privacy policy
Glintt Global, S.A., as the data controller, informs that all personal data processed will be handled in accordance with the principles of transparency, purpose limitation, data minimization, accuracy, integrity, and confidentiality, as well as in compliance with the obligations and guarantees established under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR), and Organic Law 58/2019 of August 8, and Law 3/2018 on the Protection of Personal Data and Guarantee of Digital Rights, regarding the protection of natural persons in the processing of personal data and the free movement of such data.
To that end, we provide our Privacy Policy in order to demonstrate our commitment and respect for privacy and personal data protection rules, ensuring the trust of all stakeholders and providing you with a satisfying, distinctive experience. This Privacy Policy applies to the collection and processing of personal data across the entire Glintt Global, S.A. corporate group.
Glintt Global, S.A. (hereinafter “Glintt Global”) reserves the right to modify this Privacy Policy at any time and without prior notice. In the event of a change, the date of the last update—available at the top of this page—will also be updated. If the change is substantial, a notice will be posted on the website.
Glintt Global is the owner of the following web domains: www.glinttglobal.com ; www.glinttnext.com ; www.glinttlife.com ; www.glinttlife.es and acts as data controller at these addresses.
Company Name: Glintt Global, S.A.
CIF/NIF: 503541320 DUNS: 455586537
Head Office: Beloura Office Park, Building 10, Quinta da Beloura, 2710-693 Sintra
Contact: info@glinttglobal.com
Data Protection Officer / Data Subject Rights Contact: privacidade@glinttglobal.com
Any disputes regarding the validity, interpretation, or execution of this Privacy Policy—or concerning the collection, processing, or transmission of personal data—must be submitted exclusively to the jurisdiction of the judicial courts, without prejudice to any mandatory legal rules that apply.
Personal Data – Any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an ID number, location data, an online identifier, or to one or more specific elements of their physical, physiological, genetic, mental, economic, cultural, or social identity.
Special Categories of Personal Data – Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as the processing of genetic data, biometric data for the unique identification of a natural person, health data, or data concerning a person’s sex life or sexual orientation.
Processing – Any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
Data Controller – A natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Personal Data Breach – A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed.
Processor – A natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.
Third Party – A natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons authorized to process data under the direct authority of the controller or processor.
Supervisory Authority – An independent public authority established by a Member State.
CNPD – National Data Protection Commission (Portugal’s supervisory authority).
In the context of employee duties within Glintt Global companies, the collection, recording, organization, storage, use, and consultation of personal data may occur, as well as other operations classified under GDPR as personal data processing.
Data is either provided directly by the data subject (e.g., job applicants), collected via navigation on Glintt Global websites, or necessary for the execution of contractual or pre-contractual obligations.
When collecting personal data, Glintt Global companies provide detailed information about the nature, purpose, and intended processing of the data, as well as the data subject’s access rights.
If submitting a CV, the data processed will include that in the form provided or in any free-format document submitted. CVs will be deleted after one year. For more information, consult the Recruitment Privacy Policy at careers.glinttglobal.com.
You will always be informed of the purpose of any data collection and can choose how much data you wish to share.
Data collected through forms, email, or other means will be used to manage the specific relationship established through those channels—for example, reservations, service requests, invoicing, support, registration for events or services, and related follow-ups.
In some cases, with prior notice, profiling or segmentation may be applied to improve service. You will be informed in advance if automated decision-making is involved.
If you have provided your email address, you may receive electronic communications related to your interaction or contractual relationship with Glintt Global. You may unsubscribe at any time through the link provided in every communication.
Glintt Global may engage third-party entities (Processors) to process personal data on its behalf. These entities must strictly comply with GDPR and this Privacy Policy.
Subcontracted entities may not share or subcontract the data without written authorization from Glintt Global.
Glintt Global will only contract with entities that provide sufficient guarantees of implementing appropriate technical and organizational measures to ensure data protection. Contracts with such entities define the purpose, duration, nature of processing, data types, data subject categories, and the rights and obligations of the parties.
Data may be collected:
• Directly: In person, by phone, email, or through our websites.
• Indirectly: Through partners, external companies, group companies, or official entities.
Glintt Global does not transfer data to third parties, unless required for service provision. Any such sharing will be limited to the specific context and lawful basis.
Data may be shared with companies within the Glintt Group.
Glintt Global does not transfer personal data outside the EU. If such a transfer occurs, it will ensure full compliance with applicable laws and ensure appropriate safeguards are in place.
Personal data will be retained while the relationship is active or unless deletion is requested, and for at least 10 years from the last interaction, in accordance with legal obligations.
Data processing is based on your explicit, informed consent, or based on:
• Legal obligations;
• Pre-contractual or contractual requirements;
• Legitimate interest of the data controller.
Specific legal grounds for each type of processing are outlined in the relevant sections of this policy.
You have the right to:
• Access your personal data;
• Rectify inaccurate data;
• Request data erasure when no longer necessary;
• Restrict processing in specific situations;
• Object to processing on legitimate grounds;
• Lodge a complaint with CNPD (Av. D. Carlos I, 134, 1º, 1200-651 Lisboa).
To exercise your rights, you may send a request to privacidade@glinttglobal.com or by mail to the company address, including a copy of a valid ID document (e.g., Citizen Card or Passport).
Glintt Global applies strict confidentiality measures and regularly updates its security procedures in accordance with the nature of the data, processing risks, and legal requirements.
General measures include:
• Regular audits of technical and organizational controls;
• Employee training and awareness;
• Pseudonymization and encryption of personal data when appropriate;
• Ensuring ongoing confidentiality, integrity, and availability of systems;
• Disaster recovery and system restore mechanisms.
Glintt Global uses cookies to enhance website navigation. These are technical cookies only and do not identify users unless necessary for specific functionalities such as user sessions or reservations.
Cookies can be disabled via your browser. For more information, see our [Cookie Policy] or configure preferences using the Cookie Consent Manager shown when visiting the site.
| Processing | Data | Legal Basis | Purpose |
| Client Management | Name, ID, Address, Phone, | Contractual | Contract execution, invoicing, support, etc. |
| Marketing, Ads & Social Media | Name, Email | Consent | Commercial communications via various channels |
| Human Resources | Name, ID, Email, Phone, Image, Employment Info | Contractual | Recruitment, training, career management |
| Supplier Management | Name, Tax ID, Address, | Contractual | Contract execution, invoicing, support |
| Website Management | IP, Email, Cookies | Consent | Website analytics and handling inquiries |
All rights reserved under international intellectual property laws. Reproduction or distribution of this content, in whole or in part, by any means, is strictly prohibited.
