Skip links

Privacy Policy

Strongstep – Innovation in Software Quality, as an organization that treats personal data on a daily basis, considers itself committed to the regulated matters and obligations imposed by the new European law about data protection stated in the 2016/679 Regulation of the European Parliament and of the 2016 April 27th Council relative to singular people protection regarding the personal data treatment and free flow of that data, forwardly known as GDPR. In this sense, the current Personal Data Protection Policy is approved to strengthen its commitment and respect towards the personal data protection and privacy rules.



The current Personal Data Protection Policy applies exclusively to personal data treatment by Strongstep – Innovation in Software Quality.

This Privacy Policy regulates the personal data treatment of the users (forwardly known as “User” or “Users”), gathered in the scope of the usage of the (forwardly known as “Website”), by Strongstep – Innovation in Software Quality, as accountable entity for personal data treatment.

The availability of your personal data implies the knowledge and acceptance of this Privacy Policy’s conditions.

The present Privacy Policy is complemented by the  Usage Terms and Conditions.

The User may find detailed information regarding Strongstep’s Privacy and Cookie Policies in the following points:


Personal Data

To the effect of the current Personal Data Protection Policy, it’s understood that “ personal data “ is any information regarding a singular identified or identifiable person (“data owner”).

In these terms, it’s considers identifiable any singular person that can, directly or indirectly, be identified, referencing specially an identifying element – e.g. a name, id number, location data, electronic identifiers – or one or more specific elements of physical, physiologic, genetic, mental, economical, cultural or social identity from that singular person.


Data treatment responsible

The responsible entity for personal data treatment and gathering is Strongstep – Innovation in Software Quality , who in its context, decides what data to be gathered, the treatment means to be used, the conservation period and what they’re used for.


Gathering your personal data

Strongstep – Innovation in Software Quality gathers personal data personally, by telephone, by writing or through computer systems. Gathered personal data are treated either by non-automatized means (e.g. manual files), or digitally obeying the personal data protection law, being saved in specific databases, created for that purpose. In no situation gathered data shall be used for any other means, only for those for which permission has been given by the data owner or by treatment legitimacy condition.

Such data will be gathered and treated by Strongstep – Innovation in Software Quality for:

  1. Contact request : your personal data will be treated, after your consent, to manage the established contact and give information and answer any doubts requested by the user;
  2. Newsletter sending : your personal data will be treated for the purposes of pre-contractual procedures;
  3. Information and course matriculation requests;
  4. Auditory processes;
  5. Recruitment or sudden application processes.


Why do we gather your data?

Depending on the interaction nature and only if necessary, Strongstep – Innovation in Software Quality may request some of your personal data, such as: name, email, home address, cell/telephone number, ID, fiscal ID, date of birth, sex, nationality, academic knowledge, professional situation and/or bank/payment data.

Strongstep gathers and processes your personal data that are strictly necessary, those that are only requested when related with the purpose in cause, according to your consent and for legitimate ends, such as:

  • Giving an adequate and proposition/information requests directed answer;
  • Communicate better with you, for relevant issues and only with the necessary frequency, according to the characterization of your data and your preferences;
  • Fulfilling the  accredited entities’ requirements, of which dictate the certificate validity of some offered services, namely, courses;
  • Billing services/products, like courses.


About the purpose of personal data treatment

Information about personal data treatment is given to the data owner right when its gathered, or, if the personal data were obtained from another source, the information will be given within a reasonable time-line, depending on the circumstances.

When data is gathered, as responsible for the treatment, Strongstep will give the data owner with detailed information about how the data is going to be used, such as:

  • The identity and contact of the person responsible for the treatment;
  • The means to contact the data protection overseer;
  • For which ends do we treat your personal data, along with judicial argument for that same treatment;
  • The recipients or recipient categories of your personal data;
  • The data owner’s rights;
  • Data conservation period or the criteria used to determine that period;
  • Which data are you obligated to give and which are optional.

Personal data treated by Strongstep can be legitimately sent to third parties as soon as the its purpose is confirmed to be directly related to the data owner’s or the person responsible for data treatment’s legitimate roles.

Every time that personal data are susceptible to being legitimately transferred to another recipient, the data owner must be previously informed, given that, if justified, the data owner can demand that his personal data are not transferred, as long as it doesn’t harm the vital and legitimate interest of any party involved or of the public interest.

Every time that Strongstep – Innovation in Software Quality has the intention or need to treat your personal data for any other end for which they have not been gathered, will give, previously, to the data owner information about that end and any other need information. When it’s not possible to inform the data owner of the source of the personal data that Strongstep has, because of having used multiple data sources, it shall be given to the data owner all the information about that same source.


Data share

Strongstep can communicate your personal data to third party entities, guaranteeing that they’ll only and exclusively be used for the accomplishment of the indicated ends.

When applicable, we will share your personal data with:

  • Partner Entities, for activity execution ends included on the partnership contract;
  • Regulatory Entities, for activities compliance verification provided by Strongstep;
  • Public Entities.

Users’ data treatment can be accomplished by an ideal service provider, hired by Strongstep. This service provider will treat data exclusively for ends established by Strongstep and according to instructions sent by this enterprise, obeying rigorously to the legal laws about personal data protection, information security and other applicable norms.


Personal data conservation period

The period for which the data can be stored and conserved varies according to the end of the respective treatment. personal data will be conserved by Strongstep for the maximum period of 5 years counting from the gathering date, except if another conservation period can come from the applicable law.


Personal data treatment lawfulness

personal data treatment depends on the legitimacy and lawfulness conditions check for that treatment, as well as the watchfulness of the lato sensu proportionality principle:

  • In reality, every personal data by Strongstep – Innovation in Software Quality will only take place for the prosecution of legitimate interests and if the data owner has given his consent unequivocally.
  • Be necessary for the execution of a contract or for the fulfillment of any legal obligation that the data treatment responsible to be attached;
  • Be necessary for the data owner’s or any other singular person’s vital interests protection;
  • Be necessary for the prosecution of  the data treatment responsible or third parties who have been given personal data’s legitimate interests, as long as they should not prevail the data owner’s interests, rights, freedom and guarantees.


User Rights

In the applicable law terms, the User can ask, any time, the access to personal data regarding the User, as well as its correction, deletion, treatment limitation, data portability, or to oppose against its treatment.

The User can even obtain confirmation that his/her personal data is an object to be treated, being it made available to him/her, if he/she wants to, a copy of the data on treatment stage.

In the terms of the law, it’s guaranteed to the User the right to, through the mentioned means, withdraw his/her consent for the personal data for the indicated ends, not invalidating, however, the treatment done until that date based on the previously given consent.

For the exercise of of any of the above mentioned rights, the User must submit a written request for the following contacts:



Strongstep gives its best in order to protect User’s personal data against unauthorized usage. For this, it uses security systems, rules and other procedures, so that it can guarantee personal data protection, as well as to prevent unauthorized data access, improper usage, data leek, loss or destruction.

It is however, User’s responsibility, to guarantee and assure that devices and equipment used to access the Website be found adequately protected against malware, worms, or any other harmful software.



Cookies are small text archives that identify the User’s computer and the number of Website accesses, allowing for a faster and more efficient way to surf the Website, eliminating the need to introduce repeatedly the same information. This way, Strongstep can provide a more personalized service tailored to each User.

The Cookies used on this Website are the following:

  • PHPSESSID: a Cookie that allows the Website to answer any action the User executes on the Website, such as filling a form or inquire. The Website does not work correctly if it isn’t used;
  • xms_user: a Cookie used by back-office users. The Website works correctly if not used.
  • _utma, __utmb, __utmc, __utmt, __utmz: Cookies started by “_utm” allow for an analysis software functionality (analytics). This software helps to analyse Website’s visitors e provide anonimous information, like used webbrowser, returning visitors and answering marketing activities. This information helps Strongstep to improve its website and online experience;
  • _atuvc;_atuvs: these Cookies are created and read by JavaScript that allows content sharing in “AddThis” social networks.

Every browser allow the User to accept, reject or delete Cookies, namely through appropriate settings selection in the respective browser. The User can configure Cookies in the browser’s “settings” or “preferences” menu. To know more about Cookies, including how to manage or exclude Cookies, the User can visit

Note that, however, by deactivating Cookies, the User can parcially or fully interfere with browsing on that Website.


Third party Websites’s links

Constant links from this Website may lead to other websites. Strongstep does not hold itself accountable, aproves or in any other way supports or subscribes the content of those websites, nor the websites connected to them or referenced in them.

Strongstep does not hold itself accountable for any damage coming from malware that can infect the User’s computer or network, or other goods, in virtue of the Website access with content transference for the  User’s computer or network.

This hereby declaration of privacy is applicable uniquely to the information gathered by Strongstep’s webpage(s).



Without the loss of another way of administrative or judicial resource, the User has the right to present a complaint to the controlling authority competent in terms of the law, in case he/she understands that the his personal data by Strongstep violates the legal regime in action for any given time.


Questions and advice

The User can contact Strogstep about any and every question related to his/her personal data treatment and to the exercise of his/her rights given by the applicable law, and, specially referenced in this Privacy Policy, through the following contacts:

UPTEC – Parque de Ciência e Tecnologia da U. Porto
Rua Alfredo Allen, 455/461
4200-135 Porto
Telephone: + 351 220 301 585

Last update 17/09/2018

Return to top of page