Legal Information
By using this website you are deemed to have accepted this Privacy Policy.
Privacy Policy
The Privacy Policy aims to respond to the increasingly pressing concern with the control of personal data, ensuring that all necessary precautions are taken to safeguard individual information in an attempt to prevent data breach incidents, while at the same time responding to the expectations of data subjects regarding the protection of their data.
The main objective of Critical Software's Privacy Policy is to respond to the increasingly pressing concern for the protection of personal data by ensuring that all necessary precautions are in place to safeguard individual information in an attempt to prevent data breach incidents, while at the same time responding to data subjects' expectations regarding the protection of their data.
For the purposes of this policy, "personal data" means any information relating to an identified or identifiable natural person, as defined in the General Data Protection Regulation (GDPR). This policy fully complies with the GDPR and applicable national data protection legislation.
This policy is intended for individuals with whom we deal in our business, including candidates for employment with our company. It is not intended for our employees. We categorise these individuals ("data subjects") as follows:
Individuals - academics, retired people, people between jobs, sole traders without employees and people who only contact us because of their personal interest in our business and technology.
Corporate subscribers - deal with us in their capacity as employees or owners of companies that have other employees.
Applicants - those who have applied for a job with us.
We obtain and process personal data in different ways, depending on the data subject, the purpose of the processing and how we obtained their personal data.
In most circumstances, your data will only be processed in the United Kingdom or the European Economic Area (EEA). If, for any reason, it is necessary for your data to be processed elsewhere, we will inform you of this, any privacy risks involved and what we have done to minimise those risks. In most circumstances, we will also ask for your consent to this.
Some of our data is stored, or processed by us, outside the UK/EU. In such circumstances, we ensure that our contracts with these processors and their processing comply with UK/EU data privacy rules and standards.
You can, at any time, ask us to tell you what personal data we hold about you.
You also have the right to ask us to rectify your data if it is inaccurate, erase it or restrict its processing. In some circumstances, you can ask us to provide your data in a format that allows you to transfer it digitally to another party.
If we have asked you and you have given us your consent to process your data, you can withdraw that consent at any time.
If our company were sold, all your data would be transferred to the buyer so that they could use it in the same way as we do today.
If you are concerned about the processing of your data by our company, please let us know at [email protected].
If you deal with us as an individual, the following applies:
Purpose. We process your data in order to respond to you and to be able to contact you on matters of mutual interest and to send you whitepapers, case studies and other related materials that may be of interest to you.
Legitimate interest. We have a legitimate interest in doing so because you have indicated that you want us to do so, or because it is reasonable for us to do so. Therefore, we do not need your explicit consent.
Marketing. If we use your data to send you marketing material about our services, other than solely for your interest, we will only do so with your consent. You can withdraw this consent at any time by following the "unsubscribe" link in our communication.
Those with whom we share it. Some of our data, which may include your personal data, is stored off-site by third parties. Some is stored by our UK subsidiary, Critical Software Limited. Except for our marketing database, none of your personal data is stored outside the EEA or the UK.
Retention. Your data will be kept for a maximum of ten years after our last interaction with you, unless you ask us to delete it sooner and we are able to do so.
Why we need your data. Without your data, we wouldn't have the information we need to be able to communicate with you.
Where we get it. Most of the data we hold comes from you. Some may have been obtained from your colleagues and friends.
If you deal with us as a business subscriber, the following applies:
Purpose. We process your data so that we can contact you as part of your duties in your organisation and to record any information you provide us with. Such contact may include sending you a newsletter or marketing material, but only if they are relevant to your role. We may also need to use it to be able to recommend you or your organisation's goods and services to others.
Legitimate interest. We have a legitimate interest in using your data for these purposes. We do not need your consent. However, you can tell us at any time that you do not wish us to contact you again or that you do not wish to receive marketing material.
Those with whom we share it. Some of our data, which may include your personal data, is stored off-site by third parties. With the exception of our marketing database, none of your personal data is stored outside the EEA or the UK. We may, as part of a project we are working on with your organisation, provide it to other people working on the same project. We may also provide them to third parties who wish to obtain our recommendation about your organisation or someone like you.
Conservation. Your contact details and other data will only be kept for as long as you maintain your role in your organisation or, if they are relevant to a project, for as long as we keep records of that project.
Why we need your data. Your data is needed primarily so that we can contact you and for the purposes mentioned above.
Where we got it. The usual source of your data is you or your organisation. Sometimes we may obtain them from your colleagues, mutual clients, other people involved in a project, publicity material published by your organisation or publicly available lists.
If you are a candidate for a job with our company, the following applies:
Purpose. We process your data so that we can assess you for a role and contact you. Some of this contact may be through newsletters that keep you in touch with us and our news. You will be given the opportunity to unsubscribe if you wish.
Legitimate interest. We have a legitimate interest in using your data for these purposes. We do not need your consent.
Who we share it with. Some of our data, which may include your personal data, is stored off-site by third parties. None of your personal data is stored outside the EEA or the UK. If your role is to work for one of our clients, we may provide it to that client so that they can assess you. If we seek references for you, we will provide your name and details of the proposed role to your references. If we wish to verify your qualifications or suitability, we may provide sufficient information to identify you, elements you have told us about yourself and the proposed role to those who can verify the information you have provided.
Retention. If we decide not to employ you, most of your personal data will be deleted/destroyed around six months after that decision is made and we will only keep enough data to identify that we have considered your application for a job but that it has not been accepted.
If we think we might employ you in the future, we will retain all the data we have about you indefinitely, unless you ask us to to delete them. If we employ you, all data relating to you will be transferred to your HR file and used and retained in accordance with our employment policies.
Why we need your data. Without your data, we wouldn't be able to assess you or contact you.
Where we get it. The usual source of your data is you or a recruitment consultant or job board. Some data may come from referees or people we use to verify the information you provide.
In addition to disclosures reasonably necessary for the purposes identified elsewhere in this privacy policy, we may disclose information about you:
- To the extent that we are required to do so by law
- In connection with any legal proceedings or prospective legal proceedings
- To establish, exercise or defend our legal rights
- To the buyer (or prospective buyer) of any business or asset that we are (or are considering) selling.
- Except in the cases provided for in our privacy policy, we will never provide your information to third parties.
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
Compliance with the Privacy Policy is mandatory. Violation of the rules identified in this policy may result in the creation of an Information Security Incident and may ultimately result in disciplinary action.
The execution of the rules and principles identified in this policy is monitored by the CSO and the ISC. In addition, all employees of the organisation must report any deviation from the policy that they may encounter to the immediate Project Manager (PM), the Manager or the CSO.
By using this website you are deemed to have accepted these Terms of Use.
Terms of Use
Critical Software and its subsidiaries have endeavoured to ensure the accuracy and reliability of all information provided on this website. Notwithstanding our commitment to providing accurate and up-to-date information, this website should not be considered an accurate reflection of the services offered by Critical Software, nor does it constitute a confirmed offer to sell or an invitation to purchase any service.
All copyright, trademarks and other intellectual property rights, including databases, content, structure and functionality of the website, are the exclusive property of Critical Software or are duly licensed for use. It is forbidden to copy, reproduce, re-edit, publish, broadcast or transmit any text, image, graphic, logo, icon or software code appearing on the website for any public or private purpose, without the prior written authorisation of Critical Software.
It is also forbidden to adapt, modify or recreate any information or material made available on this website, as well as using it for purposes that are not strictly personal and are not of a commercial or lucrative nature. The user undertakes to access and use the website exclusively for legitimate purposes and in accordance with the applicable legislation, refraining from any conduct that may jeopardise the integrity, security or operation of the system. Considering the inherent nature of the internet and technological systems, it is recognised that technical errors, service interruptions and operational delays may occur at any time, regardless of Critical Software's will or control. This website is provided "as is", without warranties of any kind, express or implied, as to its availability, functionality, accuracy or fitness for a particular purpose. Critical Software assumes no liability for any damages, losses or inconveniences arising from website interruptions, technical failures, temporary or permanent unavailability of services, regardless of their cause or nature. These provisions do not restrict or exclude any liability of Critical Software that cannot be limited or excluded by law, and all rights and guarantees conferred by applicable legislation shall remain intact.
Critical Software reserves the right to modify these Terms of Use at any time, with the changes being effective from their publication on the website.
These Terms of Use are governed by Portuguese law, and the Portuguese courts are competent to settle any disputes arising from their interpretation or application.
A cookie is a small text file that identifies your computer on our server. Cookies themselves do not identify the individual user, only the computer used. Cookies are not used to collect personal information.
Cookies
At any time, the user is able to configure their web browser to accept all cookies, to notify them when a cookie is issued, or not to receive any cookies. The way the user does this depends on the web browser they use. Please consult the "Help" function on your web browser to learn more.
If you accept cookies, they may remain on your computer for many years, unless you delete them. If you disable cookies, the use of sites in general may be limited. Below, you will find a list of the main cookies we use, together with a note on what they are used for.
PHPSESSID: This cookie is essential and allows our website to respond to any action you execute on the site, such as completing an enquiry form. The website does not function correctly if this cookie is disabled.
critical_accepted_cookies: This cookie indicates if a website visitor has accepted the cookies or not.
__cfduid: These cookies are necessary to provide the CloudFare service. More detailed information can be found at:
https://support.cloudflare.com/hc/en-us/articles/200170156-What-does-the-Cloudflare-cfduid-cookie-do-
__hluid, __hssc, __hssrc, __hstc, hubspotutk: These cookies are necessary to provide the Hubspot service. More detailed information can be found at:
https://knowledge.hubspot.com/articles/kcs_article/reports/what-cookies-does-hubspot-set-in-a-visitor-s-browser
_ga, _gat, _gat_WebProperty2, _gid: Cookies which start with “_ga” allow for analytics software functions. These functions aim to analyse website visits and provide anonymous information such as the browsers used, return visits and marketing activity responses. This information is used to help us improve the website as well as your online experience of it.
Web browsers make it possible to exert a certain amount of control over cookies by configuring the browser as you wish. The majority of web browsers allow you to block cookies, or block cookies on specific sites. Web browsers may also help you to delete cookies when you close the browser. However, this may mean that any opt-outs or preferences defined on the site will be lost. To learn more about cookies, including how to see what cookies have been created and how to manage and block them, visit the site www.allaboutcookies.org. This site contains information on how to manage your configurations for the various web browsers available. However, you should always remember that disabling cookies may affect your overall website experience, to one extent or another.
Modern Slavery Act and Human Trafficking Statement for the Financial Year 2024
Introduction
This statement is made on behalf of the Critical Software S.A. Group (including all of its subsidiaries) pursuant to the section 54 (1) of the Modern Slavery Act 2015 and comprises our slavery and human trafficking statement.
Critical takes a zero tolerance stance to slavery and human trafficking and is committed to ensuring that its business has no involvement in either. Modern slavery is a crime and a violation of fundamental human rights. It takes various forms, such as slavery, servitude, forced or compulsory labour and human trafficking, all of which have in common the deprivation of a person's liberty by another in order to exploit them for personal or commercial gain.
Critical Software’s Policies on Slavery and Human Trafficking
Critical will not support or deal with any business knowingly involved in modern slavery or human trafficking.
We have a Code of Conduct in place signed off at director level, which applies to all staff across the Critical Group, to reflect and enforce our commitment to conduct all our business in an honest and ethical manner.
All Critical staff are required to read, understand and follow our Code of Conduct.
Supply Chains
To ensure our supply chains and contractors comply with our values, we operate according to principles of responsible sourcing, including that they pay employees the prevailing minimum wage applicable within their relevant country of operations. Our Code of Conduct outlines our expectations of our supply chains.
Our supply chains include suppliers of:
- IT hardware and software, including software licenses and open source software
- Data storage services
- Professional services from our advisers including our lawyers, accountants, auditors and public relations advisers
- Office equipment
- Office cleaning and other office facilities services.
The vast majority of our suppliers are based in Europe. They are required to take steps to prevent modern slavery and human trafficking in their own businesses and supply chains, whether under the Modern Slavery Act 2015 or equivalent legislation in other jurisdictions.
We do not employ significant numbers of temporary or agency staff. We only use specified, reputable recruitment agencies.
Summary
We strive to take all reasonable and practical steps to ensure that our standards are being implemented throughout our business and our supply chain, and that local legislation and regulations are complied with. We will assess any instances of non-compliance on a case-by-case basis and will then tailor remedial action appropriately. We will only trade with those who fully comply with this policy. As part of our initiative to identify and mitigate risk (including in relation to that of human trafficking and slavery) we operate a range of policies and procedures within the Critical Software Group. These include the policies and procedures identified in the Code of Conduct in relation to whistleblowing, anti-money laundering and anti-bribery.
This statement is made pursuant to section 54(1) of the Modern Slavery Act 2015 and constitutes the Critical Group's slavery and human trafficking statement for the financial year ended 31 December 2024.
This statement has been approved by the Board of Directors at Critical Software, S.A. on 28th February 2025.
Click here to download a copy of our statement.
Critical Software's Anti-Corruption Policy
In order to complement the principles set out in the Code of Conduct, this Anti-Corruption Policy ("Policy") consolidates Critical Software's organisational culture and reaffirms its unequivocal commitment to integrity, legality and transparency, as well as compliance with the highest standards of conduct. Critical Software maintains a zero tolerance stance towards any violation of anti-corruption legislation.
At Critical Software, the fight against corruption is a fundamental pillar for the success and integrity of our business and, ultimately, for long-term organisational sustainability. The implementation of robust and effective anti-corruption policies and programmes is imperative to prevent and detect corrupt practices in all aspects of business activity. At the same time, the adoption of rigorous anti-corruption policies and programmes is essential to ensure the prevention and detection of corrupt practices, thus safeguarding the organisation's reputation and integrity.
This policy aims to establish clear guidelines and structured procedures that promote an organisational culture of transparency, integrity and ethical behaviour in all the organisation's activities.
To ensure the effective implementation of the guidelines and procedures set out in this policy, Critical Software has set up a compliance programme aimed at preventing and detecting corrupt practices. The compliance programme will be overseen by the compliance officer, who will ensure that all employees receive regular training on the programme's procedures and requirements.
The compliance programme includes the following components:
Risk assessment
Critical Software carries out systematic risk assessments to identify areas where corruption risks have a high probability of occurring, as well as to determine appropriate measures to prevent or mitigate these risks. Risk assessments are updated regularly to ensure that new risks that are identified are properly addressed proactively.
Policies and procedures
Critical Software must implement policies and procedures that address the specific corruption risks identified in the risk assessment. The policies and procedures must be made available to all employees who will receive regular training.
Due diligence
Critical Software carries out rigorous due diligence processes on third parties, including suppliers, contractors and agents, to ensure that they fully comply with the organisation's anti-corruption policy.
Monitoring and reporting
The compliance officer continuously monitors the effectiveness of the compliance programme and regularly reports to the Executive Committee and the Board of Directors on its performance and results. Any suspected cases of corruption will be immediately reported to the competent authorities, in accordance with the applicable legal requirements.
Training and sensitisation
Training is essential to ensure that all employees understand the risks associated with corruption and the importance of maintaining high ethical standards. All company employees will receive regular training on good practices and measures to prevent corrupt practices.
Code of conduct
Critical Software strongly condemns any practice of corruption, bribery or related offences, whether active or passive, as well as any other forms of undue influence or illegal conduct. The company enforces strict compliance with these principles in all its relationships, internal and external, with private or public entities.
The organisation has established a comprehensive code of conduct that clearly defines the values, principles and behaviour expected of all employees. The code of conduct is based on international best practice, applicable legislation and relevant sector regulations. The code covers critical areas such as conflicts of interest, bribery practices, giving and receiving gifts, business entertainment and other potentially ethically compromising situations. It is expressly forbidden for all Employees to:
- Accepting any advantages or offers in exchange for preferential treatment from third parties, with the aim of influencing an action or decision.
- Offering or accepting, under any circumstances and regardless of value, cash, cheques or other goods subject to legal restrictions.
- Influencing the decisions of business partners through any illegal means or actions that may appear contrary to applicable regulations.
- Obtaining any benefit or advantage for the company, the employee or third parties through unethical practices or actions contrary to the duties of the position, including corruption, undue receipt of benefits or influence peddling.
Whistleblowing
Whistleblowing is an important tool for preventing and detecting corruption. Employees should feel safe to report any suspected cases of corruption without fear of retaliation. To this end, Critical Software has established a whistleblowing system (WhistleB) that guarantees confidentiality, anonymity and protection for the whistleblower.
All employees are aware of the whistleblowing policy and the process for reporting suspected cases of corruption. The whistleblowing system will be supervised by the Ombudsman, who will ensure that all complaints are properly investigated and that appropriate action is taken.
Validity and revision
This Policy comes into force on the date of its approval by the Board of Directors and must be reviewed every three (3) years or whenever there are changes, namely in the organisational or corporate structure of the Company, which justify its review.
Any changes to this Policy must be approved by the Board of Directors.
This Policy, in its most up-to-date version, is publicised to employees and is available for consultation on the official website.