What are you looking for?
Scroll to top
Follow us:
Sign up to get the latest
news and updates
Join over 1,000 members to get monthly updates and special information only available via email.
no, thanks

Privacy Policy

HomePrivacy Policy
Back

Privacy and Data Protection Policy

Last updated: 27/04/2026

SCEMAI values the privacy, security and protection of personal data belonging to its clients, partners, users, suppliers, employees and other data subjects.

This Privacy Policy explains how we collect, use, store, protect and share personal data in the context of our activity, including the use of our website, digital platforms, technological solutions, business communications, contact forms, demonstrations, proposals, technical support and service delivery.

SCEMAI is committed to processing personal data lawfully, fairly, transparently and securely, in accordance with the General Data Protection Regulation — GDPR, applicable national legislation and recognised information security best practices.

1. Data Controller

The data controller responsible for the processing of personal data is:

SCEMAI
HELLOSCEMAI, LDA
Rua Alfredo Allen, 455/461 4200-135 Porto, Portugal
516276271
General email: hello@scemai.com
Website: www.scemai.com

For any matter related to privacy or personal data protection, you may contact us at:

dpo@scemai.com

2. Data Protection Officer

SCEMAI provides a dedicated contact for matters related to personal data protection.

Data Protection Officer contact:
dpo@scemai.com

The Data Protection Officer may be contacted for questions regarding this Privacy Policy, the exercise of data subject rights, requests for information, complaints or any matter related to the processing of personal data by SCEMAI.

3. Personal Data We May Collect

SCEMAI may collect and process different categories of personal data depending on the relationship with the data subject and the purpose of processing.

We may process, among others:

Identification data: name, surname, job title, company or organisation.

Contact data: email address, phone number, professional address or other contact details provided by the data subject.

Professional data: role, department, employer, business sector and history of commercial or technical interactions.

Digital usage data: IP address, technical identifiers, browsing data, cookies, access logs, pages visited and interactions with forms or platforms.

Communication data: messages sent through the website, emails, contact requests, demo requests, support requests or other communications.

Contractual and commercial data: proposals, contracts, billing contacts and data related to the management of clients, suppliers and partners.

Technical and operational data: information required for service delivery, technical support, security, auditing, maintenance and improvement of our solutions.

As a rule, SCEMAI does not request special categories of personal data through its website, such as health data, racial or ethnic origin, political opinions, religious beliefs, biometric data or data concerning sexual life. If such data is ever required in a specific context, appropriate information will be provided and the applicable legal basis will be ensured.

4. Purposes of Processing

SCEMAI may process personal data for the following purposes:

To respond to contact requests, information requests, proposals or demonstration requests.

To manage commercial relationships with clients, potential clients, partners and suppliers.

To prepare, enter into and perform contracts.

To provide services, technical support, project follow-up and operational assistance.

To manage access to platforms, applications or restricted areas.

To improve the user experience on SCEMAI’s website and digital solutions.

To ensure system security, fraud prevention, access control, technical monitoring and protection against incidents.

To comply with legal, tax, accounting, regulatory or administrative obligations.

To send institutional, commercial or informational communications, where there is a lawful basis or the data subject’s consent.

To analyse usage metrics, performance and continuous improvement of services.

To protect SCEMAI’s rights, legitimate interests and assets, including in the context of audits, compliance, complaints or disputes.

5. Legal Basis for Processing

SCEMAI processes personal data based on the legal grounds provided under the GDPR, namely:

Performance of a contract or pre-contractual steps, where processing is necessary to prepare proposals, enter into contracts, provide services or respond to requests from the data subject.

Compliance with legal obligations, where SCEMAI is required to retain or disclose certain data under legal, tax, accounting or regulatory obligations.

Legitimate interest, where processing is necessary for business management, system security, service improvement, fraud prevention, contact with business clients or the defence of legal rights, always respecting the rights and freedoms of data subjects.

Consent, where applicable, namely for certain marketing communications, non-essential cookies or other situations where consent is required.

The data subject may withdraw consent at any time, where consent is the legal basis for processing, without affecting the lawfulness of processing carried out before withdrawal.

6. Data Retention

SCEMAI retains personal data only for as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required by law.

Retention periods may vary depending on the purpose of processing, the nature of the data, applicable legal obligations, limitation periods or the need to defend legal rights.

When personal data is no longer necessary, it will be deleted, anonymised or securely archived in accordance with applicable internal procedures.

7. Sharing Data with Third Parties

SCEMAI may share personal data with third parties only where necessary, appropriate and legally permitted.

Personal data may be accessed by, among others:

Technology, hosting, maintenance, security, technical support and communication service providers.

Consultants, auditors, accountants, lawyers or other professional advisers supporting SCEMAI.

Public, administrative, judicial, tax or regulatory authorities, where legally required.

Partners involved in project delivery, where necessary for the provision of contracted services.

SCEMAI seeks to ensure that its service providers and processors process personal data according to documented instructions, confidentiality obligations, appropriate security measures and applicable legal requirements.

8. International Data Transfers

Where the processing of personal data involves transfers to countries outside the European Economic Area, SCEMAI will adopt appropriate safeguards under the GDPR, including adequacy decisions, standard contractual clauses or other legally recognised mechanisms.

9. Data Security

SCEMAI adopts appropriate technical and organisational measures to protect personal data against destruction, loss, alteration, unauthorised disclosure, improper access or any other form of unlawful or unauthorised processing.

These measures may include:

Access control.

User permission management.

Encryption or pseudonymisation, where applicable.

Activity logs and security monitoring.

Backups and recovery mechanisms.

Internal confidentiality policies.

Risk assessments.

Incident response procedures.

Periodic review of security measures.

Information security is treated as a core principle in the design, development and operation of SCEMAI solutions.

10. Cookies and Similar Technologies

SCEMAI’s website may use cookies and similar technologies to ensure proper website operation, improve user experience, analyse browsing metrics and, where applicable, personalise content or communications.

Cookies may include:

Necessary cookies, which are essential for the operation of the website.

Analytics cookies, used to understand how visitors interact with the website.

Functional cookies, used to store user preferences.

Marketing cookies, where applicable, used for personalised communications or campaigns.

Where legally required, user consent will be requested before the use of non-essential cookies.

Users may manage their cookie preferences through the cookie banner or cookie management panel available on the website.

11. Data Processed in SCEMAI Digital Solutions and Platforms

Within its technological, industrial, operational, artificial intelligence, data analytics, dashboard, planning, audit or digital assistance solutions, SCEMAI may process personal data either as a data controller or as a data processor, depending on the contractual context and the purposes defined.

Where SCEMAI acts as a data processor, it will process personal data according to the client’s documented instructions, under the applicable agreement and legal requirements.

Where SCEMAI acts as a data controller, it will apply the principles, legal bases, security measures and data subject rights described in this Privacy Policy.

12. Artificial Intelligence, Automation and Data Analysis

SCEMAI develops and provides solutions based on technology, data, automation and artificial intelligence, particularly for industrial, operational and business contexts.

Whenever personal data is used in analytics, automation or artificial intelligence systems, SCEMAI is committed to applying the principles of data minimisation, transparency, security, purpose limitation and appropriate control.

SCEMAI will seek to avoid the use of personal data whenever the intended purpose can be achieved through anonymised, aggregated or technical data.

Where automated decision-making produces legal effects or significantly affects the data subject, specific information will be provided and the rights established by applicable legislation will be ensured.

13. Data Subject Rights

Under applicable data protection legislation, data subjects may exercise the following rights:

Right of access: to obtain confirmation as to whether their personal data is being processed and to access information about such processing.

Right to rectification: to request correction of inaccurate or incomplete personal data.

Right to erasure: to request deletion of personal data, where applicable.

Right to restriction of processing: to request restriction of the processing of their data in certain situations.

Right to object: to object to the processing of their data where processing is based on legitimate interest or direct marketing.

Right to data portability: to receive the data they have provided in a structured, commonly used and machine-readable format, where applicable.

Right to withdraw consent: to withdraw previously given consent whenever processing is based on consent.

Right to lodge a complaint: to lodge a complaint with the competent supervisory authority.

To exercise any of these rights, data subjects may contact:

dpo@scemai.com

SCEMAI may request additional information to confirm the identity of the data subject before responding to the request.

14. Response Time

SCEMAI will respond to data subject requests within the legally applicable deadlines.

In the case of complex or numerous requests, the response period may be extended in accordance with applicable legislation, and the data subject will be informed of the extension and the reasons for it.

15. Complaints to the Supervisory Authority

Without prejudice to contacting SCEMAI directly through dpo@scemai.com, data subjects have the right to lodge a complaint with the competent supervisory authority.

In Portugal, the supervisory authority is:

Comissão Nacional de Proteção de Dados — CNPD
Website: www.cnpd.pt
Email: geral@cnpd.pt

16. Links to Third-Party Websites

SCEMAI’s website may contain links to third-party websites, platforms or services.

SCEMAI is not responsible for the privacy policies, security practices or content of such third-party websites. We recommend that users consult the relevant privacy policies before providing personal data to those entities.

17. Changes to This Privacy Policy

SCEMAI may update this Privacy Policy whenever necessary, including as a result of legal, regulatory, technical, operational or organisational changes.

The most recent version will always be available on SCEMAI’s website, with the date of the latest update clearly indicated.

18. Privacy Contact

For any matter related to privacy, personal data protection, information security or the exercise of data subject rights, please contact:

SCEMAI — Data Protection
Email: dpo@scemai.com

This website uses cookies to improve your experience. Cookie Policy
en_USEnglish
en_USEnglish

Content is protected.