Know More
November 20th 2023

Cordex is committed to ensuring the security of personal data and has created this document to describe the conditions under which it processes personal data, hereinafter referred to as “Data Subjects.”

Cordex respects the right to the privacy of Data Subjects and declares compliance with applicable legal and regulatory provisions regarding privacy and personal data protection, adopting adequate measures to ensure the privacy and confidentiality of personal data transmitted by Data Subjects.

To clarify the processing of data, as well as its purpose and the rights of data subjects, it is advisable to periodically read this Privacy Notice.

For clarification of doubts, Data Subjects have the following email address at their disposal:

Who is responsible for processing your personal data?

Cordex is the entity responsible for processing the personal data of its clients (or potential clients), partners, and suppliers, following the terms of the current data protection legislation in the European Union (the General Data Protection Regulation – GDPR).


Cordex can be contacted:
Cordex Portugal
Rua da Estrada Nova, nº 785,
P.O. Box 15
3886-909 Esmoriz, Portugal
and through the following email address:

What personal data do we collect?

The personal data we collect depends on the context of your interactions with Cordex, within the scope of its business activities and in compliance with the legally mandated obligations.

Cordex collects and processes personal data provided by Data Subjects through various contacts established between the parties, whether in person, by phone, by postal mail, or by email.

What purposes precede the collection of your personal data, and what is the basis for its processing?

Cordex ensures that the processing of your personal data is carried out within the scope of the purpose for which they were collected or for purposes compatible with the initial purpose of collection. Additionally, we process your personal data for legally prescribed purposes.


Customer and potential customer management:

The processing of your data is necessary for the execution of the contract to be entered into between you and Cordex or for the performance of pre-contractual measures at your request. If you do not provide your data, we will not be able to provide the requested or contracted services. Customer data may be disclosed to third parties, including public authorities, for compliance with legal or contractual obligations.


Supplier management:

The processing of your data is necessary for the execution of the contract to be entered into between you and Cordex or for the performance of pre-contractual measures at your request. If you do not provide your data, we will not be able to fulfill the contractual obligations assumed.


Complaint Management and Contacts Received by Cordex

You can send us suggestions or complaints regarding the services provided by Cordex through the “Contacts” section. Your personal data will be collected to analyze and resolve the situation underlying your suggestion or complaint and will be processed based on Codex’s legitimate interests.


Whistleblowing Channel Management

Cordex’s Whistleblowing Channel is a secure space where you can report irregular practices within the defined scope. In the case of a report being submitted as “Confidential,” the whistleblower may provide personal data. However, this visibility will be ensured in accordance with the compliance outlined in this document.


Application Management

On the “Human Resources” portal, the candidate enters their personal data in response to a “Opportunity” or through a “Spontaneous Application” form.

For how long do we keep your personal data?

The personal data collected and subject to processing are retained in accordance with their purpose, respecting the applicable legal deadlines.

In cases where there is no specific legal deadline for the conservation and storage of personal data, such data will only be stored and retained for the appropriate period and as necessary, considering the purposes for which they were collected. This is unless, at any time, the data subject, within legal limits, exercises their rights of opposition or erasure, or withdraws their consent.

Who can we share your personal data with?

Cordex may share your personal data with third parties who will have access to them. These third-party entities may include public authorities, service providers, among others.


In the scope of its activities, Cordex may engage subcontractors, who will access and process your personal data in accordance with Codex’s instructions.


To this end, we ensure that such subcontractors provide sufficient guarantees in implementing appropriate technical and organizational measures to ensure that the processing complies with the requirements of the GDPR and other applicable laws, as well as to ensure the defense of the rights of the data subjects.


Thus, Cordex may also share your personal data when such sharing is necessary or appropriate considering applicable legislation, to fulfill legal obligations, respond to requests from public authorities, in cases of vital interests of the data subject or third parties, to protect the rights and property of Cordex, or when you have provided your prior consent.

What are the rights of the data subjects?

In accordance with applicable legislation, you have the following rights:


  • Right of Access: Obtain confirmation as to whether your personal data is or is not being processed and, if so, access it.
  • Right to Rectification: Obtain the rectification of inaccurate personal data concerning you and request that your incomplete personal data be completed.
  • Right to Erasure: Obtain the erasure of your personal data, except in cases where there are grounds justifying its conservation.
  • Right to Restriction of Processing: Obtain the restriction of the processing of your personal data when it concerns certain categories of data or processing purposes.
  • Right to Data Portability: Receive the personal data you provided to us in a structured, commonly used, and machine-readable format, as well as request the transmission of your personal data to another data controller.
  • Right to Object: Object, at any time, to certain processing of your personal data, such as in the case of processing personal data for direct marketing purposes.
  • Right Not to be Subject to Automated Individual Decisions, Including Profiling: Not be subject to any decision made exclusively based on automated processing, including profiling, that produces legal effects concerning you or similarly significantly affects you.


To exercise your rights, you should contact us via email at


Furthermore, you are guaranteed the right to withdraw your consent whenever it has been provided, through the means indicated above. The withdrawal of consent does not, however, invalidate the processing carried out up to the date of withdrawal.
The data subject also has the right to lodge a complaint with the CNPD or another competent supervisory authority, as well as to resort to any other means of judicial remedy, if they consider that their personal data is not being processed lawfully by Cordex, in accordance with current legislation and this notice.

What security measures are adopted?

Cordex implements various security measures, including authentication tools, encryption, and digital certificates, to help protect and maintain the security, integrity, and availability of your personal data.
While the transmission of data over the internet or a website cannot guarantee complete security against intrusions, Cordex and its service providers and business partners make the best efforts to implement and maintain physical, electronic, and procedural security measures aimed at protecting the personal data of Data Subjects in accordance with applicable data protection requirements.

Under what circumstances do we transfer your personal data to third countries?

The activities conducted by Cordex may involve the transfer of your personal data to third countries—located outside the European Union or not belonging to the European Economic Area—although this occurs occasionally and always in relation to other services used by Cordex.
In such situations, all necessary and appropriate measures will be taken to ensure the protection of your personal data.
One of these situations occurs in the context of Codex’s presence on social networks, where Cordex has limited influence over the data processing carried out by the operators of these networks (e.g., member management and general information management). In situations where we have no influence, we try to ensure, as far as possible, that social network operators act in accordance with the privacy and data protection requirements stipulated by the GDPR. However, in many cases, we have no influence on this data processing carried out by the operators and have no clear knowledge of the data being processed on certain occasions.

The operators of social networks manage the entire IT infrastructure of the service, applying their own privacy and data protection rules. Additionally, they maintain their own relationships with users (to the extent that they are registered users on the social network). Furthermore, the operators are entirely responsible for all issues related to user profile data to which Cordex does not have access.

How do we use “Cookies”?

To learn more about cookies and how Cordex uses them on its website, please refer to our Cookie Notice [link to].


In no way will cookies be used to invade the user’s privacy; they are only used to identify the user and track their profile, for example, to send marketing and/or promotional actions and conduct market studies.


Cookies are stored on the user’s computer’s hard drive to save preferences, such as login/password, if the user chooses the option to log in automatically on their next visit.


If the user wishes, they can disable cookies in their web browser, but this may result in the loss of some functionalities. The user has the option to configure their browser to be notified on the computer screen about the receipt of cookies and to prevent their installation on the hard drive. Relevant information for this configuration is available in the browser’s instructions and manuals.

Changes to the Privacy Notice

This Privacy Notice may be updated or modified at any time without prior notice.


All updates to the Privacy Notice will be communicated through a notice on our website: so that such changes can be immediately understood.

Do you have any question or looking for a specific solution?

We are here to help you get the results you want.