Linkedin Facebook-square Instagram
Contacts

Privacy Policy – iCompliance.eu

Last updated: 21 April 2026

1. Introduction

This Privacy Policy describes how iCompliance Europe, a registered trademark and business unit managed by Contemporary Constellation Lda, the entity responsible for the website iCompliance.eu, collects, uses, shares, stores and protects personal data in connection with the use of this website, commercial and institutional contacts, requests for information, meetings, proposals, demonstrations and the provision of services.

iCompliance.eu is committed to protecting privacy and personal data, taking appropriate measures to ensure that such processing is carried out lawfully, fairly, transparently and limited to the purposes strictly necessary.

2. Data Controller

The data controller is:

Contemporary Constellation Lda

Rua Mouzinho da Silveira, 32

1250-167 Lisbon

Portugal

Email: [email protected]

Telephone: +351 210 210 035

For any queries regarding privacy and data protection, the data subject may contact us at the address indicated above.

3. Scope of Application

This Privacy Policy applies to the processing of personal data carried out in the context of:

  • browsing the iCompliance.eu website;
  • completing forms;
  • submitting contact requests;
  • scheduling meetings or demonstrations;
  • requesting commercial proposals;
  • exchanging communications via email, telephone or other professional channels;
  • the provision of services;
  • compliance with legal, regulatory and contractual obligations.

This policy does not govern the processing of data carried out by third-party websites or services that may be accessed via external links available on our website.

4. Categories of Personal Data Processed

Depending on the applicable purpose, we may collect and process the following categories of personal data:

4.1. Identification and contact details

 

  • name;
  • email address;
  • telephone number;
  • company;
  • job title or role.

 

4.2. Professional and commercial data

 

  • information relating to the data subject’s organisation;
  • functional role;
  • content of commercial, technical or institutional requests;
  • information necessary for needs analysis and the preparation of proposals.

 

4.3. Data contained in communications

 

  • content of messages sent via forms, email or other means of contact;
  • interaction history;
  • records associated with order management, support or commercial follow-up.

 

4.4. Technical and browsing data

 

  • IP address;
  • technical identifiers;
  • date and time of access;
  • pages visited;
  • source of access;
  • device type;
  • operating system;
  • browser;
  • language;
  • data relating to cookie preferences and consents;
  • interactions with features embedded in the website.

 

4.5. Administrative, contractual and billing data

Where applicable, we may process data necessary for the conclusion, performance and management of contracts, billing, accounting, support and compliance with legal obligations.

5. Method of Data Collection

Personal data may be collected:

  • directly from the data subject;
  • via forms on the website;
  • via communications by email, telephone or other professional channels;
  • automatically, through website browsing, the use of cookies, technical logs and similar technologies;
  • in the context of the preparation, conclusion or performance of contractual or pre-contractual relationships.

 

6. Purposes of Processing and Legal Basis

We process personal data only where there is a legitimate purpose and an appropriate legal basis.

6.1. Management of contacts, requests for information and clarification of queries

We process data to respond to requests sent by the data subject, provide clarifications, analyse needs and follow up on requests.

Legal basis: pre-contractual steps, execution of measures requested by the data subject and, where applicable, legitimate interest in the management of institutional and commercial contacts.

6.2. Scheduling of meetings, demonstrations and commercial interactions

We process data to organise meetings, demonstrations, presentations and interactions related to our services.

Legal basis: pre-contractual steps and legitimate interest.

6.3. Preparation of proposals and management of the pre-contractual relationship

We process data to prepare proposals, evaluate requests and conduct commercial interactions prior to contracting.

Legal basis: pre-contractual steps and legitimate interest.

6.4. Provision of services and contractual management

We process data to enter into, perform, monitor and manage the contractual relationship with customers and partners.

Legal basis: performance of a contract.

6.5. Compliance with legal, tax, accounting, regulatory and administrative obligations

We process data where necessary to comply with applicable legal or regulatory obligations.

Legal basis: compliance with a legal obligation.

6.6. Administrative management, support, internal organisation and defence of rights

We process data for the purposes of operational management, support, internal control, auditing, risk prevention, and the exercise and defence of rights in judicial, extrajudicial or administrative proceedings.

Legal basis: legitimate interest and, where applicable, compliance with a legal obligation.

6.7. Website security, integrity and operation

We process technical data to ensure website security, prevent unauthorised access, detect incidents, maintain platform availability and ensure the proper functioning of systems.

Legal basis: legitimate interest.

6.8. Statistical analysis, website improvement and browsing experience

We process browsing-related data to understand website usage, improve content, performance, usability and the user experience.

Legal basis: legitimate interest for strictly necessary metrics and, where legally required, user consent via cookie management.

6.9. Informative communications, content and direct marketing

Where applicable, we may process data to send informative content, newsletters, invitations, and institutional or commercial communications.

Legal basis: consent, where required, or legitimate interest, where there is a prior relationship compatible with applicable legislation and the right to object is always guaranteed.

7. Mandatory or Optional Nature of Data

The provision of certain personal data may be necessary to:

  • respond to enquiries;
  • assess requests;
  • arrange meetings;
  • prepare proposals;
  • enter into and perform contracts;
  • comply with legal obligations.

If the data marked as necessary is not provided, we may be unable to respond to the request, provide the desired service or proceed with the commercial, contractual or pre-contractual relationship.

8. Recipients and Data Sharing

Personal data may be disclosed, to the extent strictly necessary, to the following categories of recipients:

  • providers of hosting, infrastructure and technical support services;
  • suppliers of website security, monitoring and protection tools;
  • providers of form, communication and contact management tools;
  • providers of consent management, statistical analysis and technical optimisation tools;
  • providers of web development, maintenance, content and translation services;
  • consultants, lawyers, accountants, auditors, insurers and financial institutions, where necessary;
  • public authorities, regulators, courts, criminal police bodies or other legally competent entities, where there is a legal obligation or legitimate request.

Whenever we use subcontractors, we ensure that appropriate contractual, technical and organisational measures are in place to guarantee the confidentiality, security and compliance of the processing.

9. International Data Transfers

As a general rule, we seek to process personal data within the European Economic Area. However, certain services, platforms, embedded content, technical tools or technology providers used on the website may involve the processing of or access to data from third countries.

Where this occurs, we will ensure that such international transfers only take place on the basis of legally valid mechanisms, namely:

  • European Commission adequacy decisions;
  • standard contractual clauses approved by the European Commission;
  • or another legally permissible mechanism under the General Data Protection Regulation.

Where applicable, additional measures appropriate to the nature of the processing and the associated risk may also be adopted.

10. Data Retention

Personal data is retained only for the period necessary for the purposes for which it was collected, without prejudice to applicable statutory time limits or the need for retention to exercise or defend rights.

In general terms, we apply the following criteria:

10.1. Contact requests, requests for information and interactions without a contract

Up to 12 months after the last relevant interaction, unless there is a legal basis or legitimate need for retention for a longer period.

10.2. Commercial enquiries, proposals and pre-contractual steps

Up to 24 months after the last relevant interaction, unless the relationship progresses to a contract or there is a legitimate basis for a different retention period.

10.3. Contractual and service provision data

For the duration of the contractual relationship and, subsequently, for the period necessary to comply with legal, regulatory, accounting and tax obligations or to exercise and defend rights.

10.4. Billing, accounting and legal compliance data

For the periods required by law.

10.5. Data for informational communications and marketing

Until consent is withdrawn, the data subject objects or, in the absence of prolonged interaction, for a maximum period of 24 months from the last relevant interaction, without prejudice to the minimum retention of data strictly necessary to ensure that communications are not resent.

10.6. Technical, security and monitoring logs

Up to 12 months, unless retention for a longer period is necessary for incident investigation, fraud prevention, information security or the defence of rights.

10.7. Consent records

For the period necessary to demonstrate the collection, management and updating of consent, in accordance with applicable requirements.

At the end of the applicable retention period, the data will be deleted, anonymised or retained in a blocked form, where legally permissible.

11. Cookies and Similar Technologies

The website uses cookies and similar technologies to ensure essential functionality, save preferences, enhance security, manage consent, analyse website usage and support certain features and embedded content.

Some cookies are strictly necessary for the platform to function. Others are only activated following the user’s consent, where legally required.

For more detailed information on cookie categories, purposes, technologies used and how to manage preferences, please consult the website’s Cookie Policy.

12. Data Security

We adopt appropriate technical and organisational measures to protect personal data against destruction, loss, alteration, disclosure, unauthorised access or any other form of unlawful or improper processing.

These measures may include, depending on the nature of the processing and the associated risk:

  • access control;
  • segregation of profiles and permissions;
  • authentication and logical protection measures;
  • technical and security monitoring;
  • regular backups;
  • system updates and maintenance;
  • internal confidentiality and organisational measures.

Despite the adoption of appropriate measures, no electronic transmission or storage system can be guaranteed to be absolutely invulnerable. Therefore, users must also adopt appropriate security practices when using their devices and communication channels.

13. Data Subjects’ Rights

Under applicable legislation, the data subject may exercise, where applicable, the following rights:

  • right of access;
  • right to rectification;
  • right to erasure;
  • right to restriction of processing;
  • right to object;
  • right to data portability;
  • right to withdraw consent, where processing is based on consent;
  • right not to be subject to decisions based solely on automated processing, where applicable.

Withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent previously given.

14. Exercising Rights

Data protection rights may be exercised by contacting us at:

Email: [email protected]

The request must identify, as clearly as possible, the right you wish to exercise and the situation to which it relates.

Where necessary, we may request reasonable additional information to confirm the applicant’s identity, in order to protect personal data against unauthorised access.

Requests will be processed without undue delay and, as a rule, within the applicable legal timeframe.

15. Complaints

Without prejudice to any other administrative or judicial remedy, the data subject has the right to lodge a complaint with the competent supervisory authority, in Portugal the National Data Protection Commission (CNPD), via its official website, should they consider that the processing of their personal data violates applicable legislation.

16. Automated Decisions and Profiling

As a rule, we do not make decisions based solely on automated processing, including profiling, which produce legal effects concerning data subjects or similarly significantly affect them.

If, in any specific operation, this should occur, additional information will be provided to the data subject in accordance with legal requirements.

17. Data of Minors

The iCompliance.eu website and services are not specifically aimed at minors. We do not knowingly collect personal data from minors without an appropriate legal basis.

If you become aware that data relating to a minor has been transmitted inappropriately, please contact us so that we may assess the situation and, where applicable, take appropriate measures.

18. Links to Third-Party Websites

The website may contain links to third-party websites, platforms or services. This Privacy Policy does not apply to such external websites or services.

We recommend that you read their respective privacy policies before providing any personal data to third parties.

19. Changes to the Privacy Policy

We reserve the right to update or amend this Privacy Policy at any time, in particular to reflect legal, regulatory, technical, operational or functional changes.

Any relevant changes will be published on this page, indicating the date of the last update.

20. Contact

If you have any questions regarding this Privacy Policy or the processing of your personal data, please contact:

Contemporary Constellation Lda

Rua Mouzinho da Silveira, 32

1250-167 Lisbon

Portugal

Email: [email protected]

Telephone: +351 210 210 035

Começar