CONTEXT

As part of our daily work, we inevitably come across personal data (from now on referred to as “data”) from partners, employees, suppliers, customers, and third parties. Generally, this personal data must be stored to fulfill our tasks, analyzed, or transferred to third parties. This handling of personal data is subject to the General Data Protection Law no. 13,709/2018 (in Portuguese, LGPD), which must respect in the personal data processing of every identified or identifiable natural person.

 

OBJECTIVE

The Privacy Policy objective is to provide all personal data holders the information necessary to ensure legal and appropriate personal data processing and make sure everyone knows who to contact in case of doubts, uncertainties, or requests for other information. It defines the Terms and Conditions of Use and Cookies Policy, referring to the institutional website use and resources.

​

SCOPE

The Privacy Protection Policy applies to all personal data holders who may have their data stored and controlled by the SENDI Group.

 

DEFINITIONS

Any natural person whose personal data is being processed. This includes, for example, suppliers, customers or people from other companies. Employees are also considered as regular members, also covering candidates for vacancies at SENDI, retirees, temporary employees, interns, etc.

​

DATA HOLDER

Any natural person whose personal data is processing. It includes, for example, suppliers, customers, or people from other companies. Also are considered holders the employees, candidates for job vacancies at SENDI, retirees, temporary employees, interns, etc.

​

PERSONAL DATA:

It is all individual information about an identified or identifiable natural person (personal data holder). Personal data of identified individuals are information that can immediately identify a person, such as a name, surname, personal documents (CPF, RG, CNH, Work Permit, passport, and voter registration), address, telephone, e-mail, etc. A person is identifiable if the data connection can lead to a deduction of who that person is and thus make him identifiable, such as preference, interests and consumption habits, IP address data, and geolocation. Personal data can be related to personal circumstances (name, address, marital status, children, hobbies, certificates, professional status) or material circumstances (income, assets, property, insurance, e-mails, number bank account).

 

SENSITIVE PERSONAL DATA:

It is all personal data, including health information (such as diagnoses or medical observations), sexual life and sexual orientation, racial and ethnic origin (such as nationality or skin color), union membership or religious, philosophical, or political organization, biometric data (such as fingerprints), genetic data, when linked to a natural person.

 

PERSONAL DATA OF CHILDREN AND ADOLESCENTS:

If a personal data collection of children and adolescents is required, it must perform with specific consent from one parent or the legal guardian.

 

TREATMENT:

Any operation performed with personal data, with or without automated procedures assistance, such as collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or information control, modification, communication, transfer, diffusion or extraction. In the daily data processing, it is necessary to consider each of the subjects mentioned here and check separately if the respective processing is allowed.

 

CONTROLLER:

It is the natural person or legal entity of public or private law, which is responsible by itself or related to another person, for decisions about the objectives and means of personal data processing.

 

OPERATOR:

It is the natural person or legal entity of public or private law, which performs the personal data processing on behalf of the controller. The processor performs the personal data processing following the controller instructions, who remains the data owner.

 

TREATMENT AGENTS:

The controller and the processor.

 

ANONIMIZATION:

Use of reasonable and available technical means at the time of treatment, whereby data loses the possibility of an association, directly or indirectly, with an individual.