PRIVACY AND DATA PROTECTION POLICY
BRAIN LTDA (hereinafter referred as “BRAIN”) is strongly committed to ensuring the privacy of the users of its services and to be transparent in the use and processing of their personal data and the information that may be acquired in its framework, by the use of its website, by the subscription to its newsletter, by registration to events, fairs or similar activities.
In this regard, this document is intended to inform about its policies on the subject, specifically indicating how and with what scope the user’s data is handled. We suggest a careful reading so that, eventually, users may request for more information about the use of their data, request for changes in their handling or to exercise rights, which if applicable according to the applicable regulations, will be implemented in due time.
I. ABOUT THE COLLECTED PERSONAL DATA COLLECTED AND ITS USE.
The personal data collected in the framework of advisory services, is used to comply with the required legal, accounting or notarial tasks and to comply with the obligations and duties set forth in the applicable legal system. This information is comprised within the protection granted by professional secrecy and is treated with the utmost confidentiality, subscribing, in addition, with the firm’s collaborators, whether professionals or not, confidentiality clauses on the information of clients known by virtue of the performance of their tasks in the Firm.
Some contact information, such as address, email address or phone number, among others, collected by virtue of an advisory relationship or by the mechanisms mentioned above, may be used for the following purposes, always aimed to a better professional integral provision of services, with proactivity and for the benefit of the users: institutional communications, newsletters, invitations, reminders or thank-you letters for attending events, sending legal or accounting contents, sending publications, reports, magazines or books, conducting surveys of evaluation of the service, calls for interviews with candidates to provide services or to work in the Firm and eventually, request the update of contact data for the purpose of communicating to the abovementioned effects.
As the only exception in relation to the communication or transfer of data not required by the competent authorities, BRAIN will eventually use the contact data so that they can communicate with those users who are linked with national and international publications of professional services evaluation. In no case the Firm will commercialize the data that it handles.
In the case of data of the Firm’s staff, it will be used exclusively within the framework of the management of the service or labor relationship in accordance with the internal policies of human resources.
Data processing, if necessary, carried out directly by BRAIN or by an agent – in charge of processing – will in any case be carried out in compliance with the Privacy and Data Protection Policy stated herein.
Consent will be sought for the use of data with the scope established in this document, with the exception of the following cases: (a) when certain use or communication of data is necessary to comply with an obligation or duty established in positive law; (b) when it is necessary for the provision of the services provided by the Firm; (c) when it is necessary for the exercise of rights or claims; or (d) when there is a legitimate interest in continuing with a certain use or data processing.
If anybody would like to withdraw his/her consent granted in due time for the use of data, or if anybody wants the data to be handled in a different manner from the one arising from the terms of this document, it must thus be requested by email to: firstname.lastname@example.org.
Whenever its use by the Firm is not necessary or justified in a certain sense in accordance with the applicable regulations, the request shall be agreed to.
III. RIGHTS TO ACCESS INFORMATION, CORRECTION, UPDATING, SUPPRESSION, OPPOSITION, PORTABILITY AND LIMITATION OF TREATMENT OF PERSONAL DATA.
In addition to the information on the purposes for which the data arising from this document is used, to the extent that it may correspond in accordance with the applicable positive law, BRAIN will enable access and inform about the data of the interested party that it has and about its specific use whenever required, and corrections, updates, deletions and limitations on the processing of the requested data that may be appropriate, will be made.
The exercise by the interested parties of the right to the portability of the data will also be enabled, that is to say, that in response to a request from the owner of the right in that sense, the Firm will deliver a document containing the data that the Firm has on an interested party, so that it may be used by another provider of services.
In order to exercise any of the aforementioned rights, it must thus be stated by the interested party by sending an email to: email@example.com. BRAIN will analyze the request and will agree to it, provided that, in accordance with the applicable regulations, its use is not necessary or justified in a certain sense different and excluding the required one. The development of the aforementioned analysis and, if applicable, the implementation of the necessary measures for the exercise of the rights, will be carried out within a reasonable period of time, generally of about 30 days upon reception of the request. In any case, a response will be sent to the e-mail from which the request arrived with the justification and explanation of the resolution and the eventual action taken.
Likewise, the users of the Firm’s services may at any time oppose and request to cease the use of their data to send information about services, news, newsletters, publications and events, also making this request to the mail box mentioned in the preceding paragraph.
IV. DATA PROTECTION AND SECURITY MEASURES.
BRAIN is especially compromised with the confidentiality of the data of the users of its services, and has adequate measures, systems and procedures for the type of data processing that it performs, to reasonably maintain the protection and privacy of the data that it handles.
Any claim or complaint of a user regarding the legitimacy of the use and protection of data by the Firm, may be channeled through the following mailbox: firstname.lastname@example.org, and will be specially considered within a prudential term, generally about 30 days upon reception of the request. If applicable, the appropriate compliance and rectification measures will be taken and communicated to the user, and if it is determined that the approach is not appropriate, a well-founded explanation in such sense will be given.
VI. AMENDMENTS TO THESE PRIVACY AND DATA PROTECTION POLICIES.
The amendments that should be made to these privacy and data protection policies, will be published on the Firm’s website, and users may access the current versions at any time, considering that they are accepted if they continue using the website, if a new subscription to events or a request to send reports is made, or if professional or information services provided by the Firm are required.