APDATA is committed to ensuring the privacy and protection of the personal data of all those who have any type of relationship with us, even if indirectly.
As a result, this Privacy Notice formalizes our commitment to transparency, so that you can understand in a simple, clear and objective way, what personal information is collected, why we collect it, if we share it, with whom and for how much time. In addition, this notice is intended to inform you of your rights in relation to that information and how to exercise them with APDATA.
- 1. Definitions
- 2. Normative Reference
- 3. What data we collect?
- 4. What cookies are and how we use them?
- 5. Why we process your personal data?
- 6. With whom we share your personal data?
- 7. How we protect your personal data?
- 8. How long we do store your personal data?
- 9. What are my rights as a personal data holder?
- 10. How to clarify additional questions?
- 11. Update of the Privacy Notice
1. Definitions
The following terms are used in our Privacy Notice:
| Term | Meaning |
|---|---|
| Privacy | It is the right to be protected from interference in personal matters, presupposes respect for private life, freedom and control over the availability and exposure of information about an individual. |
| LGPD - General Data Protection Law | Law that provides for the processing of personal data, including in digital media, by a natural person or by a legal entity under public or private law, with the aim of protecting the fundamental rights of freedom and privacy and the free development of the personality of the natural person. |
| Personal Information | Any information relating to an identified or identifiable person (“Holder”). An identifiable person is a person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, identifiers by electronic means. |
| Sensitive Personal Data | Personal data on racial or ethnic origin, religious belief, political opinion, union membership or organization of a religious, philosophical or political nature, data relating to health or sexual life, genetic or biometric data, when linked to the holder of personal data. |
| Holder | Person to whom the personal data refers. |
| Officer | In charge of the Treatment of Personal Data (DPO - Data Protection Officer) is the person responsible for the Protection of Personal Data at APDATA and for communication with the ANPD and with the holders, contactable by e-mail: dpo@apdata.com.br |
| ANPD | National Data Protection Authority is the federal public administration body responsible for overseeing, implementing and supervising compliance with the General Data Protection Law throughout the national territory. |
| Treatment | Any operation carried out on personal data, by automated or non-automated means, such as the collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, disposal, evaluation or control of information, modification , communication, transfer, diffusion or extraction. |
| Consent | Free, informed and unambiguous statement by which the holder agrees with the treatment of his personal data for a specific purpose. |
| Anonymization | Use of reasonable and available technical means at the time of treatment, whereby data loses the possibility of association, directly or indirectly, with an individual. |
| Block | Temporary suspension of any processing operation, by keeping personal data or database. |
| Elimination | Deletion of data or data set stored in a database, regardless of the procedure employed. |
| Sharing | Communication, dissemination, international transfer, interconnection of personal data or shared treatment of personal databases by public bodies or entities in the fulfillment of their legal powers, or between these and private entities, reciprocally, with specific authorization, for one or more modalities of treatment allowed by these public entities, or between private entities. |
| International Data Transfer | Transfer of personal data to a foreign country or international body of which the country is a member. |
| Information security | It is a set of measures that aims to protect information against a wide range of threats, preserving the value it has for an individual or organization, based on the CIA triad (Confidentiality, Integrity, and Availability), in order to guarantee business continuity, minimize risks and maximize the return on investments and opportunities |
| Confidentiality | Ensure that only people who can know information access it. |
| Integrity | Ensure the protection of information and systems against changes to their original state. |
| Availability | Ensure that information can be accessed by those who need it, when they need it. |
| Third party | Any legal person, including those belonging to the same economic group, as well as any individual who uses or can use personal data for economic purposes. They are service providers, outsourced workers, business partners, suppliers and APDATA representatives. |
| Website | It is a place on the Internet identified by a domain name, consisting of one or more pages with content that can contain text, graphics, images, photos, videos and other information. The institutional website of APDATA is https://www.apdata.com. |
2. Normative Reference
- Federal Law No. 13,709 / 2018, General Law for the Protection of Personal Data, “LGPD”, available at http://www.planalto.gov.br/ccivil_03/_Ato2015-2018/2018/Lei/L13709.htm
- Federal Law No. 13,853 / 2019, responsible for amending the General Data Protection Law, “LGPD”, available at http://www.planalto.gov.br/ccivil_03/_Ato2019-2022/2019/Lei/L13853.htm
- Federal Law 14,010/2020, responsible for amending the General Data Protection Law, "LGPD", available at http://www.planalto.gov.br/ccivil_03/_Ato2019-2022/2020/Lei/L14010.htm
Remark: If there is a conflict between the provisions of this Privacy Notice and the General Personal Data Protection Law (Federal Law No. 13,709 / 2018), the latter will prevail.
3. What data we collect?
In order for us to provide our services and carry out our activities, it is essential to collect some information that concerns you. What is this data?
Personal data provided directly by you: During your relationship with us, it is possible for you to actively provide us with your personal data, by completing registration and forms, by accessing the areas and features, which vary according to the type of relationship you have with APDATA, according to non-exhaustive hypotheses indicated below:
| Site Area | Use | Personal data |
|---|---|---|
| Contact us | Contact APDATA | Name, email, corporate phone, position and company name |
| Become a partner | Partnership with APDATA (data are used by the commercial team to make contact) | Name, corporate email, corporate phone, position, company name and company address |
| Blog | Actions of Digital marketing | Name, email and corporate phone, tilte and company name |
Personal data provided by third parties: APDATA receives data from third parties, whether partners, service providers or customers, related to you. The data received from such sources, enable APDATA to carry out its activities and provide its services. The following are some examples of situations in which this may occur:
| Third parties | Goal | Personal data |
|---|---|---|
| Partner Organizations | Customer Prospecting and Marketing Actions | Name, email, phone, position, company name and public data available on the Internet |
| Clients or Service Providers to APDATA | Enable the provision of third-party services at APDATA facilities | Name, CPF and company name |
| Restricted Area (Exclusive for Customers) | Access to service-related features. | Name, CPF, date of birth, e-mail, telephone and information related to your employment relationship with your employer (company, position, e-mail and telephone) |
Personal data collected automatically: APDATA will also be able to collect some information automatically, such as: characteristics of the access device and browser, origin (last country and language accessed), click information and pages accessed. Such collection is carried out through the use of some technologies, such as cookies.
4. What cookies are and how we use them?
Cookies are files or information that can be stored on your devices when you visit our website or use APDATA's online services.
The APDATA website uses:
- First-party or primary cookies: these are installed directly by APDATA. These are cookies set directly by the website or application that the user is visiting. First-party cookies generally cannot be used to track activity on a website other than the original website on which they were placed. These types of cookies may include information such as login credentials, shopping cart items or preferred language.
- Third-Party Cookies (linked to third-party domains): These are cookies created by a domain other than the one the user is visiting. They arise from features of other domains that are incorporated into a website, such as displaying advertisements. On our website, for example, we use Google Analytics. Find out how your personal data is processed at https://policies.google.com/privacy?hl=pt-BR.
| Types of Cookies | What they do? |
|---|---|
| Necessary | Necessary cookies are those that allow the functioning of the basic functions of the website, such as navigation, access to secure or restricted areas. Without these cookies, the website will not function properly. |
| Functional | Functional cookies store the user's previous choices, such as language, font size, colors (when applicable), among other preferences. They allow the user to easily access the page with its customizations. Additionally, these cookies may enable the site to integrate with third-party services, such as links to social media profiles, comments, chatbots, among others |
| Performance | Performance cookies, also known as analytica, help to understand how the website has behaved with the user, collecting statistics such as areas visited, time spent, user interactions with page content, audience measurement and possible operational problems. |
| Marketing | Marketing cookies allow for the tracking of users across different sites. Their primary goal is to offer users advertising for products and services that are more aligned with their interests, based on their online behavior. Marketing cookies can also be used to measure the effectiveness of an online advertising campaign. |
| Statisticians | Statistical cookies record data about visits to a website, such as the number of visits, the time and the origin of the traffic. The purpose of using this category of cookies is to enhance the user experience, improve the content and enable the creation of features that promote better navigation. |
Cookies can be easily disabled through your browser settings. Depending on the cookies refused, the Site may not function correctly, or even take time to load content. For more information go to the respective settings on your browser's official page.
For all personal data collection, APDATA will always follow the following rules:
- The personal data collected will only be used to fulfill the purposes informed to you.
- Only information that is indispensable for the provision of the services offered or the execution of the activities informed will be collected.
5. Why we process your personal data?
We treat your personal data, in most cases, to enable the execution of our activities, such as the information provided by you for contact or during your employment with companies that hire APDATA so that we can provide any of our services. However, there are several purposes for which we may treat your personal data, the main ones are being listed below:
- If APDATA has any legal or regulatory obligation: Your personal data may be used to fulfill obligations provided by law, regulations of government agencies, tax authorities, the Judiciary and / or other competent authority. This treatment may include your complete qualification data, personal documents and bank details, for example.
- For the regular exercise of APDATA's rights: Even after the termination of the contractual relationship, we may process some of your personal data to exercise our rights guaranteed by law, including as evidence in legal, administrative or arbitration proceedings, such as collection actions in the event of breach of contractual obligation. , in the responses to lawsuits in which APDATA appears as an interested party or is provoked by the competent court to rule on a certain fact.
- In situations of APDATA's legitimate interest: It is possible that your personal data will also be treated for legitimate purposes involving the continuity of our activities, such as promoting APDATA services, providing information on news, content, news and other issues relevant to maintaining your relationship with APDATA and in improving the features, use and experience on our website and other tools made available as a result of providing our services.
- For the execution of contracts or preliminary steps: We can use your identification and contact details to allow the execution of the contract we have signed with the company you work for (customers and partners), making it possible, for example, to provide our services and other acts resulting from the contractual relationship established with APDATA.
- To conduct activities that aim to prevent fraud: : When strictly necessary, we may process your data to prove that you are who you really are, claiming to be fraudulent.
- Through authorization granted by you: If you express your interest and with your authorization, whenever necessary, we may use your data to send communications about our products and services, such as during marketing campaigns, sending emails, SMS and messages via WhatsApp and / or phone.
6. With whom we share your personal data?
For the operationalization of its activities, APDATA will need, in some situations, to share your personal data. We present some hypotheses below, not exhaustive, in which the sharing of your information may occur:
- With partner companies and suppliers, in the development and provision of services aimed at you, according to APDATA's privacy and data protection and / or information security policies and procedures and located abroad (United States);
- With authorities, government entities or other third parties, for the protection of APDATA's interests, in any type of conflict, including lawsuits and administrative proceedings;
- Upon court order or at the request of administrative authorities that have legal competence for your request.
- With companies of our economic group, when APDATA is committed to adopting guarantees of protection of your personal data.
7. How we protect your personal data?
APDATA adopts the appropriate technical measures to keep personal data safe and protected from unauthorized access and accidental or unlawful destruction, loss, alteration, communication or any other form of inappropriate or unlawful treatment, always in light of the applicable data protection and information security rules.
This includes, among other measures, internal privacy and information security policies and procedures, vulnerability scans, firewalls, malware protection, intrusion detection, DLP (data loss prevention) and periodic monitoring of the systems. Personal data is stored digitally with restricted access.
In the unlikely event of technical failures, viruses or similar actions, APDATA will guarantee the adoption of all reasonable measures to remedy the consequences of the event, always guaranteeing due transparency to you.
8. How long we do store your personal data?
The personal data processed by APDATA will be deleted when they are no longer useful for the purposes for which they were collected, or when you request their disposal, except if there is a need for maintenance for the purpose of complying with legal or regulatory obligations, for the exercise of their rights in judicial or administrative proceedings, or in other cases provided for in the applicable legislation.
9. What are my rights as a personal data holder?
You have the following rights regarding your personal data:
- Be informed if we treat any personal data about you;
- Be informed on what personal data about you are processed by us;
- Correct incomplete, inaccurate or outdated data, by the means required by specific regulations, when necessary;
- Request the anonymization, blocking or elimination of unnecessary, excessive data or that, by chance, have been treated in non-compliance with the law;
- Request data portability from another service or product provider, if expressly performed;
- Request the deletion of data processed with your consent;
- Obtain information about the public or private entities with which we share your data;
- When the treatment activity requires your consent, you can refuse to consent. In this case, if you ask us, we will inform you about the consequences of not carrying out such an activity;
- When the treatment activity requires your consent, you can revoke it at any time.
At this point, all requests will be:
- Free of charge;
- Submitted to a form of validation of their identity (so that APDATA directs the fulfillment of requests, exclusively to the data holder).
To exercise your rights as a holder of personal data, access the "Contact us" channel, available in the "Contact" menu on the APDATA website (www.apdata.com).
10. How to clarify additional questions?
If you have any questions, suggestions or requests involving this document or the processing of your personal data, please contact:
Data Protection Officer (DPO):
Opice Blum, Bruno Advogados Associados
Henrique Fabretti
Contact: dpo@apdata.com.br
11. Update of the PRivacy Notice
This Privacy Notice can be updated at any time for legal reasons, for the use of new technologies and features and whenever APDATA understands that changes are necessary.
This Privacy Notice was last amended and published on our website on NOVEMBER/28/2024.