I - About us and our commitment:

Our Group of Undertakings, as per the concept defined in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, namely in Articles 4 (19) and (20), is composed of two commercial companies, namely Riopele Têxteis, S.A e Riopele Fashion Solutions, S.A, hereinafter referred to as Riopele Group, which are engaged, respectively, in the manufacturing of fabrics, clothing and in the trade thereof.

Taking into account the proportionality and appropriateness imposed by the capacity to allocate the resources and technical resources within its reach, the Riopele Group is deeply and genuinely committed to and engaged in protecting its regular and occasional customers and employees, as well as the users of our various supports and platforms, physical or digital, mainly printed files, digital files and/or websites in use or to be implemented, with respect to their privacy and to the processing and circulation of their personal data.

II - Our personal data collection devices and media in use:

We own, edit and manage the following personal data processing media:

• Computer system consisting of various software solutions supported by various hardware devices and other similar solutions, including e-mail services and other digital repositories and communication solutions.
• Printed files stored in cabinets and shelf units in restricted access rooms;
• Website of the Riopele Group - www.riopele.pt

III - Personal and material scope of this Privacy Policy:

This privacy policy obliges the company exclusively with regard to the personal data it collects, processes and circulates.

The same or a similar policy shall also be undertaken, by means of agreements concluded with the Riopele Group, by the entities that process the same personal data on behalf thereof.

The access, through the aforementioned website of the Riopele Group to other links to other websites unrelated to the Riopele Group is provided in good faith and in the interest of the user, and the Group cannot be held responsible, in any way, for the collection, processing and destination of the data on those websites, nor for the reliability, accuracy, lawfulness and features available on those websites and, therefore, this privacy policy shall not apply to them.

The Riopele Group deems it mandatory and shall presume for all purposes, without possibility of proving otherwise, that it shall read the privacy policies of all the websites which it may access.

IV - The reason for the existence and dissemination of this Privacy Policy:

In addition to implementing it in its organizational processes, the Riopele Group has drafted this Privacy Policy in order to disclose, disseminate and publicize an instrument aimed at explaining the general rules concerning the privacy and processing of the personal data it collects, always in strict compliance with the relevant Legislation.

For this purpose, the text of this privacy policy shall be available in print, posted in a visible place, and in a digital format on the website www.riopele.pt.

The provisions contained in this Privacy Policy complement what is stipulated on the same matter in the formal or informal agreements that those concerned conclude with the Riopele Group.

We kindly ask you to read this Privacy Policy carefully, because providing your personal data, either in person or when accessing the aforementioned website, requires you know and accept the conditions contained herein and the processing thereof for the lawful and legitimate purposes provided for by law.

The Riopele Group expressly reserves the right to amend this privacy policy at any time, and the result of those amendments shall be duly publicized via the same means.

V - Concept of personal data:

Personal data shall mean any information or registration, of any nature and regardless of its support or format, namely sound, image, texts, chirograph or feature, relating to an identified or identifiable natural person.

An identifiable person is one who can be directly or indirectly identified by reference to one or more specific personal data, considered in isolation or as a whole, particularly those regarding his/her physical, physiological, psychological, economic, ethnic, cultural, geographical, social identity or location.

VI - The entity responsible for the processing of personal data:

The entity responsible for the collection and processing of personal data is the Riopele Group, which, in the context of its relations with the data subject, establishes, on a lawful and legitimate basis, the data to be collected, the means for processing them, and the purposes of such collection and processing.

VII - Types of personal data collected and processed:

Within the scope of its activity, the Riopele Group collects and processes, in particular:

1. 1. Personal data required to supply products to customers and receive products and services from supplier; within this scope we process data such as name, tax identification number, address, telephone number, and e-mail address, among other data which are strictly necessary, proportionate, and lawful.
2. 2. Personal data required for the performance of employment or service provision agreements concluded with our employees; within this scope we process data such as name, identification document number and other data associated with it, tax identification number, household composition, social security number, address, telephone numbers, and e-mail address, health data, access data, location among other data which are strictly necessary, proportionate and lawful.
3. 3. Personal data required to fulfil legal obligations, with regard to either public or private entities; within this scope we process data such as name, identification document number and other data associated with it, tax identification number, household composition, social security number, address(es), telephone numbers, and e-mail address, health data, among other data which are strictly necessary, proportionate and lawful.
4. 4. All personal data required for the exercise of the rights of the Riopele Group within the scope of the relations referred to in the previous items, and in the pursuit of its activity and legitimate interest, particularly in the areas of accounting, tax and administrative management; litigation management; judicial evidence; fraud detection; revenue and audit protection; network and systems management; control of information security and physical security, as well as the security of its facilities.
5. 5. Notwithstanding the compliance with legal regulations or legitimate orders from competent authorities regarding the preservation and transmission of data, the Riopele Group only processes personal data required for its activity, in the fair and strict measure required by the nature of the contractual relationship or of any other nature, established with the data subject in question, or upon his/her prior, legitimate, lawful, informed consent, where applicable.

VIII - Time and manner of collecting personal data:

The Riopele Group collects personal data in person, in writing, by telephone or via its website www.riopele.pt.

In general, personal data are collected upon the commencement of the relationship, or collaboration, contractual or otherwise necessary for the pursuit of the activity of the Riopele Group, between the Riopele Group and the data subject.

Our website may collect spontaneous applications, which shall be sent directly to our e-mail server and to our digital platform via an encrypted connection, and shall only be made available to our human resources managers. Where necessary, the applicant's information shall be made available for assessment by the person in charge of a specific department, always under the supervision of human resources managers.

The collection of certain personal data is mandatory and necessary for the commencement and the normal and legal development of said relationship or collaboration, so the absence or insufficiency of data shall prevent it from commencing or continuing and, in this case, the Riopele Group shall inform the data subject in question.

Apart from data of that nature, those appearing on any public list and those that may be used in the legitimate interest of the Riopele Group, your data shall only be collected and processed if and for the purposes you previously consent to, in a free, informed, specific and unequivocal manner, by means of a written or oral statement, or by means of the validation of an option, namely for subscribing to newsletters or marketing communications, a circumstance to which the other rules of this privacy policy shall apply.

If you wish to stop receiving these communications, you can express your opposition at any time.

The data collected shall be documented, whether in paper or digital format, in the strict compliance with the legislation that regulates the protection of personal data, being stored and retained in printed files and/or specific database, created and managed for that purpose and of restricted and exclusive access to the employees of the Riopele Group who necessarily have to process them in the pursuit of its activity. In no case shall the data collected be used for any purpose other than that for which the consent was given by the data subject, where necessary, or for the lawful and legitimate purpose of the collection.

IX - Purposes of personal data collection and processing:

In general, the personal data collected are intended for the management of customers, suppliers and employees; contracting and managing the contractual relationship with customers, suppliers and employees; adjusting the provision of goods and services to the customer's needs and interests; sending suggestions; publicizing campaigns, promotions, advertisements and product news; conducting market studies and satisfaction surveys; claim management; accounting, tax and administrative management; litigation management, judicial evidence; fraud detection; revenue and audit protection, network and systems management; control of information security and physical security, as well as the security of its facilities, compliance with legal obligations and other purposes which the Law acknowledges the legitimate interest of the Riopele Group.

Upon the collection of data, or when you request it, you shall be informed in more detail about how we process your data.

X - Retention of personal data:

Whenever there is a specific legal requirement for data to be kept for a minimum period of time, it shall be observed by the Riopele Group .

The Riopele Group shall keep your personal data stored for the minimum period of time that is strictly necessary considering the purpose for which the information is collected and processed, after which it will delete them.

XI - Right of access, rectification, opposition, erasure, restriction and portability of your personal data:

The Riopele Group guarantees the data subject the right of access, rectification, opposition, erasure, restriction and portability of his/her personal data.

You can exercise the aforementioned rights by establishing direct contact with the Riopele Group, at our registered office at Avenida Riopele, 946, 4770-405 Pousada de Saramagos, or via the e-mail address rgpd@riopele.pt.

If you consider it appropriate, you can file a complaint with the National Data Protection Commission - Av. D. Carlos I, 134 - 1.º 1200-651 Lisboa - Tel: +351 213928400 - Fax: +351 213976832 - e-mail: geral@cnpd.pt

XII - Measures we take with regard to the security of your personal data:

The Riopele Group follows the best practices, adopting technical and organizational measures appropriate to the risks it faces, in the area of personal data security and protection, having approved and implemented a demanding plan for compliance with the objectives, the Law and the interest of the data subjects, capable of protecting the data that are made available to us by all those who, in any way, relate to us, in order to protect them against their dissemination, loss, misuse, alteration, unauthorized processing or access, as well as against any other unlawful forms of processing.

Thus, the digital or printed personal data collection form(s), whether filled in at the physical premises of the Riopele Group or on the website (requiring encrypted browser sessions), are stored securely in our physical repositories and digital systems.

All personal data you provide us with are located in a Datacenter managed by the Riopele Group, or by a subcontractor, covered by all the advanced physical and logistic security measures that we believe are indispensable for protecting your personal data.

In spite of these security measures, we alert everyone who browses the Internet that they should take additional security measures, namely by ensuring that they use an updated PC and Browser in terms of properly configured security patches with an active firewall, anti-virus and similar security systems, and by verifying the authenticity of the websites they visit on the Internet, avoiding websites whose reputation they do not trust.

When, in the legitimate and lawful pursuit of the objectives of the activity carried out by the Riopele Group, the Group adopts measures to monitor its employees, especially with regard to access control, working hours, tasks and productivity, movement and transportation, not only will the employees in question have prior knowledge of the respective implementation - being, when legally necessary and legitimate, asked to give their consent -, but the tools used for purpose in question will also ensure the same level of security of the personal data collected and processed by them.

The aforementioned security and compliance plan includes the existence of a designated Personal Data Protection Officer, who is responsible for, among other things, verifying this Privacy Policy, maintaining clear rules for the processing of personal data and communicating with control authorities, guaranteeing to all those who entrust the Riopele Group with the processing of their personal data, an effective knowledge of how it processes them and of their rights in this matter.

XIII - The designated personal data protection officer:

The duties of the Personal Data Protection Officer are the responsibility of the entity named Sincronideia, Lda. This entity can be contacted by letter sent to the address of the Riopele Group at Avenida Riopele, 946, 4770-405 Pousada de Saramagos, or via the e-mail address dpo@riopele.pt, or by phone 253 036 727.

XIV - Communication of data to other entities, subcontractors or third parties:

The Riopele Group may hire subcontractors for the purpose of collecting and processing data, for the same purposes that it aims at achieving, obtaining from those entities, by contractual means, a guarantee of reputation and obligation to develop appropriate technical and organizational measures for data protection and ensure the protection of the data subjects' rights. In certain circumstances provided for by law, certain personal data may have to be communicated to public authorities, such as tax authorities, courts and security forces.

Thus, any of these subcontracted entities shall process our Customers' personal data, in the name and on behalf of the Riopele Group, under the obligation adopting technical and organizational measures adjusted to the risk they face in order to protect personal data against accidental or unlawful destruction, accidental loss, alteration, dissemination or unauthorized access and against any other unlawful forms of processing.

XV - Transfer of personal data

In the pursuit of its activity, the Riopele Group may have to transfer its data to a country other than Portugal.

In this case, the Riopele Group shall strictly comply with the applicable legal provisions, in particular as regards the determination of the reliability and suitability of the Country of destination in what concerns the protection of personal data and the requirements applicable to such transfers.

XVI- Cookies:

Cookies are small software labels that are stored on your computer through the browser, usually retaining only information related to your preferences, thus excluding your personal data.

Whenever that is not the case, the user shall always be asked for consent to provide them, in accordance with the law.

If you can check our cookie policy, click here.