Privacy Policy for Work Squad
1. Introduction
Work Squad is committed to ensuring the confidentiality, security, and protection of personal data entrusted to us as part of our operations. We process all personal data strictly in accordance with the General Data Protection Regulation (GDPR) 2016/679 of the European Parliament and Council (April 27, 2016), as implemented under Law No. 58/2019 (August 8, 2019) in domestic legislation.
This Data Protection Policy outlines how Work Squad collects, processes, shares, transfers, and safeguards personal data, as well as the rights of individuals regarding their data.
2. Definitions
Under the General Data Protection Regulation (GDPR), the following definitions apply:
- Personal Data – Any information related to an identified or identifiable natural person (“data subject”), such as a name, ID number, location data, online identifier, or factors related to physical, genetic, mental, economic, or social identity.
- Sensitive Personal Data – Special categories of personal data, including racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic or biometric data, health data, and sexual orientation.
- Processing – Any operation performed on personal data, such as collection, storage, organization, adaptation, retrieval, consultation, transmission, restriction, or deletion.
- Data Controller – The entity that determines the purposes and means of processing personal data.
- Consent – A freely given, specific, informed, and unambiguous indication of an individual’s wishes, signifying agreement to the processing of their personal data.
3. Data Controller
Work Squad, headquartered at [Insert Address], is responsible for the processing of personal data.
For inquiries regarding data protection, you may contact our Data Protection Officer at:
📞 [Insert Contact Number]
📧 privacy@worksquad.com
Work Squad processes personal data in compliance with the principles of lawfulness, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality.
4. Legal Basis and Purpose of Data Processing
Work Squad collects and processes personal data for the following purposes:
- Employment Contracts & Administration – Managing employment contracts, payroll processing, tax compliance, and social security obligations.
- Recruitment & Job Assignments – Selecting and placing candidates for temporary employment or secondment agreements at client locations.
- Workplace Safety & Compliance – Conducting occupational health & safety assessments, including medical evaluations and workplace compliance checks.
- Surveys & Employee Records – Maintaining HR records, asset use agreements, and contractual documentation.
- Legitimate Business Interests – Ensuring network security, IT protection, and fraud prevention, provided such processing does not override data subjects’ rights.
Any additional processing of personal data for purposes beyond those listed will require prior notification and explicit consent from the data subject.
4.1 Processing of Sensitive Data
When processing special categories of data as per Article 9 of GDPR, Work Squad will ensure compliance within legal limits and seek explicit consent when required.
5. Sharing of Personal Data
Work Squad may share personal data with authorized entities, including but not limited to:
- Social Security Authorities (e.g., IGFSS – Social Security Financial Management Institute)
- Tax Authorities (e.g., AT – Tax Authority)
- Banking & Insurance Institutions
- National Statistical Offices (e.g., INE – National Statistics Institute)
- Workplace Safety & Labor Inspectors (e.g., ACT – Authority for Working Conditions)
- Clients & Partners requiring recruitment services or temporary workforce placements
- Payroll & HR Management Service Providers (for outsourced payroll processing or HR operations)
Purposes of Data Sharing:
- Processing salaries, benefits, tax deductions, and social security contributions
- Ensuring legal compliance with labor, tax, and workplace safety regulations
- Conducting internal HR analytics and reporting
5.1 Data Transfers Outside the EU
Work Squad will only transfer personal data outside the EU if:
- The recipient country ensures adequate data protection as per GDPR adequacy decisions.
- There are binding corporate rules (BCRs) or standard contractual clauses (SCCs) in place.
- The data subject provides explicit consent for the transfer.
6. Data Retention Period
Work Squad retains personal data only for the period necessary to fulfill its intended purposes while complying with legal requirements. Data retention is determined based on:
- Employment and tax laws
- Best industry practices
- Security and compliance requirements
7. Data Subject Rights
Under GDPR, data subjects have the right to:
✔ Access their personal data.
✔ Request correction of inaccurate or incomplete data.
✔ Request deletion of personal data (“Right to be Forgotten”).
✔ Restrict processing of their data under specific conditions.
✔ Object to processing based on legitimate interests.
✔ Request data portability to transfer their data elsewhere.
✔ Withdraw consent for data processing at any time.
✔ File complaints with the supervisory authority (www.cnpd.pt).
If you wish to exercise any of these rights, contact privacy@worksquad.com.
8. Updates to This Privacy Policy
Work Squad reserves the right to modify this Privacy Policy in response to:
- Regulatory changes
- Business requirements
- Security updates
Any changes will be published on the Work Squad website and take effect immediately.
For any questions, concerns, or data access requests, please contact:
📍 [Insert Address]
📧 privacy@worksquad.com
📞 [Insert Contact Number]
This Privacy and Personal Data Protection Policy is effective immediately upon publication.
