Terms and conditions of use of pur'ple's website and global privacy policy

Within the scope of its activity, PRPL, Lda. ("pur'ple") provides its clients, including companies, organizations or individuals (the "Clients") with management consultancy services, including planning, organization, control, management, process design and implementation of processes, reorganization of companies and human resources management, herewith encompassing social and demographic studies, human dimensioning, definition and evaluation of performance, compensation, individual and leadership development and evaluation, training, internal communication, licensing and integration of computer systems (software), as well as technologies to support the implementation of solutions (the "Services").

PUR'PLE is strongly committed to protecting the personal data of those who use its website www.purposebypeople. com (the "Website") or its services, and through these terms and conditions of use of the Website (the "Terms and Conditions of Use") and the present privacy policy (the "Privacy Policy") pur'ple intends, on one hand, to define the conditions of access and navigation of the Website by each and every person who accesses the Website, regardless of whether or not they register on it or not (the "Website User") and, on the other hand, to provide clear and transparent information to the data subjects, through the Website or digital platforms created or managed by pur'ple ("pur'ple Platforms"), namely in relation to: 

• The controller;
• The scope of the Privacy Policy;
• The personal data processed by pur'ple;
• The purposes of the processing for which the personal data are intended as well as the legal basis for the processing and the period of storage of personal data (including the execution of a contract between pur'ple and the data subject and consent);
• Means of collecting personal data;
• Processing of personal data by automated means;
• The rights of the personal data subjects;
• Security in the processing of personal data;
• Transfers of personal data to third parties;
• Use of cookies; and
• Amendments to the Privacy Policy.

Through the Privacy Policy, you can also obtain information about your rights regarding the processing of personal data by pur'ple.

The Privacy Policy has been drafted pursuant to the European Union's General Data Protection Regulation, Regulation (EU) No. 2016/269 of 27 April ("GDPR").

It is extremely important that you read this Policy carefully and fully understand its scope. If you have any questions or concerns regarding this Policy, please do not hesitate to contact us through the channels identified in Section 9.

 
I. Terms and Conditions of Use

 
1. Using the Website

Access to the Website

pur'ple has the exclusive right to, at any given time, suspend, partially or totally, the availability of the Website or access to it, in particular (but not exclusively) during management, maintenance, repair, alteration, or modernization operations. pur'ple may also choose to close, definitively or temporarily, partially, or totally, at any time, the Website or any of the services, without prior notice.

General Use

The Website User must use the Website in a responsible, prudent, and careful manner, and must not disrupt or degrade the continuity, integrity and quality of the Website's features and functionalities, nor must they make any improper use of it, from it and through it, namely, but not limited to, infringing the legislation in force.

pur'ple reserves the right to suspend the availability of the Website and/or prevent access and use of the Website by any Website Users who use it improperly or violate any of the provisions of these Terms and Conditions of Use.

The Website User acknowledges that its use of the Website is at their own risk, and they are solely responsible for any damage caused to their computer system and/or equipment or other damage or loss, including loss of or damage to data, which results from the use of the materials, content or information obtained in any way through the Website.

2. Intellectual Property

All intellectual property rights to the Website are the property of pur'ple. All content, texts, images, and sounds, as well as the logos, names, brands, and distinctive signs of the Website are protected by intellectual property rights and are the exclusive property of or licensed to pur'ple.

The Website User is not authorized to: (i) remove or use any indication of intellectual property, including, but not limited to, trademark or other notices regarding PUR'PLE's intellectual property; (ii) reproduce, modify, make derivative works of, destroy, license, rent, sell, resell, transfer, publicly display or present, transmit, reproduce, broadcast, or in any other way exploit the services on this Website, except to the extent expressly permitted by pur'ple; (iii) create links to or reproduce through frames any part of the Website or any content made available on it; (iv) create or launch any programs or scripts to capture, index, collect or otherwise extract data from the Website, or unduly overload and/or render impossible the operation and/or functionalities of the Website; or (v) unauthorized access to the Website or impair any aspect of it.

3. Disclaimer and Limitation of Liability

The Website has been developed considering the interests of our different types of Website Users and the audience of pur'ple's products or services.

pur'ple will not be responsible for any damages, losses and/or losses suffered by the Website User or third parties due to the occurrence of circumstances classified as fortuitous and/or force majeure.

The User of the Website recognizes that the internet constitutes a public network and that, as such, no responsibility can be imputed for damages resulting from the use of the same. Furthermore, pur'ple is not responsible for the incorrect use of the Website and/or its services, nor for losses or damages caused by such incorrect use.

4. Applicable Law

If any provision or part of the current Terms and Conditions of Use is unenforceable or contrary to applicable law, the validity of the remaining terms or conditions shall not be affected. The management, administration, use and enforcement of the Terms and Conditions of Use of the Website is governed by Portuguese law.

 
II. Privacy Policy

 
1. Controller and Data Protection Officer

The entity responsible for processing personal data is the company PRPL, Lda. registered under the single identification and legal person number 514834242, with registered office at Rua do Açúcar, n. º 76, Armazém 29, 1950-009 Lisbon.

pur'ple has a Data Protection Officer, who can be contacted by the owners of the personal data by e-mail to the address: dataprotection@prplcompany.com, or by written communication to the address: Rua do Açúcar, no. 76, Armazém 29, 1950-009 Lisboa.

2. Purposes of Personal Data Processing

The Privacy Policy aims to provide information to the data subjects whose personal data pur'ple processes ("Data Subjects"), namely:

• Clients, Clients' employees or business contacts from our Clients;
• Potential Clients, employees of Potential Clients, or business contacts from Potential Clients;
• Applicants for job offers at pur'ple, or within the scope of services provided by pur'ple ("Applicants"); and
• Website Users and Users of the pur'ple Platforms, namely the platform included in the website https://violet.pur-ple.io/ ("Violet Platform").

3. Personal Data

For the purposes of this Privacy Policy, ‘personal data’ is considered to be any information that, directly or in combination with other data, can identify a natural person.

By submitting your personal data to pur'ple, we guarantee that we will process it in accordance with this Privacy Policy.

Your personal data will not be used for any purposes other than those identified in the Privacy Policy.

The table below includes a list of the personal data collected by pur'ple from different categories of Data Subjects, depending on the area of activity concerned.

pur'ple is not responsible for the veracity, omissions, inaccuracies, and falsities of the personal data transmitted to it.

The personal data collected may be processed by computer and in automated or non-automated form, ensuring in all cases the strict compliance with the legislation for the protection of personal data.

4. Purposes and grounds for processing and period of storage of Personal Data

pur'ple, within the scope of its activities, processes personal data for the purposes set out in the table below.

Regarding newsletters, the processing of personal data only begins when the respective data subject submits the subscription form, ending at any time by unsubscribing through a link available in all newsletters sent. By removing the subscription, the Data Subject concerned will receive an email notification confirming the removal of their data from the mailing list of newsletters.

5. Performance of contract between pur'ple and the Data Subject

When personal data is processed by pur'ple, under the terms of Section 4 above, based on the performance of a contract to which the Data Subject is a party, or for pre-contractual diligences, under the terms of Article 6.1(b) of the GDPR, pur'ple reserves the right not to enter into a contract or not to provide the services in question, in the event that the Data Subject does not provide the necessary personal data.

All personal data referred to in Section 3 above that are processed based on the performance of a contract to which the Data Subject is a party correspond to personal data that are adequate, relevant, and limited to what is necessary, considering the purpose for which they are processed.

6. Consent

Where personal data is processed by pur'ple, under the terms of Section 4 above, based on the Data Subject's consent, on the grounds of Article 6.1(a) of the GDPR, the Data Subject shall have the right at any time to withdraw his or her consent to the processing of the data, without compromising the lawfulness of the processing carried out under the consent previously given.

7. Means of collecting Personal Data

Personal data processed by pur'ple, as described in Sections 3 and 4 above, is collected in accordance with the provisions in the table below.

8. Processing of Personal Data by automated means

pur'ple partially processes personal data through automated individual decision-making, including profiling - for the purposes identified above, and always in compliance with applicable personal data protection legislation.

Please be advised that the Data Subject has the right to obtain human intervention from pur'ple regarding the processing of his personal data by automated means, as well as regarding profiling, and to express his point of view and contest the decision.

Which Personal Data processing operations are operated by pur'ple through automated means?

pur'ple proceeds with the automated collection of personal data through the Website as well as through pur'ple Platforms. The processing of personal data through automated means is used:

• For the purpose of contacting the Data Subjects, namely through the delivery of surveys in relation to the quality of the services provided, sending newsletters, sending promotional actions (offers and promotion of products and services) and invitations to events, as well as for direct marketing purposes;
• To improve the Website User’s experience, as well as the experience of the Users of the pur'ple Platforms;
• To evaluate the results of the well-being surveys included in the pur'ple Platforms through the personal data provided by the Data Subject;
• Benchmark, with guaranteed anonymity of the personal data being evaluated, the results of the well-being surveys included in the pur'ple Platforms;
• Present the Data Subject with a personalized page by accessing the reserved area of the Website and pur'ple Platforms;
• Provide the Data Subject with personalized results and information in relation to the surveys conducted on pur'ple Platforms;
• Proceed with profiling, under the terms foreseen above, aiming at providing an effective and personalized service to the Website Users or to the Users of the pur'ple Platforms.

Consent is always sought from Data Subjects for this effect.

How important are automated decisions and profiling, and what are the consequences of automated decisions for the Data Subject?

Automated decisions and profiling allow the Data Subjects to receive communications from pur'ple, namely quality of service surveys, newsletters, promotional actions (offers and promotion of products and services), invitations to events and direct marketing.

Additionally, automated decisions and profiling allow pur'ple to improve the Data Subjects' experience on the Website and pur'ple Platforms, by viewing personalized content and monitoring their progress throughout the various interactions and comparisons with other users of the Website or pur'ple Platforms with similar profiles.

Specifically, in relation to the Violet Platform, pur'ple will process personal data in an automated manner, including through profiling, with the aim of enabling the Data Subject to make effective use of the well-being surveys made available, providing information in relation to the results and possible measures to be taken.

pur'ple will only process personal data in an automated manner for the purposes set out in this section of the Privacy Policy.

The processing of personal data, through automated decisions, allows pur'ple to provide a better and more adequate service to the needs of each Client, Candidate, Website User or User of the pur'ple Platforms.

What is the logic behind the processing of Personal Data through automated decisions and profiling?

pur'ple intends to improve the experience of Website Users and Users of the pur'ple Platforms, as well as track their progress and allow for comparison with other users with similar profiles.

9. Data Subject Rights

The Data Subject is guaranteed the right to access his personal data at any time, as well as the right to rectify, delete, portability, limitation and/or opposition to processing.

As the Data Subject, you are also entitled to withdraw your consent at any time. The withdrawal of consent does not compromise the lawfulness of the processing carried out under the consent previously given.

The Data Subject has the right not to be subject to any decision taken solely under automated processing, including profiling. The Data Subject also has the right to obtain human intervention from pur'ple, to express their point of view and to challenge the decision to proceed with data processing by automated decisions and profiling.

The exercise of any of these rights must be done in writing, addressed to pur'ple, either to the address of its head office located at Rua do Açúcar, n.º 76, Armazém 29, 1950-009 in Lisbon, or to the following e-mail address: dataprotection@prplcompany.com.

Additionally, Data Subjects may always file any complaints they deem necessary with the competent authority for this purpose (currently the CNPD - Comissão Nacional de Proteção de Dados).

10. Security in Processing of Personal Data

pur'ple is committed to ensuring the security, integrity, and availability of the personal data it collects and processes. To this end, it has adopted the following measures:

• Software anti-virus, firewall and anti-malware;
• Access is differentiated according to the function/position of the person accessing the information systems;
• Access to information systems through a personal and untransferable username and password;
• Implementation of password quality rules;
• Detection of unauthorized access to information systems and physical facilities;
• Removal of user profiles that terminate their employment or other relationship, as well as any privileges or access rights granted to such users;
• Performance of periodic backups; and,
• Run periodic intrusion tests.

pur'ple informs that these security measures will be revised and updated according to the needs and requirements of these matters.

If, for any reason, there is a breach of security that causes, accidentally or unlawfully, the destruction, loss, alteration, unauthorized disclosure of or access to personal data, pur'ple undertakes, under the terms of the applicable legislation, to communicate this to the competent authorities, without undue delay and, whenever possible, within 72 hours of becoming aware of such an occurrence.

Additionally, and in the terms referred to in the previous paragraph, pur'ple undertakes to communicate the violation of personal data to the respective Data Subject.

11. Transmission of Personal Data to Third Parties

Whenever pur'ple shares personal data with third parties, it commits, under the terms of the contracts to be executed with the latter, to adopt the necessary and adequate measures to ensure that all entities that have access to such personal data offer high-security guarantees, limiting the communication of the personal data to only to the strictly necessary.

Whenever necessary, and as part of pur'ple's contracting of third parties, personal data may be transferred outside the European Economic Area (the "EEA"), to locations that may not guarantee the same level of protection. However, where applicable, pur'ple will only transfer personal data outside the EEA in accordance with the following measures:

• When the transfer is made to a location or by a method or in circumstances that the European Commission considers to ensure adequate protection of personal data;
• Where it has implemented standard contractual data protection clauses approved by the European Commission or a competent supervisory authority; or,
• Where none of the above applies, but the law nevertheless permits such a transfer, for example, if it is necessary for the establishment, exercise, or defense of a right in legal proceedings.

pur'ple may share your personal data, as part of its activity, with the categories of recipients best described in the table below.

pur'ple will not share your personal data with third parties for the purpose of using that information for direct marketing.

In addition to the above, pur'ple may share your personal data if there is a legal obligation to do so.

12.  Use of Cookies

pur'ple intends to ensure that Website Users and Users of the pur'ple Platforms have a unique and personalized experience. For this purpose, pur'ple uses cookies.

What are Cookies?

Cookies are very small text files that are stored on the Website User's computer or mobile device when visiting a website.

pur'ple uses cookies for various purposes and to enhance the Website User's online experience on its Website and its Platforms. The Website User can change their preferences and refuse certain types of cookies to be stored on their computer or mobile device while browsing the Website or the pur'ple Platforms.

The Website User may also remove any cookies already stored on their computer or mobile device but deleting cookies may prevent the use of parts of the Website or the pur'ple Platforms.

What type of Cookies are used by pur'ple?

• Strictly Necessary Cookies: necessary to allow the Website User and Users of the pur'ple Platforms to navigate through it and use the respective functionalities.
• Session Cookies: recording of information about the choices that the Website Users and the Users of the pur'ple Platforms make and that allows pur'ple to adapt the Website or the pur'ple Platforms to its Users; for example, to memorize their language or location. This information is generally anonymous and is not used for any other purpose.
• Analytical Cookies: pur'ple or its suppliers or service providers (such as Google Analytics) also use analytical services to help understand the effectiveness of the content of the Website and the pur'ple Platforms, the interests of its Users and to improve its operation. In addition, pur'ple uses web beacons or tracking pixels to count the number of visitors, and performance cookies to track how many individual Users access the Website and pur'ple Platforms and how often. This information is used for statistical purposes only and it is not pur'ple's intention to use this information to identify any User individually.

The pur'ple Website and Platforms do not use third-party cookies to provide targeted advertising.

Please contact pur'ple if you want more detailed information about the Cookies used.

What is the basis for pur'ple's use of cookies?

pur'ple will collect explicit consent from Users of the pur'ple Website or Platforms for the use of cookies, in accordance with Directive 2002/58/EC of the European Parliament and of the Council, from 12 July 2022, as per its last amendment.

Google Analytics

To provide visitors with more choice on how their data is collected by Google Analytics, Google has developed the Google Analytics Opt-out Browser Add-on. The add-on communicates with the Google Analytics JavaScript (ga.js) to indicate that information about the site visit should not be sent to Google Analytics. The Google Analytics Browser Opt-out Add-on does not prevent information from being sent to the site itself or to other web analytics services. Learn more about Google Analytics Brower Opt-out extra.

13. Amendments to the Privacy Policy

pur'ple reserves the right to make amendments to the Terms and Conditions of Use and Privacy Policy at any time, and such changes will be duly posted on the Website.