Control Authority.

Suggestions and Complaints

For information or complaints, please contact us at ...

You may also complain directly to the National Data Protection Commission at https://www.cnpd.pt/.

Personal Data and Policy Updates

To ensure data accuracy, please notify us of any changes at ...

SourceLis Groupe SARL reserves the right to modify this Privacy Policy, with changes available at https://sourcesgroupe.com