Data Processing Policy in Relations with Suppliers
Dual Borgstena Textile Portugal, Unipessoal Lda., hereinafter referred to as Borgstena, legal person with NIPC 502355409, complies with the applicable Community and national legal rules regarding the protection of personal data, privacy and information security of data subjects, within the scope of data processing operations carried out in the relationship with suppliers – whether the data subjects are the suppliers themselves as natural persons, or the data subjects are the suppliers’ employees – in accordance with
– the special terms of this Policy on the Processing of Personal Data in Relations with Suppliers.
Borgstena collects and processes the following categories of personal data from suppliers or suppliers’ employees:
– identification data
– contact details
– professional data and certifications;
– traffic data and access control on the premises.
Borgstena collects personal data from suppliers or suppliers’ employees by collecting it directly from them or indirectly from their employer, by filling in information registration forms.
Borgstena processes the personal data of suppliers or suppliers’ employees exclusively for the purposes of verifying the legitimacy of legal representatives, access control, safety, hygiene and occupational health and the provision of contracted services in the exercise of economic activity.
Borgstena bases the legitimacy of the processing of the personal data of suppliers or suppliers’ collaborators on the specific processing activity carried out, either on the basis of the management of the contractual relationship, the fulfillment of legal obligations or the legitimate interests of pursuing economic activity.
Borgstena will keep the data for the period necessary to achieve the purposes of the processing, complying with the applicable legal deadlines, with the candidate being able to request, at any time, the respective deletion or exercise any other right, with the conditions and limitations provided for by law, and with a default period of one year for the retention of personal data of suppliers or employees of suppliers.
The personal data of suppliers or suppliers’ employees is processed exclusively by Borgstena’s contracting and procurement, human resources management and occupational health and safety services, and no data is communicated to third parties, with the exception of situations legally provided for the mandatory communication of personal data to third parties.
In accordance with the principle of loyalty and transparency and to ensure compliance with the duty to provide information, Borgstena delivers directly or makes publicly available to all data subjects, depending on how their personal data is collected, information sheets on the data processing operations carried out, which are available for consultation at any service point or on request from the Data Protection Officer.
The Information Sheet on Data Processing in Relations with Suppliers is available at www.dataprotectionofficer.help/borgstena/information.
Borgstena facilitates the exercise of the rights of suppliers or their employees regarding the protection of personal data.
In addition to always being able to lodge a complaint with the respective supervisory authority, for the exercise of any type of data protection rights, namely the rights of withdrawal of consent, information, access, rectification, opposition, limitation of processing or erasure, suppliers or their employees can contact Borgstena’s Data Protection Officer by email at email@example.com, describing the subject of the request and indicating an email address, a telephone contact address or a correspondence address for reply.
A Form for Exercising the Rights of Data Subjects is available at www.dataprotectionofficer.help/borgstena/forms or at any Borgstena service point.
Borgstena has implemented a data protection and information security incident management system.
If any Borgstena Supplier or Employee of a Borgstena Supplier wishes to report a personal data breach that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed, he or she may contact Borgstena’s Data Protection Officer or use Borgstena’s general contact details.
A Personal Data Breach Incident Report Form is available at www.dataprotectionofficer.help/borgstena/forms or at any Borgstena service point, and can also be sent by email by requesting it from the Data Protection Officer.
Borgstena has implemented a Permanent Contact Point for the management of information security and cybersecurity incidents.
If any Supplier or Supplier Employee wishes to report an information security incident or a cybersecurity incident, they can contact Borgstena’s Permanent Contact Point via the communication channels available at www.dataprotectionofficer.help/borgstena/security .
An Information Security or Cyberspace Security Incident Reporting Form can be found at www.dataprotectionofficer.help/borgstena/forms or at any Borgstena service point and can also be sent by email on request to the Permanent Contact Point.
Borgstena has implemented a Whistleblowing Channel, in accordance with the legal regulations in force, guaranteeing the protection of the personal data of data subjects, under the terms of the Whistleblower Protection Policy accessible at www.dataprotectionofficer.help/borgstena/whistleblowing.
The Whistleblower Officer at Borgstena can be contacted via the contact details available at www.dataprotectionofficer.help/borgstena/whistleblowing.
Borgstena’s Whistleblowing Platform is accessible via the link available at https://borgstena.protecaodedenunciantes.com.
A Whistleblowing Form can be found at www.dataprotectionofficer.help/borgstena/forms or at any Borgstena service point, and can also be sent by email on request to the Whistleblower Officer.
Borgstena has implemented a Regulatory Compliance Program within the scope of the Prevention of Corruption, in accordance with the legal regulations in force, guaranteeing the protection of the personal data of the holders, under the terms of the Corruption Prevention Policy accessible at www.borgstena.com.
For the purposes of submitting complaints within the scope of the corruption prevention regime, any interested party may use,
– Borgstena’s Whistleblowing Platform, accessible via the link available at https://borgstena.protecaodedenunciantes.com or
– the Whistleblowing Form, accessible at www.dataprotectionofficer.help/borgstena/forms or at any Borgstena service point.
The Personal Data Processing Policy for Suppliers or Employees of a Borgstena Supplier is supplemented by Borgstena’s General Data Protection Policy, which can be found at www.borgstena.com. You can also consult the other specific Data Protection and Privacy Policies,
– either by contacting the Data Protection Officer at firstname.lastname@example.org;
– or by contacting any service point in person.
This version of the Supplier Management Data Processing Policy has been published under the reference Version 202306.
In order to ensure its updating, development and continuous improvement, Borgstena may, at any time, make any changes deemed appropriate or necessary to the Data Protection Policies, and its publication in the different channels is ensured to guarantee transparency and information to Users, Service Recipients, Customers, Employees, Candidates or Suppliers.