Politique de Confidentialité

1. Background This Privacy Policy establishes the commitment of ADIRA - METAL FORMING SOLUTIONS, SA (hereinafter ADIRA) with its stakeholders (eg customers, suppliers, employees) in the protection of the personal data of which it is responsible, intending to contribute to strengthen and consolidate the relationship of trust and closeness you have with them, through clear and transparent communication of what you do with these data and what rights you recognize to the respective owners and how they can exercise them. ADIRA acts in strict compliance with the principles described in this policy, Regulation (EU) 2016/679 (General Regulation on Data Protection) and applicable data protection legislation, in all personal data processing activities under its responsibility . The Privacy Policy is part of the normative body for the protection of personal data of ADIRA, which includes rules and procedures for the management of security and privacy of personal data. ADIRA processes personal data through various operational and technical means to support the activities of its business processes. The. Objectives The Privacy Policy, as a communication tool, has as main objectives: -Reinforce and consolidate ADIRA's relationship of trust and proximity with all its stakeholders; -Demonstrate transparency on the purposes and the processing activities carried out by ADIRA, as well as on the retention periods of the personal data involved; -Inform the holders of personal data of their rights in relation to their protection and how they can exercise them; -Inform the holders of personal data who are responsible for ADIRA to whom they can go to exercise their rights or clarify how their personal data is treated. B. Scope of application The Privacy Policy applies exclusively to the processing of personal data carried out by ADIRA, in the context of the intended purposes. For the purposes of this policy, any information relating to an identified or identifiable natural person (data subject) is considered personal data. It is identifiable the data subject who can be identified directly or indirectly, namely through an identification number or through specific characteristics of his physical, physiological, genetic, mental, economic, cultural or social identity. C. Policy maintenance, communication and enforcement The Privacy Policy must be reviewed annually by the Executive Committee, when there is a change in circumstances and whenever there are legislative changes, to validate that it remains current and adequate in view of the applicable regulations and laws. The proposals for reviewing the policy and supervising its application and compliance are the responsibility of the Executive Committee. This policy must be known to all ADIRA employees and must be made available to its stakeholders, whenever the treatment of their personal data is involved, through the appropriate channels, namely internet (websites, Apps). 2. Content of the Privacy Policy The. Our Privacy Commitment ADIRA works based on trust and transparency. This commitment is translated into the day-to-day relationship with our shareholders, suppliers and employees. The privacy and security of the data you entrust to us are a priority for us. It is our commitment to only collect, store, process, transmit or delete your personal data with transparency and that are essential to provide you with the best services. We will inform you of how we use your personal data and for what purposes with the guarantee that we collect, share and store your personal data with reference to the best practices in the field of security and protection of personal data. When your personal data is collected, stored, processed, transmitted or deleted by other entities, we demand the same level of privacy and security. We want you to feel confident that your personal data is safe with us, as we will always be committed to protecting your privacy, and we take our responsibilities regarding the protection of your personal data with great seriousness and commitment. Whenever you have any doubts about the use we make of your personal data, we will be available to help you through the means we put at your disposal: Email: _____________ Tel. _______________ Address: Lugar do Espido, Via Norte, 4471-907 Maia B. Who is Responsible for Your Personal Data ADIRA is responsible for the processing of your personal data in accordance with the General Regulation on Data Protection and the complementary legislation on the protection of personal data in force in the countries in which it operates. Your personal data may be transmitted and processed by any of the companies belonging to the Group SONAE CAPITAL group of which ADIRA is an integral part. The SONAE CAPITAL Group means SONAE CAPITAL - SGPS, S.A. and all companies directly or indirectly controlled by it. C. Personal Data We May Collect In this Privacy Policy, the term "Personal Data" means the set of information that relates to you and that allows us to identify you, directly or indirectly. Your personal data may include, for example, your name, address, telephone contact and email address. We may also receive your personal data from other companies, particularly when they collect, process or store it under a service provision contract. d. How and Why We Use Your Personal Data We use your personal data, namely, for the following purposes: i. Marketing - to inform you about news that may be of interest to you; ii. Management of website users; iii. Compliance with legal obligations, among others, to our customers, suppliers and employees; iv. Recruitment of employees; v. Fulfillment of obligations arising from the contracts we enter into with our partners. and. How Long We Keep Your Personal Data We keep your personal data only for as long as is necessary to fulfill the objectives defined in paragraph d) above and to comply with the law. Once the maximum retention period has been reached, your personal data will be anonymized or destroyed / deleted in a safe manner. f. Who We Can Share Your Personal Data With Your personal data can be shared with SONAE CAPITAL Group companies. In some cases, we may also disclose your personal data to other entities, within the scope of services provided by them. In such cases, we require that you have adequate security measures in place to protect your personal data. When required by law, we may have to disclose your personal data to authorities or third parties, in which case our control over how your personal data is protected is limited. In the case of transfer or access to your personal data by a SONAE CAPITAL Group company, suppliers or service providers based outside the European Union, we guarantee that your personal data is treated in accordance with appropriate security and protection measures, compatible with those that we use. g. How You Can Exercise Your Personal Data Protection Rights In certain circumstances provided for in the European Data Protection Regulation, you have the right to access or request us: i. Additional information about the use we make of your personal data; ii. Your personal data; iii. That we transmit your personal data that you provided to another entity; iv. Updating your personal data; v. The deletion of your personal data; saw. Opposition to the processing of your personal data; vii. Limiting the way in which we use your personal data while we correct them or clarify any doubts about their content or about the use we make of them; viii. The provision of a channel so that you can challenge decisions that are based on your personal data. You also have the right to withdraw or change, at any time, the consent you have given us to use your personal data. The exercise of these rights is an exception when your personal data is used to safeguard the public interest, namely in cases of detection and prevention of crimes, or when they are subject to professional secrecy. To exercise your personal data protection rights or whenever you have any questions about the use we make of your personal data, you should contact us by the following means: Address: Lugar do Espido, Via Norte, 4471-907 Maia Email: _______________ Tel. ________________ If you are dissatisfied with the way we use your personal data or with our response to your request to exercise your rights, you can file a complaint with the National Data Protection Commission (CNPD) - Address: Rua de São Bento, 148 - 3º , 1200-821 Lisboa - Telephone: +351213928400 - Fax: +351213976832 - Electronic address: geral@cnpd.pt. H. How We Protect Your Personal Data We have a variety of information security measures, in line with the best national and international practices, in order to protect your personal data, including technological controls, administrative, technical, physical measures and procedures that guarantee the protection of your personal data, preventing its misuse, unauthorized access and disclosure, its loss, its improper or inadvertent alteration, or its unauthorized destruction. We assume in the matter of information security the same commitment to continuous improvement that we are guided by in our daily activity. Among others, we highlight the following measures: i. Restricted access to your personal data only by those who need it for the purposes that we set out above; ii. Storage and transfer of personal data only in a secure manner; iii. Protection of information systems through devices that prevent unauthorized access to your personal data; iv. Implementation of mechanisms that guarantee the safeguarding of the integrity and quality of your personal data; v. Permanent monitoring of information systems, with the aim of preventing, detecting and preventing the misuse of your personal data; saw. Redundancy of personal data storage, processing and communication equipment, to avoid loss of availability. When required by law, we may have to disclose your personal data to authorities or third parties, in which case our control over how your personal data is protected is limited. i. Updates to this Privacy Policy This Privacy Policy can be updated in due course, which will be disclosed through the following means www.adira.pt