Skip to main content

NextGen WorkForce

Privacy Policy

NextGen Workforce Lda
Version: 08.07.2026

1. Controller

NextGen Workforce Lda
Rua João Chagas n.º 10B Direito
1500-493 Lisboa
Portugal

Email: [email protected]
Phone: +41 79 842 57 58


2. General information on data processing

The protection of personal data is important to us. We process personal data only in accordance with applicable data protection laws, in particular the EU General Data Protection Regulation (GDPR) and the Swiss Data Protection Act (DSG).

This Privacy Policy explains which personal data we process in connection with our website, communication, IT services and nearshoring services.


3. Nearshoring and IT services

NextGen Workforce provides IT services within a nearshoring model between Switzerland and Portugal.

It may be necessary for personal data to be processed by authorised specialists in Portugal. Where we process personal data on behalf of customers, this is done on the basis of data processing agreements pursuant to Art. 28 GDPR.

We ensure in particular that:

  • access is controlled and logged where required
  • only authorised persons access personal data
  • appropriate technical and organisational security measures are used
  • an appropriate level of data protection is ensured

4. Hosting

Our website is operated on servers in Germany. Technical access data required for operation and security may be processed.

Processing is based on our legitimate interest in secure and reliable website provision pursuant to Art. 6(1)(f) GDPR. Where required, a data processing agreement pursuant to Art. 28 GDPR exists with the hosting provider.


5. Access data and server log files

When you visit our website, the following data may be processed automatically:

  • IP address
  • date and time of the request
  • pages and files accessed
  • browser type and version
  • operating system
  • referrer URL

This data is used for technical delivery, system security, error analysis and misuse prevention.

Legal basis: Art. 6(1)(f) GDPR


6. Cookies and cookie consent

Our website uses cookies and comparable technologies. Technically necessary cookies are used to ensure proper website functionality.

For cookies and services that are not technically necessary, we obtain your consent where required. We use Borlabs Cookie to manage consent.

You can withdraw or adjust your consent at any time via the cookie settings.

Legal bases: Art. 6(1)(a) GDPR for consent-based services; Art. 6(1)(f) GDPR for technically necessary functions.


7. Google Analytics 4

This website uses Google Analytics 4, a web analytics service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics helps us understand how visitors use our website so that we can improve content, structure and user experience.

According to Google, Google Analytics 4 does not store individual IP addresses of users from the EU, Switzerland or the United Kingdom. IP addresses are used to derive approximate location data and are then deleted.

The following data may be processed in particular:

  • page views
  • duration of use
  • website interactions
  • approximate location data
  • technical device and browser information

Legal basis: Art. 6(1)(a) GDPR

A transfer of personal data to the USA cannot be completely excluded. Where applicable, this takes place on the basis of the EU-U.S. Data Privacy Framework and/or appropriate safeguards pursuant to Art. 46 GDPR.

Retention period: 14 months


8. Google Fonts

Google Fonts are integrated locally. No connection to Google servers is established when our website is accessed.


9. Contact form

If you contact us via the contact form, we process the data you provide, in particular:

  • name
  • email address
  • subject
  • message

Processing is carried out to handle your request, communicate with you and, where applicable, initiate or perform a business relationship.

Legal bases: Art. 6(1)(b) GDPR and Art. 6(1)(f) GDPR


10. Spam and misuse protection

To protect our forms from spam and misuse, mechanisms such as Google reCAPTCHA may be used.

Technical data such as IP address, browser information, user behaviour and time spent on the page may be processed.

Legal basis: Art. 6(1)(f) GDPR where technically necessary. If not technically necessary, processing is based on consent pursuant to Art. 6(1)(a) GDPR.

Further information: https://policies.google.com/privacy


11. Disclosure of data

Personal data is disclosed only where necessary, in particular:

  • for contract performance
  • to handle enquiries
  • as part of IT and nearshoring services
  • to technical service providers such as hosting or analytics providers
  • due to legal obligations

Where required, service providers are contractually obliged to comply with data protection requirements.


12. Data transfers abroad

Personal data may be processed in Portugal, Switzerland, Germany and other countries where necessary for the purposes stated above.

For transfers to countries without an adequate data protection level, we ensure appropriate safeguards, in particular standard contractual clauses or other legally provided safeguards.


13. Retention period

Personal data is stored only as long as necessary for the respective purpose or as required by statutory retention obligations.

Afterwards, the data is deleted or anonymised.


14. Your rights

Within applicable data protection laws, you have in particular the following rights:

  • right of access
  • right to rectification
  • right to deletion
  • right to restriction of processing
  • right to data portability
  • right to object to certain processing activities
  • right to withdraw consent granted

To exercise your rights, contact us at any time at [email protected].


15. Right to lodge a complaint

You have the right to lodge a complaint with a competent data protection supervisory authority.

For Portugal, the Comissão Nacional de Proteção de Dados (CNPD) is responsible in particular. In Switzerland, you may contact the Federal Data Protection and Information Commissioner (FDPIC).


16. Data security

We use appropriate technical and organisational security measures to protect personal data against loss, misuse, unauthorised access and unauthorised disclosure.

  • encryption via TLS
  • access controls
  • logging and monitoring where required
  • role-based permissions
  • regular review of our security measures

17. Changes to this Privacy Policy

We reserve the right to amend this Privacy Policy at any time if our data processing activities or legal requirements change.