PERSONAL DATA PROTECTION POLICY OF THE WEBSITE OF ACEFLEX DO NORDESTE CONTENTORES FLEXÍVEIS LTDA.
The Personal Data Protection Policy of Aceflex do Nordeste Contentores Flexíveis LTDA’s, website is in perfect agreement with the Lei Geral de Proteção de Dados 13,709/18 (General Law on Personal Data Protection - LGPD in the Portuguese acronym), and with the best practices of international reference.
All information provided is encrypted and stored on a secure server. This guarantees that your personal data will not be intercepted or copied. When entering your data, you will be on a page whose security standard is SSL (SECURE SOCKET LAYER).
Our commitment is to respect your privacy and ensure the Protection of your Personal Data and Privacy when providing your Personal Data.
1. Personal data provided with explicit consent by the user
a – Necessary for registry of requests for quotes/orders, and or;
b – Sending and/or collecting resumes, which will be collected and saved in a database and examined in due time for specific recruitment purposes.
2. Sensitive data
Sensitive personal data, understood as those defined in art. 11 et seq. of Law No. 13,709, of August 14, 2018, will not be collected. Thus, there will be no collection of data on racial or ethnic origin, religious beliefs, political views, membership in a trade union or a religious, philosophical or political organization, data referring to health or sex life, genetic data, biometric or facial data, when linked to a natural person.
Cookies are small text files downloaded automatically to your device when you access and browse a website. They are basically used to identify devices, activities and user preferences. Cookies do not allow any file or information to be extracted from the user's hard drive, nor make it possible to access personal information which has not come from the user or the way in which he or she uses the resources of the website.
a. Website cookies
Website cookies are those sent to the user's or to the administrator’s computer or device exclusively by the website. The information collected through these cookies is used to improve and personalize the user’s experience. Some cookies can, for example, be used to remember the user’s preferences and choices, in addition to offering personalized content.
b. Third party cookies
Some of our partners may set cookies on the devices of users who access our site. These cookies, in general, aim to enable our partners to offer their content and services in a personalized way, by obtaining browsing data extracted from their interaction with the site. The user can obtain more information about third-party cookies and how the data obtained from them are processed, in addition to having access to the description and the characteristics of the cookies used, by accessing the following link:
- Google Analytics
- Facebook Bussiness
The entities in charge of collecting cookies may assign the information obtained to third parties.
c. Cookie Management
The user may disagree with the recording of cookies through the website by disabling this option in their own browser. More information on how to do this in some of the main browsers can be accessed from the following links: Internet Explorer:
Certain operations for the processing of personal data executed on our website will depend on the prior agreement of the user, which must be freely given, informed and clear. The user may withdraw his or her consent at any time, and if there is no legal hypothesis that allows or requires the storage of the data, the data provided with consent will be erased. Additionally, if desired, the user may not agree to a certain operation of processing of personal data based on consent. In these cases, however, the user might not be able to use some features of the site that depends on that operation. The consequences of lack of consent for a specific activity are informed prior to the treatment.
2. Compliance with legal or regulatory obligation by the controller
Some operations of processing personal data, mainly the storage of data, will be carried out so that we can comply with obligations under law or other regulatory provisions applicable to our activities.
3. Legitimate interest
8. User rights
The user of the site has the following rights, advised by the Lei Geral de Proteção de Dados Pessoais(LGPD)
- confirmation of the existence of treatment;
- access to data;
- correction of incomplete, inaccurate or outdated data;
- anonymization, blocking or erasure of unnecessary, excessive or processed data which does not comply with the provisions of the law;
- data portability to another service or product provider, upon express request, in accordance with the regulations of the national authority, observing commercial and industrial classified information;
- erasure of personal data processed with the consent of the holder, except in cases provided for by law;
- information from public and private entities with which the controller shared data;
- information on the possibility of not giving consent and the consequences of nonacceptance;
- withdrawal of consent.
It is important to highlight that, under the terms of the LGPD, there is no right to erase treated data on the basis of legal grounds other than consent, unless the data is unnecessary, excessive or processed in disagreement with the law.
1. How the holder can exercise his rights
To ensure that the user who intends to exercise their rights is, in fact, the holder of said data in request, we may ask for documentation or other validation information that can help in proper identification, in order to safeguard our rights and the rights of third parties. This will only be done if absolutely necessary, and the applicant will receive all related information
9. Security measures in the processing of personal data
We engage technical and organizational measures capable of protecting personal data from unauthorized access and from situations of destruction, loss, misplacement or alteration of this data. The measures we use take into account the nature of the data, the context and purpose of the treatment, the risks that a possible violation would generate for the user's rights and freedoms, and the standards currently used in the market by companies similar to ours. Among the security measures adopted by us, we highlight the following:
- Storage of passwords using cryptographic hashes
- Database access restrictions
- Surveillance of physical access to data servers.
Even if we adopt everything in our power to avoid security incidents, there may be problems caused exclusively by a third party - such as in the case of hacker or cracker attacks, or in the case of the user's sole fault - which occurs when the user himself transfers data to a third party, for example. Hence, although we are generally responsible for the personal data we treat, we exempt ourselves from liability in the event of an exceptional situation such as these, over which we have no control. In any case, in the event of any type of security incident that may generate relevant risk or damage to any of our users, we will communicate those affected and the National Data Protection Authority about the fact, in conformity with the provisions of the General Law on Personal Data Protection (LGPD)
10. Complaint to a control authority
Without impairment to any means of administrative or judicial appeal, holders of personal data who feel in any way that they have been harmed, may file a complaint with the National Data Protection Authority.
11. Changes to this policy
12. How to contact the "Data Officer"