Home
/
Privacy Policy

Privacy Policy

Last Updated: November 2025

1. Introduction

INESCTEC OCEAN (“we”, “our”, “us”, or “the Organisation”) operates the website inesctecocean.pt (hereinafter referred to as the “Website”).

This Privacy Policy informs you about our practices regarding the collection, use, disclosure, and protection of personal data when you use the Website and our services. We are committed to safeguarding your privacy and ensuring you have a positive experience on our Website.

If you have any questions about this Privacy Policy or our privacy practices, please contact us through the methods provided in Section 15 of this policy.

2. Data Controller and Contact Information

Organisation: INESCTEC OCEAN Website: inesctecocean.pt Data Controller: INESC TEC (Institute for Systems and Computer Engineering, Technology and Science)

For privacy-related inquiries, you may contact us using the contact information provided on our Website.

3. Personal Data We Collect

3.1 Data from Contact Forms

When you use our contact form or send inquiries through the Website, we collect:

  • Full name
  • Email address
  • Organization/Institution
  • Phone number (optional)
  • Subject of inquiry
  • Message content
  • Any additional information you voluntarily provide

3.2 Data from Newsletter and Subscriptions

If you subscribe to our newsletter or mailing lists, we collect:

  • Email address
  • Full name
  • Organization/Institution
  • Areas of interest
  • Research focus preferences

3.3 Automatically Collected Data

When you visit the Website, we automatically collect:

  • Internet Protocol (IP) address
  • Browser type and version
  • Operating system
  • Pages visited and time spent on each page
  • Referring/exit pages
  • Device type and screen resolution
  • Geographic location (approximate)
  • Browsing patterns and clickstream data
  • Cookies and similar tracking technologies

3.4 Data from Third-Party Integrations

If the Website includes embedded content from third parties (YouTube videos, social media feeds, maps, etc.), these providers may collect data about you according to their own policies.

3.5 Communication Data

If you contact us via email or through our contact systems, we retain records of your communication, including:

  • Email address
  • Message content
  • Timestamps
  • Any attachments

4. Legal Basis for Data Processing

We process your personal data on the following legal bases under the GDPR:

  • Consent: For newsletter subscriptions, non-essential cookies, and optional services
  • Contract Fulfillment: To respond to your inquiries and provide requested information
  • Legitimate Interests: To maintain and improve the Website’s functionality and security, conduct analytics to enhance user experience
  • Legal Obligation: To comply with applicable laws and regulations

5. Purpose of Data Processing

We use collected personal data for:

  1. Responding to Inquiries: Replying to contact form submissions and email communications
  2. Newsletter Distribution: Sending you research updates, news, and information you subscribed to receive
  3. Service Improvement: Analyzing usage patterns to enhance Website functionality and user experience
  4. Analytics and Research: Understanding visitor behavior and website performance
  5. Security and Fraud Prevention: Protecting the Website from unauthorized access and malicious activities
  6. Regulatory Compliance: Fulfilling legal and regulatory obligations
  7. Communication: Sending you important updates about the Website or services
  8. Statistical Analysis: Creating anonymized, aggregated statistics for research and reporting purposes

6. Data Sharing

We do not sell or rent your personal data to third parties for marketing or commercial purposes.

We may share your data with:

  1. Service Providers: Third-party vendors who assist us in operating the Website, conducting analytics, sending communications, or other business functions. These providers are contractually obligated to maintain data confidentiality.
  2. Consortium Partners: SINTEF Ocean, Fórum Oceano, and APDL (our consortium partners) may receive your data if you specifically request information about consortium activities, with your consent.
  3. Legal Requirements: When required by law, court order, or regulatory authority.
  4. Third-Party Platforms: If you interact with embedded content (YouTube, social media), these platforms receive data according to their privacy policies.
  5. Research and Academia: Anonymized, aggregated data may be used for research purposes in collaboration with academic institutions.

7. International Data Transfers

Our Website is hosted in the European Union. If you are located outside the EU/EEA, your data will be protected by GDPR standards. We implement appropriate safeguards for any international transfers.

8. Data Retention

  • Contact Form Data: Retained for 12 months from the date of submission or until you request deletion
  • Newsletter Subscriber Data: Retained while you remain subscribed; you can unsubscribe at any time
  • Email Communications: Retained for 12 months for customer service and compliance purposes
  • Website Analytics Data: Typically retained for up to 26 months (subject to our analytics provider’s terms)
  • Server Logs: Retained for up to 90 days for security purposes
  • Cookies: Duration varies by cookie type (see Cookie Policy)

You may request deletion of your data at any time (subject to legal retention requirements).

9. Your Rights Under the GDPR

You have the following rights regarding your personal data:

9.1 Right of Access

You may request a copy of the personal data we hold about you in a structured, commonly used, and machine-readable format.

9.2 Right to Rectification

You may request that we correct any inaccurate or incomplete personal data.

9.3 Right to Erasure (“Right to Be Forgotten”)

You may request deletion of your personal data, subject to certain legal exceptions.

9.4 Right to Restrict Processing

You may request that we limit how we use your personal data.

9.5 Right to Data Portability

You may request your data in a portable format to transfer to another organization.

9.6 Right to Object

You may object to certain types of processing, including direct marketing.

9.7 Right to Withdraw Consent

If we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.

9.8 Rights Related to Automated Decision Making

You have the right not to be subject to decisions based solely on automated processing.

To exercise any of these rights, please contact us using the information in Section 15.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:

  • Secure HTTPS encryption for data transmission
  • Regular security assessments and updates
  • Access controls and authentication measures
  • Employee data protection training
  • Incident response procedures

However, no method of transmission over the Internet is entirely secure. While we take reasonable precautions, we cannot guarantee absolute security.

11. Cookies and Similar Technologies

For detailed information about cookies used on the Website, please refer to our Cookie Policy. In summary, we use:

  • Essential Cookies: Required for Website functionality
  • Analytics Cookies: To understand how visitors use the Website
  • Preference Cookies: To remember your choices
  • Third-Party Cookies: From YouTube, social media, and other embedded services

You may control cookies through your browser settings or our consent management tool.

12. Children’s Privacy

The Website is not intentionally directed to children under 16 years of age. We do not knowingly collect personal data from children without parental consent. If we become aware that a child has provided us with personal data, we will take appropriate steps to delete such data and terminate the child’s interaction with the Website.

Parents or guardians who believe their child has provided data to us should contact us immediately.

13. Third-Party Links and Services

The Website may contain links to external websites and embedded services (YouTube, social media, etc.) that are not operated by us. This Privacy Policy applies only to the Website. We are not responsible for the privacy practices of third-party websites. We encourage you to review their privacy policies before providing personal data.

14. Policy Updates and Changes

We may update this Privacy Policy periodically to reflect:

  • Changes in our practices
  • New technologies
  • Legal requirements
  • Other relevant factors

We will notify you of material changes by:

  • Updating the “Last Updated” date at the top of this page
  • Posting the updated policy on the Website
  • Sending you an email notification if required

Your continued use of the Website following changes to this Privacy Policy constitutes your acceptance of those changes.

15. Contact Us

For questions about this Privacy Policy, to exercise your GDPR rights, or to report privacy concerns, please contact us:

Email: Use the contact form available on the Website at inesctecocean.pt/contact

Mailing Address: Contact information available on our Website

Data Protection Authority Complaint: If you believe we have violated your privacy rights, you may lodge a complaint with your local data protection authority.

16. Compliance Information

This Privacy Policy complies with:

  • General Data Protection Regulation (GDPR) – EU Regulation 2016/679
  • Lei da Protecção de Dados Pessoais (Portuguese Data Protection Law)
  • ePrivacy Directive and implementing national laws
  • Other applicable privacy and data protection legislation