DOGNAEDIS Privacy Policy

Information security is one of the main drivers of DOGNÆDIS, and protecting the privacy of our clients is of utmost importance. We take data protection seriously and make an active effort to attend all of our obligations and more. In this privacy policy, we explain who we are and how we accomplish that.

Who are we?

DOGNÆDIS is a company focused on information security, created by a team of researchers from CERT-IPN and University of Coimbra. Since March 2016, Dognædis was integrated into the Prosegur Group, a world-wide leader in the Security Sector with activity among the five continents and with more than 150 000 employees. Besides Dognaedis' SOC (Security Operations Center), operating in Portugal, Prosegur group has four SOCs, all together operating in a follow-the-sun model. Dognaedis develops business among 12 countries, headquartered in Portugal with offices in the United Kingdom and United States of America. Dognaedis presents itself as a service provider efficiency oriented and as a vendor of cybersecurity innovative technology.

We have our Headquarters established in Portugal, but we also have presence in the United Kingdom. You can find more information about us in our website, at www.dognaedis.com.

What information do we collect about you and how it is used?

We collect personal data only to the extent necessary to fulfill the purposes related to our responsibilities and services. In general, we will collect only the personal information necessary to execute the services our clients needs.

In our website, we collect analytic information necessary to manage and enhance the website, assuring that they are anonymized. If you provide your contact details, those will be used only to contact you back and will be eliminated when no longer needed.

If you want to apply to one of our job vacancies, we will need you basic contact information and your Curriculum Vitae. During any recruitment process, your data will be fully protected and kept private.

What is our legal basis for processing your personal data?

In most cases, we will process personal data under the exercise of a service or employment contract. In other situations, such as recruitment for instance, the process is justified by our legitimate interests and the steps necessary into enter into a contract.

What are your rights?

For any personal data we might have of you, you have the right to access it and that it is kept up to date. Also, you have the right to ask for us to erase all your data if you think this is in your best interest. Additionally, you have the right to withdraw your consent in any case you might have provided it, in which case we will stop processing your data.

To exercise any of your rights, or to ask for additional information, you may contact our Data Protection Officer identified at the end of this Privacy Policy.

Who receives your information?

Usually, only authorized Dognaedis Personnel will access your data. In some situations, and because of our affiliation with Prosegur, our processing may include infrastructure and services under responsibility of the Prosegur Group. This will occur only when strictly necessary, for example, when you become a Dognaedis employee. In all cases, Dognaedis and Prosegur have a detailed confidentiality agreement and data protection responsibilities are clearly defined and enforced.

Dognaedis always applies security measures, including high level encryption for communication, whenever a processor is necessary to accomplish our duties. Dognaedis always enforces the GDPR requirements and any additional applicable legislation when it comes to the processing of personal data, including the enforcement through contractual obligations such as technical and organizational security measures and the application of necessary information security controls. In all cases, Dognaedis will employ the use of processors only to the extent strictly necessary to fulfill our responsibilities.

For any questions regarding processors we employ, feel free to contact our Data Protection Officer identified at the end of this Privacy Policy.

How long will your information be held?

Your information will be kept in our system while you are under a contract with Dognaedis. Any personal data collected in order to provide our services will be erased or anonymized up to two years after the data no longer serves its original need. Any data subject can exercise rights before this deadline. In the case of recruitment, we keep your information for about two years in case new opportunities appear, except if you tell us not to.

How do we protect your information?

Dognaedis implements a Quality and Information Security Management System – QISMS – based on ISO 9001 quality standard and ISO/IES 27001 Information Security standards. Because of that, we implement all necessary to protect the information in our systems, including personal data. For example, we utilize encryption for communication and storage, we actively monitor our network and systems and employ intrusion detection and prevention technologies to safeguard the confidentiality of personal information we process against unauthorized access, disclosure and accidental loss, alteration or destruction of information. We also perform regular tests to our infrastructure and systems in order to identify security vulnerabilities. All of these requirements are mandatory and enforced continually.

For more details about those safeguards, you can contact our Data Protection Officer identified in the end of this Privacy Policy.

Contact details of our Data Protection Officer

For complementary information not included in this privacy policy, or to exercise any your rights, you can contact our Data Protection Officer by email at dpo@dognaedis.com.

If you are not satisfied with us, you also have the right to lodge a complaint with Portugal’s Supervisory Authority at www.cnpd.pt., or with the Supervisory Authority of your country.