1. INTRODUCTION AND OBJECTIVE
The purpose of this Privacy Policy ("Policy") is to demonstrate Vericode Tecnologia Ltda.'s ("Vericode" or "We") commitment to the privacy and data protection of our users ("Holder," "you" or "your"), as well as to establish rules for the Processing of your Personal Data in our environments ("Our Environments"). Vericode is located at Rua Haddock Lobo, No. 337, 8th floor, suites 81A and 81B, Cerqueira Cesar, São Paulo/SP, ZIP code 01414-901, CNPJ No. 05.490.788/0001-85.
This Policy describes, in a simple, transparent, and objective manner, how Vericode collects, maintains, processes, protects, and uses your Personal Data, as well as the rights you have under applicable laws, especially Law No. 13,709/2018 ("General Data Protection Law" or "LGPD").
As a condition for accessing and using the exclusive features of Our Environments, you declare that you have read this Policy in full and are aware of its contents.
We also kindly request that children and adolescents under the age of 16 do not register in Our Environments. Parents must always supervise the online activities of their minor children, as well as assist the activities of adolescents over 16 years old and under 18 years old.
2. DATA WE COLLECT
Data, including Personal Data, may be collected when the Holder provides it, for example, by sending a message or interacting in Our Environments. This data includes:
- Full name
- Phone number
- Company
- Position
- Profession
- Professional history
- Educational history
- Social media addresses
In addition to the data provided above, We also collect information automatically, which includes: IP address and Logical Port of Origin; device information (operating system version); date and time records of each action you perform; which screens you accessed and cookies.
Nevertheless, We only use the data that is actually relevant and necessary to achieve each specific purpose. Also, if you decide not to provide some of the data above, We may be unable to provide a service in whole or in part, since many of our services require the data mentioned above.
Vericode emphasizes that, for the general purposes stated here, We do not process data considered sensitive by LGPD, notably those related to racial or ethnic origin, religious belief, political opinion, membership of a union or a religious, philosophical, or political organization, data related to health or sexual life, genetic or biometric data, when linked to a natural person. However, in rare and specific cases in which We process such data, the processing is based on specific terms previously made available to the Holders, with specific consent or based on express legal authorization.
3. PURPOSE OF THE DATA WE COLLECT
We collect data for the following purposes:
(I) Present personalized ads to the Data Subject, based on the provided Data.
(II) Inform the Data Subject about news, content, features, news, and events that We consider relevant to you, as well as to expand our relationship and enrich your experience with us.
(III) Improve our services and products.
(IV) Measure satisfaction with the use of our services and/or products or the effectiveness of our advertising campaigns.
(V) Establish a contractual relationship, as well as manage, provide, administer, improve and/or expand the services provided to the Data Subject, including adapting to their preferences and tastes.
(VI) Comply with the obligations arising from the use of our services and products.
(VII) Guarantee the portability of registration data to another service or product provider, if requested by the Data Subject, complying with the obligation of article 18 of the LGPD.
(VIII) Identify the professional profile of the Data Subject.
(IX) Carry out employee recruitment if the Data Subject wishes to work with us.
4. DATABASE
The database established by the data collection is owned by Vericode and is under our responsibility, and its access, use, and sharing, when necessary, will be carried out within the limits and purposes described in this Policy.
It is also worth noting that part of the data collected by Vericode may be stored in databases located in foreign countries, always aiming for greater security and ease of management. Thus, it will be necessary to carry out international data transfers, always with the utmost security and care, aiming at the best interest of the Data Subject. Therefore, by agreeing to this Policy, the Data Subject agrees to the aforementioned data sharing.
5. ACCURACY OF DATA AND UPDATING
The Data Subject is solely responsible for the accuracy and precision of the provided and collected data. Therefore, they must be attentive in case of any changes, which must be informed to us so that We can keep the records updated.
In addition, the Data Subject may access, update, and supplement their data, as well as request the deletion of their data, among other rights, by contacting us through our email privacidade@vericode.com.br. We will make our best efforts to respond as soon as possible.
6. CONSERVATION AND STORAGE OF PERSONAL DATA
The collected Personal Data is stored in a controlled and secure environment for the following minimum periods:
(I) registration data - 5 years after the end of the relationship, as provided for in article 43, §1º of the Consumer Protection Code (CDC);
(II) internet application access logs - 6 months, as provided for in article 15 of Law No. 12.965/2014 (Internet Civil Framework);
(III) other data - for the duration of the relationship between Vericode and the Data Subject, and as long as there is no request for data deletion or revocation of consent, as provided for in article 9, item II of the LGPD.
In cases where the applicable law or regulatory norm authorize and provide for it, as well as for the preservation of rights, the record history of the Data Subject's data may remain stored for longer periods than those above, for security, credit protection, fraud control, and auditing purposes.
Finally, We clarify that the collected data will be stored on our servers located in Brazil, as well as in the cloud, which may require data transfer and/or processing outside of Brazil.
7. DATA SHARING
The data collected by Vericode may be shared:
(I) With judicial, administrative or governmental authorities, provided that there is a legal and/or judicial determination to do so;
(II) With companies responsible for analyzing and processing reports related to the violation of Vericode's Code of Ethics, which will always act in accordance with the terms established herein and applicable legislation;
(III) With companies contracted to provide recruitment and selection services for new employees, which will always act in accordance with the terms established herein and applicable legislation; and
(IV) Automatically, in the event of corporate transactions by Vericode, such as merger, incorporation, spin-off, or acquisition.
The data provided by the Data Subject will be anonymized (to prevent the identification of the Data Subject) when shared for market intelligence research, advertising development, and data disclosure to the press.
We further clarify that some of the companies mentioned above may be located or have facilities in foreign countries. Therefore, it will be necessary to carry out international data transfers, always with the utmost security and care, aiming at the best interest of the Data Subject.
8. PROTECTION AND DATA SAFETY
Vericode adopts technical, physical, electronic, and institutional measures to ensure the protection of the Data Subjects' data.
The measures adopted by Vericode include allowing only authorized and necessary persons to access the data, requiring individuals with access to the data to sign a confidentiality agreement, and using reliable and secure environments for storage.
Without prejudice to Vericode's best efforts to protect the data and privacy of Data Subjects, no transmission of information is absolutely secure, so Vericode cannot guarantee that the information it receives and/or sends will not be accessed by unauthorized third parties, due to, for example, cyber attacks by hackers or the Data Subject's fault.
Therefore, Vericode encourages Data Subjects to take all necessary measures to protect and preserve their data and privacy, such as not sharing their data with third parties, including usernames and passwords.
9. HOLDER'S RIGHTS
In compliance with applicable legislation, Vericode clarifies that the Holder has the following rights:
(I) Confirmation of the existence of data processing;
(II) Access to data;
(III) Correction of outdated, inaccurate, or incomplete data;
(IV) Portability of data to another service or product provider, if requested by the Holder;
(V) Information and possibility of not providing consent, with information on the respective consequences if not provided;
(VI) Revocation of consent;
(VII) Deletion of data, if requested by the Holder;
(VIII) Knowledge about which public or private entities Vericode has shared its data with.
To exercise your rights, simply contact us via our email privacidade@vericode.com.br. We will make our best efforts to respond as soon as possible.
10. USE OF COOKIES
Vericode may use cookies in Our Environments to enhance the user experience by remembering information when the user accesses Our Environments, such as preferred language, location, date and time of access, among other variables that We consider relevant, to direct content according to their interests and needs.
In Our Environments, We use necessary cookies, which are essential for the operation of the services and resources of Our Environments, performance cookies, which collect information from the page accessed by the user, to understand, for example, how and for how long you interacted with our page or if it presented errors, functionality cookies, which remember your preferences to provide a more personalized experience, and advertising cookies, which target ads and promotions related to your interests.
In this context, We use cookies and other measurement technologies to improve your browsing experience on our site, in order to show personalized content, targeted ads, analyze site traffic, and understand where visitors come from.
We also clarify that the Holder may revoke their consent regarding cookies at any time, by simply deleting the cookies from Vericode pages, using their preferred browser settings. Below We list the step-by-step guide for managing cookies on some browsers:
Google Chrome: https://support.google.com/accounts/answer/61416?co=GENIE.Platform%3DDesktop&
Mozilla Firefox: https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop
Safari: https://support.apple.com/guide/safari/manage-cookies-sfri11471/mac
Microsoft Edge / Internet Explorer: https://support.microsoft.com/en-us/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d
We emphasize that if the Holder refuses or does not accept some of the cookies from our pages, certain services may not work properly.
11. CHANGES TO THIS PRIVACY POLICY
We clarify that this Policy may be updated. Therefore, it is the responsibility of the Holder to periodically visit this page to be aware of the modifications.
Furthermore, We emphasize that it is essential for the Holder to carefully read all communications related to updates to this Policy.
Last update date of this Policy: March 9, 2023.
12. DATA PROTECTION OFFICER
For clarification of additional questions or new requests, please contact our Data Protection Officer at the email address: privacy@vericode.com.br.
13. APPLICABLE LAW AND JURISDICTION
This Policy shall be interpreted according to Brazilian law, in the Portuguese language, and the forum of your domicile is elected to settle any doubts arising from this Policy, except if provided otherwise by applicable law.
In the event that you do not have domicile in Brazil, considering that the products and services are offered by us within national territory, you are subject to Brazilian law and therefore agree that the Central Civil Forum of the Municipality of São Paulo/SP is elected to settle any doubts arising from this Policy.
In the event that any of the terms of this Policy are considered unenforceable by a judicial or data authority, the others shall not be affected and shall remain in full force and effect.
14. DEFINED TERMS
For the purposes of this Policy, the terms below shall have the following meanings:
(I) Personal Data: information related to an identified or identifiable natural person;
(II) Sensitive Personal Data: personal data on racial or ethnic origin, religious belief, political opinion, union membership or membership of religious, philosophical or political organizations, data relating to health or sex life, genetic or biometric data, when linked to a natural person.
(III) Anonymized Data: data related to a data subject that cannot be identified, considering the use of reasonable and available technical means at the time of its processing.
(IV) Database: structured set of personal data, established in one or more locations, on electronic or physical media.
(V) Data Subject: natural person to whom the personal data being processed refers.
(VI) Data Protection Officer: person appointed by the controller and operator to act as a communication channel between the controller, data subjects, and the National Data Protection Authority (ANPD).
(VII) Processing: any operation carried out with Personal Data, such as collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, elimination, assessment or control of information, modification, communication, transfer, dissemination or extraction.
(VIII) Anonymization: use of reasonable and available technical means at the time of processing, through which data loses the possibility of direct or indirect association with an individual.
(IX) Consent: free, informed, and unequivocal manifestation by which the data subject agrees to the processing of their personal data for a specific purpose.
(X) IP: Abbreviation for "Internet Protocol," being a numerical representation that identifies users' devices on the Internet or local networks.
(XI) Elimination: deletion of data or set of data stored in a database, regardless of the procedure employed.
(XII) International Data Transfer: transfer of personal data to a foreign country or international organization of which the country is a member.