Privacy Policy
Last updated: 08/21/2025
Lusilectra - Veículos e Equipamentos S.A. (“Lusilectra”), headquartered at Rua Engº. Ferreira Dias, Nº. 993 4100-247 Porto, Tax ID 501381430, is responsible for processing your personal data concerning this platform (referring to Lusitools, accessible at www.lusitools.com). Protecting your privacy is very important to us. This policy explains, within the scope of this platform, what data we collect, for what purposes, with whom we share it, and what your rights are.
1. What personal data do we collect?
We collect the following data, depending on your interaction with our website:
- Identification data: name, email, phone, address
- Billing data: Tax ID, billing address
- Transaction data: purchase history, payment methods (without access to full card number)
- Technical/navigation data: IP address, approximate location, browser type, device, access time and date, time spent on pages, unique device identifiers, diagnostic data
- Cookie data: see Cookie Policy (link to cookie policy)
- Marketing data: subscription preferences, interactions with newsletters (opens, clicks)
2. For what purposes do we use your data?
Objective/Purpose (among others) | Legal Basis (among others) |
To fulfill your requests or contact inquiries (e.g. when you fill out a form intended for this purpose on this platform) | Contract execution/legitimate interest |
To manage your registration and identification as a user of the Platform (e.g. if you choose to register on our platform, we need to process your data to identify you as a user of the Platform and to give you access to its various features, products, and services available to you). | Contract execution/legitimate interest |
For the development, fulfillment, and execution of the purchase or service contract you entered into with us on the Platform. | Contract execution/legitimate interest |
Marketing (e.g., sending newsletters) | Explicit consent |
Compliance with legal obligations (e.g., issuing invoices) | Legal obligation |
Platform and experience improvement | Legitimate interest |
3. With whom do we share your data?
We share your data only with trusted partners and when necessary:
- Carriers: for order delivery (e.g., CTT, Correos, etc.)
- Payment services: SIBS (among others)
- Web hosting and online store:Shopify
- Email marketing platforms: Closum, Wix, and Shopify
- Analytics and cookie services: Google, Meta, etc.
- Other service providers: Winsig (PHC software provider), among others.
- Public authorities
- Financial institutions
4. Are your data transferred outside the EU?
Yes, some of our service providers are based outside the European Economic Area. We ensure that these transfers:
- They are made based on standard contractual clauses approved by the European Commission, or
- They are for companies certified by appropriate protection mechanisms.
5. How long do we keep your data?
We will process your data only for the time strictly necessary to fulfill the corresponding purpose, without prejudice to subsequently keeping it properly stored and protected for as long as liabilities arising from the processing may occur, in accordance with the legislation in force at any given time. When each possible action expires, we will delete the personal data.
Examples:
Type of data | Retention period |
Billing data | 10 years (legal requirement) |
Newsletter subscription | 10 years after consent is given |
Cookies | Depending on the type (see Cookie Policy) |
6. What are your rights?
You have the right to:
- Access your data
- Correct incorrect data
- Delete your data ("right to be forgotten")
- Limit or object to processing
- Withdraw your consent (at any time)
- Receive your data in a digital format (portability)
- File a complaint with the CNPD (www.cnpd.pt)
7. How can you exercise your rights?
You can exercise your rights via email: qualidade@lusilectra.pt
You can also contact our DPO via email: epd@lusilectra.pt
We will respond within a maximum of 30 days.
8. How do we protect your data?
We guarantee the protection of your Personal Data through a set of organizational and technical security measures that we implement to prevent illegal or unauthorized access, use, and leaks, as well as to preserve their integrity. This set of measures was designed taking into account our Information Technology infrastructure, the impact it may have on your privacy, and the costs involved, as well as according to current industry standards and practices.
Our information security procedures include:
- Definition of profiles to ensure that each employee has access only to the data necessary to perform their duties;
- Strong credential policy and multi-factor authentication on critical systems;
- Security incident management:
- SOC (Security Operations Center) 24*7 to monitor, detect, analyze and respond to potential cybersecurity threats;
- Backup system;
- IT security audits (penetration tests) and automatic vulnerability detection systems;
- Information security policies, reviewed and communicated periodically;
- Among others
Your Personal Data will only be processed by a Subcontractor that complies with the organizational and technical information security measures mentioned above.
9.How do we update this policy?
Lusilectra reserves the right to, at any time, make modifications or updates to this Privacy Policy, with these changes duly updated on this Platform.