Privacy Policy

ABOUT US

MoOngy.S.A. is a European organization in the area of ​​Information Systems, Science and Technology and a reference in the world of Banking, Insurance, Telecommunications, Industry, Pharmaceuticals and Energy, among others. It is a company committed to innovation and oriented towards creating real value for its Clients and Consultants.

Based on Rua Sousa Martins, nº10, Lisboa, within the scope of its consulting and engineering services, has the need to collect and process personal data of candidates, employees, customers, suppliers and third parties.

Being the protection of the privacy and personal data of all those who interact with MoOngy, S.A. a concern and priority for us, has been compliant elaborated the present privacy and data protection policy. This way it is possible to communicate in a clear and transparent way the good practices related to this process.

Any and all personal data provided will be treated with the guarantee of security and confidentiality required by the legal framework regarding the protection of personal data.

 

BACKGROUND

This policy describes a set of guidelines, rules and principles that MoOngy, S.A. must observe to ensure the protection of the rights of the data subjects.

MoOngy, S.A. undertakes to comply with this policy in accordance with the obligations of the Regulation 2016/679 /EU of the European Parliament and the Council from 27 April 2016, on the protection of individuals with regard to the processing of personal data and the free movement of such data (hereinafter referred to as "Regulation").

In this sense, MoOngy, S.A. seeks to ensure that its internal procedures are in compliance with the legal obligations of the Regulation and that the personal data of its employees, customers, suppliers or service providers and any other data holders whose personal data MoOngy, S.A. processes in the exercise of their activity, are treated in accordance with the current regulatory and legal standards and kept safely.

 

DATA CONTROLLER

MoOngy S.A, as co-responsible for the processing of personal data, undertakes, on the basis of Articles 5 and 24 of the Regulation, to apply the necessary technical and organizational measures, taking into account the nature, scope, context and the purpose of the data collected and to ensure that the treatment is carried out in accordance with the Regulation.

Contact Details:

Postal address: Rua Sousa Martins, nº10, Lisbon

Each area of action has a Data Controller, who applies the necessary technical and organizational measures to ensure that all obligations are met.

MoOngy, S.A. should be informed and involved in all matters relating to the protection of personal data, and should always take into account the risks associated with treatment operations, such as their nature, scope, context and purpose. The company must also ensure compliance with all established processes in order to preserve the confidentiality of the data.

With regard to the request of the rights of the holders, the communication of violations of personal data and other communications related to the GDPR, the contact is as follows: gdpr@dxspark.com.

 

WE GUARANTEE CONFIDENTIALITY IN THE TREATMENT OF YOUR DATA

The personal data are considered confidential and, as such, are covered by the legal obligations of confidentiality. Data processing is supervised by the data controller who will ensure that only duly authorized people can handle certain data.

We adopted the principle of need-to-know, where employees can only access personal data if it is strictly necessary for the performance of their duties. Treatment outside this scope is considered prohibited and subject to disciplinary sanctions.

Employees are not authorized to use personal data for private or economic purposes, communicate it to unauthorized third parties and/or allow the access in any other way.

YOUR PERSONAL DATA

 

HOW CONSENT IS GIVEN

The consent of the holder is manifested freely, voluntarily, and explicitly, and is obtained by means of an acceptance record.

The removal/withdrawal of consent can be requested at any time by sending a simple request to the email address gdpr@dxspark.com

 

HOW DO WE COLLECT YOUR DATA

Candidate Information: they are collected directly from the candidate, from third parties or from other sources, namely:

Resume submission by e-mail, directly to our address;

• Resume submission by an employee;
• Contact in Universities;
• Personally;
• Telephone;
• Social Networks (i.e, Linkedin);
• By our website;
• By our "Jobsy" application;
• Sharing of information by our Clients and/or colleagues.

Consultant Data: are collected directly from the consultant via email and/or in person.

Customer Data: are collected directly from the Customer, from third parties, from other limited sources (i.e, online and offline media) namely:

• Telephone;
• E-mail, directly to our address;
• Through employees;
• Personally;
• Social Networks (i.e, Linkedin);
• Media;
• By our website;
• Sharing of information by our Clients, Suppliers.

Supplier Data: are collected directly from the Supplier, from third parties, from other limited sources (i.e, online and offline media) namely:

• Telephone;
• E-mail, directly to our address;
• Through an employee;
• Personally;
• Social Networks (i.e, Linkedin);
• Media;
• By our website;
• Sharing of information by our Clients.

User data of the Website: when you visit our website, whenever you accept the use of cookies, in accordance with your browser's cookie settings and where appropriate and in accordance with the law, your data can be collected automatically or through you. If you want to know more about this topic, you can consult the information by clicking in COOKIES.

WHAT DATA DO WE NEED TO COLLECT

The personal data collected must be those necessary for the purposes for which they are intended, which are determined, explicit and legitimate.

The personal data must be subject to a legal, fair and transparent treatment in relation to the data subject.

The data subject must be informed about the purpose of the treatment in a rigorous manner and in accordance with the established a priori processes.

In order to fulfil the business activity and as the collector, MoOngy, S.A. needs to collect and process the following data:

Data category	Data to be collected
Candidate Data - Recruitment	Name; date of birth or age; sex; nationality/citizenship/place of birth; residence address; phone number; e-mail address, mother tongue; data and copy of the identification document; immigration status (in case you need a work permit); academic qualifications; academic record; professional history; photography; marital status; household and data on any dependents.
Candidate Data - Contractual Process (Admission)	Name; date of birth or age; sex; nationality/citizenship/place of birth; residence address; phone number; e-mail address, mother tongue; data and copy of identification document (citizen's card or passport), BSN; data and copy of your driver's license and/or other proof of address; financial information (country of banking address, account holder, domiciliation (name of bank), IBAN, BIC (or SWIFT)); criminal record (if necessary), other tax information; immigration status (in case you need a work permit); academic qualifications, proof of qualifications, academic record; professional history, photography, emergency contacts; marital status, household and data on any dependents.
Customer Data - Contractual Process	Name, telephone number and e-mail address of employees of the client company.
Supplier Data - Contractual Process	Name, telephone number and e-mail address of employees of the client company, as well as financial information (country of bank domicile, account holder, domiciliation (name of bank), IBAN, BIC (or SWIFT)).
External Trainees Data	Name, telephone number and e-mail address; identification document; nationality; date of birth.
User Data of Website	Cookies collect generic information, namely: i) IP address; ii) date, time, duration and frequency that you access the site; iii) the way you arrive and use the website; ii) information related to your preferences; iii) the area of the country in which you access the website.

 

 

 

WHAT IS THE PURPOSE OF THE TREATMENT

Candidate Data: Are used for recruitment:

• Framing the candidate in the respective business opportunities;
• Conducting interviews;
• Forward the candidate for qualification on client;
• Presentation of pre-proposal.

Employee Data: Are used for the following purposes:

• management of human resources;
• selection of staff and recruitment;
• processing of remunerations, benefits and allowances, including pledges of remuneration and reimbursement of expenses;
• management of disciplinary sanctions;
• video surveillance;
• time/attendance control;
• creation of the pension plan;
• assignment of transport pass.

Customer Data: the data collected from our Customers are very limited, and the main reason for this collection is to ensure that the contractual provisions established are properly applied, so that the relationship is unconstrained. The use of these data is based on the main purposes:

• Provide a consulting service;
• If the service we provide is performed in association with any of our partners, we will have to share your data in order to provide you with the best possible service;

Supplier Data: we use the data only to ensure that the contractual provisions comply with legal obligations, that our relationship and communication is unconstrained, as well as to ensure the processing of payments.

 

Website user data: Are used to:

• Track record effects;
• Improvement of the experience of using our website;
• It allows us to showcase contents that we think are of interest to you;

WITH WHOM DO WE SHARE YOUR DATA

In order to fulfil the purposes indicated in this Privacy Policy, it is necessary to give access to your personal data to third parties who provide us with support in the services we offer you, for example:

• to entities in the group of companies to which DXspark belongs, namely the MoOngy group;
• to companies which provide services to them, in particular, in provision of services
• public entities that have legal legitimacy to process the data in question, especially in view of the calculation and payment of rewards and remunerations, supplementary payments, other allowances and gratuities; the calculation, withholding tax and operations related to deductions on remuneration, mandatory or optional, arising from legal provision;
• lawyers and internal and external auditors of MoOngy, S.A.

Only strictly necessary data will be transmitted to third parties, by voluntary agreement, which will safeguard compliance with the Regulation.

 

HOW DO WE DESIGN NEW PRODUCTS

Whenever a new product is developed it is ensured that it has the technical and organizational measures required by the Regulation. This way, it guarantees the limitation of the purposes, the minimization of the data, the limitation of the conservation, the security in the integrity and the confidentiality, as well as the rights of the holders of the data are guaranteed (right to the information, right to access, right to the rectification, right to erasure/forgetfulness, right to limitation, right to portability and right of opposition).

 HOW LONG WILL THE DATA BE KEPT

Personal data will be stored, without prejudice to legal provisions or regulations to the contrary, for the period necessary for the purposes for which they are intended and for which they are processed.

The table below shows the deadlines for the preservation of personal data, according to the legislation currently in force:

Purpose	Retention period
Administrative management of personnel	1 year starting on 31/12 in the year the employee leaves
Management of human resources;	5 years after the employee leaves
Selection of personnel and recruitment;	5 years
Processing of remunerations, benefits and allowances, including pledges of remuneration and reimbursement of expenses;	10 years for accounting documents
Health and Saphety issues	1 year starting on 31/12 in the year the employee leaves
Management of disciplinary sanctions;	1 year starting on 31/12 in the year the employee leaves
Professional training;	1 year starting on 31/12 in the year the employee leaves
Video surveillance;	30 days

 

VIOLATION OF PERSONAL DATA

It is considered a violation of personal data any act that calls into question the security of the data, in an accidental or unlawful manner, and causes the unauthorized destruction, loss, alteration, disclosure or access to personal data transmitted, stored or subject to any other type of treatment.

As examples of cases that may compromise the security of personal data, we indicate the following:

• Loss or theft of mobile phone/laptop;
• Loss or theft of a Curriculum Vitae or Competence Dossier;
• Emails exchanged by mistake;
• Hacking;
• Unauthorized access.

MoOngy, S.A. has been working to maintain and preserve personal data with a high level of security. However, small unexpected deviations may occur. Should any of our candidates, employees, customers or subcontractors detect or suspect of a possible data violation, they should immediately send an email to gdpr@dxspark.com, indicating what has happened, as well as identify the data that may be involved. In this way, the responsible department can act quickly and adequately, in accordance with the rules established in the Regulation.

YOUR RIGHTS

RIGHTS OF THE DATA SUBJECT

In accordance with current legislation, the data subject may exercise his or her right to information, access, rectification, erasure, limitation of treatment and portability of personal data. The holder may also oppose to the processing of the personal data or withdraw consent.

The data subject may request information on the data controller, treatment purposes, data retention period, categories of recipients of personal data and information on the existence of data transfers to third countries, if applicable. 

Should any of the above rights be denied, the data subject may file a complaint with the competent authority.

HOW CAN I EXERCISE MY RIGHTS

For the exercise of any of these rights or for any questions regarding the processing of your personal data, the holder of these rights must address a request to the person in charge of the entity, through the email address gdpr@dxspark.com.

 

RESPONSABILITIES

SECURITY OF PROCESSING

MoOngy, S.A. is committed to guaranteeing and protecting the security of the personal data made available to it, using appropriate technical and organizational measures to ensure and prove that the treatment is carried out in accordance with the General Data Protection Regulation.

PERSON RESPONSIBLE FOR THE TREATMENT

The controller shall be responsible for implementing technical and organizational measures, taking into account the nature, scope, context and purpose of the data collected and ensuring and prove that the processing is carried out in accordance with the rules of the Regulation.

GLOBAL PROJECTS DEPARTMENT (GPD)

The GPD is responsible for informing and advising the controller of all duties and obligations under the Regulation, as well as monitoring and controlling the compliance of the processes with the Regulation and with the implemented Policies. This department is also responsible for advising on impact assessment on data protection.

SUBCONTRACTOR

The subcontractor treats the personal data on behalf of the controller and should therefore document all the points mentioned and ensure that the subcontractor complies with the agreed, in written and voluntarily.

If the subcontractor understands that any action violates, or may violate, the rules of the Regulation or other data protection provisions, it undertakes to inform the controller immediately.

COOKIES

WHAT ARE COOKIES?

Cookies are small text files, which are stored on your computer or on your mobile device through your browser. By browsing, they record their preferences and allow the website to identify your device the next time you access it.

At any time, you can decide to be notified about the receipt of cookies, check or change the type of cookies, and block the entry of cookies in your system, through the settings of your browser.

Why are they used?

Cookies are an essential part of the functioning of our website and to facilitate your navigation on the Platform, with their main objective being to improve the user's search experience. For example, they are used to help determine the usefulness, interest, and number of uses of the website, allow faster and more efficient navigation, and also eliminate the need to repeatedly enter the same information.

The information collected by Cookies also allows us to improve the website through estimates and usage patterns and allow its suitability to the individual interests of users.

As described below, the website uses technical or strictly necessary cookies, performance cookies, functionality cookies and advertising cookies. Each of these cookies can be installed by MoOngy, S.A. websites (own cookies) or by websites external to MoOngy, S.A. (third party cookies) and can be removed as soon as the user leaves the website (session cookies) or remain in the terminal equipment after the user leave the website (persistent cookies).

The cookies currently used by the website are as follows:

Technical or strictly necessary cookies

Technical or strictly necessary cookies are cookies installed to allow navigation on the website, allowing a correct user experience, namely website security or consent management. For this reason, these cookies do not require your consent.

 

Cookie Supplier	Cookie designation	Purpose	Cookie nature	Duration
Cookiebot	CookieConsent	Stores the user's cookie consent state for the current domain	Third Party	1 year
YouTube	CONSENT	Used to detect if the visitor has accepted the marketing category in the cookie banner. This cookie is necessary for GDPR-compliance of the website.	Third Party	2 years
DXspark	__Request VerificationToken	Helps prevent Cross-Site Request Forgery (CSRF) attacks.	Own	Session
DXspark	ARRAffinity	Used to distribute traffic to the website on several servers in order to optimise response times.	Own	Session
DXspark	ARRAffinity SameSite	Used to distribute traffic to the website on several servers in order to optimise response times.	Own	Session

 

Performance cookies

Performance or performance cookies allow counting visits and traffic sources, so that MoOngy, S.A. can measure and improve website performance. These cookies help us to know which pages are most visited and to analyze how visitors use the website. All information collected by these cookies is anonymous.

Cookie Supplier	Cookie designation	Purpose	Cookie nature	Duration
Google	_ga	Registers a unique ID that is used to generate statistical data on how the visitor uses the website.	Third Party	2 years
Google	_gat	Used by Google Analytics to throttle request rate	Third Party	1 day
Google	_gid	Registers a unique ID that is used to generate statistical data on how the visitor uses the website.	Third Party	1 day

 

Functionality Cookies

Functionality cookies allow the website to provide enhanced functionality and personalization, such as remembering the language in which you want to view the website on your next visit. If you do not allow these cookies, some of these features, or even all of them, may not work correctly.

Advertising cookies

Advertising cookies are cookies that make it possible to present the user with advertisements that are deemed to be suitable for their interests and preferences. These cookies are installed by our advertising partners and can be used by these partners to build a profile based on your interests and show you relevant advertisements on other websites.

Cookie Supplier	Cookie designation	Purpose	Cookie nature	Duration
YouTube	VISITOR_INFO1 _LIVE	Tries to estimate the users' bandwidth on pages with integrated YouTube videos.	Third Party	179 days
YouTube	YSC	Registers a unique ID to keep statistics of what videos from YouTube the user has seen.	Third Party	Session
YouTube	yt.innertube: :nextId	Registers a unique ID to keep statistics of what videos from YouTube the user has seen.	Third Party	Persistent
YouTube	yt.innertube: :requests	Registers a unique ID to keep statistics of what videos from YouTube the user has seen.	Third Party	Persistent
YouTube	yt-remote-cast-available	Stores the user's video player preferences using embedded YouTube video	Third Party	Session
YouTube	yt-remote-cast-installed	Stores the user's video player preferences using embedded YouTube video	Third Party	Session
YouTube	yt-remote-connected -devices	Stores the user's video player preferences using embedded YouTube video	Third Party	Persistent
YouTube	yt-remote-device-id	Stores the user's video player preferences using embedded YouTube video.	Third Party	Persistent
YouTube	yt-remote-fast-check-period	Stores the user's video player preferences using embedded YouTube video	Third Party	Session
YouTube	yt-remote-session-app	Stores the user's video player preferences using embedded YouTube video	Third Party	Session
YouTube	yt-remote-session-name	Stores the user's video player preferences using embedded YouTube video	Third Party	Session

 

Revocation and consent management

The user may, at any time, revoke or change the previously granted consent preferences. To do this, simply access the cookie management tool.

 

The use of cookies can also be defined in your browser preferences, namely in the privacy options. For this purpose, we recommend that you consult the help section/menu of your browser (browser) or visit the respective provider's web pages.

CHANGES TO THE PRIVACY POLICY

If necessary and appropriate, at any time MoOngy, S.A. may modify the information set forth in this Privacy Policy and Data Protection. If any change occurs, it can be consulted on the website. In any case, we suggest that you review this Policy regularly so that, should changes occur or if updates are introduced, you can always be properly informed about them.