POLÍTICA DE PRIVACIDADE
1.1. The following definitions should be considered for the purpose of better understanding of this document:
1.1.1. Official Communication Channels: websites (“Site”), corporate e-mails and SM&A’s official social network, understood and limited to LinkedIn;
1.1.2. Cookies: Small files or information that may be stored on the device that was used to access the SM&A Websites or online services. Cookies are used to improve navigation on the Site;
1.1.3. Personal Data: information that allows the identification of the individual in particular, obtained in any type of means (physical, electronic etc.). They may include, for example, name, address, e-mail, telephone, CPF (Brazilian main personal ID number), IP address and geolocation data;
1.1.4. Sensitive Personal Data: Personal Data related to racial or ethnic origin, religious conviction, political opinion, affiliation to a union or to an organization of a religious, philosophical, or political nature, data relating to health or sex life and genetic or biometric data;
2. COLLECTION, USE AND STORAGE OF PERSONAL DATA
2.1. The access to the website with the provision of Personal Data by the Users or the contacts made by e-mail may be used for the collection of information that aims at the best provision of services by SM&A, as well as the improvement of the Sites, making them increasingly focused on the needs and information that Users seek.
2.2. The use of the SM&A website does not necessarily require the provision of personal data. However, if the User intends to contact SM&A for any type of request, his/her data will be requested when filling out an electronic form.
2.2.1.The personal data requested must be informed so that it is possible to proceed with the request or service.
2.3. SM&A collects the Personal Data entered or forwarded actively and voluntarily by Users when contacting SM&A, and the express consent of Users is requested for such collection. In general, SM&A collects the following Personal Data: name, e-mail and telephone number.
2.5. The data collected may be used for the following purposes:
2.5.1. Enable the assistance of Users, via the contact form on the Site, e-mail and/or social networks; and
2.5.2. Keep User data up to date.
3. SECURITY OF PERSONAL DATA
3.1.1. Although SM&A spares no effort to safeguard the privacy and protection of Users’ Personal Data, no transfer of information is completely secure. Therefore, SM&A cannot guarantee that the information shared will not be subject to unauthorized access practiced in order to obtain information by improper means, such as viruses or system invasion to access the data available on the Site. In the extreme hypothesis of episodes of this nature, SM&A guarantees the absolute commitment to stop the repercussions of the event.
3.2. SM&A also guarantees restricted access to Personal Data to a few employees, who are contractually obliged to maintain the confidentiality of the information, as well as not to use it inappropriately.
3.3. In the case of Personal Data processing by external agents that work in partnership with SM&A, they must ensure the full confidentiality of the data accessed, as well as agree that they will use the best customs for handling this information, in accordance with the contractual obligations established between SM&A and the external agent.
3.4. SM&A, in order to protect the Personal Data of Users, in addition to making technical efforts, periodically update the privacy program used in its activities.
4. SHARING PERSONAL DATA
4.1.1. With public power entities, authorities, or other institutions, in order to protect the needs of SM&A in any possible conflicts, including lawsuits and administrative procedures;
4.1.2. In cases of need to transfer information for the continuity of SM&A’s services in eventual operations and corporate reorganizations;
4.1.3. By court order or at the request of administrative authorities that have legal competence for it.
5. RIGHTS OF USERS AS DATA OWNERS
5.1. SM&A guarantees the Users the following rights regarding their Personal Data, pursuant to article 18 of the LGPD:5.1.1. Confirmation of the existence of processing;5.1.2. Access to the Personal Data that is processed by SM&A;5.1.3. Correction of incomplete, inaccurate or outdated Personal Data;5.1.4. Anonymization, blocking or elimination of data that are unnecessary, excessive or processed in violation of the current legislation;5.1.5. Portability of Personal Data to another service or product provider, upon express request by Users;5.1.6. Deletion of Personal Data processed with the consent of the Users;5.1.7. Obtaining of information about the entities with which the personal data was shared;5.1.8. Information about the possibility of Users not providing consent, as well as being informed about the consequences in case of refusal; and5.1.9. Revocation of Consent;
5.2. Users may exercise their rights by means of a request sent to the e-mail address of our Data Officer, namely, firstname.lastname@example.org. SM&A will endeavor to meet the requests made by Users in a short time. However, if there are justifiable elements, such as, for example, a very complex request, the services may take longer than expected and the appropriate justifications will be presented, keeping Users always informed of the entire process.
6.2. The acceptance or not of Cookies can be freely changed in the Users’ browser settings.
6.3. Occasionally, information that SM&A collects through Cookies may be shared with third parties that it has a contractual relationship with, which must act in accordance with the provisions set forth herein.
7. DOUBTS, CLARIFICATIONS AND SUGGESTIONS
8. APPLICABLE LAW
9. GENERAL PROVISIONS
9.3. If third party companies process any Personal Data collected by SM&A, they must comply with the conditions stipulated herein and the SM&A Information Security standards, obligatorily.