Privacy Policy
Privacy Policy
STATEMENT OF COMMITMENT TO PRIVACY AND PERSONAL DATA PROTECTION
Teppe Portugal, Lda., including all its affiliated and subsidiary companies, hereinafter referred to as the “Teppe Group”, conducts its activities in accordance with high standards of integrity, transparency, and responsibility, ensuring the lawful, fair, and secure processing of personal data. This commitment extends to all institutional and commercial relationships we maintain with employees, clients, partners, suppliers, and other stakeholders, reflecting an organizational culture focused on trust, ethics, and respect for fundamental rights.
The protection of privacy and the information entrusted to us constitutes a strategic pillar of our activity and is considered an operational priority in all processes involving the processing of personal data.
The Teppe Group is committed to ensuring full compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation – GDPR), as well as applicable national legislation on privacy and data protection.
The Teppe Group respects your preferences regarding the collection and use of your Personal Data.
By accessing and using this website, the User acknowledges and fully accepts the terms set out in this Privacy Policy and grants consent, whenever necessary, for the processing of their personal data as defined herein.
This Policy aims to ensure transparent communication regarding the legal grounds, purposes, categories of processed data, retention periods, recipients, and the rights of data subjects. The processing of personal data will be carried out in accordance with the principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, confidentiality, and accountability, as provided for in Article 5 of the GDPR.
Within this framework, the Teppe Group reaffirms its commitment to all its Clients and other data subjects, ensuring the adoption and maintenance of appropriate technical and organizational measures proportionate to the risk, designed to protect personal data against loss, accidental or unlawful destruction, improper alteration, unauthorized access, unlawful disclosure, or any other form of unlawful or unauthorized processing, in line with best practices in information security, cybersecurity, and personal data protection.
Personal Data – What Is It?
Personal data means any information relating to an identified or identifiable natural person, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifiers (such as IP address), or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.
This definition includes data which, alone or combined with other data, allows the identification of a website user or visitor, such as name, email address, telephone number, IP address, among others.
This Privacy Policy explains how the Teppe Group collects and uses your Personal Data, how you may control its use, and describes our practices regarding information collected through other Group sites that link to or reference this Policy (such as websites, software applications, social media platforms, and electronic communications), as well as offline marketing and sales activities (collectively, “Communication Channels”).
The Teppe Group’s Communication Channels may include hyperlinks to websites, platforms, social networks, or applications that are not owned or managed by the Group but by independent third parties.
In such cases, we strongly recommend that you review the terms and conditions of use and privacy policies of those entities before providing any personal data, as this Privacy Policy applies exclusively to domains and services under the responsibility of the Teppe Group.
The Teppe Group assumes no responsibility for the content, practices, or privacy policies adopted by third parties, even where access to such external resources occurs via a hyperlink made available on our channels.
Data Controller
The Teppe Group is the Data Controller of the personal data collected through this website, in accordance with Regulation (EU) 2016/679 (GDPR) and applicable legislation.
To exercise your rights or for any matter related to the processing of your personal data, you may contact the Teppe Group at:
Teppe Group
For the attention of the Data Protection Officer (DPO)
Rua Guerra Junqueiro, 447
4150-389 Porto
Portugal
Alternatively, you may contact us via:
Data Protection Officer (DPO) Email: dpo@teppe.com
The Data Protection Officer is available to clarify any questions regarding this policy, the exercise of your rights as a data subject, or any other matter related to privacy and personal data protection.
What Information Do We Collect About You?
Different sections of the Teppe Group website collect personal data for specific purposes.
Data Collected: name, email, telephone, location/country, message.
Purpose: to respond to requests for information, questions, complaints, comments, or concerns submitted through the contact form. Failure to provide the minimum required personal data will make it impossible for the Teppe Group to respond.
Legal Basis: consent of the data subject.
Application Form
Data Collected: name, email, telephone, CV, message.
Purpose: management of applications and recruitment of new employees.
Legal Basis: the processing of personal data collected through the application form is based on the data subject’s consent.
Data Collected: name, email.
Purpose: to manage the subscription list and send newsletters containing updates and commercial information related to our services, events, campaigns and/or products.
Legal Basis: the processing of personal data collected through the newsletter form is based on the data subject’s consent, and the data subject always has the option to opt out at any time by cancelling the newsletter subscription here.
Contacts Through Website Channels
We also collect information when you voluntarily write to or call us using the contact details provided on the website. The personal data collected are those necessary for the purpose of your contact, including name, address, telephone number, email address, subject, and tax identification number (in case of commercial transactions).
By providing your personal data, you authorize its collection, use, and disclosure in accordance with this Policy.
We request that you do not send or share sensitive personal data with the Teppe Group, such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, or data concerning sex life or sexual orientation.
Website usage information is collected through cookies, which do not specifically identify you, and may include:
- Endereço IP.
- Geographical location
- IDevice information (browser type and version, operating system, screen resolution, preferred language, HTTP header information, agent version)
- Search engine used
- Date and time of website activity; Pages and content visited and clicked
This usage information does not deliberately identify you and, if exceptionally identifiable, will be immediately anonymized.
Minors
The Teppe Group only accepts registrations and data submissions from users aged 16 or over. Our communication channels and online services are not intended for minors. If you become aware of the inadvertent collection of personal data from a minor, please inform us immediately so that we may delete the data in accordance with applicable law.
Marketing and Communications
Based on your consent, the Teppe Group may send you communications regarding products, promotional campaigns, services, events, and solutions offered by the Group that may be of interest to you.
You may unsubscribe from these communications at any time by using the link included in the messages received or by sending a request to dpo@teppe.com.
No tratamento dependente de consentimento, o titular pode, a qualquer momento, retirar o seu consentimento, sem comprometer a licitude do tratamento anterior.
With your consent, we may also share your personal data with other companies within the Teppe Group so that they may provide you with information about their products, services, and updates.
Newsletters may contain a tracking pixel exclusively for statistical purposes (for example, to measure open and click-through rates), without any adverse impact on your privacy.
Your personal data may be shared with service providers engaged by the Teppe Group, such as marketing platforms and data analytics tools, which are contractually bound by confidentiality and data protection obligations.
The marketing and sales process does not involve automated decision-making, including profiling. No comparisons, cross-referencing, or other forms of interconnection of registered information are carried out on this website.
Internal Recipients of Your Data
Depending on the nature of your contact or interaction, the following internal departments of the Teppe Group may have access to your personal data:
- Marketing Department;
- Human Resources Department;
- Finance Department;
- Legal Department.
Processing will be strictly limited to the purposes for which the data were collected, in accordance with the principle of data minimization.
With regard to confidentiality, the Teppe Group ensures that any person authorized to process personal data, including its employees, is subject to an appropriate duty of confidentiality.
Processors and Data Sharing
In the course of its activities, the Teppe Group may engage third-party processors to provide specific services (e.g., hosting, technical support, campaign management, CRM systems, etc.). In such cases:
- Appropriate contractual safeguards are ensured in accordance with the GDPR;
- Appropriate contractual safeguards are ensured in accordance with the GDPR;
- Processors act solely on the documented instructions of the Teppe Group and implement appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure, unauthorized access, or any other form of unlawful processing.
Your data may also be shared with:
- Affiliated companies and subsidiaries of the Teppe Group, in order to present you with solutions, products, or services that may be of interest to you, subject to your consent;
- Service providers acting on behalf of the Group;
- Public, administrative, or judicial authorities, where required by law and only to the extent necessary to comply with legal obligations or within the context of lawful proceedings;
- For the protection of the legitimate rights and interests of the Teppe Group or third parties, including in the context of legal proceedings, service security, protection of life, property rights, compliance, and audits;
- Credit assessment agencies and entities specialized in fraud prevention and detection, where necessary for the analysis or processing of certain requests and strictly for legally permitted purposes.
Data Subject Rights
The Teppe Group guarantees its Clients the full exercise of the rights provided for under the GDPR.
At any time, the data subject may exercise the following rights:
- Right of access to personal data;
- Right to rectification of inaccurate or outdated data;
- Right to erasure, where applicable;
- Right to restriction of processing in certain circumstances;
- Right to object to processing, particularly for direct marketing purposes;
- Right to data portability, in a structured, commonly used, and machine-readable format;
- Right to withdraw consent where processing is based on that legal ground.
These rights may be exercised by contacting the Data Protection Officer (DPO) at dpo@teppe.com or by post to the institutional address indicated in this Policy.
In accordance with Article 12 of the GDPR, where requests are manifestly unfounded or excessive, the Teppe Group may charge a reasonable administrative fee or refuse to act on the request, providing justification for such decision.
Additionally, data subjects have the right to lodge a complaint with a competent supervisory authority, in particular the Portuguese Data Protection Authority (CNPD), if they believe their rights have been infringed.
The Teppe Group will cooperate with the competent authorities and provide all relevant information within the scope of their legal powers.
Data Retention Periods
The Teppe Group retains personal data only for the period strictly necessary to fulfill the purposes for which they were collected, or for the period required to comply with applicable legal or regulatory obligations.
Retention periods may vary depending on the nature of the data and the associated purpose, and are determined based on legal, contractual, and operational criteria, in accordance with the principle of storage limitation under the GDPR.
As a general rule:
- Data related to the performance of contracts or provision of services are retained for the duration of the contractual relationship and for the legally required period necessary to defend rights in judicial proceedings (up to 10 years after termination, for tax and accounting compliance purposes);
- Data collected on the basis of consent (e.g., marketing communications) are retained until consent is withdrawn or the right to object is exercised;
- Data processed on the basis of legitimate interest, where applicable, are retained for as long as that interest prevails, assessed in accordance with principles of necessity and proportionality;
- Upon expiry of the retention period, data will be securely deleted or anonymized so that the data subject is no longer identifiable.
The Teppe Group carries out periodic reviews of the personal data it holds, deleting or anonymizing data that are no longer necessary or are outdated, in accordance with its internal retention policies and guidance from the Portuguese Data Protection Authority (CNPD).
Information Security
The Teppe Group maintains IT systems capable of resisting, to an appropriate level of assurance, accidental events or malicious or unlawful actions that may compromise the availability, authenticity, integrity, and confidentiality of stored or transmitted Personal Data, as well as the security of related services accessible through such systems and networks, preventing unauthorized access, disclosure, alteration, or accidental or unlawful destruction.
The Teppe Group’s websites are protected by SSL certificates, a security protocol that ensures data is transmitted securely and in encrypted form between the server and the website user.
Despite the measures implemented, the Teppe Group cannot guarantee the absolute security of electronic communications and shall not be held liable for incidents resulting from external factors beyond its control.
Changes to This Privacy Notice
This Policy is reviewed periodically to reflect legal, technological, or organizational changes.
If you believe that the Teppe Group has not complied with this statement, or if you have any questions regarding our Privacy Policy or the information we hold about you, please contact us at dpo@teppe.pt . We will respond within 30 days.
All updates will be published on this website, indicating the respective update date.
The current version was last updated in February 2026.
