I - Us and our commitment:
Our corporate group or group of companies are engaged in and operate in a joint business activity as these concepts are defined and considered by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, 4th, als. 19) and 20) and it is formed by a set of companies namely LASA – Armando da Silva Antunes SA; Luzmonte 2 Têxteis S.A.; Filasa – Fiação Armando Silva Antunes, S.A., Pinto Antunes, Lda, hereinafter referred to as Group LASA which are involved in the spinning, weaving, dyeing and finishing cotton and well as artificial and synthetic fibers, manufacturing and trading of textiles.
LASA Group is profoundly committed in maintaining the confidentiality, integrity, and security of personal information of clients, business partners and any person that interacts with LASA Group through various channels such as websites, digital files, third party social networks.
II - Collection and processing of personal data
We collect personal data from the following sources:
- A computer system consisting of a set of software solutions supported on a set of hardware devices and other similar solutions, including e-mail services and other external digital repositories and communication solutions.
- Paper records stored in a restricted access area.
- LASA Group Website – www.lasanet.pt
The same or similar policy will also be assumed, contractually signed with the LASA Group, by entities that treat the same personal data on behalf of LASA Group.
LASA Group considers it mandatory and will presume for all intents and purposes, without the possibility of proof to the contrary, that each individual will read the privacy policies of all the websites acceded to.
V- Concept of personal data
Personal data means any information or registration, of any nature and regardless of its support or format, namely sound, image, writing, chirograph or feature, relating to the identified or identifiable singular person.
An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity.
VI- The entity responsible for the processing of personal data
The entity responsible for collecting and processing the personal data and that determines the means of their treatment is the LASA Group. Personal data are processed fairly and lawfully, and only to the extent necessary to fulfil their specific and legitimate purpose.
VII - Types of personal data collected and processed
In the course of its daily organisational activities, the LASA Group acquires, processes and stores personal data namely:
1. Personal data necessary to provide products to its customers, such as name, tax number, address, telephone number and e-mail address, among others, which are necessary to fulfil their specific and legitimate purpose.
2. Personal data necessary for the performance of the employment contract or service contracts concluded with its employees, such as name, tax number, address, telephone number and e-mail address, among others, which are necessary to fulfil their specific and legitimate purpose.
3. Personal data necessary to fulfil legal obligations, either to public entities or to private entities, such as name, tax number, address, telephone number and e-mail address, among others, which are necessary to fulfil their specific and legitimate purpose.
4. Data needed to manage customers and users, to fulfil contractual obligations with customers and suppliers, to satisfy legal obligations, to implement marketing actions, to conduct market studies and satisfaction surveys, to handle complaints. All of these actions involve dealing with personal data such as names, tax numbers, addresses, telephone numbers and e-mail addresses.
5. All personal data processed to reach compliance with applicable laws and to pursue LASA’s Group legitimate business interests and legal rights, in particular tax and administrative management, enforcement of legal claims, the performance of compliance investigations and for regulatory and investigative purposes, and to ensure security of the installations.
Under applicable law, personal data is collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
VIII – When and how personal data is collected
The LASA Group collects personal data through direct contact (phone calls) or through LASA Group’s website.
As a general rule, personal data is collected in the beginning of a contractual relationship or other business-related activity between the LASA Group and the holder of personal data.
Some of the personal data are essential for the purposes of performing a contract or taking relevant pre-contractual steps, so in the absence or insufficiency of this data, it will not begin or continue. In these cases, LASA Group will inform the data subject of the compulsory and essential nature of the personal data.
The personal data holder can object to the processing of personal data for purposes of advertising and data analysis at any time.
The data collected will be documented, whether in paper or digital format, in a strict compliance with the legislation that regulates the protection of personal data, being stored and contained in specific paper files and database, created and managed for this purpose and of restricted and exclusive access to LASA Group employees who necessarily have to use these data in the pursuit of LASA's Group activity. In no case shall the data collected be used for any purpose other than that for which the consent has been given by the personal data holder, where necessary, or for the lawful and legitimate purpose of the collection.
IX - Purposes of the collection and processing of personal data
Personal data is processed for administering inquiries and agreements, as well as providing information and services in connection with such inquiries and agreements. Personal data may also be used for marketing and follow ups as well as for sales and product development with the aim of improving LASA’s Group products and services. Finally, personal data is also processed for tax and administrative management, enforcement of legal claims, the performance of compliance investigations and for regulatory and investigative purposes, and to ensure security of the installations.
At the moment that the personal data is collected, LASA Group will precisely detail the sort of personal data collected and how it will be treated, held and stored.
X - For how long will personal data be kept
LASA Group will store data for the shortest time possible. That period should take into account the reasons why LASA Group needed to process the data, as well as any legal obligations to keep the data for a fixed period of time. After this period of time the personal data will be erased.
XI- Right of Access · Right to Rectification · Right to Erasure · Right to Data Portability · Right to Restriction of Processing
LASA Group provides data subjects a copy of their processed personal data upon request at our registered office at Estrada Nacional 105, Nº 3344, Nespereira, 4835-517 Guimarães, or by the electronic address email@example.com.
If you think your data protection rights have been breached, you can lodge a complaint with the National Data Protection Commission - Av. D. Carlos I, 134 - 1º 1200-651 Lisboa - Tel: +351 213928400 - Fax: +351 213976832 - e-mail: firstname.lastname@example.org
XII - How LASA Group protects Personal Data
LASA Group took all steps reasonably necessary to ensure that your data is treated securely and protected against unauthorised access or processing.
All personal data collected through digital or paper forms, whether completed on the physical premises of LASA Group or on the website (which requires encrypted sessions of the Browser) are stored safely in our physical repositories and digital systems.
All the personal data is stored in a Datacenter owned by LASA Group, or of its subcontractor, which possesses all the advanced physical and logistic security measures, that LASA Group considers necessary for the protection of personal data.
Despite of these security measures, it is important to be aware of the risks of the internet. When transmitting personal data over the internet, particularly sensitive personal data, data subjects should ensure the use of an updated PC and Browser in terms of properly configured security patches with active firewall, antivirus and antispyware, and ensure the authenticity of the websites and avoid websites whose credibility is not trust worthy.
LASA Group will inspect and monitor work-related conduct of employees, only to the extent necessary to fulfil LASA’s Group specific and legitimate purpose and in a strict compliance with the legislation. This monitorization consists in monitoring access controls, working hours, tasks and productivity, displacements and use of company’s vehicles. Not only the employees will have prior knowledge of these actions - being, whenever legally necessary and lawful, requested their consent – but this data will be treated securely and protected by LASA Group.
XIII – Appointed data protection officer
LASA Group has appointed and maintains a Data Protection Officer who can be contacted by letter to LASA's Group address at Estrada Nacional 105, Nº 3344, Nespereira, 4835-517 Guimarães, by telephone 253 560 700, or by e-mail address email@example.com
XIV- Communication of data to other entities, subcontractors or third parties
Lasa Group may use subcontractors for the purpose of processing and collect data, for the same purposes that it aims to obtain, by contractual means, a guarantee of reputation and an obligation to develop technical and organizational measures adequate for data protection and to ensure the defense of the holders rights. In certain circumstances determined by law, certain personal data may have to be communicated to public authorities, such as tax authorities, courts and security forces.
In this way, any of these subcontracted entities will treat the personal data of our Clients, in the name and on behalf of the Lasa Group, under obligation to adopt the appropriate technical and organizational measures to the risk in order to protect the personal data against the destruction, accidental or illicit, accidental loss, alteration, dissemination or unauthorized access and against any other form of illicit treatment.
Transfer of personal data:
LASA Group may have to transfer your personal data outside of Portugal. In such case, LASA Group will rigorously comply with all applicable legal provisions, namely with respect to the determination of the reliability and suitability of the country of destination with respect to protecting personal data and the requirements applicable to such transfers.
XV - Cookies
“Cookies” are small software tags that are stored on your computer through your browser. As a rule, they only retain information related to your preferences and as such they do not contain your personal data.
Whenever this is not the case, the user shall always be asked for his or her consent to supply the data in accordance with applicable legislation.