APDATA is committed to ensuring the privacy and protection of the personal data of all those who have any type of relationship with us, even if indirectly.
As a result, this Privacy Notice formalizes our commitment to transparency, so that you can understand in a simple, clear and objective way, what personal information is collected, why we collect it, if we share it, with whom and for how much time. In addition, this notice is intended to inform you of your rights in relation to that information and how to exercise them with APDATA.
- 1. Definitions
- 2. Normative Reference
- 3. What data we collect?
- 4. What cookies are and how we use them?
- 5. Why we process your personal data?
- 6. With whom we share your personal data?
- 7. How we protect your personal data?
- 8. How long we do store your personal data?
- 9. What are my rights as a personal data holder?
- 10. How to clarify additional questions?
- 11. Update of the Privacy Notice
1. Definitions
The following terms are used in our Privacy Notice:
| Term | Meaning |
|---|---|
| LGPD | General Data Protection Law |
| Personal Information | Any information relating to an identified or identifiable person (“Holder”). An identifiable person is a person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, identifiers by electronic means. |
| Sensitive Personal Data | Personal data on racial or ethnic origin, religious belief, political opinion, union membership or organization of a religious, philosophical or political nature, data relating to health or sexual life, genetic or biometric data, when linked to the holder of personal data. |
| Holder | Person to whom the personal data refers. |
| Officer | In charge of the Treatment of Personal Data (DPO - Data Protection Officer) is the person responsible for the Protection of Personal Data at APDATA and for communication with the ANPD and with the holders, contactable by e-mail: dpo@apdata.com.br |
| ANPD | National Data Protection Authority is the federal public administration body responsible for overseeing, implementing and supervising compliance with the General Data Protection Law throughout the national territory. |
| Treatment | Any operation carried out on personal data, by automated or non-automated means, such as the collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, disposal, evaluation or control of information, modification , communication, transfer, diffusion or extraction. |
| Consent | Free, informed and unambiguous statement by which the holder agrees with the treatment of his personal data for a specific purpose. |
| Anonymization | Use of reasonable and available technical means at the time of treatment, whereby data loses the possibility of association, directly or indirectly, with an individual. |
| Block | Temporary suspension of any processing operation, by keeping personal data or database. |
| Elimination | Deletion of data or data set stored in a database, regardless of the procedure employed. |
| Sharing | Communication, dissemination, international transfer, interconnection of personal data or shared treatment of personal databases by public bodies or entities in the fulfillment of their legal powers, or between these and private entities, reciprocally, with specific authorization, for one or more modalities of treatment allowed by these public entities, or between private entities. |
| International Data Transfer | Transfer of personal data to a foreign country or international body of which the country is a member. |
| Third party | Any legal person, including those belonging to the same economic group, as well as any individual who uses or can use personal data for economic purposes. They are service providers, outsourced workers, business partners, suppliers and APDATA representatives. |
| Website | It is a place on the Internet identified by a domain name, consisting of one or more pages with content that can contain text, graphics, images, photos, videos and other information. The institutional website of APDATA is https://www.apdata.com. |
2. Normative Reference
- Federal Law No. 13,709 / 2018, General Law for the Protection of Personal Data, “LGPD”, available at http://www.planalto.gov.br/ccivil_03/_Ato2015-2018/2018/Lei/L13709.htm
- Federal Law No. 13,853 / 2019, responsible for amending the General Data Protection Law, “LGPD”, available at http://www.planalto.gov.br/ccivil_03/_Ato2019-2022/2019/Lei/L13853.htm
- Federal Law 14,010/2020, responsible for amending the General Data Protection Law, "LGPD", available at http://www.planalto.gov.br/ccivil_03/_Ato2019-2022/2020/Lei/L14010.htm
Remark: If there is a conflict between the provisions of this Privacy Notice and the General Personal Data Protection Law (Federal Law No. 13,709 / 2018), the latter will prevail.
3. What data we collect?
In order for us to provide our services and carry out our activities, it is essential to collect some information that concerns you. What is this data?
Personal data provided directly by you: During your relationship with us, it is possible for you to actively provide us with your personal data, by completing registration and forms, by accessing the areas and features, which vary according to the type of relationship you have with APDATA, according to non-exhaustive hypotheses indicated below:
| Site Area | Use | Personal data |
|---|---|---|
| Contact us | Contact APDATA | Name, email and corporate phone |
| Become a partner | Partnership with APDATA (data are used by the commercial team to make contact) | Name, email and corporate phone, title and company name |
| Blog | Actions of Digital marketing | Name, email and corporate phone, tilte and company name |
| Comments on articles published on the channel “Apdata na Mídia” | Identify who made the comment. | Name, corporate email, company name and message |
Personal data provided by third parties: APDATA receives data from third parties, whether partners, service providers or customers, related to you. The data received from such sources, enable APDATA to carry out its activities and provide its services. The following are some examples of situations in which this may occur:
| Third parties | Goal | Personal data |
|---|---|---|
| Partner Organizations | Customer Prospecting and Marketing Actions | Name, email, phone, position, company name and public data available on the Internet |
| Clients or Service Providers to APDATA | Enable the provision of third-party services at APDATA facilities | Name, CPF and company name |
| Restricted Area (Exclusive for Customers) | Access to service-related features. | Name, CPF, date of birth, e-mail, telephone and information related to your employment relationship with your employer (company, position, e-mail and telephone) |
Personal data collected automatically: APDATA will also be able to collect some information automatically, such as: characteristics of the access device and browser, origin (last country and language accessed), click information and pages accessed. Such collection is carried out through the use of some technologies, such as cookies.
4. What cookies are and how we use them?
Cookies are files or information that can be stored on your devices when you visit our website or use APDATA's online services.
| Types of Cookies | What they do? |
|---|---|
| Required | These cookies are essential for websites to properly load information and allow you to navigate correctly. |
| Performance | These cookies help us understand how visitors interact with pages by providing information about areas visited, time spent at the website and any problems encountered, such as error messages. |
| Safety | These cookies provide security in access, preventing vulnerabilities. |
| Functional | These cookies allow pages to remember your choices to provide you with a personalized experience. |
| Marketing | These cookies are used to provide you with more relevant content. They can be used to display advertising and also allow the effectiveness of a launched advertising campaign to be measured. |
The cookies can be refused directly in the user's browser, however, this may impact, and in some cases even make it impossible to navigate the APDATA website, as in other websites. For more information go to the respective settings on your browser's official page.
For all personal data collection, APDATA will always follow the following rules:
- The personal data collected will only be used to fulfill the purposes informed to you.
- Only information that is indispensable for the provision of the services offered or the execution of the activities informed will be collected.
5. Why we process your personal data?
We treat your personal data, in most cases, to enable the execution of our activities, such as the information provided by you for contact or during your employment with companies that hire APDATA so that we can provide any of our services. However, there are several purposes for which we may treat your personal data, the main ones are being listed below:
- If APDATA has any legal or regulatory obligation: Your personal data may be used to fulfill obligations provided by law, regulations of government agencies, tax authorities, the Judiciary and / or other competent authority. This treatment may include your complete qualification data, personal documents and bank details, for example.
- For the regular exercise of APDATA's rights: Even after the termination of the contractual relationship, we may process some of your personal data to exercise our rights guaranteed by law, including as evidence in legal, administrative or arbitration proceedings, such as collection actions in the event of breach of contractual obligation. , in the responses to lawsuits in which APDATA appears as an interested party or is provoked by the competent court to rule on a certain fact.
- In situations of APDATA's legitimate interest: It is possible that your personal data will also be treated for legitimate purposes involving the continuity of our activities, such as promoting APDATA services, providing information on news, content, news and other issues relevant to maintaining your relationship with APDATA and in improving the features, use and experience on our website and other tools made available as a result of providing our services.
- For the execution of contracts or preliminary steps: We can use your identification and contact details to allow the execution of the contract we have signed with the company you work for (customers and partners), making it possible, for example, to provide our services and other acts resulting from the contractual relationship established with APDATA.
- To conduct activities that aim to prevent fraud: : When strictly necessary, we may process your data to prove that you are who you really are, claiming to be fraudulent.
- Through authorization granted by you: If you express your interest and with your authorization, whenever necessary, we may use your data to send communications about our products and services, such as during marketing campaigns, sending emails, SMS and messages via WhatsApp and / or phone.
6. With whom we share your personal data?
For the operationalization of its activities, APDATA will need, in some situations, to share your personal data. We present some hypotheses below, not exhaustive, in which the sharing of your information may occur:
- With partner companies and suppliers, in the development and provision of services aimed at you, according to APDATA's privacy and data protection and / or information security policies and procedures and located abroad (United States);
- With authorities, government entities or other third parties, for the protection of APDATA's interests, in any type of conflict, including lawsuits and administrative proceedings;
- Upon court order or at the request of administrative authorities that have legal competence for your request.
- With companies of our economic group, when APDATA is committed to adopting guarantees of protection of your personal data.
7. How we protect your personal data?
APDATA adopts the appropriate technical measures to keep personal data safe and protected from unauthorized access and accidental or unlawful destruction, loss, alteration, communication or any other form of inappropriate or unlawful treatment, always in light of the applicable data protection and information security rules.
This includes, among other measures, internal privacy and information security policies and procedures, vulnerability scans, firewalls, malware protection, intrusion detection, DLP (data loss prevention) and periodic monitoring of the systems. Personal data is stored digitally with restricted access.
In the unlikely event of technical failures, viruses or similar actions, APDATA will guarantee the adoption of all reasonable measures to remedy the consequences of the event, always guaranteeing due transparency to you.
8. How long we do store your personal data?
The personal data processed by APDATA will be deleted when they are no longer useful for the purposes for which they were collected, or when you request their disposal, except if there is a need for maintenance for the purpose of complying with legal or regulatory obligations, for the exercise of their rights in judicial or administrative proceedings, or in other cases provided for in the applicable legislation.
9. What are my rights as a personal data holder?
You have the following rights regarding your personal data:
- Be informed if we treat any personal data about you;
- Be informed on what personal data about you are processed by us;
- Correct incomplete, inaccurate or outdated data, by the means required by specific regulations, when necessary;
- Request the anonymization, blocking or elimination of unnecessary, excessive data or that, by chance, have been treated in non-compliance with the law;
- Request data portability from another service or product provider, if expressly performed;
- Request the deletion of data processed with your consent;
- Obtain information about the public or private entities with which we share your data;
- When the treatment activity requires your consent, you can refuse to consent. In this case, if you ask us, we will inform you about the consequences of not carrying out such an activity;
- When the treatment activity requires your consent, you can revoke it at any time.
At this point, all requests will be:
- Free of charge;
- Submitted to a form of validation of their identity (so that APDATA directs the fulfillment of requests, exclusively to the data holder).
To exercise your rights as a holder of personal data, access the "Contact us" channel, available in the "Contact" menu on the APDATA website (www.apdata.com).
10. How to clarify additional questions?
If you would like to clarify any additional questions, please contact the APDATA Data Protection Officer (DPO) through the e-mail address dpo@apdata.com.br
This Privacy Notice can be updated at any time for legal reasons, for the use of new technologies and features and whenever APDATA understands that changes are necessary.
This Privacy Notice was last amended and published on our website on JUNE/30/2023.