About us and our commitment:
GBTX, Lda, is a private limited company, hereinafter referred to as GBTX, dedicated to the trade, importation, exportation, and manufacturing of apparel and other textile products.
With regard to the proportionality and adequacy enforced by the capacity of allocation of its resources and technical assets, GBTX is fully and truly committed to protecting its customers and workers, regular or occasional, as well as the users of our different devices and platforms, both physical and digital, namely paper and digital files, current or future websites, in terms of their privacy and the processing and disclosure of their personal data.
Our collecting devices and personal data carrier:
We have, edit, and manage the following carriers for personal data processing:
The entities that may process these personal data on behalf of GBTX shall comply with this or similar policy, by way of contract with our company.
GBTX considers mandatory and will assume for all intents and purposes, without seeking or hearing any contrary evidence, that the user of all these websites will read their privacy policies.
Definition of personal data:
Personal data means any information or registration, regardless of the nature, support, or format, namely an audio, image, writing, initials, or other characteristic, relating to an identified or identifiable natural person.
An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to one or more specific personal data, considered separately or collectively, namely to the physical, physiological, mental, economic, ethnic, cultural, geographic, or social identity of that natural person.
The entity responsible for the personal data processing:
The entity responsible for the personal data processing is GBTX and, within the scope of the agreement with the data subject, we establish, in accordance with lawful and legitimate grounds, the data being collected and processed as well as the purposes of this collection and processing.
Types of personal data being collected and processed:
Within the scope of its activity, GBTX collects and processes, namely:
When and how we collect personal data:
GBTX collects the personal data in person, by telephone or its websites.
Normally, the personal data are collected at the beginning of the relationship or cooperation, pursuant to contract or any other similar document, between the company and the subject of the data, in accordance with GBTX activity exercise.
The collection of some personal data is mandatory and necessary to start and develop, normally and legally, a contractual relationship or collaboration; the lack or insufficiency of these data determine that this relationship with us will not happen and in this case GBTX will inform the subject of this necessary and mandatory nature.
If you no longer wish to receive these communications, you may unsubscribe them at any time.
The collected data will be processed in document, in compliance with the legislation concerning the protection of personal data, and they will be stored and retained in specific databases, created and managed for this sole purpose and with restricted and exclusive access of GBTX staff, as they have to process them within the scope of our activity. Under any circumstances the collected data may be used for purposes other than those that justified the subject consent, which is mandatory, or for lawful and legitimate purposes for the collection.
Purposes of the collection and processing of personal data:
Overall, the collected personal data aim at the contract management with customers, hired supplies, supplies adequacy to the customer’s needs and interests, sending of suggestions, information and marketing, information about campaigns, promotions, advertisement and news about the products, market and satisfaction surveys, complaints management, accounting, tax and administrative management, litigation, judicial evidence, fraud detection, revenue protection and audit, systems and network management, control of information security as well as health and site safety, compliance with the legal obligations and further purposes established by law for the legitimate interest of GBTX.
At the moment of the data collection, or upon your request, you will be informed in more detail about the processing of your data.
Retention of your personal data:
GBTX will comply with the statutory minimum period to retain data that may have been prescribed by a specific legal requirement.
GBTX will retain your personal data for the minimum period of time and as long as retention is no longer necessary for the purpose for which the information was collected and processed.
Access, rectification, objection, erasure, restriction, and portability of your personal data:
GBTX ensures that the data subject may have the right to request access, rectification, objection, erasure, restriction, and portability of his/her personal data.
The above-mentioned rights may be exercised by contacting directly GBTX, headquartered in Rua Afonso Nunes de Mariz, nº1001, 4750-571 Mariz, Barcelos – Portugal, or by email at: email@example.com.
You also have the right to lodge a complaint with the Portuguese competent data protection authority (Comissão Nacional de Proteção de Dados) – Av. D. Carlos I, 134 – 1.º 1200-651 Lisboa – Tel: +351 213928400 – Fax: +351 213976832 – e-mail: firstname.lastname@example.org.
Personal data security measures we adopted:
As GBTX follows the best practices, we adopted a set of technical and organisation measures in order to prevent risks within the scope of security and protection of personal data; consequently, we approved and implemented a strict plan in accordance with the purposes, the law, and the interests of data subjects so as to ensure the protection of the data provided by the subjects who, in any way, interact with our company and to protect them from disclosure, loss, inappropriate use, change, processing, or unauthorised access as well as from any illegitimate processing.
Therefore, the personal data collection forms in digital format or paper, filled in at GBTX headquarters or on the website (with encrypted browser) are safely stored in our physical repositories and digital systems.
All the personal data you provided us with are stored in a Datacenter owned by GBTX, or by one of its subcontractors, in accordance with all the security and advanced logistical measures which are vital for the protection of your personal data.
Despite these security measures, we encourage those who surf the Internet to adopt further security measures in order to ensure that the security patches of your PC and browser are updated and that your firewall, antivirus and anti-spyware are on, as well as to make sure of the authenticity of the websites you visit and avoid those that seem unreliable.
With regard to the legitimate and lawful purposes of its activity, every time GBTX will adopt monitoring measures regarding its workforce, namely the control of access, work schedules, tasks and productivity, circulation and transport, the workers will be previously informed – and they will be asked to give prior consent, if legally necessary and legitimate – and the instruments used for this purpose will ensure the same security level of the collected and processed personal data.
Data disclosure to other entities, subcontractors or third parties:
GBTX may outsource the collection and processing of your personal data, for the same purposes set forth in this Policy; these entities shall contractually commit themselves to ensuring the reputation and the obligation to develop a set of technical and organisation measures in order to protect the personal data and to guarantee the subjects’ rights. Pursuant to law, some personal data may be disclosed do public authorities like Tax and Customs Authority (Autoridade Tributária), courts, and security forces.
Consequently, any outsourced entity shall process our Customers’ personal data, in the name and on behalf of GBTX, and must strive to adopt a set of technical and organisation measures in order to prevent risks and protect the personal data from unintentional or illegitimate destruction, unintentional loss, change, disclosure or unauthorised access as well as from any illegitimate processing.
Personal data transfer:
The activity of GBTX may require the transfer of your personal data outside of Portugal.
In that case, GBTX will thoroughly observe the applicable legal provisions in order to ensure the reliability and adequacy of the foreign country concerning personal data protection and the applicable requirements of these cross-border transfers.
“Cookies” are small text files stored on your computers through the browser; they normally save information concerning your preferences and do not include, consequently, the processing of your personal data by GBTX.
Where not appropriate, and in accordance with the legal rules, the user will always be asked to provide his/her consent.