Privacy Policy

Last Updated: January 26, 2026

1. Introduction

DIMRP Technologies is committed to protecting your personal data in compliance with GDPR (EU) and LGPD (Brazil). This policy applies to all users of our Occupational Health and Safety (OHS) Monitoring Platform.

2. Data Controller

DIMRP Technologies, Lda. (Lisboa, Portugal)

DPO Contact: [email protected]

3. Data Categories

3.1. Personal Identification

Name, email, phone, and employee ID (pseudonymized).

3.2. Health & Biometric Data (Sensitive)

  • Heart Rate (BPM) & HRV
  • Body Temperature & SpO2
  • Fall detection & Impact forces
  • Fatigue levels (Algorithmic)

3.3. Environmental & Location

Real-time GPS coordinates, Indoor Positioning, and Gas levels (CO, H2S).

4. Legal Basis

  • Vital Interests: Protecting life (e.g., fall detection).
  • Legal Obligation: Compliance with OHS regulations (NR-33, NR-35).
  • Explicit Consent: For biometric processing not covered by employment law.

5. Data Retention

  • Raw Sensor Data: 30 days.
  • Incident Reports: 5-10 years (Legal requirement).
  • Health Trends: Anonymized after 30 days.

6. Security Measures

AES-256 Encryption, TLS 1.3, and strict Role-Based Access Control (RBAC). Only authorized medical personnel can view raw health data.

7. Your Rights

You have the right to Access, Rectification, Erasure ("Right to be Forgotten"), and Portability. Contact our DPO to exercise these rights.

Effective January 2026. Changes will be notified via platform alert.