Privacy Policy
Privacy Policy – Poltex (Neves Pereira e Silva,
Lda)
Last Updated: [June 2025]
Poltex – Neves Pereira e Silva, Lda (“Poltex”, “we”, “us” or “our”) is committed to protecting your
personal data with due care and in accordance with the law , including the EU General Data
Protection Regulation (GDPR). This Privacy Policy explains what personal data we collect, how we use
and protect it, and your rights in relation to your data. We aim to be transparent and use clear, plain
language in line with GDPR requirements .
1. Data Controller and Contact Details
Data Controller: The entity responsible for your personal data is Poltex – Neves Pereira e Silva, Lda, a
company based in Guimarães, Portugal (Travessa do Séquito B – Lote 12/13, Zona Industrial de Brito,
4805-034 Guimarães, Portugal).
No DPO Appointed: Poltex is not legally required to appoint a Data Protection Ofcer , so we have
not designated a DPO. However, we take privacy seriously – for any questions or requests regarding
your personal data, you can contact us directly.
Contact for Privacy Inquiries: If you have any questions about this policy or wish to exercise your data
rights, please contact us by email at privacy@poltex.com. You may also write to us at the postal
address above, Attn: Privacy Team.
2. Personal Data We Collect
We limit our collection of personal data to what is necessary, relevant, and adequate for the purposes
set out in this policy (data minimization principle ). The personal information we collect and process
may include:
Name – For example, your frst and last name.
Email Address – For example, your email used for subscribing to updates or contacting us.
We obtain this information directly from you – for instance, when you fll out a form on our website,
subscribe to our newsletter, or communicate with us via email or phone. We do not collect any
payment or fnancial information, as we do not process online payments, and we do not collect
login credentials (our website does not require user accounts or passwords). We also do not collect
any sensitive personal data (such as health, racial/ethnic origin, or political opinions) in the ordinary
course of business.
3. Purposes of Processing and Legal Bases
Poltex only uses your personal data for specifed, explicit, and legitimate purposes, and we always have
a lawful basis under the GDPR for our processing . Below we describe what we use your name and
email for and the legal justifcation for doing so:
Marketing Communications (Newsletters & Updates): If you have subscribed or consented,
we will use your name and email to send you our newsletter, product updates, or promotional
ofers about Poltex’s textile products and services. Legal Basis: Consent – We will only send you
marketing emails if you have given us clear consent, such as by signing up on our website (per
GDPR Article 6(1)(a)). You can withdraw your consent at any time (see Section 8 below on Your
Rights). For individuals who are existing customers or have shown interest in our products, we
may also rely on legitimate interests to inform you about similar products or services, as GDPR
Recital 47 acknowledges direct marketing can be a legitimate interest . In all cases, we will
honor any opt-out requests immediately.
Responding to Inquiries and Sales Requests: If you contact us with questions, requests for
quotes, or other sales-related inquiries, we will use your name and email to communicate with
you and provide the requested information or support. Legal Basis: This processing is necessary
for taking steps at your request prior to entering into a contract (GDPR Article 6(1)(b)) or is
within our legitimate interests to efectively respond to prospective customers and business
contacts. We consider this use expected and benefcial for both you and Poltex (and we ensure it
does not override your rights). You are in control of whether to provide your data for these
purposes.
No Additional Uses: We will not use your personal data for any purposes that are incompatible with
the above. In particular, we do not engage in automated decision-making or profling with your
personal data that produces legal or similarly signifcant efects (GDPR Article 22). If we ever need to
process your data for a new purpose, we will update this policy and, if required, seek your consent.
4. Data Sharing and Disclosure to Third Parties
Poltex respects the confdentiality of your personal information. We do not sell, rent, or share your
personal data with third-party companies for their own marketing or other independent purposes .
Your data is used solely for Poltex’s internal purposes as described above.
In certain cases, we may share your data with trusted service providers or partners who process data
on our behalf, but only to the extent necessary to fulfll the purposes listed in this policy. For example,
this could include an email delivery service to send out our newsletters. When we engage such
processors, we remain responsible for your data and ensure they are contractually obliged to handle it
securely and in compliance with GDPR (acting under our instructions and not using your data for any
other purpose).
Legal Disclosures: The only other instances in which we might disclose personal data are if we are
required to do so by law, regulation, or a legal process (e.g., a court order or governmental request), or
to establish or defend our legal rights. In summary, aside from service providers acting for us (and
bound to confdentiality) or legal obligations, no other parties receive your personal data.
5. International Data Transfers
All personal data we collect is stored and processed within the European Union. We do not transfer
your personal data outside the EU or EEA . This means your name and email are kept on servers
located in the EU, or with service providers who ensure data remains in EU territory. If in the future we
need to transfer data outside the EU (for example, to a cloud service provider in another region), we will
only do so in compliance with GDPR transfer safeguards (such as using EU Commission approved
Standard Contractual Clauses or transferring to jurisdictions with an adequacy decision). However, at
present no international transfers occur.
6. Data Retention
Poltex will retain your personal data only for as long as necessary to fulfll the purposes we collected
it for, and to comply with applicable laws . We do not keep personal data indefnitely “just in case” –
once we no longer need your information, we will securely delete or anonymize it.
In practice, this means:
If you have given consent for marketing emails, we will retain your name and email for as long
as you remain subscribed. If you withdraw consent or opt-out (unsubscribe), we will promptly
remove your contact from our marketing list. (We may keep a record of your email on a
suppression list to ensure we honor your no-contact request.)
If you are a customer or you contacted us for an inquiry, we will retain your contact details for
the duration of our relationship with you and for a reasonable period afterward. This allows us to
maintain necessary business records and follow up as needed. For instance, if you request a
quote, we may keep your information while that quote is active. We may also retain
correspondence or contact information for a certain time (e.g. up to a few years) in case you
have follow-up questions, to maintain records of our communications, or as required for legal
purposes (such as proof of consent or transactions).
In all cases, we periodically review the data we hold. When the retention period has been reached, or if
we determine we no longer need the data, we either irreversibly anonymize it or securely delete it from
our systems. For example, we do not store your data longer than necessary for the purposes
described . If any law requires us to keep data for a certain period (for example, tax or accounting
rules), we will only retain the data for that legal duration and strictly for that purpose.
7. Data Security Measures
We take the security of your personal data very seriously and implement appropriate technical and
organizational measures to protect it . While no system can be 100% secure, we follow industry
best practices to safeguard information against unauthorized access, alteration, disclosure, or
destruction. Our security measures include:
Secure Infrastructure: Personal data is stored on secure servers with up-to-date protection. We
use frewalls and network security measures to prevent unauthorized access. Physical access to
our systems is restricted.
Encryption: Whenever personal data is transmitted (for example, when you submit a form on
our website), we use encryption protocols like HTTPS/TLS to protect the data in transit. We also
employ encryption or password protection for data at rest where appropriate .
Access Control: Personal data at Poltex is accessible only to personnel who need to know it for
the purposes described (e.g., our sales/marketing team). These individuals are trained on data
protection and bound by confdentiality. We maintain authentication controls to prevent
unauthorized employee access.
Organizational Policies: We have internal policies and procedures to ensure personal data is
handled safely and in line with GDPR. This includes regular review of our data practices, and if
applicable, agreements with any service providers to ensure they equally commit to protecting
your data.
Despite our safeguards, please note that no internet or email transmission is ever completely secure.
We continuously monitor and improve our security practices to adapt to new threats. In the unlikely
event of a data breach that poses a risk to your rights (for example, a security incident leading to
accidental or unlawful loss or disclosure of personal data), we will notify you and the relevant
authorities as required by GDPR (Articles 33 and 34).
8. Your Rights Under GDPR
As an individual (“data subject”) in the EU, you have robust rights regarding your personal data. Poltex is
committed to respecting these rights and enabling you to exercise them easily . Under the GDPR,
you have the following rights (subject to the conditions and exceptions set out in applicable law):
Right to Access: You have the right to request confrmation of whether we are processing your
personal data, and if so, ask for a copy of the data we hold about you . This allows you to
know and verify the information we have.
Right to Rectifcation: If any of your personal data we hold is inaccurate or incomplete, you
have the right to have it corrected or updated without undue delay . For example, if your
email address changes, you can ask us to update it.
Right to Erasure: You have the right to request that we delete your personal data, in certain
circumstances . This is also known as the “right to be forgotten.” We will erase the data upon
your valid request, provided we do not have a compelling legal reason to continue processing it
(for instance, we may need to retain some information to comply with a legal obligation).
Right to Restrict Processing: You can ask us to restrict or pause the processing of your
personal data in certain situations . For example, if you contest the accuracy of the data or
object to our processing, you can request a restriction while the issue is being resolved. When
processing is restricted, we will still store your data but not use it until the restriction is lifted.
Right to Object: You have the absolute right to object to your personal data being used for
direct marketing at any time . If you object, we will stop using your data for marketing
purposes immediately. You also have the right to object to other types of processing based on
our legitimate interests, on grounds relating to your particular situation. In such cases, we will
stop the processing unless we have compelling legitimate grounds that override your interests
or it’s needed for legal claims.
Right to Data Portability: Where we process your data based on your consent or a contract
with you, and the processing is carried out by automated means, you have the right to request
to receive your personal data in a common, machine-readable format and/or have it transmitted
to another data controller where technically feasible . In simple terms, this allows you to take
your data to another service.
Right to Withdraw Consent: If we rely on consent as our legal basis for processing your data
(for example, sending marketing emails), you have the right to withdraw that consent at any time . Withdrawing consent will not afect the lawfulness of any processing we did based on
your consent before withdrawal, but it means we will stop the specifc activity that you previously
consented to. For instance, if you unsubscribe from our newsletter, we will stop sending it.
Right to Lodge a Complaint: If you believe your data protection rights have been violated, you
have the right to fle a complaint with a supervisory authority in the EU . Poltex is
established in Portugal, so our lead supervisory authority is the Portuguese Data Protection
Commission (Comissão Nacional de Proteção de Dados – CNPD, website: www.cnpd.pt). You can
contact the CNPD or your local EU data protection authority. We encourage you to contact us
frst, and we will do our best to address your concerns.
No Fee Usually Required: You can exercise your rights free of charge. In rare cases, if a request is
manifestly unfounded or excessive, we are permitted by law to charge a reasonable fee or refuse the
request, but we will explain the reasons if that situation arises.
9. How to Exercise Your Data Rights
We understand that you might be unsure how to go about exercising your data rights. We have a
simple procedure in place:
Submit a Request: To exercise any of your rights described above (access, correction, deletion,
etc.), please send us a request. The easiest way is by emailing us at privacy@poltex.com. You
can also mail a request to our postal address (see Section 1). Please clearly state what right you
wish to exercise and any relevant details. For example, you might write, “I am requesting a copy of
all personal data you have about me” (Right of Access) or “Please delete the personal data you have
about me that I provided when signing up for newsletters” (Right of Erasure).
Identity Verifcation: For your security, we may need to verify your identity before fulflling a
data request. This is to ensure we don’t disclose or modify your data based on a request from
someone else. We will let you know what information is needed (such as confrming some basic
details we already have on fle). You do not have to provide more personal data than necessary
for verifcation. Any information you provide for verifcation will only be used to confrm your
identity and will be deleted afterward.
Our Response Time: We will respond to your request without undue delay and at the latest
within one month of receiving it . In most cases, we will respond much sooner. If your
request is complex or if you have made multiple requests, we are allowed to extend this period
by up to two further months, but we will inform you within the frst month if an extension is
needed and explain why. Our response will normally include either the information you
requested or confrmation that the action you asked for has been completed, or we will provide
an explanation if we cannot fully comply with your request (for instance, if an exemption
applies).
Result of the Request: If you exercised your right of access, we will provide your data (along
with information required by law about how we use it). If you asked for rectifcation, we will
confrm that we have corrected the data. For erasure or restriction, we will confrm your data has
been deleted or fagged as restricted (and will no longer be processed). For objections, we will
confrm that we have stopped the processing in question (especially in the case of marketing
objections, we will remove you from our lists immediately). If you withdrew consent, we will
confrm that we have noted your withdrawal and ceased the related processing
We aim to make this process as straightforward as possible for you. If you need any assistance in
formulating your request, please just ask – we are here to help. Remember, your privacy rights are
important, and Poltex wants to ensure you can exercise them fully.
10. Updates to This Privacy Policy
We may update or revise this Privacy Policy from time to time, to refect changes in our practices or for
legal, regulatory, or operational reasons. If we make signifcant changes, we will notify you either by
posting a prominent notice on our website or by contacting you directly (e.g., via email) if appropriate.
We always indicate the “Last Updated” date at the top of the policy. We encourage you to review this
policy periodically to stay informed about how we are protecting your information.
11. Contact Us
If you have any questions, concerns, or feedback regarding this Privacy Policy or how Poltex handles
your personal data, please do not hesitate to reach out:
Email: privacy@poltex.com
Postal Address: Travessa do Séquito B – Lote 12/13, Zona Industrial de Brito, 4805-034
Guimarães, Portugal (Attn: Privacy Team)
Telephone: +351 [example phone] (Available Mon–Fri during business hours)
We will be happy to assist you. Your trust is very important to us, and we will do our utmost to address
any privacy-related questions or issues.
Thank you for reading our Privacy Policy. By engaging with Poltex or using our website, you
acknowledge that you have been informed about how we handle personal data. We hope this policy has
clearly explained our practices. If anything remains unclear, please contact us and we will clarify it.
Your privacy is our priority, and we are committed to ensuring the security and lawful handling of
your personal information at all times.