I - About us and our commitment:
Our Group of Undertakings, as per the concept defined in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, namely in Articles 4 (19) and (20), is composed of two commercial companies, namely Riopele Têxteis, S.A e Riopele Fashion Solutions, S.A, hereinafter referred to as Riopele Group, which are engaged, respectively, in the manufacturing of fabrics, clothing and in the trade thereof.
Taking into account the proportionality and appropriateness imposed by the capacity to allocate the resources and technical resources within its reach, the Riopele Group is deeply and genuinely committed to and engaged in protecting its regular and occasional customers and employees, as well as the users of our various supports and platforms, physical or digital, mainly printed files, digital files and/or websites in use or to be implemented, with respect to their privacy and to the processing and circulation of their personal data.
II - Our personal data collection devices and media in use:
We own, edit and manage the following personal data processing media:
- Computer system consisting of various software solutions supported by various hardware devices and other similar solutions, including e-mail services and other digital repositories and communication solutions.
- Printed files stored in cabinets and shelf units in restricted access rooms;
- Website of the Riopele Group www.riopele.pt
The same or a similar policy shall also be undertaken, by means of agreements concluded with the Riopele Group, by the entities that process the same personal data on behalf thereof.
The Riopele Group deems it mandatory and shall presume for all purposes, without possibility of proving otherwise, that it shall read the privacy policies of all the websites which it may access.
V - Concept of personal data:
Personal data shall mean any information or registration, of any nature and regardless of its support or format, namely sound, image, texts, chirograph or feature, relating to an identified or identifiable natural person.
An identifiable person is one who can be directly or indirectly identified by reference to one or more specific personal data, considered in isolation or as a whole, particularly those regarding his/her physical, physiological, psychological, economic, ethnic, cultural, geographical, social identity or location.
VI - The entity responsible for the processing of personal data:
The entity responsible for the collection and processing of personal data is the Riopele Group, which, in the context of its relations with the data subject, establishes, on a lawful and legitimate basis, the data to be collected, the means for processing them, and the purposes of such collection and processing.
VII - Types of personal data collected and processed:
Within the scope of its activity, the Riopele Group collects and processes, in particular:
- 1. Personal data required to supply products to customers and receive products and services from supplier; within this scope we process data such as name, tax identification number, address, telephone number, and e-mail address, among other data which are strictly necessary, proportionate, and lawful.
- 2. Personal data required for the performance of employment or service provision agreements concluded with our employees; within this scope we process data such as name, identification document number and other data associated with it, tax identification number, household composition, social security number, address, telephone numbers, and e-mail address, health data, access data, location among other data which are strictly necessary, proportionate and lawful.
- 3. Personal data required to fulfil legal obligations, with regard to either public or private entities; within this scope we process data such as name, identification document number and other data associated with it, tax identification number, household composition, social security number, address(es), telephone numbers, and e-mail address, health data, among other data which are strictly necessary, proportionate and lawful.
- 4. All personal data required for the exercise of the rights of the Riopele Group within the scope of the relations referred to in the previous items, and in the pursuit of its activity and legitimate interest, particularly in the areas of accounting, tax and administrative management; litigation management; judicial evidence; fraud detection; revenue and audit protection; network and systems management; control of information security and physical security, as well as the security of its facilities.
- 5. Notwithstanding the compliance with legal regulations or legitimate orders from competent authorities regarding the preservation and transmission of data, the Riopele Group only processes personal data required for its activity, in the fair and strict measure required by the nature of the contractual relationship or of any other nature, established with the data subject in question, or upon his/her prior, legitimate, lawful, informed consent, where applicable.
VIII - Time and manner of collecting personal data:
The Riopele Group collects personal data in person, in writing, by telephone or via its website www.riopele.pt.
In general, personal data are collected upon the commencement of the relationship, or collaboration, contractual or otherwise necessary for the pursuit of the activity of the Riopele Group, between the Riopele Group and the data subject.
Our website may collect spontaneous applications, which shall be sent directly to our e-mail server and to our digital platform via an encrypted connection, and shall only be made available to our human resources managers. Where necessary, the applicant's information shall be made available for assessment by the person in charge of a specific department, always under the supervision of human resources managers.
The collection of certain personal data is mandatory and necessary for the commencement and the normal and legal development of said relationship or collaboration, so the absence or insufficiency of data shall prevent it from commencing or continuing and, in this case, the Riopele Group shall inform the data subject in question.
If you wish to stop receiving these communications, you can express your opposition at any time.
The data collected shall be documented, whether in paper or digital format, in the strict compliance with the legislation that regulates the protection of personal data, being stored and retained in printed files and/or specific database, created and managed for that purpose and of restricted and exclusive access to the employees of the Riopele Group who necessarily have to process them in the pursuit of its activity. In no case shall the data collected be used for any purpose other than that for which the consent was given by the data subject, where necessary, or for the lawful and legitimate purpose of the collection.
IX - Purposes of personal data collection and processing:
In general, the personal data collected are intended for the management of customers, suppliers and employees; contracting and managing the contractual relationship with customers, suppliers and employees; adjusting the provision of goods and services to the customer's needs and interests; sending suggestions; publicizing campaigns, promotions, advertisements and product news; conducting market studies and satisfaction surveys; claim management; accounting, tax and administrative management; litigation management, judicial evidence; fraud detection; revenue and audit protection, network and systems management; control of information security and physical security, as well as the security of its facilities, compliance with legal obligations and other purposes which the Law acknowledges the legitimate interest of the Riopele Group.
Upon the collection of data, or when you request it, you shall be informed in more detail about how we process your data.
X - Retention of personal data:
Whenever there is a specific legal requirement for data to be kept for a minimum period of time, it shall be observed by the Riopele Group .
The Riopele Group shall keep your personal data stored for the minimum period of time that is strictly necessary considering the purpose for which the information is collected and processed, after which it will delete them.
XI - Right of access, rectification, opposition, erasure, restriction and portability of your personal data:
The Riopele Group guarantees the data subject the right of access, rectification, opposition, erasure, restriction and portability of his/her personal data.
You can exercise the aforementioned rights by establishing direct contact with the Riopele Group, at our registered office at Avenida Riopele, 946, 4770-405 Pousada de Saramagos, or via the e-mail address email@example.com.
If you consider it appropriate, you can file a complaint with the National Data Protection Commission - Rua de São Bento no. 148-3º 1200-821 Lisboa - Tel: +351 213928400 - Fax: +351 213976832 - e-mail: firstname.lastname@example.org
XII - Measures we take with regard to the security of your personal data:
The Riopele Group follows the best practices, adopting technical and organizational measures appropriate to the risks it faces, in the area of personal data security and protection, having approved and implemented a demanding plan for compliance with the objectives, the Law and the interest of the data subjects, capable of protecting the data that are made available to us by all those who, in any way, relate to us, in order to protect them against their dissemination, loss, misuse, alteration, unauthorized processing or access, as well as against any other unlawful forms of processing.
Thus, the digital or printed personal data collection form(s), whether filled in at the physical premises of the Riopele Group or on the website (requiring encrypted browser sessions), are stored securely in our physical repositories and digital systems.
All personal data you provide us with are located in a Datacenter managed by the Riopele Group, or by a subcontractor, covered by all the advanced physical and logistic security measures that we believe are indispensable for protecting your personal data.
In spite of these security measures, we alert everyone who browses the Internet that they should take additional security measures, namely by ensuring that they use an updated PC and Browser in terms of properly configured security patches with an active firewall, anti-virus and similar security systems, and by verifying the authenticity of the websites they visit on the Internet, avoiding websites whose reputation they do not trust.
When, in the legitimate and lawful pursuit of the objectives of the activity carried out by the Riopele Group, the Group adopts measures to monitor its employees, especially with regard to access control, working hours, tasks and productivity, movement and transportation, not only will the employees in question have prior knowledge of the respective implementation - being, when legally necessary and legitimate, asked to give their consent -, but the tools used for purpose in question will also ensure the same level of security of the personal data collected and processed by them.
XIII - The designated personal data protection officer:
The duties of the Personal Data Protection Officer are the responsibility of the entity named Sincronideia, Lda. This entity can be contacted by letter sent to the address of the Riopele Group at Avenida Riopele, 946, 4770-405 Pousada de Saramagos, or via the e-mail address email@example.com, or by phone 253 036 727.
XIV - Communication of data to other entities, subcontractors or third parties:
The Riopele Group may hire subcontractors for the purpose of collecting and processing data, for the same purposes that it aims at achieving, obtaining from those entities, by contractual means, a guarantee of reputation and obligation to develop appropriate technical and organizational measures for data protection and ensure the protection of the data subjects' rights. In certain circumstances provided for by law, certain personal data may have to be communicated to public authorities, such as tax authorities, courts and security forces.
Thus, any of these subcontracted entities shall process our Customers' personal data, in the name and on behalf of the Riopele Group, under the obligation adopting technical and organizational measures adjusted to the risk they face in order to protect personal data against accidental or unlawful destruction, accidental loss, alteration, dissemination or unauthorized access and against any other unlawful forms of processing.
XV - Transfer of personal data
In the pursuit of its activity, the Riopele Group may have to transfer its data to a country other than Portugal.
In this case, the Riopele Group shall strictly comply with the applicable legal provisions, in particular as regards the determination of the reliability and suitability of the Country of destination in what concerns the protection of personal data and the requirements applicable to such transfers.
Cookies are small software labels that are stored on your computer through the browser, usually retaining only information related to your preferences, thus excluding your personal data.
Whenever that is not the case, the user shall always be asked for consent to provide them, in accordance with the law.