INNOVEDU - Institute of Education and Social Innovation
INNOVEDU - Institute of Education and Social Innovation
INNOVEDU - Institute of Education and Social Innovation
  • 0,00  0
    Cart review

    No products in the cart.

Back

Privacy Policy and Personal Data Protection

INNOVEDU – INSTITUTE OF EDUCATION AND SOCIAL INNOVATION, CRL.

(last updated: 05.01.2026)

1. SCOPE

This policy explains how INNOVEDU processes personal data in the context of the website INNOVEDU.EU, contacts, registrations for training actions/events, service provision and related communications.

2. DATA CONTROLLER AND CONTACT DETAILS

The data controller is:

  • INNOVEDU – INSTITUTE OF EDUCATION AND SOCIAL INNOVATION, CRL.
  • Tax ID (NIF/NIPC): 517 389 592
  • Address: Rua da Fábrica do Pêlo, n.º 41, 1.º J, 4710-409 Braga (São Vítor), Portugal
  • Phone: +351 916 296 648 (call to the national mobile network)
  • Email: geral@innovedu.eu

For privacy/data protection matters, the data subject may contact us at geral@innovedu.eu, stating in the subject: “Data Protection“.

3. PERSONAL DATA WE MAY COLLECT

Depending on the interaction with INNOVEDU, the following data may be processed, among others:

  • Identification and contact: name, email, phone, entity/organisation, role/position;
  • Data for registration/management of services and training: information necessary to manage registration, participation, certification (when applicable), logistical communications and support;
  • Invoicing: name/company name, Tax ID, address, email, and elements necessary for issuing an invoice/receipt;
  • Payments: information strictly necessary to process payments and manage reconciliation (for example, payment reference/status);
  • Communications: messages sent through forms, email or other channels;
  • Technical browsing data: IP address, technical identifiers, logs and website usage data (especially for security and performance);
  • Newsletter/marketing (when applicable): email and communication preferences.

Mandatory data: when a field is necessary to provide a service/issue invoicing, failure to provide it may prevent the execution of the request/contract.

4. PURPOSES AND LEGAL BASES FOR PROCESSING

INNOVEDU processes personal data for the purposes below, with the following legal bases (Article 6 of the GDPR):

4.1. RESPONDING TO CONTACT REQUESTS AND INFORMATION

  • Purpose: to respond to messages, requests for information, proposals and clarifications.
  • Legal basis: pre-contractual steps and/or legitimate interest in responding and managing the relationship [points b) and f) of Article 6(1)].

4.2. REGISTRATION, MANAGEMENT AND PROVISION OF SERVICES (TRAINING, WORKSHOPS, EVENTS, CONSULTANCY, RESOURCES)

  • Purpose: to manage registrations, logistical communications, performance of the service and customer support.
  • Legal basis: performance of a contract/pre-contractual steps [point b) of Article 6(1)].

4.3. INVOICING, ACCOUNTING AND LEGAL OBLIGATIONS

  • Purpose: to issue invoices/receipts and to comply with tax and accounting obligations.
  • Legal basis: compliance with a legal obligation [point c) of Article 6(1)].
  • Retention: as a rule, archiving for 10 years, where applicable.

4.4. PAYMENT PROCESSING

  • Purpose: to enable payment for services and to manage reconciliation/payment support.
  • Legal basis: performance of a contract [point b) of Article 6(1)] and/or legal obligation (when associated with invoicing).
  • Note: when payment is made through Multibanco Reference, MB WAY and/or Payshop, the data strictly necessary to process the payment will be communicated to the payment service provider.

4.5. SECURITY, FRAUD PREVENTION AND TECHNICAL MANAGEMENT OF THE WEBSITE

  • Purpose: to ensure security, integrity, prevention of unauthorised access and the functioning of the website.
  • Legal basis: legitimate interest [point f) of Article 6(1)].

4.6. MARKETING COMMUNICATIONS (WHERE APPLICABLE)

  • Purpose: sending newsletters/invitations/information about initiatives.
  • Legal basis: consent [point a) of Article 6(1)] and/or legitimate interest in communications to existing clients, under the applicable legal provisions.
  • Withdrawal: the data subject may withdraw consent at any time.

5. DATA RECIPIENTS AND PROCESSORS

INNOVEDU may share personal data with:

  • Service providers (processors) that support its operation (website hosting, email, collaboration tools, videoconferencing platforms, storage, technical support, accounting/invoicing), only to the extent necessary and under confidentiality and security obligations;
  • Payment service providers, when the data subject uses those means to pay;
  • Public authorities, when required by law.

INNOVEDU does not sell personal data nor share it for commercial purposes outside those described in this policy.

6. INTERNATIONAL DATA TRANSFERS

As a rule, data are processed within the European Economic Area (EEA). When, for operational reasons, there are transfers outside the EEA (for example, use of technology providers), INNOVEDU ensures appropriate legal mechanisms, such as standard contractual clauses or adequacy decisions, under the GDPR.

7. RETENTION PERIODS

INNOVEDU retains data only for the period necessary for the indicated purposes, namely:

  • Contacts and requests for information: up to 12 months after resolution, unless there is a need to retain it for legal or evidential reasons;
  • Customer/service data: during the term of the relationship and for a reasonable additional period for management of liability/disputes;
  • Invoicing/accounting: for the applicable legal period (as a rule, 10 years);
  • Newsletter/marketing: until consent is withdrawn/opt-out.
  • Technical security logs: for limited periods proportionate to the security purpose.

8. DATA SUBJECT RIGHTS

Under the GDPR, the data subject may exercise:

  • Right of access, rectification, erasure (when applicable), restriction, objection, portability and withdrawal of consent (when processing is based on consent).

To exercise rights, contact geral@innovedu.eu with the subject “Data Protection”. INNOVEDU may request additional information to confirm the identity of the applicant.geral@innovedu.eu

The data subject also has the right to lodge a complaint with the CNPD (Comissão Nacional de Proteção de Dados).

9. SECURITY

INNOVEDU adopts appropriate technical and organisational measures to protect personal data against unauthorised access, loss, destruction or improper disclosure (for example, access control, security measures applied to systems, backups, and permissions management).

10. COOKIES AND SIMILAR TECHNOLOGIES

The website may use cookies necessary for its functioning and security. Analytical and/or marketing cookies (if any) will be used only when legally required, based on the user’s consent, managed through the cookie banner/manager.

11. DATA OF MINORS

If personal data of minors are processed in the context of consent-based digital services, the national rules regarding children’s consent apply, including the minimum age of 13 years for consent in certain information society services.

12. CHANGES TO THIS POLICY

INNOVEDU may update this policy whenever necessary. The version in force is the one published on the website, indicating the update date.