Website Privacy Policy

HMR Health Market Research International, SA (referred to “HMR”), with VAT number 514.190.094 and headquarters at Travessa de Santa Catarina, 8, 1200-403 Lisbon (Portugal) is the data controller regarding the processing of your personal data.

HMR is committed to protecting the privacy and personal data of the users of “hmr.co.com” website and therefore adopted this policy and the practices described herein. This privacy policy describes how your personal data is collected and processed.

HMR has also appointed a Data Protection Officer, who can be contacted by email at privacy@hmr.co.com.

This Privacy Policy describes how HMR collects and processes the personal data that is necessary for the provision of HMR website and the services available through the website.

Personal data are any information relating to an identified or identifiable individual person.

An identifiable person is one who can be identified, directly or indirectly, by reference to an identification number or one or more factors specific to their physical, physiological, mental, economic, cultural, or social identity.

Some examples of the personal data that HMR collects are “e-mail address”, when you contact us, or your “IP address”, when you visit us.

HMR will use your personal data for the following purposes:

1. To carry out the selection and recruitment process for the job opportunity you have applied for;
2. To respond to your requests for contact and information;
3. To develop HMR commercial activities;
4. To secure information systems and prevent fraud; and
5. To manage and operate HMR website.

The personal data processing operations are carried out in accordance with the applicable legislation and best practices.

Your personal data will not be reused for other purposes that have not been previously identified or that are unrelated to the purposes for which they were initially collected.

The personal data that HMR processes has specific legal basis, depending on the purposes for which it is intended.

The personal data that HMR will collect and process are those that are necessary and appropriate for the purposes indicated:

Cookies, by definition, are small pieces of information, that collects and storages information on your equipment through your browser.

There are cookies that are strictly necessary for the website operation, for example, to:

1. Identify and authenticate the user; or
2. Remember your habitual preferences; or
3. Allow you to complete tasks without having to re-enter information (e.g., when changing pages or returning, as in the case of form data, shopping cart, etc); or
4. Carry out, enable, facilitate, or support communications from/through the website; or
5. Provide certain functionalities that you have requested; or
6. Ensure the security of information systems and/or fraud prevention.

These cookies will be stored on your device and do not require your consent.

Cookies may also be used to collect information, for example:

1. Measure and obtain statistics of the use of the website, for example, number of unique visitors, detect search engine keywords, detect specific aspects of navigation such as duration of visit, most visited pages, or most accessed contents (analytics cookies); or
2. Adapt advertising and marketing based on your behaviour and profile, by adapting the advertisements to be displayed (tracking cookies, advertising, analytics); or
3. Third parties other than HMR, which collect your browsing information across different websites to create such profiles (third party cookies)

The storage of these tracking, advertising, analytics, and third-party cookies will always depend on your previous acceptance and consent, that can be withdrawn at any time through specific tools and/or your browser.

Similar to cookies, pixels tags, web beacons and other similar technologies are images and/or pieces of code that are loaded when a you visit a website, webpage or content, but also when you open an email.

These technologies contain an external link to a tool server and allows to track your behaviour, in order to obtain data for online marketing, analytics, but also retargeting marketing.

When you visit the target website, this operation is recorded in the log file of the tool server and may include several information about you, namely, the operating system, session duration or IP address.

The storage of this tools will always depend on your previous acceptance and consent, that can be withdrawn at any time through specific tools and/or your browser.

The following table describes and explains how these tools are used:

You can withdraw your consent at any time through:

1. The cookie management tool by adjusting and defining your preferences or to disable these cookies; or
2. Using a blocking tool that can be used as an extension to your browser; or
3. Your browser configurations, disabling cookies and other tools.

Your personal data are kept secure through the implementation of several technical and organisational security measures that aim to ensure the confidentiality, integrity and availability of processing operations, for example by guaranteeing that they can only be accessed by those who are duly authorised.

To protect your personal data, we only use data centre providers that offer us adequate and documented security measures, namely guarantees that your personal data are stored on servers that are kept in controlled environments with limited access and that offer guarantees of resilience.

Personal data is kept on servers that provide us with adequate security guarantees to protect personal data from unauthorised disclosure, loss, misuse, alteration, processing or access, as well as from any other form of unlawful processing.

Likewise, when you browse on the website, we protect your data with encryption, such as Transport Layer Security (TLS, asecurity protocol that protects communications through the internet).

Despite of these policies and procedures, no security system is 100% failsafe, so we remind you that you shall take certain precautions when browsing and using the website, particularly when browsing on public or shared networks.

When browsing public or shared networks, the network may be monitored, which could lead to the exposure of access credentials, personal data and other information.

Whenever possible, (i) you should use your own mobile internet or your workplace’s internal network, (i) alternatively, you should use VPN connections, (iii) you should only visit trustworthy websites protected with security protocols (HTTPS, SSL/TLS).

Your personal data will be kept for as long as necessary for the purposes for which they are intended, thus:

If a specific or mandatory period is provided for by law, the data will be stored for that period.

Without prejudice to the periods indicated, personal data may be kept beyond those periods in the following situations:

1. As long as the limitation period for rights related to that purpose has not elapsed; or
2. For the purposes of the declaration, exercise or defence of HMR’s rights in legal proceedings;
3. Pending the final judgement of any court decision in the event of litigation related to that purpose;
4. for the fulfilment of orders from judicial authorities and/or criminal law enforcement agencies within the scope of duly identified judicial proceedings, in compliance with a reasoned order from the competent judicial authority;
5. to comply with acts issued by administrative authorities and competent regulatory bodies within the scope of their powers and competences, namely duly identified and substantiated administrative proceedings.

In all other cases, personal data will be kept for no longer than the periods indicated above, which HMR deems necessary to fulfil the purposes indicated above.

At the end of the retention period, all personal data collected will be deleted or anonymised.

Considering GDPR, you have some rights regarding your personal data, listed below, which are exercised in accordance with and within the limits defined by legislation:

You have also the right to file a complaint with the supervisory authority.

12.1.   RIGHT TO ACCESS INFORMATION

You can confirm if your personal data is being processed and, if applicable, the right to access your personal data.

12.2.   RIGHT TO RETIFICATION

You have the right to request, at any time, the rectification of your personal data and also the right to have incomplete personal data completed.

12.3.   RIGHT TO DATA ERASURE

You can request the erasure of your personal data when one of the reasons listed in the legislation applies.

12.4.   RIGHT TO RESTRICT DATA PROCESSING

You have the right to limit the processing of your personal data by HMR, if the one of the reasons listed in the legislation applies.

12.5.   RIGHT TO OBJECT DATA PROCESSING

You have the right to object, on grounds relating to their particular situation, at any time to the processing of personal data.

12.6.   RIGHT TO DATA PORTABILITY

You have the right to receive the personal data concerning them and which they have provided to HMR in a structured, commonly used and machine-readable format and the right to transmit those data to another controller.

12.7.   RIGHT TO WITHDRAW CONSENT

You have the right to withdraw consent previously provided for some processing activities.

12.8.   RIGHT TO LODGE A COMPLAINT WITH THE SUPERVISORY AUTHORITY

The supervisory authority is the body responsible for overseeing the application of and compliance with data protection legislation. In Portugal, at the date of publication of this Policy, the supervisory authority is the National Data Protection Commission (CNPD).

If you realise that the use of your personal data violates the GDPR, you can contact the CNPD at www.cnpd.pt.

You can exercise your rights, following the procedures:

HMR may sometimes use service providers within the scope of the website, namely for cloud hosting and website support and maintenance. These service providers may have access to some personal data.

HMR guarantees that the service providers who may have access to your personal data are credible and offers high guarantees of personal data protection and that they do not have access to personal data beyond what is necessary for the provision of the contracted service(s).

HMR may also communicate your personal data to the following entities:

1. Companies that belongs to HMR corporate group;
2. Legal representatives and courts, for declaration, exercise or defence of HMR legal claims; and
3. Judicial authorities and/or criminal law enforcement agencies within the scope of a legal process, in compliance with a reasoned order from the competent judicial authority

The website www.hmr.co.com and its subsites may contain links to third party websites (e.g LinkedIn, when you click on the button “Follow Us”). HMR is not responsible for the privacy practices of such websites. Thus, HMR recommends that you read such third party websites privacy statements. HMR cannot be held responsible or liable for the content and activities of such websites.

By default, no data transfers will take place outside the European Union.

In the event of transfers of data to third countries outside the European Union, in particular when necessary for the purpose of providing services to HMR, the legal rules on transfers will be complied with, with respect to (i) the adequacy of the country of destination with regard to the protection of personal data and the requirements applicable to such transfers, or (ii) the existence of adequate guarantees to carry out such transfers, in particular standard contractual clauses approved by the European Commission and, if necessary, the implementation of supplementary measures to guarantee the proper protection of personal data.

The Website is not intended for minors under the age of thirteen (13) and we therefore request that minors do not provide us with personal data via the Website.

HMR would kindly request that you do not send or disclose to us any information relating to:

1. Your physical or mental health;
2. Your racial or ethnic origin, your political opinion, your religion or philosophical beliefs or trade union membership;
3. Your genetic or biometric data; and
4. Your sex life or sexual orientation

If you still send us or disclose these personal data categories, they will be deleted immediately.

HMR reserves the right to change this Privacy Policy at any time. When the Privacy Policy is modified, the date of the last change, is also updated. If the difference is substantial, a notice will be placed on the website.

If you have any doubt or question related with this Privacy Policy, please contact us through our e-mail privacy@hmr.co.com.

Lisbon (Portugal), 16.10.2023