Privacy Policy

1 – Context

This Privacy Policy establishes the commitment of each of the below mentioned companies (hereinafter designated as the “VIGENTGROUP”) with their stakeholders (e.g. customers, employees, suppliers, shareholders and investors) towards the protection of personal data processed by them, aiming at contributing to the reinforcement and strengthening of their trust and proximity relationship, by clearly and transparently stating what are those data used for and what rights their respective data subjects have and how they can exercise them.

Companies encompassed by this Privacy Policy:

– Brasmar ;
– Marnobre ;
– Metalogalva ;
– Metalpro ;
– Galvaza ;
– Silvafer ;
– Mss Steel Tubes.

The VIGENTGROUP operates by strictly complying with the principles described by this policy, Regulation (EU) 2016/679 (General Data Protection Regulation) and applicable data protection legislation concerning all data processing activities for which they are in charge.

This Privacy Policy is part of the VIGENTGROUP’s personal data protection regulations that includes standards and procedures for personal data security and privacy management.

The VIGENTGROUP processes personal data via several operational and technical means that support its business process activities.

A. Goals

The Privacy Policy, as a communication instrument, has the following goals:

– Reinforcing and strengthening the trust and proximity relationship between the VIGENTGROUP and its stakeholders;

– Showing transparency about processing purposes and activities performed by the VIGENTGROUP, as well as about corresponding personal data retention periods;

– Informing data subjects on their rights concerning personal data protection and how they can exercise them;

– Informing data subjects about the VIGENTGROUP contact persons in case they wish to exercise their rights or be clarified on how their personal data are processed.

B. Application scope

This Privacy Policy applies exclusively to personal data processed by the VIGENTGROUP, in the scope of the described purposes.

For purposes of this policy, personal data are any and all information regarding an identified or identifiable natural person (data subject).

An identifiable person is a data subject that can be directly or indirectly identified by means of an identification number or traits that are specific to their physical, physiological, genetic, mental, economic, cultural or social identity.

C. Policy maintenance, communication and application

This Privacy Policy should be reviewed on an annual basis when there is a change on circumstances and every time there are legislative changes to ensure it stays valid and adequate to applicable regulations and laws. The VIGENTGROUP administration body is responsible for policy revision proposals and for policy application and compliance supervision.

This policy should be known by all VIGENTGROUP employees and should be provided to its stakeholders whenever their personal data is processed via proper channels, namely the VIGENTGROUP website.

2 – Privacy Policy Content

a. Our Commitment to Privacy  

The VIGENTGROUP relies in trust and transparency. And this is transposed to our day-to-day relationships with customers, employees, suppliers and remaining stakeholders.

The privacy and security of data provided by you are a priority to us.

We dedicate to transparently collect, store, process, transfer or delete only those personal data required for the relationship at issue.

We will inform you on how we are using your personal data and for which purposes, and we guarantee that all personal data are collected, shared and stored pursuant to the best practices in the field of personal data protection and security.

We will require equivalent privacy and security levels whenever your personal data are collected, stored, processed, transferred or deleted by other entities,

We want you to feel confident in trusting us with your data, and we will always be committed towards protecting your privacy as we take our responsibilities concerning personal data protection very seriously.

If you have any questions about how we use your personal data, please feel free to contact us to the e-mail dataprotection@vigent.pt

b. Who is responsible for your Personal Data

The aforementioned society to which you provided your personal data is the data controller, pursuant to the General Data Protection Regulation and supplementary regulation on personal data protection in force in the countries in which the company operates.

The above companies are part of the VIGENTGROUP which means that your personal data may be transferred and processed by any of those companies.

c. Personal Data We May Collect

For the purposes of this Privacy Policy, the term “Personal Data” means the set of information regarding you and that allow us to directly or indirectly identify you. Your personal data may include, for instance, your name, taxpayer identification number and your contacts (physical and/or electronic).

We can also receive your personal data from other companies, namely when your personal data are collected, processed or stored in the scope of a service provision agreement.

d.  How and Why Do We Use Your Personal Data

We only use your personal data to the extent that is strictly required for the obligation in force.

e. For How Long is Your Personal Data Stored

We keep your personal data only for the period needed for accomplishing the goals established in the scope of the relationship and compliance with the law.

Your personal data will be anonymised or destroyed/deleted safely once the maximum retention period is reached.

f. Your Personal Data Can Be Shared With Whom

In some cases, your personal data may be disclosed to other entities, in the scope of services provided by them. In those instances, we will require such entities to have in place adequate security measures for the protection of your personal data.

Whenever required by law, we may have to disclose your personal data to the authorities or third parties.

In case of transfer of or access to your personal data to suppliers or service providers based outside the European Union, we will ensure that your personal data are processed according to the adequate security and protection measures, compatible with those used by us.

g. How Can You Exercise your Personal Data Protection Rights

Under certain circumstances, you are entitled to access or request us:

  1. Additional information about how we use your personal data;
  2. Your personal data;
  3. The transfer of your personal data to other entity;
  4. The update of your personal data;
  5. The elimination of your personal data;
  6. Opposition to the processing your personal data;
  7. The limitation in the way we use your personal data while we correct them or clarify potential issues about their content or how we use them;
  8. The availability of a channel that you can use to challenge decisions that may have been made based on your personal data.

You are also entitled with the right to withdraw or change at any time any consent you have given us for the use of your personal data.

The exercise of this rights is not possible when your personal data are used for preserving public interest, namely in cases of crime detection and prevention, even when those data are subject to professional confidentiality.

To exercise your personal data protection rights or whenever you have a question about how we use your personal data, please send an e-mail to: dataprotection@vigent.pt

In case you are not satisfied with the way we use your personal data or with our reply to your request concerning the exercise of your rights, you may lodge a complaint with the relevant supervisory authority.

h. How Do We Protect Your Personal Data

The VIGENTGROUP has in place several information security measures, pursuant to the best national and international practices for your personal data protection, including technological controls, administrative, technical and physical measures and procedures that ensure the protection of your personal data, preventing misuse, unauthorised access and disclosure, loss, wrongful or unintended change or unauthorised destruction. As in our daily operations, we also rely on our commitment to ongoing improvement in terms of information security.

Among others, we highlight the following measures:

  1. Restricted access to your personal data only for those who need your personal data for the purposes above;
  2. Personal data storage and transfer made only in secure ways;
  3. Protection of information systems with devices that prevent unauthorised access to your personal data;
  4. Implementation of mechanisms ensuring that the integrity and quality of your personal data is kept;
  5. Permanent monitoring of information systems, aiming at preventing, detecting and block your data from being used wrongfully;
  6. Personal data storage, processing and communication equipment redundancy to avoid loss of availability;
  7. Whenever required by law, we may disclose your personal data to the authorities or any third parties, and in those cases, our control on how your personal data are protected can be limited.

i. Updates to this Privacy Policy   

This Privacy Policy may be conveniently updated. Updates will be available at proper channels, namely the VIGENTGROUP website.