Back to page

Privacy policy

  1. About Credilink

Credilink - Intermediação de Crédito Lda (Credilink), NIPC 515700738, owner of the website www.credilink.pt, is a Portuguese company operating in the financial sector, providing credit broker services.

Credilink is the Data Controller in accordance with Regulation (EU) 2016/679 (GDPR) and the complementary legislation on personal data protection in force in the countries in which it operates.

Credilink and its employees are committed to using your personal data only for the purposes communicated to you and always in a secure and responsible manner.

We want to explain how we use your information (your 'personal data') when you use our services or apply for a job.

If you have any questions about this Privacy Policy, please contact our Data Protection Officer (DPO) at dpo@credilink.pt.

 

  1. Personal Data

In this Privacy Policy, the term "Personal Data" means the collection of information relating to you that allows us to identify you, directly or indirectly. Your personal data may include, for example, your name, your tax identification number, your telephone number or email address and your interactions with us. We collect some of your personal data, for example, when you contact us.

We may also receive your personal data from other companies, in particular when they collect, process or store it as part of the service they provide to us.

In accordance with the General Data Protection Regulation and Law 58/2019, Credilink will only process personal data of data subjects aged 16 years or older. The personal data of data subjects under the age of 16 will only be processed after obtaining the respective consent from the person exercising parental responsibilities.

 

  1. Personal data we process

  • When you contact us via our contact form or use our services.

What do we do?

When you contact us, we will process your personal data to answer your questions or clarify our services. You can contact us through this website, using our contact form. If you do so, we will collect your name, telephone number, e-mail address and information related to your credit simulation (purpose, amount and term) so that you can be identified and we can provide you with accurate information tailored to your needs. 

Where do we store information and with whom do we share it?

Sometimes we use service providers who enable us to create the necessary infrastructure to develop our business. The information we process will only be shared with the financial institutions we work with.

Lawful Basis

When we collect information through our contact form, we will rely on the lawful basis 'Legitimate Interest' to process the personal data you enter in the form, in accordance with Article 6, 1 f) GDPR. 

Where we have to comply with certain legal requirements resulting from applicable law (e.g. mandatory communications to regulators or administrative authorities), we will rely on 'Legal Obligation' as a legal basis to process all relevant information, in accordance with Article 6, 1) c) GDPR

 

  • When you apply for a job vacancy

What do we do?

When you apply for one of our job positions or submit a spontaneous application, we process your information so that we can analyze whether your job profile is suitable for the position and the organization. This information may include your identification data, e.g. full name; contact information, e.g. telephone number and/or e-mail address; and professional information that makes up your resume or cover letter.

Where do we store the information and with whom do we share it?

We will not share your personal information with third parties unless it is necessary to obtain references or confirm your employment history. We will not store your data, i.e., at the end of the application process, your personal information will be deleted immediately, regardless of the outcome.

Lawful Basis

In order to review your application, we will rely on the lawful basis 'Contract' so that we can process the necessary personal data in accordance with article 6, 1, b) GDPR. 

 

  • When you accept our email marketing

What do we do? 

When you accept our email marketing, we will collect your email address, at which you will receive promotions and marketing.

Where do we store the information and with whom do we share it? 

The information collected will be stored on our systems for as long as you maintain your consent so that we can ensure the secure management of your personal data and the consequent efficient coordination of our electronic communications. 

Lawful Basis

In order to process your personal data within the scope of your acceptance of our email marketing, we will rely on your consent in accordance with article 6, 1, a) GDPR.

 

  1. Information Security

We will process your personal information with the utmost care and respect for your rights. We implement appropriate security measures to prevent the loss, misuse or improper access, alteration, or disclosure of your personal data. We also limit access to your information to employees, service providers and other third parties who have an operational need to handle such information, who will only handle your personal data as directed by Credilink and who are subject at all times to an obligation of confidentiality. Access to your personal data is encrypted in storage and in transit.

 

  1. Data Retention

We will retain your information as long as we collect or process your personal data and until the purposes for which it was collected are fulfilled. After the respective retention period, your information will be completely erased or anonymized, e.g. it may be aggregated with other data so that it can be used for statistical purposes without any personal identifiers.

 

  1. Your Data Protection Rights

You have the right to request:

  • Access to your information processed by us, free of charge;
  • The rectification of your personal data when they are incorrect, outdated or incomplete;
  • The erasure of the data we hold about you in specific circumstances, in particular when you withdraw your consent and we have no overriding legitimate interest, or when the purpose for which the information was collected has been exhausted;
  • The portability of your data to another organization;
  • The limitation of the processing of your personal data in specific circumstances, in particular when we are considering an objection you have raised;
  • To object to the processing of your personal data, in specific circumstances, in particular where you remove your consent, or where you object for reasons relating to your particular situation;
  • That we do not use your personal data in connection with direct marketing activities;
  • To exercise any of the above rights, please contact our Data Protection Officer (DPO) at dpo@credilink.pt.

 

  1. Contacting the Regulator

 If you are dissatisfied with our use of your personal data or with our response to your request to exercise your rights, you have the right to lodge a complaint with the Comissão Nacional de Proteção de Dados (CNPD).

Address: Av. D. Carlos I, 134 - 1.º, 1200-651 Lisboa

E-mail address: geral@cnpd.pt

Phone number: +351 213 928 400

 

  1. Any questions?

If you have any questions or require further clarification, please contact our Data Protection Officer (DPO) at dpo@credilink.pt.

This Privacy Policy may be updated from time to time and will be posted.

This policy was updated on 21/04/2022.