PRIVACY POLICY AND DATA PROCESSING | Venturus

Privacy policy and data processing

VENTURUS PRIVACY POLICY AND DATA PROCESSING (“POLICY”)

  1. INTRODUCTION

The purpose of this Policy is to demonstrate the commitment of the

Venturus Centro de Inovação Tecnológica [Venturus Technological Innovation Center], private association, registered in the CNPJ/MF under the number. 96.499.728/0001-89, with headquarters at Estrada Giuseppina Vianelli Di Napoli, No. 1185, Condomínio [Condominium] GlobalTech Campinas , Polo II de Alta Tecnologia [of High Technology], Campinas/SP, CEP[ZIP CODE]:  13086-530

with privacy the protection of information received from your customers, including personal data, in accordance with the laws in force, with transparency and clarity with You and the market in general.

This policy describes the main rules on the treatment of your personal data when we serve You in our physical facilities or through our virtual environments (“Our Environments”).

Should You engage only one of the services, the rules set out in this policy will remain applicable, as far as You are concerned, without prejudice to additional information being provided by Us.

To access and use the functionalities offered in our environments You declare that you have read this Policy fully and attentively, being fully aware, thus conferring your free and express agreement with the terms stipulated herein, including the collection of the information mentioned herein, as well as its use for the purposes specified below.

  1. ABOUT COLLECTED DATA

2.1 How the data are collected. The data, including personal data, may be collected when You submit us or when You interact in our environments and services, which includes:

What is collected?

What is it collected for?

Registration Data (online and face-to-face environment)

Full name

(i)           Identify and authenticate You;

(ii)          Expand our relationship, conduct research, inform You about news, features, content, news, and other events that we consider relevant to You;

Position

E-mail

Telephone for contact

Home Address

(iii)        Allow the registration of requests in “Contact Us”;

(iv)        Enable You to access and use the Platform’s resources and functionalities;

(v)          Ensure the portability of the registration data to another controller of the same business, if requested by You, complying with the obligation of Article 18 of the General Law on Personal Data Protection;

(vi)        Comply with legal obligations of record maintenance established by the Marco Civil da Internet [Civil Rights Framework for Internet Use] – Law 12.965/2014.

Professional Data

Profession

(i)            Identify professional profile;

(ii)          Recruit employees if You wish to work with us.

History of professional experience

Educational history

Knowledge in languages

Health Data

Information about PCD professionals

(i)             Recruit employees if You wish to work with us;

(ii)            Comply with the legal obligations established by the Quotas Law – Law No. 8.213/1991;

Digital Identification Data

IP Address and Logical Port of Origin

(i)            Comply with legal obligations of record maintenance established by the Marco Civil da Internet [Civil Rights Framework for Internet Use] – Law 12.965/2014.

(ii)          Monitoring the security of our environments for your and our safety.

(iii)         Comply with legal obligations of record maintenance established by the Marco Civil da Internet [Civil Rights Framework for Internet Use] – Law 12.965/2014.

Records of date and time each action that You perform

Which screens You accessed

Session ID

Cookies

 

2.2         Required data. The provision of services and the use of the functionalities of our environments, depend directly on some data informed in the table above, mainly the registration data.

If You choose not to provide some of this data, you may not be able to fully enjoy the services offered to You.

2.3         Update and Veracity of Data. You are solely responsible for the accuracy, veracity, or lack of it in relation to the data You provide or for their outdated. Be aware because it is your responsibility to ensure the accuracy or keep them updated.

2.3.1.     Likewise, we are not obliged to process or treat any of Your data if there is reason to believe that such processing or handling could attribute to Us any violation of any applicable law, or if You are using our environments for any illegal, illicit, or unethical purpose.

2.4.        Database. The database formed through the collection of data is our property and responsibility, and its use, access and sharing, when necessary, will be done within the limits and purposes of the business.

2.5.        Technologies employed. We use the following technology(s):

(i)           Cookies, it is up to You to configure your Internet browser if you wish to block them. In this case, some features that are offered may be limited.

2.5.1.     All technologies used will always respect the current legislation and the terms of this Policy.

2.6.     We do not use any type of solely automated decision that impacts You.

  1. HOW WE SHARE DATA AND INFORMATION

3.1.        Data sharing hypotheses. The collected data and the registered activities can be shared, always respecting the sending of the minimum information necessary to achieve the purposes:

  • With the partner companies necessary for the provision of recruitment and selection services, always requiring such partners to comply with data security and protection guidelines, in accordance with item 4.4 of this Policy;
  • Automatically in case of corporate transactions, such as mergers, acquisitions, and incorporations; and
  • With competent judicial, administrative, regulatory, or governmental authorities, whenever there is a legal determination, request, requisition or judicial order.
  1. HOW YOUR DATA ARE PROTECTED AND HOW YOU CAN ALSO PROTECT THEM

4.1              Cares You Should Take. It is very important that You protect your data from unauthorized access to your computer, and make sure to always click “log out” when terminating your navigation on a shared computer. It is also very important that You know that we will not send you e-mails requesting data confirmation or with attachments that can be executed (extensions: .exe, .com, among others) or links for eventual downloads.

4.2.             Access to Personal Data, proportionality, and relevance. Internally, the personal data collected are only accessed by duly authorized professionals, respecting the principles of proportionality, necessity and relevance to the business objectives, in addition to the commitment to confidentiality and preservation of your privacy under this policy.

4.3.        External links. When You use our environments, You may be conducted, via link to other portals or platforms, which may collect your information and have their own data treatment policy.

4.3.1.     It is Your responsibility to read the privacy and data handling policies of such portals or platforms outside of Our Environments, and You are responsible for accepting or rejecting them. We are not responsible for the privacy and data handling policies of third parties nor for the content of any websites, content or services linked to environments other than those of the services.

4.3.2.     Partner services. We have partner companies that offer services and/or products through Services and/or functionalities that can be accessed from Our Environments. Any Data You provide directly to these partner companies will be the responsibility of these companies, thus being subject to their own data collection and use practices.

4.4.        Processing by third parties under our directive. Should third party companies carry out the processing on our behalf of any Personal Data that is collected, they will comply with the conditions set forth herein and the information security regulations.

4.5.        Communication by e-mail. To optimize and improve our communication, when we send an e-mail to You we may receive a notification when they are opened, provided that this possibility is available. It is important that You stay alert, because e-mails are sent only by domains: [@venturus.org.br and @vntschool.org.br].

  1. HOW YOUR PERSONAL DATA AND ACTIVITY RECORD ARE STORED

5.1.        The personal data collected, and the activity records are stored in a safe and controlled environment for a minimum period that follows the table below:

STORAGE PERIOD

LEGAL BASIS

Registration data

5 years after the end of the relationship

Art. 12 and 34 of the Consumer Protection Code

Digital identification data

6 months

Art. 15, Civil Rights Framework for Internet Use

Other data

While the relationship lasts and there is no request for deletion or revocation of consent

Art. 9, item II of the General Law on Personal Data Protection

5.2         Longer storage periods. For auditing, security, fraud control and preservation of rights purposes, We may keep your Data for a longer period of time in the event that the law or regulatory rule so establishes or for preservation of rights.

5.3          The collected data will be stored in servers located in Brazil, as well as in an environment of use of resources or servers in the cloud (cloud computing), which may require a transfer and/or processing of this data outside of Brazil.

  1. WHAT YOUR RIGHTS ARE AND HOW TO EXERCISE THEM

6.1.             Your basic rights. You may request confirmation of the existence of personal data processing, in addition to the display or rectification of your personal data, through our service channels.

6.2.             Limitation, opposition and deletion of data. Through our service channels, You may also request:

  • The limitation of the use of your personal data;
  • To express your opposition and/or revoke consent to the use of your personal data; or
  • Request the deletion of your personal data that has been collected by us.

6.2.1.     If You withdraw Your consent for fundamental purposes of our environments and services, such environments and services may become unavailable to You.

6.2.2.     If You request the deletion of your personal data, it may occur that the data need to be kept for a longer period than the request for deletion under article 16 of the General Law on Personal Data Protection, for (i) compliance with a legal or regulatory obligation, (ii) study by a research body, and (iii) transfer to a third party (respecting the data processing requirements provided in the same Law). In all cases by means of anonymization of Personal Data, as long as possible.

6.2.3.     Once the maintenance period and the legal need have expired, the personal data will be deleted using safe disposal methods or used anonymously for statistical purposes.

  1. INFORMATION ABOUT THIS POLICY

7.1.        Changing the content and updating. You acknowledge our right to change the content of this policy at any time, according to the purpose or need, such as for adequacy and legal compliance of a provision of law or rule that has equivalent legal force, and it is up to You to check it whenever you access our environments or use our services.

7.1.1.     In the event of updates to this document that require a new collection of consent, You will be notified through the contact channels that You inform.

7.2.        Inapplicability. Should any part of this policy be considered inapplicable by a Data Authority or court, the other conditions will remain in full force and effect.

7.3.        Electronic Communication. You acknowledge that any communication made by e-mail (to the addresses informed through the “Contact Us”), SMS, instant communication applications or any other digital form, are also valid, effective, and sufficient for the disclosure of any matter that refers to the services we provide, your data, as well as the conditions of its provision or any other matter addressed therein, being the exception only that this policy provides as such.

7.4.        Service Channels. In case of any doubt regarding the provisions contained in this Privacy and Data Processing Policy, You may contact directly the Personal Data Protection Officer, available through the e-mail dpo@venturus.org.br .

7.5.            Applicable law and jurisdiction. This policy will be interpreted according to the Brazilian legislation, in the Portuguese language, being elected the forum of its domicile to settle any controversy involving this document, except for specific reservation of personal, territorial, or functional competence by the applicable legislation.

7.6.        If You do not have a domicile in Brazil, and because of the services offered by the Company only in national territory, you submit yourself to the Brazilian legislation, agreeing, therefore, that in case of dispute to be solved, the action shall be proposed in the Campinas/SPCounty Court.

  1. GLOSSARY

8.1.        For the purposes of this policy, the following definitions and descriptions should be considered for their best understanding:

  • Cookies: Small files sent by our environments, saved on your devices, which store preferences and little other information, in order to customize your navigation according to your profile.
  • Cloud Computing: Or cloud computing, is service virtualization technology built from the interconnection of more than one server through a common information network (e.g., the Internet), in order to reduce costs and increase the availability of sustained services.
  • Only automated decisions: These are decisions that affect a user that have been programmed to operate automatically, without the need for a human operation, based on automated processing of personal data.
  • Data: Any information entered, processed or transmitted through Our Environments.
  • Personal Data: Data related to an identified or identifiable natural person.
  • Sensitive Personal Data: Personal Data on racial or ethnic origin, religious conviction, political opinion, union membership or organization of religious, philosophical, or political character, data concerning health or sexual life, genetic or biometric data when linked to a natural person.
  • Data Protection Officer (DPO): Person appointed by Us to act as a communication channel between the controller, data holders and the National Data Protection Authority (ANPD).
  • Session ID: Identification of the user’s session when access is made to Our Environments.
  • IP: Abbreviation for Internet Protocol. It is an alphanumeric set that identifies the USERS’ devices on the Internet;
  • Treatment: All operation carried out with Personal Data, such as those referring to collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, deletion, evaluation or control of information, modification, communication, transfer, dissemination, or extraction.

 

Update: January 20, 2021.

Bitnami