Close search

Privacy and Cookies Policy

Privacy and Cookies Policy

The protection of personal data is a priority and a clear commitment made by Nomad Tech. This policy establishes the basis of the personal data processing processes carried out in the scope of this website and the associated services management.

If you have any questions related to this policy, please do not hesitate to contact us.

Who we are

Nomad Tech, Lda (from now on, Nomad Tech), with VAT Number PT510867111 and based on Rua Deniz Jacinto, nº 270, 4350-059 Porto, is a joint-venture between Nomad Digital (Nomad Holdings Limited) and CP (Comboios de Portugal, E.P.E.).

How do we obtain your personal data?

Personal data means any information relating to a person from which that person may be identified or identifiable. It does not include data where the identity has been removed.

Most of the personal data we process is provided to us directly by you for one of the following reasons:

  • Navigated on our website
  • Subscribed to our “Mailing List”
  • Completed our “Get In Touch” form
  • Sent us your CV for a spontaneous job application.

How do we use your personal data?

We only use your personal data when the law permits. Typically, we will use your personal data in the following circumstances:

  • When you have given us your consent;
  • When it is necessary for our legitimate interests, for example when, for technical and operational reasons, we collect internet browsing data or when you send us your CV for analysis. However, we will never overpower our legitimate interests over your interests.

The table below shows the purposes for which we may use your personal data, including the category of personal data and the legitimacy ground:

Purpose Categories of data processed Lawfulness
Improving the operation of the website Internet browsing data This is necessary for the purposes of our legitimate interests1, i.e. to keep our website up to date and relevant as well as to develop our business.
Sending newsletter
(Join Our Mailing List form)
Contact data We will only contact you in cases where you have given us your consent to do so. You can withdraw your consent at any time 2
Response to requests
(Get In Touch form)
Identification and contact details;
Professional life data
We will only contact you in cases where you have given us your consent to do so. You can withdraw your consent at any time.
Reception and treatment of resumes. C.V. This is necessary for the purposes of our legitimate interests, i.e. to manage spontaneous applications. If you wish to access, change, correct or delete your personal data, you can do so at any time through the email address


We do not collect personal data for profiling3. If you do not agree with how we treat your personal data (i.e. in accordance with this Privacy Policy), we ask you not to provide it.

1 RGPD(13)(1)(d)

2 GDPR(13)(1)(c)

3 GDPR(12)(2)(f) – The existence of automated decisions, including profiling, referred to in Article 22(1) and (4), and, at least in such cases, useful information relating to the underlying logic, as well as the importance and expected consequences of such processing for the data subject

What personal data do we process?

We may collect, use, retain and/or transfer different types of personal data about you, which we have set out as follows:

  • Identification data (e.g. name);
  • Contact details (e.g. email, phone number);
  • Data on professional life (e.g. CV, company, role);
  • Internet browsing data (e.g. IP, session cookies, user cookies, measurement of website access and interaction through analytical and monitoring tools).

We do not collect any special category of personal data about you, including details about your racial or ethnic origin, political opinions, religious and philosophical beliefs, trade union membership, genetic data, biometric data, health or sexual life or sexual orientation data. We also do not collect intentionally personal data relating to children.


Your data is processed within the Nomad group. We do not share your personal data with any other third-party unless we are legally obliged to do so.

International Transfers

Your data is processed within the Nomad group, with offices in the European Union and in the UK, based on the European Commission’s adequacy decision of June 28, 2021. We do not transfer personal data to other third-party countries, or International organizations, unless we are legally obliged to do so.

How long do we keep your data

We retain your personal data only for as long as necessary, to fulfill the purposes for which we collect it, including for the fulfillment of any legal requirements. To determine the appropriate retention period of personal data, we consider the amount, nature and sensitivity of personal data, the potential risk of harm resulting from the unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Please note that any information provided to us for marketing purposes will only be deleted when you unsubscribe and, thereby, withdraw your consent.

Your rights

Subject to certain conditions and safeguards, and with regard to the personal data in our possession, you have the right to access personal data concerning you, as well as its rectification or erasure, and the limitation of the processing with respect to the data subject, or the right to object to the processing,  as well as the right to data portability.

Your requests will be treated with special care, so that we can ensure the effectiveness of your rights. You may be asked to prove your identity, in order to ensure that personal data is only shared with the owner.

Please bear in mind that in certain cases, under the terms of the applicable law, your request may not be immediately or fully satisfied. In any case, you will be informed of the measures taken in this regard, within a period of one month from the moment the request is made. In order to ensure that the data we hold about you remain up-to-date, we appreciate that, in the event of modification, you would let us know through the contact form mentioned below, so that we can proceed accordingly.

How we keep your data safe

We have implemented, and continue to implement, appropriate technical and organisational security measures to ensure the protection of your personal data in order to prevent accidental or unlawful destruction, accidental loss, alteration, dissemination or unauthorized access to it.

In addition, we limit access to your personal data to employees and recipients who need to know it. They will only process your personal data according to our instructions and always subject to a duty of confidentiality. We have established procedures to deal with any suspected personal data breach and will notify you and any supervisory authority of a breach whenever we are legally required to do so.

How can you complain

If you are not satisfied with the way your personal data is being processed by Nomad Tech, please inform us via the email address

In the event that you remain unsatisfied, you also have the right to file a complaint with the national supervisory authority:

How to contact us and exercise your rights

To learn more about how Nomad Tech treats your personal data, to exercise any of the rights indicated above or for clarification regarding any issue related to this Privacy Policy, please do not hesitate to contact us. You can do so via the email address

This Privacy Policy was last updated on February 6, 2023. We may, at any time, make adjustments or changes to this Privacy Policy, so we advise you to visit this address frequently.

Cookies Policy

How we use cookies

Our website uses cookies to distinguish you from other users. This allows us to provide you with a good experience when you browse our website, while allowing us to improve it.

Cookies are small text files with information, which we store in your browser or on your computer’s hard drive, that your browser processes when you visit a website.

Our website uses the following cookies:

  • Strictly necessary cookies – These are the cookies necessary for the operation of our website.
  • Analytics and performance cookies – Allow us to recognize and count the number of visitors and see how visitors move around our website when they are using it. This helps us improve the way our website works, for example by ensuring that users easily find what they are looking for (_gat; _gid; _ga; CONSENT; PREF; VISITOR_INFO1_LIVE; YSC).

The table below shows the list of Cookies that are used on our website:

Domain Name Description Expiration HttpOnly4 Secure5 SameSite6 cookieconsent_dismissed Used to record the user’s action of closing the “Cookies & Privacy” pop-up, so as not to continue appearing 1 year _gat Used to limit the request rate 1 minute _gid Used to distinguish users 1 day _ga Used to distinguish users 2 years _Secure-ENID Used to remember user preferences and other information, such as preferred language, how many results should be shown on a search results page, and whether google safe search filter should be turned on 13 months X X Lax CONSENT Stores the status of a user in relation to their cookie choices 2 years X CONSENT Stores the status of a user in relation to their cookie choices 2 years X PREF Stores information of preferred page setting and playback preferences, such as explicit autoplay choices, random content playback, and player size. 2 years X VISITOR_INFO1_LIVE Enables personalized recommendations on YouTube based on previous searches and views 179 days X X None YSC Ensures that requests in a browsing session are made by the user and not by other sites Session X X None

4 HttpOnly means that the cookie can only be read by the server, and not by JavaScript on the client. This can mitigate XSS (cross-site scripting) attacks.
5 Secure means that the cookie will only be sent over a secure channel (HTTPS). This can mitigate MITM (man-in-the-middle) attacks.
6 SameSite can be used to instruct the browser to only send the cookie when the request is originating from the same site. This can mitigate CSRF (cross-site request forgery) attacks.

Cookies management

Google Analytics is used to analyze your use of our website. Google Analytics uses cookies to generate statistical information and other information about it. Any information generated about our website is used to create usage and performance reports.

You can block cookies by activating the setting on your browser that allows you to refuse to set all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies), you may not be able to access all or parts of our website.

Changes to this Cookies Policy

This Cookies Policy was last updated on February 6, 2023

Our policies and procedures are under continuous review, which means that we may update our Cookies Policy from time to time. Any changes will be posted on this page.